There are several basic physical configurations that can be used in a WLAN
deployment. This section will discuss the following primary WLAN topologies:
-
Peer-to-Peer (Ad Hoc) Topology (IBSS) – As Figure
shows, a
wireless service set can consist of nothing more than two or more PCs, each
with a wireless network card. This configuration, which does not include an AP,
is called an Independent BSS (IBSS). Operating systems such as Windows 98 or
Windows XP have made this type of peer-to-peer network very easy to set up.
This topology can be used for a small office or home office, to allow a laptop
to be connected to the main PC, or for several individuals, to simply share
files. However, coverage limitations are a drawback in this type of a network
since everyone must be able to hear everyone else.
-
Basic Infrastructure Topology (BSS) – The basic service set (BSS) is
the building block of an 802.11 LAN. Figure
shows a
BSS with three stations that are members of the BSS, in addition to the AP. The
BSS covers a single cell, as indicated by the circle. When a device moves out
of its BSS, it can no longer communicate with other members of the BSS. A BSS
uses infrastructure mode, a mode that needs an access point (AP). All stations
communicate through the AP. The stations do not communicate directly. A BSS has
one service set ID (SSID).
-
Extended Infrastructure Topology (ESS) – An extended service set
(ESS) is defined as two or more BSSs that are connected by a common
distribution system, as illustrated in Figure
. This allows the
creation of a wireless network of arbitrary size and complexity. As with a BSS,
all packets in an ESS must go through one of the APs.
-
Dial-up – The dialup topology is designed for the small office/home
office (SOHO) market. It allows telecommuters, SOHOs, and home users the
convenience of wireless connectivity via an AP, as shown in Figure
. In fact, some
APs are less than $50 USD. Shared dialup connectivity allows both wired and
wireless devices access to the modem and the Internet. A PC running Windows
2000 or XP Internet Connection Sharing provides the connectivity and also
functions as a DHCP server for the wireless clients. Unfortunately, even though
dialup is quite inexpensive, it is quite slow compared to the latest broadband
technologies. Many consumers are choosing to go with broadband technologies if
available.
-
Broadband – With greater availability of broadband services such as
cable, DSL, wireless and satellite, many users are switching from dialup to
broadband. Also, users are now installing home networks in order to share the
high speed Internet connection as well as local file and print services. The
basic home network topology consists of the "modem", a router, a
hub/switch, a wireless AP, and clients. In some cases, the router, switch, and
wireless AP are housed in a single unit called a wireless router.
There are still many broadband users with a standalone PC directly
connected to the Cable or DSL modem. Since users are directly exposed to
Internet attacks, this simple but insecure topology should be secured by some
type of hardware or software firewall. Without any protection, the PC many
"open" TCP ports will soon be compromised by attackers. Even if users
do not have any valuable information on the PC, the device can be used to
assist attackers to compromise other networks.
Wireless routers
typically support both Cable and DSL, as Figure
shows. In this
topology, the AP or wireless router will support the wireless clients, while
the built in switch supports the wired devices. Other services such as DHCP and
Network Address Translation (NAT) are provided by the router. NAT enables
multiple LAN devices using private IP addressing to share a single public IP
address. Many vendors are also including firewall features such as access
control, filtering and stateful inspection to protect the LAN devices from
attackers. In addition to the wireless security issues, home users with an
"always on" Internet connection are more prone to attackers.