Verdict

Netgear has traditionally been associated with consumer and small business networking markets but its ProSafe Smart Wireless Controller moves the focus much further up the scale. The WFS709TP delivers an appliance-based wireless network monitoring and security solution that is priced for smaller businesses but is sophisticated enough for larger companies as well.

The controller works with Netgear’s light access points (APs) which provide wireless client services, enforce security and offer monitoring facilities. As they only receive their configurations from the controller this makes centralised management much easier as you decide on your wireless security policies from the controller and deploy them to the APs. For testing we used three WGL102 light APs, which provide 802.11b/g services but the WAGL102 offers 802.11a as well.

The controller has eight switched Fast Ethernet ports which are all PoE enabled and it supports up to sixteen light APs. Wireless security is managed by placing the controller ports in different VLANs, which each have their own security policy. You can configure a range of functions including an SSID, WPA/WPA2 encryption plus advanced authentication, which can be an internal database or RADIUS server. When you’re happy with your settings then they can be deployed where the controller passes them directly to the APs.


For testing we installed the appliance in our lab, placed one AP close by and positioned two others around fifty metres away to create a decent sized triangle. We had no problems powering them all using PoE through the building network infrastructure. At this stage installation went right up the Swanee as the manual fails to cover many topics in sufficient depth making configuration an extremely frustrating process. We ended up calling in Netgear support and as none was available in the UK we had to talk to the US over an eight hour time difference.

Ideally, you start with the AP planning phase where you create a map of your building, provide its dimensions and select from a range of criteria such as the wireless services you want to provide, overlapping coverage for AP fault tolerance and desired rates. The appliance then works out how many APs you’ll need and positions them as to satisfy your requirements. We imported a JPEG of the ground floor of our office complex and also designated areas such as the car park and loading bay as wireless free zones. Hitting the Initialize button locates the APs where Netgear thinks they’ll do the best job. Bizarrely, pressing the Start button is supposed to hone positioning but all this did was dump two of the suggested AP locations outside the building.

A wizard locates and initialises the APs, after which you provision them using the actual location code assigned to each AP, which must be changed to match the suggested location code from the planning guide. We found this tedious as we had to match up the IP address of each AP with the correct MAC address and then manually position them individually in our map.

When a new AP is detected it is tested to see whether it has a wired connection to your network. If it does it is deemed a rogue AP and if not then it is considered just to be interfering. We connected a 3Com AP to the network whereupon it was identified immediately as a rogue. However, despite the manual stating clearly that the Protect setting causes the light APs to initiate a DoS (denial of service) attack on rogue APs to stop clients associating with them, this didn’t work. After discussing this with Netgear it transpired that this feature is not active in the current firmware version.
(centre)

”’The WFS709TP works in conjunction with Netgear’s ProSafe WGL102 80211g Light Wireless Access Point AP

– £80.36 (inc 17.5% VAT).”’(/centre)—-

The monitoring option provides an overview of Netgear APs and controllers, while the section to the right shows a count of all rogue APs and their classification. This was reasonably forthcoming as nineteen APs in the vicinity were detected and correctly classed as interfering. Using RF signal strength measurement Netgear employs triangulation to locate the APs on the map but again this isn’t sophisticated. You have to select one from the monitoring window, manually copy its MAC address and paste it into the Locate window accessed from the Plan menu. However, it did reveal the position of our rogue AP to within a few feet.

A key feature of this solution is seamless client roaming and to test this we declared our rogue AP as valid and linked a wireless laptop to it. We set up a continuous ping of our Windows domain controller and then took a stroll through the building. We watched signal strength drop to around twenty per cent after which we were automatically swapped to the next AP. Network access was virtually uninterrupted as the ping only timed out twice.

”’Verdict”’

A sophisticated looking wireless network management solution based on an Aruba Networks MC-800 controller but it is complex and difficult to set up thanks to the indifferent documentation. It may be comparatively good value and when configured correctly it worked well during testing but rogue AP containment is not supported and we would only recommend this solution to businesses if it’s being installed by a trained reseller.

(centre)

”’The monitoring page provides a complete rundown on all interfering and rogue APs.

—-


With AP planning the controller will advise on the best location for the light APs.

—-


There’s a lot to do as the APs must be installed and then provisioned.

—-


Locating rogue APs works well but it’s a pain that their MAC address must be entered manually.

—-


Don’t believe your eyes as the rogue AP containment feature has been disabled in firmware but not removed.

—-

Trusted Score