Moving on Up: Part 3 – The Network is Everything!

I have this much interference in my living room, and I’m in the ‘burbs!

In any modern office, nonetheless an IT company’s office, the network is critical.

We get asked all the time, “can’t it all just be wireless?” In short – not yet, no. I admit, the reliability and speed of wireless networks has gone up tremendously in recent years, but so too has the omnipresence of other people’s wireless networks!

Don’t believe me? Just check your “nearby wireless network” menu – and get ready to scrolllll. This is bad for your network’s performance because there’s only a finite number of available channels (or “spectrum”), and each channel that your gear is using is constantly getting bombarded by everything from wireless printers to smart phones to microwave ovens, and even radar systems. We are actually currently troubleshooting this exact problem for a far-West-side customer near the Hudson river and its shipping lane.

If that doesn’t convince you, what other reasons are there to install all those expensive Cat 6 cables around the office?

Shared Bandwidth

Internally shared bandwidth is one. Each wireless access point in your network has a finite amount of throughput, and it’s shared among the devices that are talking to it. In a wired network, each device gets a Gigabit Ethernet connection all to itself. A side benefit of this arrangement is that each device you connect via a cable leaves more bandwidth for your wireless devices.

How about desk phones? They still need wires. Of course, more and more often companies are opting to forego the desk phones, opting to use more email and less voice. But then they discover that having their staff use personal cell phones when a call is necessary is terrible. We often end up retrofitting a real phone system afterwards, when the reality and quality of cell calls fail to live up to expectations.

How about printers? Wireless printing is the devil, and don’t let anyone tell you differently. Printers, in-and-of-themselves, have always been a noxious bane on the IT department’s life. Something about taking the beautiful limitless power of the digital screen and rendering the content in the “meat world” is just asking for trouble. Make the digital-to-analog device one that goes to sleep for power conservation, while it badly attempts to maintain a connection to an ever-shifting WiFi channel mess? This is nigh impossible. Death to wireless printers says all of us at Valiant.

Anything else that could be classified as “infrastructure” should generally get a wired connection for overall better reliability and decluttering of the wireless spectrum. Cameras, smart TVs, time clocks, smart door access systems, building management HVAC devices, point of sale terminals, video game consoles, you name it. If it isn’t going to move, stick a wire in it.

Our preferred networking equipment maker is Cisco’s Meraki brand. The Meraki hardware is well made, performs incredibly well, and has a user interface that is second to none in its elegance and power.

Then there’s the Meraki wireless, where it all began for the Meraki brand. They pioneered the cloud control system that makes setup and troubleshooting a breeze, and they can’t be beat for reliability, ease of troubleshooting, and overall build quality. Just look at the admin interface. But don’t just take our word for it, Cisco Systems saw what they were doing and bought them out for a zillion dollars back in 2012.

Meraki wireless administration page: Put in your floor plan, place your wireless access points on the map, and presto. You can see your team’s usage, where they’re spending their time, which network segments are getting killed and which are getting ignored.

If you’re on a Meraki network now, just go to https://ap.meraki.com, and you can see a bunch of really neat diagnostic information about your current connection. How fast it is, which access point you’re on, and the info is all largely human-readable. Compare that to Apple’s airport (which while the controls LOOK pretty, don’t actually tell you anything), or the typical lame-brained wireless access point control pages that look like they were made by political prisoners that had been starved in a cage and then taunted by dogs during programming sprints.

Woof woof woof! (no keep the dogs off me!)

Remember the issue with the neighboring wireless networks? Spectrum analysis is a great tool built into the Meraki system. Below we are analyzing the 5GHz spectrum.

From top to bottom we see:

Total spectrum activity from Channel 36-Channel 165. 36-48 are very active in this view. Channels 36-40 are in use by this access point, as it is broadcasting a 40MHz channel. 44-48 are heavily visible as well, as a neighboring access point is using them.

The middle section is a historical plot of the top data, over the past few minutes.

The bottom section shows us the network names and other information from other access points that could be interfering with our use of channel 36. From the redacted information we can tell that the main potential interference source is another access point on our network, located on another floor, but the low signal strength indicates that it is not a bad interference source.

We also have one neighbor’s access point, but with the weakest signal at -82 db. This is a rare situation in an urban environment, where everyone and their dog has their own wireless access points, implemented without any cooperative plan with their neighbors and broadcasting at maximum strength.

By combining these tools, you can gain a comprehensive picture of your local wireless environment, design your channel plan accordingly, and resign yourself to the fact that you won’t be able to reach the advertised speeds of your wireless equipment.

Redundancy in all The Things

Uptime is a primary concern here at Valiant HQ 5.0. If our network is down, we are unable to do most of our work. To that end, we are building out the network to be as reliable as possible, which means multiple layers of redundant components.

Dual Internet Connections

One connection to be delivered by fiber optic cable and another connection via fixed point wireless. Fixed point wireless is a point-to-point connection delivered by an antenna on the roof, aimed at a nearby node that’s part of its own network, rather than a second cable from a different provider that’s also running out of our basement into the same street. This wireless approach will help us stay online next time the “big yellow cable finder” comes to visit our block.

Dual Sonicwall firewalls in a High Availability configuration

Having a pair of firewalls allows one to take over in case the other one fails. The setup for this is easy, and the second firewall is fairly inexpensive as most of the cost of modern firewalls is the software licensing rather than the hardware. Running dual firewalls also allows us to take advantage of dual UPS units.

Meraki Network switches with dual power supplies

While modern power supplies are very reliable, failures do happen. Dual modular power supplies let operations continue through a power supply failure and a replacement power supply to be installed without downtime.

Dual Uninterruptable Power Supplies

While a UPS unit generally increases reliability of a network by filtering the power and keeping you running through brownouts, it does introduce a potential single point of failure to a network. By using two units and equipment with dual power inputs, we prevent the UPS from being a single point of failure.

Meraki Wireless Access Points

We plan to utilize Meraki WAPs throughout the space, but these will not provide any real redundancy. The WiFi won’t need to be redundant the way other equipment does however, because we do not intend to use them for mission critical services (we still believe in wires at the desk, and everyone’s got a phone, with a cable to spare).

Redundant Offices

If our office became completely unusable due to circumstances beyond our control, we will still provide service to our customers. With our satellite offices in Brooklyn, Philadelphia, and Los Angeles, we will keep services going while we regroup, and the majority of our work can be done from home if necessary. We tested this to great success during Hurricane Sandy, and numerous other blizzards and storms.

The Bottom Line

The bottom line is that everything we do relies so heavily on our network, we must make investing in it a top priority. We balance our investment between redundancy and flexibility, while still respecting our budget. Our office will have wired networking available for every employee, and reliable wireless for both employees and guests. The diversity of our Internet service providers will ensure that we will not lose our connection to the wider world, and our chosen security solution will keep our team and your data safe.