I was directed to a very interesting article by a customer this week. It has been known by wireless engineers for many years that high numbers of SSIDs being advertised on a system are the enemy of good performance. As the number of SSIDs increases, the amount of useful airtime for carrying payload traffic decreases. This problem is compounded when we consider that by default, per the IEEE standards requirements, in order to support legacy client devices back to the .11b standard, management traffic including beacons are sent at the 1 and 2Mbps rates. This means that even though the beacon frames are relatively small, if there are lots of them, and adjacent APs can hear each other on the same channel, a relatively long time will elapse just to send out all of the beacons.
Here is an excellent article on Revolution WiFi blog with a downloadable spreadsheet calculator that allows you to model the effects of changing the beacon frame minimum transmit rate and beacon intervals.
http://www.revolutionwifi.net/2013/10/ssid-overhead-how-many-wi-fi-ssids-are.html#comment-form
So, what does this mean for Aruba users? The great news is that if you’re already an Aruba customer, you have some very powerful tools available to you to build a highly efficient RF environment. Nirvana on an Aruba system is a simple 2 SSID configuration – an 802.1x RADIUS authenticated SSID for everything corporate, and an Open SSID for Guest users. How is this possible you may ask? Taking advantage of a decade of development in Aruba infrastructure products, at the core is the concept of role based access. Whereas other systems simply offer a basic mapping of SSID to static VLAN, or maybe dynamic VLAN based on RADIUS attributes, Aruba’s full Role Based Access capabilities allow very granular control, on a per user and per device basis.
Within a role a multitude of parameters can be controlled, including VLAN assignment (with vlan pooling now supported in RADIUS derived roles), a feature rich firewall policy allowing access control based on L2-4 traffic with L7 application layer gateways for common voice and video protocols, including Microsoft Lync, bandwidth controls and time based access controls.
Couple this infrastructure with Aruba’s Clearpass Policy manager, having capabilities to reference multiple AD domains and a multitude of other authentication sources, such as LDAP, SQL and Device Profiler together with very flexible authorisation policies to differentiate users, devices, location of access, time of day etc., and a highly RF efficient, minimalist SSID deployment becomes very much a reality.
So less if definitely more when it comes to SSID count, in your network.