How a Wi-Fi solution provider infrastructure is made
HOW A WI-FI SOLUTION PROVIDER INFRASTRUCTURE IS MADE
A Wi-Fi infrastructure is made of 4 elements:
- Wi-Fi hardware (Wi-Fi routers or access points)
- Access points management software
- Captive portal management software
- RADIUS
1. Wi-Fi hardware
All starts from here: you need to pick a hardware vendor if you want to offer a managed WiFi solution.
In general, once you pick a hardware vendor, that’s a life choice, meaning that every time you’ll extend your network, you’ll buy an additional unit from that vendor.
This is called the VENDOR LOCK-IN.
Depending on the target market, low budget vs high budget, you might pick very affordable hardware or, on the other side, enterprise grade hardware.
Examples:
Enterprise-level hardware: Cisco Meraki, Aruba Networks, Ruckus Wireless, Juniper, HP, Aerohive
Small and medium businesses: Ubiquiti Networks (UBNT), Engenius, Buffalo, Deliberant, MikroTik
Consumer/home networks hardware: TP-Link, Netgear, D-Link, Senao, Alfa Networks
2. Access point management software
This traditionally comes as a feature of the first element, the hardware. For example, Cisco Wi-Fi Access Points (WAP) come with the Cisco Controller (WAC). The wireless controller provided by Cisco can obviously control Cisco APs only. This is another aspect of the vendor lock-in: if you buy an access point from another vendor, you cannot use anymore the management feature.
A few years ago, Meraki introduced the concept of cloud managed WiFi Access Points, which didn’t need to have a hardware controller to manage those units. Another company, Aerohive, followed with the more advanced concept of “controller-less” WLANs.
More about the cloud infrastructure>
These improvements were thought to add a more advanced management layer to enterprise grade devices, with great advantages compared to hardware controller-based WLANs: higher levels of operational efficiency, thanks to zero-touch provisioning capabilities, simpler management tools, thanks to the cloud dashboards, and unlimited scalability.
Soon low-cost players emerged, adding cloud-based management to lower performing hardware. These include, for example, OpenMesh, Tanaza or PowerCloud Systems (recently acquired by Comcast, PowerCloud exited this market).
Another approach was taken by Ubiquiti Networks (UBNT), which released UniFi Controller, a software to manage the UniFi family of devices, that can be both installed on premise on a host or in a cloud-based infrastructure, such as Amazon Web Services (AWS).
Whatever management software is used to centrally operate and manage a WiFi network, as it is provided by the hardware vendor (1), it will usually lock the network administrator in: if you are buying Cisco Wi-Fi units and managing them thanks to the Cisco management software, you’ll be forced to buy another Cisco unit when in need to expand the network.
Same thing if you pick Aerohive, OpenMesh or any other management software, in a hardware box or in the cloud, provided by a hardware vendor.
The cloud management software comes sometimes free with the vendor’s hardware for the first year or for the first 3 years, but then you have to pay for the management capabilities for the rest of the access point’s life. The lock-in costs are often hidden in the short term, but they are high in the med-long term.
What if a new company releases a great Wi-Fi Access Point, with great features, at a great price and your network is composed of Cisco units only? You’ll be forced to buy another Cisco unit, which might be more expensive.
Or even worse… you might decide to buy the greatest unit provided by the non Cisco vendor, and after iterating this a couple of times you’ll end up with a multi-hardware-vendor-network-which-is-usually-unmanageable in a simple and efficient way. Welcome to the world of lock-in costs.
An alternative is basically to build your own management software, for example leveraging platforms such as OpenWRT, and host it in house/private cloud.
3. Captive portal management software
You need the captive portal capability and a fully-customizable splash page if you decided to offer free WiFi connectivity to the cliens in a commercial or public venue. The splash page appears when the clients connects, giving him the opportunity to authenticate.
In enterprise-grade networks, staff WiFi, SMB WiFi you might not need this, as Wi-Fi clients will connect to the Wi-Fi just selecting the SSID and without passing thorugh any extra step (no Captive Portal needed).
Anytime you need to show some kind of info (e.g. terms and conditions, advertisements) or request some data (name, surname, e-mail, mobile phone) or social actions (Like on a FB page, follow on Twitter, check-in) you’ll need this.
With Tanaza, captive portal management is a feature included in the all-in-one cloud management and social login account.
How to enable public and social Wi-Fi thanks to Tanaza cloud management software>
In most cases, Splash Page / Captive Portal management software is usually completely independent from 1) and 2), as it is de-facto an APPLICATION running on top of the WiFi network.
Splash pages can be a) on premise b) cloud-based c) built in house.
A) On premise splash page software are an arcaic concept. They are basically entirely hosted within the Local Area Network where the WiFi APs are connected, and do not need 3rd party systems to work. They are usually complex to manage; this option makes sense where only very slow connections are available. Furthermore, they require a hardware device and do not allow easy integration to 3rd party systems such as Social Media.
B) Cloud-based splash page management is a more advanced concept: the splash page is hosted in the cloud, by the splash page management software provider. The main advantages are: 1) higher ease of use 2) native integration with 3rd party systems, such as social networks, in order to provide features such as Social Login 3) unlimited scalability.
C) Custom built-in house splash pages make sense when no cloud-based splash page can be flexible enough to do something specific and custom. Custom built-in splash pages are very flexible, but expensive to be created and managed.
Read more about pros and cons of the different types of splash pages / captive portals>
4. RADIUS
Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users that connect and use a network service.
This is required only if you need to perform some accounting action on Wi-Fi clients.
For example, it’s mandatory if you need to charge the Wi-Fi clients. It’s mandatory if you are doing BYOD enforcement.
It’s optional if you are doing WiFi Social Login to collect user LIKES and some profile data.
It can be hosted:
a) on premise (usually within the controller)
b) in house (e.g. in your server/private cloud)
c) cloud-based and offered by 3rd parties
Examples of RADIUS:
– FreeRadius, an open source software that can be installed on premise or within a private cloud
– Cloudessa, a cloud-based radius server.