Controllerless Networks

Reply
Contributor I

Limitations of IAP-93s Servicing Guests & Rogue Detection?

I believe 1 limitation with using an IAP-93 (single radio) to perform rogue detection (for PCI) as well as provide guest access was the AP could and would never scan the other band (e.g. 5 GHz) as this would break client access.

 

Is this correct?

 

If so, it confirms my thinking that a dual radio AP (e.g. AP-105) is required to scan both 2.4 and 5 GHz bands as well as service clients.

 

Thank you!

 

Moderator

Re: Limitations of IAP-93s Servicing Guests & Rogue Detection?

Dual-radio is best.  The IAP-9x can scan both bands; however, as you indicated the clients will be impacted when the radio switches back and forth.  With a dual-radio you can set one radio to be a dedicated AM on its own frequency while having the other radio serve clients; however, you would be missing out on half of the threats.   You could also have the dual-radio both scan and serve clients on both radios.  Lastly, you could use an IAP-9x as a dedicated AM (best) with the neighboring AP be dedicated to client access.

 

We now have the AP-103 (controller-based) which is a dual-radio 802.11n 2x2:2 AP at the same price as the AP-9x ($395 US).  The IAP-103 is not out yet but should be in the next 4 - 6 weeks or so.

Contributor I

Re: Limitations of IAP-93s Servicing Guests & Rogue Detection?

Thanks Marcus, that was similar to our thinking.

 

Can you expand on what you mean by "clients will be impacted"? I imagine they may be delayed in being serviced, but should not disconnect, correct?

 

Moderator

Re: Limitations of IAP-93s Servicing Guests & Rogue Detection?

When scanning the AP goes out of service momentarily and is not servicing clients.   Say, for example, the AP is serving clients on channel 6.  Now it goes to scan........it changes to channel 1 and scans for threats for 110ms (variable), then goes back to Ch. 6 for clients for 10 sec.  Then it goes to Ch.2 to scan and back to Ch. 6, etc.

 

If there are no apps that are latency sensitive, like voice, this may be just fine but if you do have sensitive apps a dedicated solution is better.

Contributor I

Re: Limitations of IAP-93s Servicing Guests & Rogue Detection?

Excellent! I'm still concerned, however, with servicing clients say on Ch. 6 and if the AP changes to 5 GHz to scan. Is there a bigger delay to the client vs. 110ms when changing bands, 2.4 GHz to 5 GHz? I thought there was or this was not possible with single radio APs.

Guru Elite

Re: Limitations of IAP-93s Servicing Guests & Rogue Detection?

There is no bigger delay.

 

Single radio access points can switch bands to scan, yes.

 

Scanning occurs faster with a dual-band access point so the performance is much better, like Marcus said.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: