802.11ac (WiFi 5): Un Approfondimento Tecnico su Caratteristiche, Prestazioni e Strategie di Implementazione

Questa guida tecnica completa fornisce un approfondimento sullo standard 802.11ac (WiFi 5), dettagliandone l'architettura, le caratteristiche prestazionali e le strategie di implementazione pratiche. Fornisce ai responsabili IT e agli architetti di rete le conoscenze necessarie per ottimizzare l'infrastruttura esistente, gestire ambienti ad alta densità e prendere decisioni basate su prove riguardo a futuri aggiornamenti.

📖 6 min di lettura📝 1,441 parole🔧 2 esempi❓ 3 domande📚 8 termini chiave

🎧 Ascolta questa guida

Visualizza trascrizione

802.11ac WiFi 5: A Technical Deep Dive into Features, Performance, and Deployment Strategies. A Purple Technical Briefing.

Welcome to the Purple Technical Briefing series. Today we're doing a thorough deep dive into 802.11ac — or WiFi 5 as it's more commonly known in vendor literature and procurement conversations.

Now, you might be thinking: WiFi 5 has been around since 2013. Why are we talking about it now? The answer is straightforward. Despite WiFi 6 and WiFi 7 generating most of the industry noise, the vast majority of enterprise wireless infrastructure currently deployed globally — in hotels, retail chains, conference centres, and public buildings — is still running on 802.11ac hardware. And it will continue to do so for the next three to five years in most mid-market organisations.

So whether you're managing an existing 802.11ac estate, evaluating a refresh cycle, or trying to squeeze more performance out of your current deployment before a capital expenditure conversation, this briefing is for you. We'll cover the technical architecture, the real-world performance characteristics, the limitations you need to plan around, and the deployment strategies that actually work in high-density environments.

Let's get into it.

The IEEE ratified 802.11ac in December 2013. It operates exclusively in the 5 gigahertz band — and that's the first thing to understand. Unlike its predecessor 802.11n, which could operate on both 2.4 gigahertz and 5 gigahertz, 802.11ac is 5 gigahertz only. That's a deliberate design choice to access wider, less congested channels, but it also means your legacy 2.4 gigahertz devices — older IoT sensors, some building management systems, legacy handheld terminals — won't associate to a pure 802.11ac radio. You'll need dual-band access points in any real-world deployment.

Now, the headline number you'll see in vendor datasheets is 3.5 gigabits per second theoretical maximum throughput. That figure comes from Wave 2 hardware using four spatial streams, 160 megahertz channel width, and 256-QAM modulation. In practice, you'll see aggregate throughput in the range of 400 megabits to 1.3 gigabits per second under typical enterprise conditions. The gap between theoretical and practical is significant, and understanding why is central to deploying this standard effectively.

Let's break down the three headline features: MU-MIMO, wider channels, and beamforming.

Multi-User MIMO — MU-MIMO — is arguably the most significant architectural advancement in 802.11ac Wave 2. Prior to MU-MIMO, access points operated in SU-MIMO mode: single-user MIMO, meaning the AP could only transmit to one client device at a time. Every other device had to wait its turn. In a hotel corridor with forty rooms, or a retail floor with a hundred staff devices, that queuing creates measurable latency and throughput degradation.

MU-MIMO allows the access point to transmit simultaneously to up to four client devices on separate spatial streams. Think of it as the difference between a single-lane road and a four-lane motorway. The AP uses beamforming to direct each spatial stream at a specific client, so the signals don't interfere with each other. The practical result in a high-density environment is a meaningful reduction in per-client latency and a more consistent user experience across the cell.

There's an important caveat here, though. MU-MIMO in 802.11ac is downlink only. The AP can transmit to four clients simultaneously, but each client still transmits back to the AP one at a time. This is a fundamental architectural limitation that WiFi 6 addressed with uplink MU-MIMO. In environments where clients are uploading large files — think a conference centre with presenters uploading slide decks, or a warehouse with barcode scanners sending inventory data — this downlink-only constraint becomes a real bottleneck.

Channel width is the second major lever. 802.11ac supports channel widths of 20, 40, 80, and 160 megahertz. Wider channels mean more data throughput — an 80 megahertz channel delivers roughly twice the throughput of a 40 megahertz channel, all else being equal. However, wider channels consume more of the available spectrum, which reduces the number of non-overlapping channels you can configure. In the 5 gigahertz band, you have a limited pool of channels to work with, and if you're deploying multiple access points in close proximity — as you would in a hotel or a stadium — aggressive channel width settings will cause co-channel interference and actually degrade performance.

The practical guidance here is: 80 megahertz channels are the sweet spot for most enterprise deployments. 160 megahertz is theoretically attractive but creates spectrum management headaches in dense environments. 40 megahertz is appropriate for very high-density deployments where you're prioritising channel reuse over per-AP throughput.

Beamforming is the third key feature. 802.11ac mandates implicit beamforming and supports explicit beamforming via a sounding protocol between the AP and the client. In practical terms, the AP uses multiple antennas to shape the transmitted signal — concentrating radio energy toward the intended client rather than broadcasting omnidirectionally. This improves signal quality at the receiver, which allows higher modulation schemes to be used, which translates directly to higher throughput and better range.

The real-world benefit of beamforming is most pronounced at the cell edge — those clients at the far end of the coverage area who would otherwise be operating at lower modulation rates. In a hotel deployment, that's the room at the end of the corridor. In a retail environment, it's the checkout terminal near the fire exit. Beamforming can meaningfully improve the experience for those edge clients without requiring additional access points.

Now let's talk about the modulation scheme. 802.11ac introduced 256-QAM — Quadrature Amplitude Modulation — which encodes 8 bits per symbol compared to 64-QAM's 6 bits per symbol. That's a 33 percent increase in spectral efficiency. The trade-off is that 256-QAM requires a higher signal-to-noise ratio to decode reliably. In practice, this means 256-QAM is only achievable at relatively short range and in environments with low RF interference. In a noisy retail environment or a stadium concourse, you'll often find clients falling back to lower modulation rates, and your real-world throughput will reflect that.

One more architectural point worth understanding: the distinction between Wave 1 and Wave 2 hardware. Wave 1 802.11ac access points, released from around 2013 to 2015, support up to three spatial streams and 80 megahertz channels. Wave 2 hardware, from 2015 onwards, adds the fourth spatial stream, 160 megahertz channel support, and critically, MU-MIMO. If you're managing an estate that includes Wave 1 hardware, you're missing MU-MIMO entirely, and that has significant implications for high-density performance.

Now let me give you the practical deployment guidance that actually makes a difference.

First: access point density. The most common mistake in 802.11ac deployments is under-provisioning AP density. The standard can deliver impressive per-AP throughput on paper, but in a venue with hundreds of concurrent clients, you need to think in terms of clients per AP, not coverage area per AP. A reasonable target for a high-density environment — a hotel conference room, a retail floor, a stadium concourse — is 25 to 30 active clients per AP. If you're planning for more than that on a single radio, you're setting yourself up for performance complaints.

Second: channel planning. This is where most deployments go wrong. Use a proper RF survey tool before finalising your AP placement. Identify sources of interference — microwave ovens, DECT phones, neighbouring networks — and build your channel plan around the available clean spectrum. In the 5 gigahertz band, use DFS channels where your hardware and regulatory domain support it. They're often less congested than the lower U-NII-1 channels that everyone defaults to.

Third: security architecture. 802.11ac itself doesn't mandate a specific security protocol, so your security posture is entirely determined by your configuration choices. For enterprise deployments, IEEE 802.1X with RADIUS authentication is the baseline. WPA2-Enterprise with AES-CCMP is the minimum acceptable standard. If you're running a guest network — which in a hotel or retail environment you almost certainly are — segment it onto a separate VLAN and SSID, enforce client isolation, and implement a captive portal with appropriate data capture for GDPR compliance.

Fourth: the upgrade conversation. If you're on Wave 1 hardware and you're experiencing performance issues in high-density areas, the upgrade to Wave 2 — or better yet, to WiFi 6 — is likely to deliver measurable ROI within twelve to eighteen months through reduced support overhead and improved guest satisfaction scores. If you're already on Wave 2 hardware and your primary use case is guest internet access and basic enterprise applications, you may not need to upgrade for another two to three years.

The pitfall to avoid: don't let vendors push you into a full infrastructure refresh based on theoretical throughput numbers. Benchmark your current deployment, identify the specific bottlenecks, and make the upgrade decision on evidence.

Now let me run through the questions I get most often from network architects and IT managers.

"Can 802.11ac support IoT devices?" — Yes, but with caveats. Many IoT devices only support 2.4 gigahertz, so you'll need dual-band APs. Keep IoT traffic on a separate SSID and VLAN to prevent it from competing with client traffic.

"What's the realistic range of an 802.11ac AP?" — In an open office or hotel corridor, expect reliable coverage at 256-QAM out to about 30 to 40 metres. At the cell edge, you'll be operating at lower modulation rates. Plan your AP placement accordingly.

"Should I enable 160 megahertz channels?" — In most enterprise environments, no. The spectrum management complexity outweighs the throughput benefit. Stick with 80 megahertz unless you have a specific high-throughput use case and a clean RF environment.

"Is WPA3 supported on 802.11ac hardware?" — Many Wave 2 APs support WPA3 via firmware update, but check with your vendor. WPA3-SAE provides meaningful security improvements over WPA2-PSK, particularly for guest networks.

"What about roaming?" — Implement 802.11r for fast BSS transition and 802.11k for neighbour reporting. Without these, roaming between APs in a large venue will cause noticeable session drops.

To bring this together: 802.11ac remains a capable, well-understood standard that, when deployed correctly, delivers excellent performance for the majority of enterprise use cases. The key is understanding its constraints — downlink-only MU-MIMO, 5 gigahertz exclusivity, the spectrum management challenges of wide channels — and designing your deployment around them rather than against them.

If you're planning a new deployment or a refresh, assess your client density requirements first. If you're consistently exceeding 30 clients per AP or you have significant uplink-heavy workloads, WiFi 6 is worth the investment. If you're within those parameters, a well-configured Wave 2 802.11ac deployment will serve you well for the next several years.

For the next steps: conduct an RF site survey if you haven't done one recently, review your channel plan and AP density against your actual client counts, and audit your security configuration against current best practice — particularly if you're handling guest data subject to GDPR or payment card data subject to PCI DSS.

You'll find detailed deployment guides, case studies, and configuration references at purple dot ai. Thanks for listening, and we'll see you in the next briefing.

Punti chiave

✓802.11ac (WiFi 5) operates exclusively in the 5 GHz band, requiring dual-band APs to support legacy 2.4 GHz devices.
✓Wave 2 hardware introduced MU-MIMO, allowing APs to transmit to up to four clients simultaneously, significantly reducing latency in dense environments.
✓MU-MIMO in 802.11ac is downlink only; upstream traffic remains sequential, which can bottleneck upload-heavy workloads.
✓While 80 MHz and 160 MHz channels offer higher peak speeds, they increase interference risks; 40 MHz is often the optimal choice for dense enterprise deployments.
✓High client density requires designing for capacity rather than coverage, targeting 30-40 clients per AP radio.
✓Implementing Minimum Mandatory Data Rates and roaming protocols (802.11r/k) is essential for maintaining performance and preventing 'sticky clients'.
✓Upgrading from Wave 2 to WiFi 6 is primarily justified by extreme client density or high uplink requirements; otherwise, optimized 802.11ac can serve effectively for years.

Sintesi Esecutiva

Sebbene i nuovi standard wireless dominino il dibattito del settore, l'802.11ac (WiFi 5) rimane l'infrastruttura fondamentale per la stragrande maggioranza degli ambienti aziendali a livello globale. Dalle vaste catene di vendita al dettaglio ai luoghi di ospitalità ad alta densità, questo standard continua a gestire carichi di lavoro mission-critical. Tuttavia, raggiungere le metriche di prestazione teoriche spesso citate nelle schede tecniche dei fornitori richiede una comprensione rigorosa dell'architettura sottostante dello standard, in particolare la sua dipendenza dalla banda a 5 GHz, dal Multi-User MIMO (MU-MIMO) e da complessi schemi di modulazione.

Questa guida fornisce un'analisi tecnica definitiva dell'802.11ac, progettata specificamente per i leader IT, gli architetti di rete e i direttori delle operazioni delle sedi. Va oltre la teoria accademica per fornire strategie di implementazione attuabili, quadri di mitigazione del rischio e chiare considerazioni sul ROI. Padroneggiando le sfumature della pianificazione dei canali, degli stream spaziali e della gestione della densità dei client, le organizzazioni possono massimizzare la durata e le prestazioni dei loro investimenti WiFi 5 esistenti prima di impegnarsi in costosi aggiornamenti dell'infrastruttura.

Approfondimento Tecnico

Fondamenti Architettonici

Ratificato dall'IEEE nel dicembre 2013, l'802.11ac ha rappresentato un cambiamento di paradigma nel networking wireless, allontanandosi dall'approccio dual-band dell'802.11n per operare esclusivamente all'interno della banda di frequenza a 5 GHz. Questa scelta di design fondamentale è stata guidata dalla necessità di canali più ampi e contigui per supportare velocità di trasmissione dati significativamente più elevate. Lo spettro a 5 GHz offre un numero maggiore di canali non sovrapposti, mitigando la grave interferenza co-canale che affligge la congestionata banda a 2.4 GHz.

Lo standard è ampiamente classificato in due generazioni hardware: Wave 1 e Wave 2. Gli access point (AP) Wave 1, introdotti inizialmente, supportano tipicamente fino a tre stream spaziali e larghezze di canale fino a 80 MHz, offrendo un throughput teorico massimo di 1.3 Gbps. Wave 2, introdotto intorno al 2015, rappresenta lo standard pienamente realizzato, aggiungendo il supporto per un quarto stream spaziale, canali a 160 MHz e, in modo cruciale, la tecnologia MU-MIMO, spingendo i massimi teorici a 3.5 Gbps.

Multi-User MIMO (MU-MIMO)

Prima dell'802.11ac Wave 2, gli access point operavano utilizzando il Single-User MIMO (SU-MIMO). In questa modalità, l'AP comunica con un solo dispositivo client in qualsiasi microsecondo. In ambienti ad alta densità — come un atrio di uno stadio o un affollato piano di vendita al dettaglio — questa elaborazione sequenziale crea un collo di bottiglia, aumentando la latenza mentre i dispositivi si mettono in coda per il tempo di trasmissione.

Il MU-MIMO risolve questo problema consentendo all'AP di trasmettere dati a più dispositivi client contemporaneamente attraverso diversi stream spaziali. Un AP 802.11ac Wave 2 può trasmettere a un massimo di quattro client contemporaneamente. Ciò si ottiene tramite un sofisticato beamforming di trasmissione, in cui l'AP calcola il percorso RF per ciascun client e dirige con precisione gli stream spaziali per minimizzare le interferenze tra di essi.

È fondamentale notare che il MU-MIMO 802.11ac è solo in downlink. L'AP può inviare dati a più client contemporaneamente, ma i client devono comunque trasmettere all'AP in sequenza. Questa limitazione significa che, mentre le applicazioni con traffico prevalentemente in downstream (come lo streaming video) vedono enormi miglioramenti, i carichi di lavoro con traffico prevalentemente in upstream (come centinaia di utenti che caricano file su un server cloud) sperimenteranno comunque contesa.

Larghezza del Canale e Modulazione

L'802.11ac raggiunge il suo elevato throughput in parte unendo i canali. Supporta larghezze di canale di 20, 40, 80 e, opzionalmente, 160 MHz. Un canale a 80 MHz raddoppia efficacemente il throughput di un canale a 40 MHz fornendo un 'tubo' più ampio per la trasmissione dei dati. Tuttavia, i canali più ampi consumano più dello spettro a 5 GHz disponibile, riducendo il numero totale di canali indipendenti disponibili per l'implementazione. In ambienti aziendali densi, l'implementazione di canali a 160 MHz porta spesso a inevitabili interferenze co-canale (CCI), che degradano gravemente le prestazioni complessive della rete.

Inoltre, l'802.11ac ha introdotto la 256-QAM (Modulazione di Ampiezza in Quadratura). Rispetto alla 64-QAM utilizzata nell'802.11n, la 256-QAM codifica 8 bit per simbolo anziché 6, producendo un aumento del 33% nell'efficienza spettrale. Il compromesso è la sensibilità: la 256-QAM richiede un ambiente RF eccezionalmente pulito e un elevato rapporto segnale/rumore (SNR). In pratica, i client raggiungeranno le velocità di modulazione 256-QAM solo quando sono relativamente vicini all'AP e privi di interferenze significative.

Guida all'Implementazione

Pianificazione della Capacità rispetto alla Copertura

L'errore architettonico più frequente nelle implementazioni 802.11ac è progettare per la copertura RF piuttosto che per la capacità client. Sebbene un singolo AP possa proiettare un segnale utilizzabile in una grande sala conferenze, non può supportare la connessione simultanea di 200 dispositivi senza un grave degrado delle prestazioni.

Strategia Attuabile: Progetta la tua rete basandoti sui conteggi di client attivi. Per i tipici carichi di lavoro aziendali, punta a un massimo di 30-40 client attivi per radio. Negli scenari ad alta densità (ad esempio, un'aula universitaria), questo numero dovrebbe essere ridotto a 20-25. Ciò richiede la distribuzione di più AP con livelli di potenza di trasmissione inferiori per creare micro-celle più piccole e dense.

Allocazione Strategica dei Canali

Una pianificazione efficace dei canali è la base di una rete stabile Rete 802.11ac. Poiché lo standard si basa fortemente su canali a 80 MHz per prestazioni ottimali, lo spettro disponibile viene rapidamente consumato.

Strategia Azionabile:

Condurre un'accurata indagine del sito RF per identificare le fonti di interferenza esistenti.
Sfruttare i canali DFS (Dynamic Frequency Selection). Questi canali (tipicamente UNII-2 e UNII-2 Extended) offrono uno spettro significativamente maggiore ma richiedono all'AP di monitorare le firme radar e cambiare canale se viene rilevato un radar. Se la tua sede non si trova vicino a un aeroporto o a una stazione meteorologica, i canali DFS sono preziosi per evitare la congestione.
Standardizzare i canali a 40 MHz o 80 MHz. Evitare i canali a 160 MHz in implementazioni multi-AP a meno che non si operi in completo isolamento RF.

Architettura di Sicurezza e Conformità

Per le implementazioni aziendali, WPA2-Enterprise (802.1X/EAP) che utilizza la crittografia AES-CCMP rimane la base standard. Tuttavia, l'aumento degli attacchi sofisticati contro l'infrastruttura RADIUS richiede un approccio rafforzato.

Strategia Azionabile: Assicurati che i tuoi server RADIUS siano patchati e configurati per rifiutare i protocolli di autenticazione legacy (come MS-CHAPv1 o LEAP). Per una panoramica completa sulla sicurezza dell'infrastruttura di autenticazione, consulta la nostra guida su Mitigare le Vulnerabilità RADIUS: Una Guida al Rafforzamento della Sicurezza .

Quando si implementano reti di accesso pubblico, come Guest WiFi in ambienti Retail o Hospitality , segmentare il traffico su VLAN dedicate. Implementare l'isolamento dei client per prevenire il movimento laterale tra i dispositivi guest e assicurarsi che il Captive Portal sia conforme alle normative locali sulla privacy dei dati (ad esempio, GDPR).

Migliori Pratiche

L'implementazione Dual-Band è Obbligatoria: Poiché 802.11ac è solo a 5 GHz, è necessario implementare AP dual-band (che supportano 802.11n a 2.4 GHz) per accogliere dispositivi legacy e sensori IoT. Assicurarsi che il band-steering sia abilitato per spingere i client compatibili allo spettro a 5 GHz.
Abilitare 802.11r, 802.11k e 802.11v: Questi protocolli di roaming sono fondamentali per i client mobili (come telefoni VoIP o scanner di codici a barre). Facilitano la transizione rapida BSS e forniscono ai client rapporti sui vicini, garantendo passaggi fluidi tra gli AP senza interruzioni di sessione.
Verificare la Potenza di Trasmissione: Non lasciare mai gli AP alla potenza di trasmissione 'massima'. Ciò crea problemi di routing asimmetrico in cui un client può 'sentire' l'AP, ma l'AP non può sentire la trasmissione più debole dalla piccola antenna del client. Abbinare la potenza di trasmissione dell'AP alla capacità media dei dispositivi client (tipicamente 12-15 dBm).

Risoluzione dei Problemi e Mitigazione dei Rischi

Il Problema del 'Client Appiccicoso'

Sintomo: Un dispositivo rimane connesso a un AP distante con un segnale debole, anche quando è disponibile un AP più vicino, con conseguenti scarse prestazioni per quell'utente e un peggioramento delle prestazioni complessive della cella poiché l'AP impiega un tempo eccessivo a comunicare a basse velocità di trasmissione dati.

Mitigazione: Implementare Velocità di Trasmissione Dati Minime Obbligatorie. Disabilitando le velocità di trasmissione dati più basse (ad esempio, 1, 2, 5.5 e 11 Mbps a 2.4 GHz; 6 e 9 Mbps a 5 GHz), si costringono i client a interrompere la connessione quando il segnale si degrada, spingendoli a passare a un AP più vicino.

Interferenza Co-Canale (CCI)

Sintomo: Elevato utilizzo del canale e throughput scarso nonostante la forte intensità del segnale. Ciò si verifica quando più AP sullo stesso canale possono sentirsi a vicenda, inducendoli a ritardare la trasmissione per evitare collisioni.

Mitigazione: Ridurre le larghezze di canale (ad esempio, da 80 MHz a 40 MHz) per aumentare il numero di canali non sovrapposti disponibili. Ridurre la potenza di trasmissione dell'AP per ridurre le dimensioni della cella e minimizzare la sovrapposizione tra AP adiacenti.

ROI e Impatto sul Business

Per i direttori IT che valutano la propria infrastruttura, la decisione di mantenere una rete 802.11ac rispetto all'aggiornamento a WiFi 6 (802.11ax) o WiFi 7 deve essere basata su risultati aziendali misurabili piuttosto che su specifiche puramente tecniche.

Se la tua implementazione attuale consiste in hardware Wave 2 e i tuoi casi d'uso primari coinvolgono applicazioni aziendali standard e accesso a internet per gli ospiti, una rete 802.11ac ben ottimizzata può supportare comodamente le operazioni per altri 2-3 anni. Il ROI in questo scenario deriva dal differimento delle spese in conto capitale, utilizzando piattaforme di analisi avanzate come WiFi Analytics per estrarre più valore dall'infrastruttura esistente.

Al contrario, se la tua sede — come un grande hub di Trasporto o uno stadio — sta riscontrando colli di bottiglia costanti a causa dell'elevata densità di client o richiede una significativa capacità di uplink, il costo operativo della risoluzione dei problemi e della scarsa esperienza utente supererà rapidamente il costo di un aggiornamento. In questi specifici ambienti ad alta densità, le capacità OFDMA di WiFi 6 offrono un ritorno sull'investimento convincente e immediato.

Termini chiave e definizioni

MU-MIMO (Multi-User Multiple Input Multiple Output)

A technology that allows an access point to transmit data to multiple client devices simultaneously using separate spatial streams.

Critical for improving efficiency in high-density environments like conference centres, though in 802.11ac, this is limited to downlink traffic only.

QAM (Quadrature Amplitude Modulation)

A method of encoding data onto a radio wave. 802.11ac uses 256-QAM, which packs more data into each transmission compared to older standards.

Higher QAM rates require excellent signal quality. If the environment is noisy, devices will fall back to lower modulation rates, reducing throughput.

Spatial Streams

Independent data signals transmitted simultaneously from multiple antennas on the same frequency channel.

More spatial streams mean higher potential throughput. Wave 2 APs typically support four spatial streams (4x4:4).

Beamforming

A signal processing technique used to direct the RF energy toward a specific client device rather than broadcasting it omnidirectionally.

Improves signal strength and range for devices at the edge of the AP's coverage cell, enabling higher data rates.

Co-Channel Interference (CCI)

Interference caused when two or more access points operate on the same frequency channel and can 'hear' each other.

The primary cause of poor performance in dense deployments. Mitigated by careful channel planning and reducing transmit power.

DFS (Dynamic Frequency Selection)

A mechanism that allows WiFi devices to use 5 GHz channels that are shared with radar systems, provided the WiFi device vacates the channel if radar is detected.

Essential for unlocking additional spectrum in the 5 GHz band to support multiple 40 MHz or 80 MHz channels.

Band Steering

A feature that encourages dual-band client devices to connect to the less congested 5 GHz band rather than the crowded 2.4 GHz band.

Crucial for maximising the performance benefits of 802.11ac, as the standard operates exclusively on 5 GHz.

802.11r (Fast BSS Transition)

An IEEE standard that allows a client device to roam quickly and securely from one AP to another without needing to re-authenticate with the RADIUS server.

Vital for environments using WPA2-Enterprise where mobile devices (like VoIP phones) require uninterrupted connectivity while moving.

Casi di studio

A 300-room corporate hotel is experiencing widespread complaints regarding WiFi speeds during the evening peak hours (7 PM - 10 PM). The current infrastructure utilises 802.11ac Wave 1 APs deployed in the corridors, configured with 80 MHz channels and maximum transmit power. How should the IT team remediate this?

Redesign AP Placement: Move APs from the corridors into the guest rooms to overcome the attenuation caused by fire doors and en-suite bathrooms.
Adjust Channel Widths: Reduce channel width from 80 MHz to 40 MHz. This doubles the available non-overlapping channels, drastically reducing Co-Channel Interference (CCI) between adjacent rooms.
Optimise Transmit Power: Reduce the AP transmit power from maximum to approximately 12-14 dBm to match typical smartphone transmission capabilities and contain the RF cell within the intended coverage area.
Enable Band Steering: Force 5 GHz-capable devices off the congested 2.4 GHz band.

Note di implementazione: The original deployment suffered from classic 'coverage-first' design flaws. Corridor placement combined with maximum transmit power and wide channels guarantees severe CCI. By shrinking the cell size and increasing the number of available channels, the network transitions from a high-interference, high-contention state to a stable, high-capacity architecture, despite using older Wave 1 hardware.

A large retail chain is deploying a new fleet of handheld inventory scanners that rely on continuous connection to a central database. Staff report that the scanners frequently disconnect and lose data when moving between aisles. The network is running 802.11ac Wave 2.

Enable Roaming Protocols: Activate 802.11r (Fast BSS Transition) and 802.11k (Radio Resource Measurement) on the WLAN controller.
Implement Minimum Data Rates: Disable legacy data rates (1, 2, 5.5, 11 Mbps) to prevent 'sticky clients' from holding onto distant APs.
Verify Coverage Overlap: Conduct an active survey to ensure a minimum of -67 dBm primary coverage and -70 dBm secondary coverage in all aisles, providing clients with viable roaming targets.

Note di implementazione: Mobile devices like barcode scanners require seamless handoffs. Without 802.11r/k, the client must perform a full authentication handshake every time it moves to a new AP, causing the session drops reported by staff. Disabling low data rates forces the client to make roaming decisions earlier, preventing the connection from degrading to the point of failure.

Analisi degli scenari

Q1. You are designing the WiFi infrastructure for a new university lecture hall that seats 400 students. The university standardises on 802.11ac Wave 2 hardware. Assuming each student brings two devices (a laptop and a smartphone), how should you approach AP placement and channel configuration?

💡 Suggerimento:Consider the maximum client capacity per radio and the availability of non-overlapping channels in the 5 GHz band.

Mostra l'approccio consigliato

With 800 potential devices, capacity is the primary constraint. Targeting 30 devices per radio, you require approximately 27 AP radios. To achieve this density without catastrophic Co-Channel Interference (CCI), you must use narrow 20 MHz channels to maximise the number of available non-overlapping channels (including DFS channels). APs should be deployed using directional patch antennas mounted overhead or under-seat to create tightly focused micro-cells, and transmit power must be set to minimum levels.

Q2. A network monitoring dashboard shows that an 802.11ac AP in a busy hospital waiting area is experiencing 80% channel utilisation, yet average throughput per client is less than 2 Mbps. The AP is configured for 80 MHz channels. What is the most likely cause, and what is the immediate remediation?

💡 Suggerimento:High utilisation with low throughput often indicates that the AP is spending excessive time waiting or transmitting at very low data rates.

Mostra l'approccio consigliato

The most likely cause is Co-Channel Interference (CCI) combined with clients connecting at the cell edge. The wide 80 MHz channel is likely overlapping with adjacent APs, causing devices to defer transmissions. The immediate remediation is to reduce the channel width to 40 MHz (or even 20 MHz) to find clean spectrum, and to implement Minimum Mandatory Data Rates (disabling rates below 12 Mbps) to force distant 'sticky' clients to roam to closer APs.

Q3. During a security audit, a penetration tester successfully captures a WPA2-Enterprise handshake from your 802.11ac network. What specific configuration on the RADIUS server would prevent this captured handshake from being cracked offline?

💡 Suggerimento:Consider the authentication protocols used within the EAP tunnel.

Mostra l'approccio consigliato

The RADIUS server must be configured to enforce EAP-TLS or PEAP-MSCHAPv2, ensuring that legacy, vulnerable protocols like LEAP or unprotected MS-CHAPv1 are explicitly disabled. Furthermore, ensuring that client devices are strictly configured to validate the RADIUS server's digital certificate prevents rogue APs from capturing the handshake in the first place.