ffi rs.indd 08/22/2014 Page i

CWNA®

Certified Wireless Network Administrator

Official Study GuideFourth Edition

David A. Westcott, CWNE #7

David D. Coleman, CWNE #4

ffi rs.indd 08/22/2014 Page ii

Senior Acquisitions Editor: Jeff KellumDevelopment Editor: Mary Ellen SchutzTechnical Editors: Andrew von Nagy and Marcus BurtonProduction Editor: Eric CharbonneauCopy Editor: Judy FlynnEditorial Manager: Pete GaughanVice President and Executive Group Publisher: Richard SwadleyAssociate Publisher: Chris WebbMedia Project Manager 1: Laura Moss-HollisterMedia Associate Producer: Josh FrankMedia Quality Assurance: Doug KuhnBook Designer: Judy FungProofreader: Nancy BellIndexer: Jack LewisProject Coordinator, Cover: Patrick RedmondCover Designer: Wiley

Copyright © 2014 by John Wiley & Sons, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 978-1-118-89370-8ISBN: 978-1-118-89636-5 (ebk.)ISBN: 978-1-118-89612-9 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit-ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or war-ranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: 2014935748

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. CWNA is a registered trademark of Alliance Services Ltd. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

10 9 8 7 6 5 4 3 2 1

ffi rs.indd 08/22/2014 Page iii

Dear Reader,

Thank you for choosing CWNA: Certifi ed Wireless Network Administrator, Fourth Edition. This book is part of a family of premium-quality Sybex books, all of which are written by outstanding authors who combine practical experience with a gift for teaching.

Sybex was founded in 1976. More than 30 years later, we’re still committed to producing consistently exceptional books. With each of our titles, we’re working hard to set a new standard for the industry. From the paper we print on to the authors we work with, our goal is to bring you the best books available.

I hope you see all that refl ected in these pages. I’d be very interested to hear your com-ments and get your feedback on how we’re doing. Feel free to let me know what you think about this or any other Sybex book by sending me an email at contactus@sybex.com. If you think you’ve found a technical error in this book, please visit http://sybex.custhelp.com. Customer feedback is critical to our efforts at Sybex.

Best regards,

Chris Webb Associate Publisher, Sybex, an Imprint of Wiley

Acknowledgments

When we wrote the fi rst edition of the CWNA Study Guide, David Coleman’s children, Brantley and Carolina, were young teenagers. David would like to thank his now adult children for their years of support and for making their dad very proud. David would also like to thank his mother, Marjorie Barnes, and his stepfather, William Barnes, for many years of support and encouragement.

David Coleman would also like to thank the entire Aerohive Networks training depart-ment: Paul Levasseur, Bryan Harkins, Metka Dragos, Gregor Vucajnk, Roslyn Rissler, and Yuki Fraher. We have built a fantastic team! David Coleman would also like to thank Abby Strong and all of his co-workers at Aerohive Networks (www.aerohive.com). It has been one wild ride the past four years!

David Westcott would like to thank his parents, Kathy and George, who have provided so much support and love and from whom he has learned so much. He would also like to thank Janie, Jennifer, and Samantha for their patience and understanding of life on the road and for their support throughout the writing of this book. And special thanks to Savannah Grace, for providing me with the joy of seeing and experiencing life from a new perspective.

David Westcott also would like to thank the training department at Aruba Networks. More than 10 years ago, Chris Leach hired him as a contract trainer. Much has changed over the years, but thanks to Chris, Carolyn Cutler, Susan Wells, Kevin Hamilton, Ramon Pastor, and Stewart Trammell, it has been a fun and exciting journey.

Together, we must fi rst thank Sybex acquisitions editor Jeff Kellum for initially fi nding us and bringing us to this project. Jeff is an extremely patient and understanding editor who has now survived publishing six books with us. We would also like to thank our development edi-tor, Mary Ellen Schutz. Mary Ellen did a great job keeping us focused and motivated. We also need to send special thanks to our editorial manager, Pete Gaughan; our production editor, Eric Charbonneau; Judy Flynn, our copyeditor; Nancy Bell, our proofreader; and Jack Lewis, our indexer.

We also need to give a big shout-out to our technical editor, Marcus Burton of Ruckus Networks (www.ruckuswireless.com). The feedback and input provided by Marcus was invaluable. Special thanks also goes to Andrew vonNagy of Revolution Wi-Fi (www.revolutionwifi.net) for his feedback and content review. Andrew is a well-known Wi-Fi superstar who writes the best vendor-neutral Wi-Fi blog.

Thanks very much to Matthew Gast for the heartfelt foreword. Matthew, an author himself, has written numerous books about 802.11 technology. A simple Google search on Matthew Gast’s name reveals why he is considered an utmost authority on 802.11 technology.

We would also like to thank Brad Crump, Tom Carpenter, and Julia Baldini of the CWNP program (www.cwnp.com). All CWNP employees, past and present, should be proud of the inter-nationally renowned wireless certifi cation program that sets the education standard within the enterprise Wi-Fi industry. It has been a pleasure working with all of you for over a decade.

Andrew Crocker has again provided us with wonderful photographs and some amazing edit-ing of some not so wonderful photographs that we provide him. You can see much more of his work and talent at www.andrew-crocker.com.

Thanks to Proxim and to Ken Ruppel (kenruppel@gmail.com) for allowing us to include the video Beam Patterns and Polarization of Directional Antennas with the book’s online resources, which can be accessed at www.sybex.com/go/cwna4e.

Special thanks goes to Andras Szilagyi, not only for creating the EMANIM software program but for all the extra assistance he provided over the past eight years by creating customized ver-sions of the program for the different editions of the book.

We would also like to thank the following individuals and companies for their support and contributions to the book:

Caster Tray

(www.castertray.com) —Joel Baldevarona

Divergent Dynamics

(www.divergentdynamics.com) —Devin Akin

Ekahau

(www.ekahau.com) —Jussi Kiviniemi

Fluke Networks

(www.flukenetworks.com) —Dilip Advani, Karthik Krishnaswamy

Metageek

(www.metageek.com) —Mark Jensen

WLAN Professionals

(www.wlanpros.com) —Keith Parsons

Welch Allyn

(www.welchallyn.com) —Jeffrey Walker

Wi-Fi Alliance

(www.wi-fi.org) —Trisha Campbell

Xirrus

(www.xirrus.com) —Bruce Miller

About the Authors

David D. Coleman is the Global Training Manager for Aerohive Networks, www.aerohive.com, creators of the award-winning cooperative control wireless LAN (WLAN) architecture. David is in charge of Aerohive training programs for all partners and customers. He has instructed IT professionals from around the globe in wireless networking administration, wireless security, and wireless frame analysis. David has written multiple books, blogs, and white papers about wireless networking. Prior to working at Aerohive, he specialized in corporate and government Wi-Fi training, In the past, he provided WLAN training for numerous private corporations, the US Army, the US Navy, the US Air Force, and other federal and state government agencies. When he is not traveling, David resides in Atlanta, Georgia. David is CWNE #4, and he can be reached via email at mistermultipath@gmail.com. You can also follow David online via Twitter at www.twitter.com/mistermultipath.

David Westcott is an independent consultant and technical trainer with more than 25 years of experience in information technology, specializing in wireless networking and security. In addi-tion to providing advice and direction to corporate clients, David has been a certifi ed trainer for more than 21 years, providing training around the world to government agencies, corporations, and universities. He has provided training on six continents and in over 45 US states. David was an adjunct faculty member for Boston University’s Corporate Education Center for more than 10 years. He has co-authored six books about wireless networking as well as numerous white papers and best practices documents. He has also developed courseware and training videos for clients on wireless networking, wireless mesh networking, wireless packet analysis, wired networking, and security. David especially enjoys providing custom onsite training, which focuses on teaching his clients how to apply product and technical knowledge to address their support and trouble-shooting needs.

Since installing his fi rst wireless network in 1999, David has become a Certifi ed Wireless Network Trainer, Administrator, Security Professional, and Analysis Professional. He has earned certifi cations from Cisco, Aruba Networks, Microsoft, EC-Council, CompTIA, and Novell. When not traveling, David lives in Concord, Massachusetts. David is CWNE #7 and can be reached via email at david@westcott-consulting.com.

ffi rs.indd 08/22/2014 Page viii

Contents at a GlanceForeword xxvii

Introduction xxix

Assessment Test lix

Chapter 1 Overview of Wireless Standards, Organizations, and Fundamentals 1

Chapter 2 Radio Frequency Fundamentals 31

Chapter 3 Radio Frequency Components, Measurements, and Mathematics 63

Chapter 4 Radio Frequency Signal and Antenna Concepts 107

Chapter 5 IEEE 802.11 Standards 161

Chapter 6 Wireless Networks and Spread Spectrum Technologies 199

Chapter 7 Wireless LAN Topologies 237

Chapter 8 802.11 Medium Access 263

Chapter 9 802.11 MAC Architecture 283

Chapter 10 WLAN Architecture 325

Chapter 11 WLAN Deployment and Vertical Markets 371

Chapter 12 WLAN Troubleshooting and Design 399

Chapter 13 802.11 Network Security Architecture 459

Chapter 14 Wireless Attacks, Intrusion Monitoring, and Policy 499

Chapter 15 Radio Frequency Site Survey Fundamentals 533

Chapter 16 Site Survey Systems and Devices 561

Chapter 17 Power over Ethernet (PoE) 595

Chapter 18 802.11n 621

Chapter 19 Very High Throughput (VHT) and 802.11ac 659

Chapter 20 Bring Your Own Device (BYOD) 697

Appendix A Answers to Review Questions 735

Appendix B Abbreviations and Acronyms 783

Appendix C About the Additional Study Tools 797

Index 801

ftoc.indd 08/2½ 014 Page ix

ContentsForeword xxvii

Introduction xxix

Assessment Test lix

Chapter 1 Overview of Wireless Standards, Organizations, and Fundamentals 1

History of WLAN 2Standards Organizations 4

Federal Communications Commission 5International Telecommunication

Union Radiocommunication Sector 6Institute of Electrical and Electronics Engineers 7Internet Engineering Task Force 8Wi-Fi Alliance 10International Organization for Standardization 15

Core, Distribution, and Access 16Communications Fundamentals 17

Understanding Carrier Signals 18Understanding Keying Methods 20

Summary 25Exam Essentials 25Review Questions 26

Chapter 2 Radio Frequency Fundamentals 31

What Is a Radio Frequency Signal? 33Radio Frequency Characteristics 34

Wavelength 34Frequency 39Amplitude 40Phase 41

Radio Frequency Behaviors 42Wave Propagation 43Absorption 44Reflection 44Scattering 46Refraction 46Diffraction 48Loss (Attenuation) 49

x Contents

ftoc.indd 08/2½ 014 Page x

Free Space Path Loss 51Multipath 53Gain (Amplification) 56

Summary 57Exam Essentials 57Review Questions 59

Chapter 3 Radio Frequency Components, Measurements, and Mathematics 63

RF Components 66Transmitter 66Antenna 67Receiver 68Intentional Radiator (IR) 68Equivalent Isotropically Radiated Power 68

Units of Power and Comparison 70Watt 71Milliwatt (mW) 71Decibel (dB) 72dBi 74dBd 74dBm 75Inverse Square Law 76

RF Mathematics 77Rule of 10s and 3s 78Noise Floor 89Signal-to-Noise Ratio (SNR) 89Received Signal Strength Indicator 89Link Budget 94Fade Margin/System Operating Margin 97

Summary 99Exam Essentials 100Review Questions 102

Chapter 4 Radio Frequency Signal and Antenna Concepts 107

Azimuth and Elevation Charts (Antenna Radiation Envelopes) 110

Interpreting Polar Charts 112Beamwidth 114Antenna Types 117

Omnidirectional Antennas 118Semidirectional Antennas 121Highly Directional Antennas 123Sector Antennas 125

Contents xi

ftoc.indd 08/2½ 014 Page xi

Antenna Arrays 126Visual Line of Sight 129RF Line of Sight 129Fresnel Zone 129Earth Bulge 134Antenna Polarization 135Antenna Diversity 136Multiple-Input, Multiple-Output 137

MIMO Antennas 138Antenna Connection and Installation 139

Voltage Standing Wave Ratio 139Signal Loss 141Antenna Mounting 141

Antenna Accessories 147Cables 147Connectors 148Splitters 149Amplifiers 149Attenuators 150Lightning Arrestors 150Grounding Rods and Wires 152

Regulatory Compliance 154Summary 155Exam Essentials 155Review Questions 157

Chapter 5 IEEE 802.11 Standards 161

Original IEEE 802.11 Standard 164IEEE 802.11-2007 Ratified Amendments 166

802.11b-1999 166802.11a-1999 167802.11g-2003 169802.11d-2001 172802.11h-2003 172802.11i-2004 174802.11j-2004 175802.11e-2005 175

IEEE Std 802.11-2012 176802.11r-2008 179802.11k-2008 179802.11y-2008 181802.11w-2009 181802.11n-2009 182802.11p-2010 182

xii Contents

ftoc.indd 08/2½ 014 Page xii

802.11z-2010 183802.11u-2011 183802.11v-2011 183802.11s-2011 184

Post-2012 Ratified Amendments 185802.11ae-2012 185802.11aa-2012 185802.11ad-2012 185802.11ac-2013 186802.11af-2014 187

IEEE 802.11 Draft Amendments 188802.11ah 188802.11ai 189802.11aj 189802.11ak 189802.11aq 189

Defunct Amendments 189802.11F 189802.11T 192

802.11m Task Group 193Summary 193Exam Essentials 194Review Questions 195

Chapter 6 Wireless Networks and Spread Spectrum Technologies 199

Industrial, Scientific, and Medical Bands 201900 MHz ISM Band 2022.4 GHz ISM Band 2025.8 GHz ISM Band 203

Unlicensed National Information Infrastructure Bands 203U-NII-1 (Lower Band) 204U-NII-2 (Middle Band) 204U-NII-2 Extended 204U-NII-3 (Upper Band) 205Future U-NII Bands 206

3.6 GHz Band 2084.9 GHz Band 208Future Wi-Fi Frequencies 208

60 GHz 208White-Fi 209

Narrowband and Spread Spectrum 210

Contents xiii

ftoc.indd 08/2½ 014 Page xiii

Multipath Interference 211Frequency Hopping Spread Spectrum 212

Hopping Sequence 213Dwell Time 213Hop Time 214Modulation 214

Direct Sequence Spread Spectrum 215DSSS Data Encoding 216Modulation 217

Packet Binary Convolutional Code 217Orthogonal Frequency Division Multiplexing 218

Convolutional Coding 219Modulation 220

2.4 GHz Channels 2215 GHz Channels 224Adjacent, Nonadjacent, and Overlapping Channels 229Throughput vs. Bandwidth 230Communication Resilience 231Summary 231Exam Essentials 232Review Questions 233

Chapter 7 Wireless LAN Topologies 237

Wireless Networking Topologies 238Wireless Wide Area Network (WWAN) 238Wireless Metropolitan Area Network (WMAN) 239Wireless Personal Area Network (WPAN) 240Wireless Local Area Network (WLAN) 240

802.11 Topologies 241Access Point 242Client Station 242Integration Service 243Distribution System 243Wireless Distribution System 244Service Set Identifier 247Basic Service Set 248Basic Service Set Identifier 248Basic Service Area 249Extended Service Set 250Independent Basic Service Set 253Mesh Basic Service Set 253QoS Basic Service Set 255

xiv Contents

ftoc.indd 08/2½ 014 Page xiv

802.11 Configuration Modes 255Access Point Modes 256Client Station Modes 257

Summary 257Exam Essentials 258Review Questions 259

Chapter 8 802.11 Medium Access 263

CSMA/CA vs. CSMA/CD 264Collision Detection 265Distributed Coordination Function 266

Interframe Space (IFS) 266Duration/ID Field 267Carrier Sense 268Random Backoff Timer 270

Point Coordination Function 271Hybrid Coordination Function 272

Enhanced Distributed Channel Access 272HCF Controlled Channel Access 273

Block Acknowledgment 274Wi-Fi Multimedia 275Airtime Fairness 276Summary 278Exam Essentials 278Review Questions 279

Chapter 9 802.11 MAC Architecture 283

Packets, Frames, and Bits 285Data-Link Layer 286

MAC Service Data Unit 286MAC Protocol Data Unit 286

Physical Layer 287PLCP Service Data Unit 287PLCP Protocol Data Unit 287

802.11 and 802.3 Interoperability 288Three 802.11 Frame Types 290

Management Frames 291Control Frames 291Data Frames 292

Beacon Management Frame 293Passive Scanning 294Active Scanning 295

Contents xv

ftoc.indd 08/2½ 014 Page xv

Authentication 297Open System Authentication 297Shared Key Authentication 298

Association 299Authentication and Association States 300Basic and Supported Rates 300Roaming 301Reassociation 301Disassociation 303Deauthentication 304

ACK Frame 304Fragmentation 305Protection Mechanism 307

RTS/CTS 309CTS-to-Self 310

Data Frames 311Power Management 312

Active Mode 313Power Save Mode 313Traffic Indication Map 313Delivery Traffic Indication Message 314Announcement Traffic Indication Message 315WMM Power Save and U-APSD 315802.11n Power Management 318

Summary 318Exam Essentials 319Review Questions 321

Chapter 10 WLAN Architecture 325

Wireless LAN Client Devices 326802.11 Radio Form Factors 326802.11 Radio Chipsets 333Client Utilities 333

Management, Control, and Data Planes 337Management Plane 338Control Plane 338Data Plane 339

WLAN Architecture 339Autonomous WLAN Architecture 339Centralized Network Management Systems 341Cloud Networking 343Centralized WLAN Architecture 343Distributed WLAN Architecture 351

xvi Contents

ftoc.indd 08/2½ 014 Page xvi

Unified WLAN Architecture 353Hybrid Architecture 353

Specialty WLAN Infrastructure 354Wireless Workgroup Bridge 354Wireless LAN Bridges 354Enterprise WLAN Routers 357Wireless LAN Mesh Access Points 358WLAN Array 359Virtual AP System 360Real-Time Location Systems 361VoWiFi 362

Summary 364Exam Essentials 364Review Questions 366

Chapter 11 WLAN Deployment and Vertical Markets 371

Deployment Considerations for Commonly Supported WLAN Applications and Devices 373

Data 373Voice 374Video 374Real-Time Location Services 375Mobile Devices 376

Corporate Data Access and End-User Mobility 377Network Extension to Remote Areas 378Bridging: Building-to-Building Connectivity 378Wireless ISP: Last-Mile Data Delivery 379Small Office/Home Office 379Mobile Office Networking 380Branch Offices 381Educational/Classroom Use 381Industrial: Warehousing and Manufacturing 382Retail 382Healthcare: Hospitals and Offices 384Municipal Networks 385Hotspots: Public Network Access 385Stadium Networks 387Transportation Networks 387Law Enforcement Networks 388First-Responder Networks 389Fixed Mobile Convergence 389WLAN and Health 390WLAN Vendors 391

Contents xvii

ftoc.indd 08/2½ 014 Page xvii

Summary 393Exam Essentials 393Review Questions 394

Chapter 12 WLAN Troubleshooting and Design 399

Layer 2 Retransmissions 401RF Interference 403Multipath 407Adjacent Channel Interference 408Low SNR 409Mismatched Power Settings 411Near/Far 413Hidden Node 414

802.11 Coverage Considerations 418Dynamic Rate Switching 419Roaming 422Layer 3 Roaming 426Co-channel Interference 428Channel Reuse/Multiple-Channel Architecture 430Channel Reuse/Channel Bonding 434Single-Channel Architecture 437

Capacity vs. Coverage 440Band Steering 442Load Balancing 443High-Density WLANs 444Oversized Coverage Cells 447Physical Environment 447

Voice vs. Data 447Performance 449Weather 450

Upper-Layer Troubleshooting 451Summary 452Exam Essentials 453Review Questions 454

Chapter 13 802.11 Network Security Architecture 459

802.11 Security Basics 461Data Privacy and Integrity 462Authentication, Authorization, and Accounting 463Segmentation 464Monitoring and Policy 464

Legacy 802.11 Security 465Legacy Authentication 465

xviii Contents

ftoc.indd 08/2½ 014 Page xviii

Static WEP Encryption 466MAC Filters 469SSID Cloaking 469

Robust Security 470Robust Security Network (RSN) 472Authentication and Authorization 472PSK Authentication 472Proprietary PSK Authentication 474802.1X/EAP Framework 475EAP Types 477Dynamic Encryption-Key Generation 4784-Way Handshake 480WPA/WPA2-Personal 481TKIP Encryption 481CCMP Encryption 482

Traffic Segmentation 484VLANs 484RBAC 486

Infrastructure Security 487Physical Security 487Interface Security 487

VPN Wireless Security 488Layer 3 VPNs 488SSL VPN 489VPN Deployment 489

Guest WLAN Security 490Captive Portal 491

Summary 493Exam Essentials 493Review Questions 495

Chapter 14 Wireless Attacks, Intrusion Monitoring, and Policy 499

Wireless Attacks 500Rogue Wireless Devices 501Peer-to-Peer Attacks 503Eavesdropping 505Encryption Cracking 508Authentication Attacks 509MAC Spoofing 511Management Interface Exploits 512Wireless Hijacking 512Denial of Service (DoS) 514

Contents xix

ftoc.indd 08/2½ 014 Page xix

Vendor-Specific Attacks 515Social Engineering 516

Intrusion Monitoring 516Wireless Intrusion Detection System 516Wireless Intrusion Prevention System (WIPS) 519Mobile WIDS 521Spectrum Analyzer 522

Wireless Security Policy 523General Security Policy 524Functional Security Policy 524Legislative Compliance 524802.11 Wireless Policy Recommendations 526

Summary 527Exam Essentials 527Review Questions 528

Chapter 15 Radio Frequency Site Survey Fundamentals 533

WLAN Site Survey Interview 534Customer Briefing 534Business Requirements 535Capacity and Coverage Requirements 536Existing Wireless Network 539Infrastructure Connectivity 541Security Expectations 543Guest Access 543

Documents and Reports 544Forms and Customer Documentation 544Deliverables 547Additional Reports 547

Vertical Market Considerations 549Outdoor Surveys 549Aesthetics 550Government 550Education 551Healthcare 552Hotspots 552Retail 553Warehouses 553Manufacturing 553Multitenant Buildings 554

Summary 554Exam Essentials 554Review Questions 556

xx Contents

ftoc.indd 08/2½ 014 Page xx

Chapter 16 Site Survey Systems and Devices 561

Site Survey Defined 562Protocol and Spectrum Analysis 563Spectrum Analysis 564Coverage Analysis 568AP Placement and Configuration 574Application Analysis 574

Site Survey Tools 575Indoor Site Survey Tools 576Outdoor Site Survey Tools 579

Coverage Analysis 581Manual 582Predictive 584Dynamic RF 585Wireless Network Validation 586

Summary 587Exam Essentials 588Review Questions 589

Chapter 17 Power over Ethernet (PoE) 595

History of PoE 596Nonstandard PoE 596IEEE 802.3af 597IEEE Std 802.3-2005, Clause 33 597IEEE 802.3at-2009 597IEEE Std 802.3-2012, Clause 33 597

An Overview of PoE Devices 598Powered Device 598Power-Sourcing Equipment 600Endpoint PSE 601Midspan PSE 602Power-Sourcing Equipment Pin Assignments 605

Planning and Deploying PoE 609Power Planning 609Redundancy 612

802.11n or 802.11ac and PoE 613Summary 614Exam Essentials 615Review Questions 616

Chapter 18 802.11n 621

802.11n-2009 Amendment 623Wi-Fi Alliance Certification 624

Contents xxi

ftoc.indd 08/2½ 014 Page xxi

MIMO 626Radio Chains 627Spatial Multiplexing (SM) 628MIMO Diversity 630Space-Time Block Coding (STBC) 631Cyclic Shift Diversity (CSD) 631Transmit Beamforming (TxBF) 632

HT Channels 63420 MHz Non-HT and HT Channels 63440 MHz Channels 636Forty MHz Intolerant 638Guard Interval (GI) 638Modulation and Coding Scheme (MCS) 640

HT PHY 643Non-HT Legacy 643HT Mixed 644HT Greenfield 645

HT MAC 645A-MSDU 645A-MPDU 646Block Acknowledgment 647Reduced Interframe Space 648HT Power Management 648

HT Operation 64920/40 Channel Operation 650HT Protection Modes (0–3) 650RTS/CTS and CTS-to-Self 651

Summary 652Exam Essentials 652Review Questions 654

Chapter 19 Very High Throughput (VHT) and 802.11ac 659

802.11ac-2013 Amendment 6625 GHz Only 66320, 40, 80, and 160 MHz Channels 663256-QAM Modulation 669Modulation and Coding Schemes 672Single-User MIMO 673802.11ac Data Rates 674VHT MAC 676

A-MPDU 677RTS/CTS 677

xxii Contents

ftoc.indd 08/2½ 014 Page xxii

Beamforming 680Explicit Beamforming 680Multiuser MIMO 681Multiuser Beamforming 682

Quality of Service 684Infrastructure Requirements 685

Ethernet 685Power 687

802.11ac in a SOHO or Home 688Device Radios 688Data Flow/Usage 688Spatial Streams 689Wider 802.11ac Channels 689MU-MIMO 689

Wi-Fi Alliance Certification 689Summary 690Exam Essentials 691Review Questions 692

Chapter 20 Bring Your Own Device (BYOD) 697

Mobile Device Management 699Company-Issued Devices vs. Personal Devices 701MDM Architecture 701MDM Enrollment 703MDM Profiles 706MDM Agent Software 709Over-the-Air Management 710Application Management 712Wi-Fi Client Onboarding 713

Guest WLAN Access 714Guest SSID 714Guest VLAN 715Guest Firewall Policy 715Captive Web Portals 717Client Isolation, Rate Limiting, and

Web Content Filtering 719Guest Management 719Guest Self-Registration 721Employee Sponsorship 721Social Login 723Encrypted Guest Access 724

Network Access Control (NAC) 725Posture 725NAC and BYOD 726

Contents xxiii

ftoc.indd 08/2½ 014 Page xxiii

OS Fingerprinting 726AAA 727RADIUS Change of Authorization 727

Summary 728Exam Essentials 728Review Questions 730

Appendix A Answers to Review Questions 735

Chapter 1: Overview of Wireless Standards, Organizations, and Fundamentals 736

Chapter 2: Radio Frequency Fundamentals 738Chapter 3: Radio Frequency Components, Measurements,

and Mathematics 740Chapter 4: Radio Frequency Signal and Antenna Concepts 742Chapter 5: IEEE 802.11 Standards 744Chapter 6: Wireless Networks and Spread Spectrum

Technologies 746Chapter 7: Wireless LAN Topologies 748Chapter 8: 802.11 Medium Access 750Chapter 9: 802.11 MAC Architecture 752Chapter 10: WLAN Architecture 754Chapter 11: WLAN Deployment and Vertical Markets 757Chapter 12: WLAN Troubleshooting and Design 759Chapter 13: 802.11 Network Security Architecture 762Chapter 14: Wireless Attacks, Intrusion Monitoring,

and Policy 764Chapter 15: Radio Frequency Site Survey Fundamentals 767Chapter 16: Site Survey Systems and Devices 770Chapter 17: Power over Ethernet (PoE) 772Chapter 18: 802.11n 774Chapter 19: Very High Throughput (HT) and 802.11ac 777Chapter 20: Bring Your Own Device (BYOD) 779

Appendix B Abbreviations and Acronyms 783

Certifications 784Organizations and Regulations 784Measurements 785Technical Terms 786

Appendix C About the Additional Study Tools 797

Index 801

Table of Exercises

Exercise 2.1 Visual Demonstration of Absorption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Exercise 2.2 Visual Demonstration of Multipath and Phase . . . . . . . . . . . . . . . . . . . . . . 55

Exercise 3.1 Step-by-Step Use of the Rule of 10s and 3s. . . . . . . . . . . . . . . . . . . . . . . . . 79

Exercise 3.2 Rule of 10s and 3s, Example 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

Exercise 3.3 Rule of 10s and 3s, Example 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Exercise 3.4 Rule of 10s and 3s, Example 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Exercise 3.5 Rule of 10s and 3s, Example 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86

Exercise 3.6 Link Budget and Fade Margin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Exercise 9.1 Viewing Beacon Frames. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293

Exercise 9.2 Understanding Probe Requests and Probe Responses . . . . . . . . . . . . . . 296

Exercise 9.3 Using Open System Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297

Exercise 9.4 Understanding Association . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299

Exercise 9.5 Understanding Reassociation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303

Exercise 9.6 Understanding Acknowledgment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305

Exercise 9.7 Using Data Frames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312

Exercise 13.1 Using Unencrypted and Encrypted Data Frames . . . . . . . . . . . . . . . . . . . 463

Exercise 13.2 802.1X/EAP and 4-Way Handshake Process . . . . . . . . . . . . . . . . . . . . . . . 482

Exercise 16.1 Cable Loss Calculations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 581

fl ast.indd 08/21/2014 Page xxvii

Foreword

My fi rst formative experience with networking was installing Linux on a 386 laptop. In the days before PC Cards, getting computers on a network was not a plug-and-play task. My fi rst experience with Wi-Fi required going to war with Windows device drivers, and I expended all that effort so I could walk up to my co-workers and ask them, “What is your favorite website?” and then proceed to call it up without having the computer plugged into anything. Such a simple shtick is what passed for a Wi-Fi demo at the time, and the novelty delighted and amazed people more than many demos I have done since.

The years since then have been an interesting journey. I didn’t know it at the time, but my after-hours fi ghting with that old beat-up laptop had nudged me in a new direction. As I traveled the world volunteering in industry groups that were developing the technology, I would visit many interesting locations, hoping that our protocols would stand the test of time while wandering the Acropolis in Athens or lost in the back streets of Venice, wonder-ing whether the jumbled Venetian streets were more or less confusing than the Wi-Fi security architecture, and reveling in the electronic culture of Tokyo while contemplating the obvious challenges to building Wi-Fi networks in such a dense and thriving city.

Providing freely fl owing connectivity is a challenge, and many technologies contended to be the prime mover of that ubiquitous connectivity. Wi-Fi provided such a blend of high speeds and good capacity with good economics that it became the default way to connect to a network.

Wi-Fi has grown from an interesting curiosity used by the networking elite into a tech-nology so woven into the fabric of our lives that it has erased Ethernet from our collec-tive memory. Starting with the introduction of the fi rst MacBook Air in 2008, everything became connected primarily by Wi-Fi. Without the ability to offer continuous connectivity, rich media experiences on phones would not have happened. Tablets are possible because so much content and data is accessible through networks that the mass storage can be held outside the device, accessible through a robust network connection.

Our fi rst great wave of connectivity is now coming to a close. Wi-Fi’s fi rst act—connect-ing people—is over. We turned desktops into laptops and then turned laptops into bulky accessories that we used only when our phones and tablets would not suffi ce. It is now time for the second act—connecting everything else. Making the world around us more aware and responsive requires that new sensors just power up, tune in, and start reporting on the world around them. Instrumenting everything will unleash a fl ood of data, and tomorrow’s Wi-Fi networks need to handle that data without a hitch. Underpinning every API, every service, and all of the instrumentation needed to make it all work is a solid foundation of connectivity. Interacting with and controlling the world requires a bigger network than we have ever seen, and Wi-Fi will be one of the pillars of our brave new data-driven world.

The only thing worse than missing the last decade of innovation in Wi-Fi would be to miss the next innovation. Reading this book is an excellent fi rst step in participating in the decade yet to come. As you take those fi rst steps, halting as they may seem, trust in your guides. Both David and Dave have been in Wi-Fi as long as I have, and their practical knowledge and expertise are the best introduction to the technology you could ask for.

—Matthew GastFormer chair, 802.11-2012 & Wi-Fi Alliance task group leaderSan Francisco, CaliforniaApril 2014

xxviii Foreword