WHITE PAPER

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN
Author: Joe Epstein, Sr. Director of Technology Date: July 2009

Copyright 2010 Meru. All rights reserved.

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN

TABLE OF CONTENTS

Introduction ..................................................................................................................... 3 The Benefits of Virtualized Wireless LAN........................................................................ 3 Predictability of Service ............................................................................................... 3 Increased Manageability at Lower Costs ..................................................................... 4 Greater Efficiency ........................................................................................................ 4 Enhanced Productivity for Users ................................................................................. 4 Applying Virtualization to Wireless LANs......................................................................... 4 Pooling with Virtual Cells ............................................................................................. 6 Removal of Service Dependency on Client Behavior .................................................. 6 Introduction of Stable Radio Coverage ........................................................................ 7 Reduction in Equipment Costs by Reducing Access Points ........................................ 7 Rapid Deployment without Planning or Cleanup ......................................................... 8 True RF Redundancy .................................................................................................. 8 Partitioning with Virtual Port ..................................................................................... 9 Wireline-style Reliability with Per-device Isolation and Sandboxing ............................ 9 Fine-grained and Secure Multicast and Video ............................................................. 9 Increased Robustness with Direct Client Control Using Wi-Fi Standards .................. 10 Conclusion .................................................................................................................... 11

Page 2 Copyright 2010 Meru Networks, Inc. All rights reserved. WP_increasing_the_reliability_of_virtualized_WLAN_0510_v2

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN

Introduction
Wireless Local Area Networking (WLAN) technology has an immediate appeal to enterprises looking to reduce the cost of networking over what is needed for wireline Ethernet networks. Rather than having to draw out one port to each desk, paying for cables, installation, and maintenance of the copper-based facilities and associated network devices, these organizations can replace each port with a far fewer number of wireless access points, each providing highperformance networking service over many thousands of square feet and dozens of users. The ability to right size the network, eliminating wasted ports and wasted copper, is a strong motivator for moving towards wireless networks for both new installations and in retrofit or upgrade situationsespecially for replacing existing wireline networks built from older, lowercategory copper cabling that cannot run the more recent and reasonably-performing Ethernet protocols. However, as wireless networking matures, growing from being a supplement to the copperbased edge network to the primary network in its own right, the hidden costs of deploying such a network based on radio waves in the unlicensed, free-for-all spectrum begins to unfold. The predictability that was the cornerstone of wireline networks is lost in these wireless networks. The cost of managing a network where the devices are never twice in the same place soars. Unfortunately, these networks never reach the full potential of savings that wireless networks are expected to produce. Regaining predictability is the key to containing wireless network operational costs. This predictability can be gained by employing technology that draws on the concept of Virtualized WLAN. By applying lessons from the domains of scalable storage, servers, and wireline switchbased networking, Virtualized WLAN successfully provides the constrained costs and predictable service that is missing in non-virtualized WLAN networks.

The Benefits of Virtualized Wireless LAN

Virtualization techniques greatly simplify the task of installing and operating the virtualized services over their pre-virtualized, microcell counterparts. These techniques provide a way for services deployed by IT departments to abstract out the physical peculiarities of the underlying resources from the quality and availability of the service being provided, greatly increasing reliability, decreasing management complexity, and strengthening visibility into the operation of the service. Virtualized WLAN applies these cost-saving benefits of virtualization to the domain of wireless networking. Virtualized WLAN is especially suited for wireless networks because of the unpredictability inherent in techniques employed by pre-virtualization technologies in managing these networks. The benefits of virtualized WLAN are: PREDICTABILITY OF SERVICE Larger wireless networks based on microcell technology require continual variation as the very foundation of the service they provide. This variation comes in the form of an adaptive,
Page 3 Copyright 2010 Meru Networks, Inc. All rights reserved. WP_increasing_the_reliability_of_virtualized_WLAN_0510_v2

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN

automatic reconfiguration tool that dynamically alters the networks RF coverage pattern to manage the ill effects caused by the interference generated from greater numbers of wireless users. However, this causes coverage to be widely and unpredictably varied over time, creating gaps in service which are always changing and impossible to predict. Simply put, the network is never the same way twice. Virtualized WLAN overcomes this problem by providing stable, predictable coverage without being required to adjust power levels or radio frequencies as a part of minute-by-minute network operation. INCREASED MANAGEABILITY AT LOWER COSTS You cannot manage what you cannot predict. Adaptive network fluctuation leads to significantly increased network troubleshooting costs, as the conditions under which a problem may have occurred are altered and are not easily recreated. By introducing stability into the underlying radio technology, Virtualized WLAN brings down management and troubleshooting costs by providing consistent, reproducible service. Furthermore, Virtualized WLAN leverages the virtually-partitioning nature of its wireless connection to contain the thousands of different types, versions, and instances of wireless devices into distinct sandboxes, where they are unable to easily interfere with the remainder of the network. GREATER EFFICIENCY Like all other virtualization techniques, Virtualized WLAN is designed to eliminate waste by consolidating disparate resources under one virtualized, homogenous umbrella, where resources can be efficiently deployed. Typical virtualized WLAN networks require 30% less wireless access points than microcell networks, for the same general service levels and performance. ENHANCED PRODUCTIVITY FOR USERS Virtualized WLAN is inherently designed for greater mobility, separating the user from the topology of the network and moving service to follow the user in a manner undetectable to the users underlying device. Users can get more done in more places throughout the campus, without having to watch out for the number of bars of coverage their device shows.

Applying Virtualization to Wireless LANs

Virtualization, generically, is based on the twin concepts of pooling and partitioning. Pooling combines disparate resources that are difficult to operate as separate entities into one larger virtual resource, taming complexity. Partitioning divides the large virtual resource into separate, protected resources for each application or user, based on business need rather than technology constraints. Together, virtualization reduces the problem of operating a service from one of having to manage the individual relationships of users and applications to distinct resources (a many-to-many relationship) to one of having to manage only how the users draw from a pooled resource (a many-to-one relationship).

Page 4 Copyright 2010 Meru Networks, Inc. All rights reserved. WP_increasing_the_reliability_of_virtualized_WLAN_0510_v2

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN

R esources

Users
Figure 1 Resource Mapping Complexity Before Virtualization

R esources

Virtualization

Users
Figure 2 Resource Mapping Simplicity with Virtualization

Page 5 Copyright 2010 Meru Networks, Inc. All rights reserved. WP_increasing_the_reliability_of_virtualized_WLAN_0510_v2

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN

One well known domain where virtualization has solved difficult IT problems is that of file storage. The basic resource of a file system is that of a hard disk, a fixed-size, physical entity for containing critical information from users and applications. When the storage system grows and requires multiple disksfrom tens to thousandsthe physical boundaries of the underlying disks become the bottleneck that dominates the complexity of managing the storage service. One problem is that disks fill up. When each disk is a known and managed entity to the applications that use them, introducing more storage by adding additional disks requires actively migrating files across disks, often requiring awkward directory structures to ensure that there is enough headroom to allow for future growth. Anyone who has ever had to add a disk and restructure UNIX mountpoints as a result has experienced this complexity first hand. Although it is possible to automate the task, it is not possible to eliminate the disruption. Another problem is that disks fail. Because each disk is a known entity to the application, a disk failure requires stopping the application, restoring files to some other locationoften requiring yet another hierarchy restructuring effortand the restarting the application. Storage virtualization solves these problems by hiding the identity and nature of each underlying disk from the applications, pooling the entire array of disks into one large, easy-to-manage virtual disk. Even better, this virtual disk can grow and shrink as needed, and files are trivially migrated as disks enter and leave the array. RAID provides a natural redundancy that seamlessly prevents downtime. Furthermore, disk partitions can be resized on the fly, allowing containment of applications and files based on policy and not based on disk size or file system layout. Another well known domain for virtualization is for running server applications. Virtual machines provide a way to contain each application to its own sandbox, solving the problem of having to deal with applications that require competing resourcessuch as providing HTTP services, where TCP port 80 is the limited resourceand allowing instances of the service to come and go as needed, without real-time installation effort. Entire server farms can be treated as identical resources. The server farm is partitioned into applications based on business need for those services, not on whether they have been installed on the right machines, with the right operating systems and the appropriate configurations. Rapid deployment is made trivial. POOLING WITH VIRTUAL CELLS A Virtual CellTM created when multiple virtualized access points are pooled together to appear as one, with each access point operating on the same radio channel and offering identical services. From the perspective of the applications and the users on the wireless network, the pooling completely withdraws the identities of each access point from viewthe radios of the Virtual Cell become indistinguishable to end users and their devices, even at the lowest layers of operation. Instead, the entire Virtual Cell gains one common identity, as the applications connect directly to the Virtual Cell and not to the individual radios. Application to wireless resource mappings are no longer many-to-many. Virtual Cell solves a number of key technology problems present in microcell wireless. REMOVAL OF SERVICE DEPENDENCY ON CLIENT BEHAVIOR Because applications are not aware of which access point they connect to, Virtual Cell allows the network to control over that crucial decision, ensuring that each client is connected to the optimum access point without the network having to engage the client at any level. The hundreds of combinations of client hardware, driver versions, operating system versions, and
Page 6 Copyright 2010 Meru Networks, Inc. All rights reserved. WP_increasing_the_reliability_of_virtualized_WLAN_0510_v2

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN

tuning parameters lead to highly unpredictable behavior from clients. Some pre-virtualization technologies attempt to moderate this problem by engaging in adaptive behaviors such as client steering, where the network tries to uncover some of the basic capabilities of the client and use that to encourage clients to behave in particular ways. However, these technologies are only mildly effective, because the fundamental behavior of the connection is still controlled by the client, and the microcell network, by exposing the identities of each access point radio, must hope that clients choose reasonably well without being able to exercise actual control. Virtual Cell solves this problem by reducing a clients choice down to oneeach client can choose from only the one Virtual Cell in the channel. Thus, the network is firmly in control from a fundamental level. By taking control of the connection, Virtual Cell protects the investment made into existing clients and ensures that IT organizations retain the freedom to choose laptops and wireless devices based on overall cost of acquisition and whether the devices meet the business needs of the organization, rather than whether they have a certain type of wireless LAN radio or support a specific driver with proprietary client extensions. It is exceedingly rare to buy a laptop based on the vendor of the Ethernet port, and the same must be true of wireless for it to become the primary mode of connectivity. INTRODUCTION OF STABLE RADIO COVERAGE Virtualized WLAN techniques ensure that the multiple access point radios cooperate to provide the uniform pool of wireless resources, thus eliminating the problem of co-channel interferencea problem that occurs when too many wireless devices attempt to share the same physical resources. Just as Ethernet hubs are unstable at scale because the uncoordinated sharing of resources on the hub becomes too great, and switches surpassed hubs because they apply the missing predictability and stability at those high scales, Virtualized WLAN provides the missing predictability and stability for larger scale wireless networks. By coordinating the sharing in the way a switch coordinates the sharing of the limited upstream network resources, the access points of a Virtual Cell avoid being forced to using the unstable means of dynamic power control and adaptive radio management to delicately tune the network to reduce interference by shrinking cell coverage and reducing power levels. Instead, Virtual Cell allows the access points to be operated at full power. This increases the signal-tonoise ratioor measure of signal robustnessup to thirty times that of microcell network. This protects the network from many sources of RF interference that microcell networks are more susceptible to and therefore are forced to use inaccurate detect and react techniques to attempt to steer away from noise that virtualized networks simply overpower. Virtualized wireless networks with Virtual Cell never need to adapt their power levels during the operation of the network. Whereas microcell networks must constantly vary transmit power as user populations move, producing a network whose coverage is never twice the same, virtualized networks can offer identical, stable coverage for effectively all time, as long as the wireless service is being provided. REDUCTION IN EQUIPMENT COSTS BY REDUCING ACCESS POINTS By providing stable coverage from the start, Virtualized WLAN allows the wireless network to dispense with having to reduce the transmit power, and thus range, of each access point.

Page 7 Copyright 2010 Meru Networks, Inc. All rights reserved. WP_increasing_the_reliability_of_virtualized_WLAN_0510_v2

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN

Eliminating the defining microcell behavior from the network allows creating a virtualized WLAN with 30% less access points than a microcell network with the same service levels. IT organizations experience a dramatic reduction in troubleshooting costs and time. Furthermore, virtualized wireless networks are able to provide platforms (such as the Meru E(z)RF 2.0 appliance) specifically for providing troubleshooting and forensics support that has not been possible with microcell technologies, which lack the ability to provide the needed visibility for precise troubleshooting. RAPID DEPLOYMENT WITHOUT PLANNING OR CLEANUP By pooling resources without the need to consider whether access points are too close or poorly spaced, virtualized WLAN pooling allows IT organizations to roll out service using a different model than the place-now/adjust-over-time method required by microcell networks. RF deployment with Virtual Cells is more closely related to simple painting of the coverage area than to careful placing and adapting. Place some access points here and there, ensuring enough coverage to establish minimum data rate levels, and because the access points act as with the same identity (have the same color), the seams between access points disappear. However, unlike actual paint, Virtual Cells survive alteration of their physical environment. Moving furniture, performing basic construction, and adding or redeploying access points repaint the RF environment anew, ensuring high-quality coverage without requiring access points to adjust their spectrum usage or output power. The benefit of this fluid RF deployment method is that coverage does not need to be manually reconfirmed after most environmental changesespecially for real-time applications that are not forgiving and cannot afford to be exposed to RF rough spots. Rapid deployment of wireless LANs without compromise becomes possible. TRUE RF REDUNDANCY Pooling resources provides the only method for proactive RF redundancy available. One Virtual Cell provides one networks worth of RF capacity, equal to that of an entire deployment of a microcell network. However, unlike the microcell network, which exhausts every available channel to provide this one-channels worth of capacity, the Virtual Cell occupies only one channel, leaving the remaining channels completely empty. Adding a second Virtual Cell instantly doubles the capacity of the networkbut more importantly, it doubles the redundancy. Just as stackable switches can be used to provide many times the redundancy of one switch, with already-present recovery options for failures, layering Virtual Cells provides many times the redundancy of one entire network, eliminating the problem of having to detect failure and attempt to repair after the fact and with insufficient resources. Microcell networks require access points spaced apart, as if on a loose grid. Thus, each client is close to only one access point, and thus has only one choice of optimal coverage. Every channel is used, but only one channel is used per square foot. Virtual Cells allows multiple access points to be clustered into the same physical area, with the clusters then spaced from each other to provide blanket coverage. Each access point in a cluster is a part of a different Virtual Cell, on a different channel, and thus the network provides many channels of usable RF per square foot.

Page 8 Copyright 2010 Meru Networks, Inc. All rights reserved. WP_increasing_the_reliability_of_virtualized_WLAN_0510_v2

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN

This multiple-channel layering of Virtual Cells enables financial trading floors to exchange billions of dollars without the fear of RF failure present in microcell microcell networks. Virtual Cells provide the method of establishing high-uptime redundancy for mission-critical applications, solving a problem that is inadequately addressed by pre-virtualization techniques. PARTITIONING WITH VIRTUAL PORT The uniform, stable RF coverage of a Virtual Cell provides the foundation for predictable wireless networking. However, the services provided on this foundation need to be allocated to users and applications in a granular, predictable way. Virtualized WLAN partitions the pool of RF resources into Virtual Ports. Each client is assigned to its own, unique Virtual Port for the life of its connection with the entire wireless network. Unlike with microcell wireless networks, where multiple clients share the same fundamental wireless servicea basic service set, as WiFi calls the network-end of the wireless connection, with one or a small number of basic service sets per access pointeach client in a virtualized WLAN belongs to its own basic service set, created by the network just for the client. This is directly parallel with the notion of a virtual machine, one per application, but for wireless networking. Generating a unique Virtual Port for each client provides a number of benefits to wireless networking that were previously only present in switch-based wireline networking. WIRELINE-STYLE RELIABILITY WITH PER-DEVICE ISOLATION AND SANDBOXING Wireline Ethernet switch networks provide reliability by segregating each device off of a common hub and into their own separate switch port, where the ill effects of uncontrolled sharing cause cascading and dramatic network variability at scale are eliminated. In virtualized WLAN, each Virtual Port acts as a wireless switch port. Because each client is placed into its own Virtual Port, it is isolated from the effects of network sharing that occur when devices belong to the same logical network service at the lowest layers of Wi-Fi. Resource allocation and sharing is now in the hands of the network, and not the client. The isolation of the wireless Virtual Port ensures that every device gets its fair share of the wireless resourcethe only important bottleneck for wireless operationwithout having to suffer ill effects because of the presence of other devices, no matter what the behavior. FINE-GRAINED AND SECURE MULTICAST AND VIDEO By segregating clients into their unique Virtual Ports, virtualized WLAN allows for more efficient and secure delivery of multicast traffic than with microcell. Unlike with microcell, where the multicast domainthe region and set of devices where multicast traffic is sharedextends across the entire WLAN, because each Virtual Port is its own WLAN, the multicast domain can be as small as each client. Each users device only gets the multicast traffic it subscribed to, and the wasted air time from sending multicast to other devices is eliminated. Furthermore, each multicast transmission is secure. One client in the same WLAN cannot eavesdrop on the multicast transmissions of another, ever. This is a fundamental change from WPA2-based microcell networks, where every device using the same access point is given the same multicast security key, allowing wayward or attacking clients can falsely generate multicast traffic with impunitya vulnerability known as an insider attack.

Page 9 Copyright 2010 Meru Networks, Inc. All rights reserved. WP_increasing_the_reliability_of_virtualized_WLAN_0510_v2

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN

For the first time, multicast traffic is both as secure and as efficient as unicast traffic, thus unlocking the potential for multicast to be used in the enterprise, such as what is leveraged by the Meru Voice Services Module (VoSM) and Video Services Module (ViSM) for real-time traffic optimization. INCREASED ROBUSTNESS WITH DIRECT CLIENT CONTROL USING WI-FI STANDARDS Virtual Ports provide the only method of controlling client behavior within the Wi-Fi standard and the only method of affecting the channel access behavior of the client individually. Wi-Fi provides a number of different methods of constraining the over-the-air access behavior of clients en masse. Every client associated to the same logical wireless network is required to adopt the same access parameters, directly determining the operation of the Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) behavior for the client, using the Wi-Fi Multimedia (WMM) standard integrated into 802.11n. However, the standard also prevents the network from making finer distinctions for clients within one basic service set. Because each device belongs to a dedicated basic service set within the per-device Virtual Port, Virtualized WLAN can use these extensive but broadly-acting mechanisms to direct clients on a device-bydevice basis. Just as wireline switches allow each device to negotiate the optimum physical data rate (10Mbps, 100Mbps, 1Gbps), power settings (802.3af PoE, 802.3at PoE), and flow control, Virtual Ports allow each client to negotiate all Wi-Fi parameters with the network to be optimal for just that client, free of being subjected to the lowest-common denominator effect of microcell networks. Applied to wireless, the benefits of partitioning into Virtual Port allows the wireless network to directly control both downlink and uplink behavior of the devicesomething that previrtualization techniques cannot successfully provide for all traffic types. Misbehaving, greedy, or infected devices that attempt to dominate the airtime by flooding the network upstream can be isolated and limited to using only a fair share of the wireless resource, not a millisecond more. This provides a quantum leap in robustness in wireless networking, a capability present only in higher-end wireline switches, but now available for wireless. A Higher Degree of Management Granularity Microcell networks attempt to provide per-device policies, including per-device access to equal airtime, but cannot do so at the lowest layers of the network, because of the sharing of the logical wireless network. Just as an upstream traffic shaper cannot enforce the utilization of resources on a downstream hub, policies applied by pre-virtualization networkswhether at the controller or the access pointcannot be enforced at the level of the Wi-Fi air waves itself. Switches overcome the wireline problem by having distinct ports for devices, and thus integrating the policy enforcement at the boundary between each port, rather than at a point further upstream. Virtualized WLAN applies the same technique of enforcing policies at the boundary between each Virtual Port. Devices can be controlled before they impact the air. Enhanced Mobility over Microcell Wireless The Virtual Port always follows the user, throughout the network, seamlessly migrating to whichever wireless radio is closest to the client, but without causing the lowest-layer wireless
Page 10 Copyright 2010 Meru Networks, Inc. All rights reserved. WP_increasing_the_reliability_of_virtualized_WLAN_0510_v2

Increasing the Reliability and Reducing the Cost of Wireless Networks with Virtualized WLAN

connection to be broken and reestablished. The network truly follows the user, in a way that microcell wireless networks cannot provide. Traffic is never lost in the transition, and policies that were valid in one spot remain valid throughout the rest of the network.

Conclusion
Wireless LANs are beginning to take hold as a technology that enterprises can use to dramatically cut costs of providing networking, for both new construction and existing installations. The high peak bandwidth of 802.11n, with 300Mbps physical layer data rates per radio, surpasses that of most existing wireline edge deployments, based on 100BASE-T copper with wireline switching. However, microcell wireless networking suffers from an inability to provide stable, predictable, and always-consistent wireless coverage as the scale of the network grows, and IT organizations looking to abandon traditional wireline networks as the primary connection must find WLAN technology that can offer similar consistency that a static wireline network provides. Virtualized WLAN provides such a means, by using intelligent coordination and network control to fundamentally reshape the way over-the-air resources are managed. Identifying and managing individual access points, using automated tools to constantly adjust radio power levels and frequencies, is replaced with deploying a static, simple-to-manage network using radio resource pooling and virtualized partitioning to overcome instability and variability. Virtualized WLAN provides benefits for both network acquisition (CAPEX) and operation (OPEX). A virtualized WLAN requires 30% less access points, cable pulls, power-over-Ethernet ports, and installation costs than an equivalent microcell network. Furthermore, because network remains the same from minute-to-minute and day-to-day, the costs of monitoring, management and troubleshooting microcell wireless networks are significantly reduced.

Page 11 Copyright 2010 Meru Networks, Inc. All rights reserved. WP_increasing_the_reliability_of_virtualized_WLAN_0510_v2