High Availability Wireless Infrastructure And System For Enterprise Network

Abstract

Nowadays, wireless networking is an increasingly evolving solution to replace traditional wired networks. The development of wireless networks led to the popularity of wireless devices because of their superiority. In recent years, the world is filled with mobile devices that can connect to the Internet. Therefore, answering the question of wireless network management and security is essential. For wireless networks that are used in enterprises, using unstructured, unmanaged, and unsecure networks is very dangerous. If the administrator uses an open wireless network, the working environment in enterprises will not be protected and managed, which is the main reason for the adverse impact on access quality, data loss, unauthorized access to the network and the system can be attacked anytime. Thus, it is significantly necessary to have an authentication system for Wi-Fi network. In this thesis, the Wi-Fi Authentication is designed and implemented based on Windows Server 2012 solution and Cisco Wireless LAN Controller for security, management and backup Wi-Fi system. In this system, each AP will broadcast two waves of Wi-Fi: -Public Wi-Fi for guests with no authentication and deny to access internal data -Private Wi-Fi for Enterprise’s members, each users are authenticated by ID, Password and have their own limit permission access personal data Each access point configured to use 802.1X and EAP is managed by Wireless LAN Controller and AP. Radius Server has a responsibility to communicate to Domain Controller to collect information for authenticating each account. High availability of this Wi-Fi authentication system is activated by Wireless LAN Controller which is connected to each Radius Server chooses Primary Server for regular active and Secondary Server for backup. If the Primary Server breaks down, the Secondary Server will change the status from inactive to active immediately.