Nortel Networks 1 3. Infrastructure support

Voice over Wireless LAN Solution Guide v1.0 December 2005

______________________________________________________________________________________________________

Page 48

the WLAN Handset 2210/11/12 can implement it as well. However, the authentication mechanism

may still be a problem if you desire 802.1x.

The WLAN 2300 series can support mixed authentication types on the same SSID for such single

SSID scenarios, but the truth is that authentication security is only as strong as the least of the

authentication types. For example, if MAC authentication is mixed with 802.1x, then you can only

trust devices to the degree that you can trust MAC authentication. But if MAC authenticated

devices are put in a separate VLAN with ACLs locking down access to only certain telephony

devices, it is no less secure than implementing a separate SSID for MAC authentication. So the

converged SSID is not as insecure as it seems at first glance.

Because of problems detailed above, Nortel recommends the following for multiple VoWLAN

product deployments.

First, determine whether multiple SSIDs are needed for different voice and/or data

devices. Security options or lack of common security features may indicate multiple

SSIDs. The need for different fall-through options might also indicate multiple SSIDs.

Regardless of what you choose, many of the remaining decisions are the same.

Wherever possible, use Softphone or MCS client voice over 802.11a to minimize

contention for 802.11b resources and to mitigate the lack of consistent admission control.

WMM can be implemented on the 802.11a radio if desired, but not the 802.11b radio.

Implement ACLs to classify and mark all voice traffic, regardless of whether from a

handset or a soft client. All voice traffic should receive the same level of marking,

meaning CoS 6 or 7.

Configure the WTM 2245 with reduced call numbers per AP to allow some room for calls

from PDAs on APs.

There are other possible variations of the multiple voice client type theme. These

recommendations are not meant to be exclusive of other viable possibilities. Rather this

discussion is meant to help you think through the issues by way of example and basic

recommendations. For example, if you have all PCs confined to the 802.11a radio only, and all

PDAs and handsets confined to the 802.11b radio, it is conceivable to have handsets mapped to

CoS 6 or 7, PDAs also mapped to CoS 6 or 7, voice enabled PCs mapped to CoS 6 or 7 on the

a-radio, and data only PCs mapped to CoS 2 or 3. High priority packets on the two different

radios do not compete because they use different radio resources.

3. Infrastructure support

While other infrastructure components are not part of the core solution, their absence can make a

deployment a practical impossibility or their presence a time saving and manageability

enhancement.

Network management is as much strategy and process as it is

applications. The individual applications and capabilities are

discussed following the management framework. Managing a

converged network consists of four key phases: