thick v thin access points lab last update 2014.07.12 1.0.0 1copyright 2014 kenneth m. chipps ph.d

Thick v ThinAccess Points

LabLast Update 2014.07.12

1.0.0

1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

Objective

• In this lab we will examine the difference between thick and thin access points, as well as the differing methods by which access points can can be managed

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 2

Thick Access Point

• The original form of an access point is a standalone device where all of the decision making and processing goes on in the access point with no consideration of what other access points are doing


Thin Access Point

• A thin access point has part of its intelligence in the access point and part in a centralized controller

• This controller can be hardware or software based


Thick or Thin

• In the beginning of 802.11 based wireless networks each access point was managed by connecting to them one at a time

• This worked when there were only a few access points

• Once large wireless networks began to be installed this became inefficient


Thick or Thin

• The solution was to move all of the management and decision making to a central point

• At this central point a hardware based controller was installed

• All of the traffic went from the AP to the controller and back to the AP


Thick or Thin

• This approach works for some networks, but it can slow larger, heavily loaded networks

• We now see more powerful access points or systems where the AP has some processing capacity and some is centralized


Thick or Thin

• In this lab we will look at both methods, thick and thin access points


Thick Access Point

• First we will look at a thick access• In this example a Linksys WAP610N• Connect the AP to the switch• Power up the AP• You will need to discover the IP address of

the AP as it is set to acquire one from a DHCP server


Thick Access Point

• Log into the access point using a web browser with the IP address

• Leave the username blank, and enter– admin

• as the password


Thick Access Point

• Look around


Thin Access Point

• Now let’s create a wireless network with two access points and then manage them both from a single program

• The access points are Ubiquiti UniFi AP units

• The management program is called UniFi Controller


Thin Access Point

• When it starts a small window appears• Click on the

– Launch a Browser to Manage Wireless Network

• button


Thin Access Point


Thin Access Point

• This will appear


Thin Access Point


Thin Access Point

• Click on the– Proceed anyway

• button• Run the setup process that appears


Thin Access Point


Thin Access Point

• If the access points are not connected to the switch that the computer running the management program is connected to this will appear


Thin Access Point


Thin Access Point

• Hook them up properly• If the lights indicate that the NIC and

switch are working properly, open port 8443 on the Windows Firewall or just turn it off for now

• Click the– Refresh

• button


Thin Access Point

• This should appear


Thin Access Point


Thin Access Point

• Click– Next


Thin Access Point

• Enter the– Secure SSID using

• NETW360

– Security Key using• 12341234

• Click– Next


Thin Access Point


Thin Access Point

• Enter– Admin

• for the Admin Name• Enter

– password• for the Password


Thin Access Point


Thin Access Point

• Click– Next

• Click– Finish


Thin Access Point


Thin Access Point

• The management login screen will appear


Thin Access Point


Thin Access Point

• Enter the login created above• Click

– Login• This screen will appear


Thin Access Point


Thin Access Point

• We need to change the map as the one shown by default does not represent our building

• Download the DeVry floor plan from the lab page for this course

• Click– Add a Map

• Enter a map name in the Description field


Thin Access Point

• Click– Upload my own

• Browse to the location of the file to use as a map

• Click– Continue

• Click– Close


Thin Access Point

• Next we will adjust the scale of the map• The DeVry building is how long• How could you determine this• Once you know, click the

– Set Map Scale• Button off on the right• It looks like a triangle


Thin Access Point

• Click and hold to draw a line from one side of the building to the other side

• If you need to redraw the line, just click and hold again to draw a new line

• Once you’re happy with the line, click– Next

• Enter the distance that the line represents in the Distance field


Thin Access Point

• The distance is specified in meters by default but you can switch to feet using the drop-down menu on the right

• Click– Next


Place Access Points on Map

• The access points need to be placed on the map

• Drag the access point icons from the Unplaced APs list on the left to the appropriate locations on the map


Thin Access Point

• The result should look similar to this


Thin Access Point


Look Around

• Let’s see what we can do with a system such as this

• Click on one of the access points• Three icons will appear around the access

point• Click on the one that looks like a gear• This shows details on the AP


Look Around


Look Around

• Close this detail window• Click on

– Coverage• Click on one of the access points• An estimate of the coverage provided is

show• Such as


Look Around


Look Around

• Continue to see what the program can do


Other Access Points

• In most cases these days your access points will not be the only ones in the area

• There will be access points owned by your neighbors

• These may slow your throughput due to interference, but they do not constitute a security risk


Rogue Access Points

• Then there are access points that are plugged into your wired network

• These are a major security risk• They must be located and removed• This might happen due to an employee

needing to add wireless access, but you will not provide it, so the employee does it

• The organizations security policy should cover this


Rogue Access Points

• Find the access point and remove it from the network

• Inform the employee and the supervisor that this is contrary to the security policy

• Worse is an access point connected to your network by a hacker

• These are a much more serious problem


Rogue Access Points

• Most centralized wireless network management programs will attempt to identify and locate these

• To illustrate this, connect the thick access point to the same switch the two Ubiquiti access points are connected to

• Let’s see how this program handles this task


Rogue Access Points

• Click on the– Insight

• button off on the right side• From the dropdown menu on the left side

select– Rogue Access Points


Rogue Access Points


Rogue Access Points

• This will appear showing the access point that has been connected to the wired network, but not added as an approved device


Rogue Access Points


Clear the Configuration

• Remove the site from the management console

• Reset all the access points to the factory defaults


Summary

• In this lab we have seen what thin and thick access points are at a basic level

• For thick access points, the same concepts apply to larger hardware controller based systems


thick v thin access points lab last update 2014.07.12 1.0.0 1copyright 2014 kenneth m. chipps ph.d

Documents

access point copyright

access points copyright

thick access point log

access points lab

powerful access points

ap copyright

central point

centralized copyright