In today’s world, billions of wireless devices around the world are connected through, and to, the Internet. Network management companies make this possible by installing and managing thousands of network devices (Access Points, Unlicensed Band Radios, Routers and Switches, etc.). The task to configure and monitor so many network devices is a complex one. For example, establishing a network that spans an entire city, where thousands of wireless devices are continuously connected, would require the deployment of a substantial amount of wireless Access Points. Therefore, a more central approach is needed to configure and manage these Access Points and network devices to ensure seamless connectivity.
The need for a Central Controller: Necessary, but not sufficient?
This central configuration, monitoring, and management of a large number of network devices is done through Wireless LAN Controllers (WLCs). Specifically, a WLC is used to configure and monitor Lightweight Access Points (LAPs). The WLCs perform the task of authenticating and authorizing clients. The Access Points, which are registered to the WLC, send all the management and data packets to the WLC. The network administrator does all the configurations on the WLC. The Access Points download the configurations from the WLC and act as a wireless interface for the clients.
However, this solution is not without its constraints. A WLC is a piece of Software that needs to run on a physical server. The hardware cost to install and maintain the WLC server would need to be incurred by the company. Backups would also need to be taken in short intervals to ensure data recoverability in case of any service failure. Some companies would even need to invest in secondary servers for WLC to ensure continued connectivity if the primary WLC goes offline. As the WLC stores the data and processes the packets sent by all Access Points and exchanges the packets between all the registered Access Points, RADIUS server, DHCP server, and the clients, it is understandable that a WLC can only register a limited number of Access Points. If additional Access Points need to be added to the WLC, the physical resources (RAM, storage, and processors) would need to be upgraded.
However, physical upgrades are expensive and would require exceedingly long network downtimes. Another approach would be to install additional WLC systems to register new Access Points to this WLC. Adding more WLC machines to the network would add to the operational and maintenance costs of the organization.
In addition to the physical and operational costs, there is also a network dependency on the system. Since the WLC and the LAPs are all on the same network, the remote management or configuration of the LAPs is not possible. A network admin would need to be physically present at all times with the WLC to monitor, upgrade and resolve network issues to ensure seamless client connection.
The Cloud Solution: Cloud-Managed Wi-Fi
The boom of cloud computing in the 2010s has led to the disentanglement of software service delivery processes. Software services are migrating to the Cloud rapidly. A solution provider only needs to address the problem at hand. All the dependencies (especially physical dependencies) are taken care of by the Cloud platform on which the solution is hosted. This model of solution delivery is more colloquially knows as Software as a Service (SaaS). This model allows the solution provider to host its services on the Cloud, and all the maintenance tasks (such as backups) and scaling of resources (increase in processing, storage, etc.) is handled by the cloud platform.
If the WLC is tailored as a SaaS solution, the operational and maintenance work can be off-loaded to the cloud platform. The investment in the purchasing and installation of the WLC servers and the system’s operating costs (utilities such as electricity, heating, air, and ventilation) would be eliminated. An on-premise WLC consumes multiple IP addresses from the company pool as the underlying processes utilize these addresses.
A cloud-based controller would get these IP addresses from the host platform, so the company’s own IP addresses could be distributed to other users.
- Auto-scaling: Another advantage of having a cloud-based controller is that whenever the number of wireless clients increases in the network, resulting in the increase in the amount of data and packets sent by the Access Points, the controller’s processing power and storage capacity would be automatically increased by the host platform. Similarly, the resources would be scaled down automatically when the network traffic goes back to normal. In addition, if more Access Points are added to the network, they would be registered to a single controller. This is because the storage and processing power would be increased as required by the host platform. Therefore, as aforementioned, there would be no need to increase network complexity by installing multiple controllers. The network company will only pay for the resources that are being utilized. For example, during night times, the majority of the network resources are not used as wireless usage would be reduced. So, instead of running several WLC machines at full blast, only those resources would be utilized where the clients are accessing the Wi-Fi
- Remote Configuration of Network Devices: As the controller is hosted on the Cloud, the major advantage for the network administrators is the ease of use. A network administrator need not be present in front of the controller to monitor network devices or to address network platforms. The controller can be accessed from anywhere, and network management can be done remotely
While there are several advantages of using a cloud-based controller, one of the major challenges in the implementation of a cloud-based controller is the communication between the Access Points and the controller. As far as the LAPs are concerned, the LAPs and the WLC communicate using the ‘Lightweight Access Point Protocol (LWAPP) or the ‘Control and Provisioning of Wireless Access Points’ (CAPWAP) protocol. Both protocols require the controller and the LAPs to exist on the same network.
As a cloud-based controller exists on a public IP, the Access Points would need to be on a different protocol to communicate with a remote controller. One such protocol is the Asynchronous Messaging Queuing Protocol (AMQP). In this case, the AP can no longer exist in a lightweight model. Access points would need to be in a ‘thick’ mode where the configuration is done on the AP itself, which is in contrast to the lightweight Access Points, where the LAPs downloaded the configuration settings from the WLC. To configure and monitor a group of APs that are in the thick mode, the APs can be registered in groups in the controller. The configuration commands are sent to a group of APs simultaneously. The APs would read the configuration commands in a First-In-First-Out manner, apply the configuration given in the command, and move on to the following command in the queue. This way, even if the AP goes offline (maybe due to power failure or reboot), and a configuration is applied on the AP remotely, the configuration would still use whenever it comes back online.
Another concern the network administrators have with a cloud-based controller is that the controller exists outside the company’s network and thus, would be susceptible to network attacks. Since the controller is deployed in the Cloud, it becomes the responsibility of the Cloud Platform (such as AWS and Microsoft Azure) to ensure that the virtual machine is behind a secure firewall and additional layers of security.
The communication that happens between the cloud-based controller and the different Access Points would be very sensitive. Therefore, it is imperative to use end-to-end solid encryption techniques to secure the messages and configuration commands before sending them. This way, even if the system falls prey to an attack, the messages cannot be decrypted by any unauthorized party.
In conclusion, migrating a network to a cloud is advantageous as it is a cost-effective way to manage wireless network devices. Server operational and maintenance costs would be eliminated, as the controller exists on a remote cloud. Computational and processing resources can be scaled according to the network traffic. The network companies only need to pay for the resources that are being utilized. Backups of the system and the databases are created automatically by the underlying Cloud Platform. Also, suppose the Cloud server, where the controller’s VM exists, crashes due to any reason. In that case, the Cloud Platform takes steps for backup of the system on a separate server to ensure seamless data recovery and operation of the wireless network. Read more about Cloud Network Management Solution.