With the rapidly increasing complexity of modern networks, the ability to control and monitor their components from a central location is now essential. The only open questions concern the scope and capabilities of that control, its level of granularity, and how well integrated it is.

To assess your requirements, it can be useful to first consider the three major phases of network management:

  • Phase 1

    Deployment

    This is the initial phase in which new devices are installed, configured, updated with the latest firmware, and tested as part of a post-deployment / verification survey. See Planning a Wi-Fi Deployment.

    With effective management tools, some of the more laborious manual tasks involved in the this phase, like setting the IP configuration of each new access point can be fully automated, greatly reducing the overall time and cost of deployment.

  • Phase 2

    Operation, monitoring and event logging

    This phase defines the majority of the lifetime of a network, in which, except for occasional upgrades and expansions, the administrator is mostly monitoring day-to-day status and utilization statistics for the network.
    The main goals here are to alert the administrator to any component failure, as well as to provide visibility of impending problems, such as utilization trending towards peak capacity, for example.

    Upon such events, the better management solutions will provide a capability for triggering alerts, not only via the console, but also via email or text message. In this way, the administrator can be assured that whenever certain pre-defined conditions are met, or certain thresholds are exceeded, an immediate notification will always be provided.

  • Phase 3

    • Troubleshooting and Fault Resolution

    Although hopefully only occasional and short-lived, the troubleshooting phase is perhaps the one where quality network management pays the greatest dividends

    When network services are interrupted for whatever reason, effective network management capabilities can help the administrator to respond faster and more efficiently – whether the problem lies within the wireless LAN or elsewhere on the network.

    In the case of a failed access point, simply knowing about it, while obviously an essential first step, is often only the start of the troubleshooting journey – especially if it is just one of tens, hundreds, or even thousands of other APs installed throughout the network

    Here, the administrator needs to know the precise location of that access point and to which port of which switch, it is connected. But even having identified the faulty component on the management console in this way, it can still be a challenge for the technician on site to find the device itself – especially when installed in some dark, hard-to-access location.

    To address this particular challenge, certain ZyXEL APs have been designed with indicator LEDs that can be activated centrally, thus guiding the technician straight to the faulty unit.

    Once the device has been located and replaced, then of course the same management tools and techniques exploited during the deployment phase come into play again, here helping to reduce the overall time and cost of fault resolution.

What's wrong with direct device configuration?

Most network devices on the market today, including Wi-Fi routers and access points, offer some level of configuration and monitoring via a web-based console. They do this by having secure webservers embedded in the devices themselves, to which administrators can log-in via their browsers. Although this is an improvement on the old command line interface (CLI), which in addition to its often archaic syntax, usually required a direct cable connection, this approach still has the limitation that each device requires its own separate HTTPS connection (and browser window), and so there is no easy way to manage multiple devices at once, or to get any meaningful overview of the state of the network as a whole.

For home or very small office environments, this might suffice, but as explained above, when troubleshooting a problem – even on a small network – the better the information you have at your disposal, the faster you are likely to be able to resolve that problem.

For this reason, most commercial Wi-Fi deployments include some capability for more advanced management than that available via the embedded web consoles of the individual components.

Wireless LAN controllers

The most common way to provide central management of access points is through the addition of a wireless LAN controller such as the ZyXEL NXC2500 or NXC5500. This is a separate device that can be installed at any point on the network, either locally or on a remotely connected site, and which then consolidates the management of all access points through a single console. This console is presented either via dedicated software running on a private PC or server on the organisation’s network, or via a web interface. The latter is sometimes referred to as Cloud-based Management.

In addition to central management, such controllers, through their awareness of the network as a whole, open up new possibilities for further enhancing the connectivity, throughput, resilience, and security of the network. Examples of such functionality enabled through ZyXEL’s controllers are Smart Classroom, load balancing, a more advanced Dynamic Channel Selection called DCS 3.0, Containment mode monitor, and Layer-2 Isolation.

Integration into existing network management frameworks

For large enterprises, the Wireless LAN is of course just one part of the overall network infrastructure, and so its management needs to be integrated into the larger overall management framework. In cases where the majority of network equipment is supplied by the same vendor, such as ZyXEL, this integration is obviously more straight-forward, as the wireless controllers will communicate seamlessly with the vendor’s enterprise network management solution (for example ZyXEL’s Enterprise Network Centre (ENC) solution). But, for cases where the controller must be integrated within a third-party management umbrella, compliance with industry standards such as the Simple Network Management Protocol (SNMP) is clearly essential.

Another important requirement for Enterprise deployments is the support of Active Directory or Radius for authentication of user accounts. While for home or small office applications, use of a pre-shared Key (WPA2-PSK) may suffice, for deployments where an Active Directory or Radius authentication framework is already in place, then it is far better of course if wireless authentication can make use of the same database of user credentials, allowing for a seamless user experience whether connecting via Wi-Fi or Ethernet.