802.11ac (WiFi 5): Uma Análise Técnica Aprofundada de Funcionalidades, Desempenho e Estratégias de Implementação

Este guia técnico abrangente oferece uma análise aprofundada do padrão 802.11ac (WiFi 5), detalhando a sua arquitetura, características de desempenho e estratégias práticas de implementação. Capacita gestores de TI e arquitetos de rede com o conhecimento necessário para otimizar a infraestrutura existente, gerir ambientes de alta densidade e tomar decisões baseadas em evidências sobre futuras atualizações.

📖 6 min de leitura📝 1,441 palavras🔧 2 exemplos❓ 3 perguntas📚 8 termos-chave

🎧 Ouça este Guia

Ver Transcrição

802.11ac WiFi 5: A Technical Deep Dive into Features, Performance, and Deployment Strategies. A Purple Technical Briefing.

Welcome to the Purple Technical Briefing series. Today we're doing a thorough deep dive into 802.11ac — or WiFi 5 as it's more commonly known in vendor literature and procurement conversations.

Now, you might be thinking: WiFi 5 has been around since 2013. Why are we talking about it now? The answer is straightforward. Despite WiFi 6 and WiFi 7 generating most of the industry noise, the vast majority of enterprise wireless infrastructure currently deployed globally — in hotels, retail chains, conference centres, and public buildings — is still running on 802.11ac hardware. And it will continue to do so for the next three to five years in most mid-market organisations.

So whether you're managing an existing 802.11ac estate, evaluating a refresh cycle, or trying to squeeze more performance out of your current deployment before a capital expenditure conversation, this briefing is for you. We'll cover the technical architecture, the real-world performance characteristics, the limitations you need to plan around, and the deployment strategies that actually work in high-density environments.

Let's get into it.

The IEEE ratified 802.11ac in December 2013. It operates exclusively in the 5 gigahertz band — and that's the first thing to understand. Unlike its predecessor 802.11n, which could operate on both 2.4 gigahertz and 5 gigahertz, 802.11ac is 5 gigahertz only. That's a deliberate design choice to access wider, less congested channels, but it also means your legacy 2.4 gigahertz devices — older IoT sensors, some building management systems, legacy handheld terminals — won't associate to a pure 802.11ac radio. You'll need dual-band access points in any real-world deployment.

Now, the headline number you'll see in vendor datasheets is 3.5 gigabits per second theoretical maximum throughput. That figure comes from Wave 2 hardware using four spatial streams, 160 megahertz channel width, and 256-QAM modulation. In practice, you'll see aggregate throughput in the range of 400 megabits to 1.3 gigabits per second under typical enterprise conditions. The gap between theoretical and practical is significant, and understanding why is central to deploying this standard effectively.

Let's break down the three headline features: MU-MIMO, wider channels, and beamforming.

Multi-User MIMO — MU-MIMO — is arguably the most significant architectural advancement in 802.11ac Wave 2. Prior to MU-MIMO, access points operated in SU-MIMO mode: single-user MIMO, meaning the AP could only transmit to one client device at a time. Every other device had to wait its turn. In a hotel corridor with forty rooms, or a retail floor with a hundred staff devices, that queuing creates measurable latency and throughput degradation.

MU-MIMO allows the access point to transmit simultaneously to up to four client devices on separate spatial streams. Think of it as the difference between a single-lane road and a four-lane motorway. The AP uses beamforming to direct each spatial stream at a specific client, so the signals don't interfere with each other. The practical result in a high-density environment is a meaningful reduction in per-client latency and a more consistent user experience across the cell.

There's an important caveat here, though. MU-MIMO in 802.11ac is downlink only. The AP can transmit to four clients simultaneously, but each client still transmits back to the AP one at a time. This is a fundamental architectural limitation that WiFi 6 addressed with uplink MU-MIMO. In environments where clients are uploading large files — think a conference centre with presenters uploading slide decks, or a warehouse with barcode scanners sending inventory data — this downlink-only constraint becomes a real bottleneck.

Channel width is the second major lever. 802.11ac supports channel widths of 20, 40, 80, and 160 megahertz. Wider channels mean more data throughput — an 80 megahertz channel delivers roughly twice the throughput of a 40 megahertz channel, all else being equal. However, wider channels consume more of the available spectrum, which reduces the number of non-overlapping channels you can configure. In the 5 gigahertz band, you have a limited pool of channels to work with, and if you're deploying multiple access points in close proximity — as you would in a hotel or a stadium — aggressive channel width settings will cause co-channel interference and actually degrade performance.

The practical guidance here is: 80 megahertz channels are the sweet spot for most enterprise deployments. 160 megahertz is theoretically attractive but creates spectrum management headaches in dense environments. 40 megahertz is appropriate for very high-density deployments where you're prioritising channel reuse over per-AP throughput.

Beamforming is the third key feature. 802.11ac mandates implicit beamforming and supports explicit beamforming via a sounding protocol between the AP and the client. In practical terms, the AP uses multiple antennas to shape the transmitted signal — concentrating radio energy toward the intended client rather than broadcasting omnidirectionally. This improves signal quality at the receiver, which allows higher modulation schemes to be used, which translates directly to higher throughput and better range.

The real-world benefit of beamforming is most pronounced at the cell edge — those clients at the far end of the coverage area who would otherwise be operating at lower modulation rates. In a hotel deployment, that's the room at the end of the corridor. In a retail environment, it's the checkout terminal near the fire exit. Beamforming can meaningfully improve the experience for those edge clients without requiring additional access points.

Now let's talk about the modulation scheme. 802.11ac introduced 256-QAM — Quadrature Amplitude Modulation — which encodes 8 bits per symbol compared to 64-QAM's 6 bits per symbol. That's a 33 percent increase in spectral efficiency. The trade-off is that 256-QAM requires a higher signal-to-noise ratio to decode reliably. In practice, this means 256-QAM is only achievable at relatively short range and in environments with low RF interference. In a noisy retail environment or a stadium concourse, you'll often find clients falling back to lower modulation rates, and your real-world throughput will reflect that.

One more architectural point worth understanding: the distinction between Wave 1 and Wave 2 hardware. Wave 1 802.11ac access points, released from around 2013 to 2015, support up to three spatial streams and 80 megahertz channels. Wave 2 hardware, from 2015 onwards, adds the fourth spatial stream, 160 megahertz channel support, and critically, MU-MIMO. If you're managing an estate that includes Wave 1 hardware, you're missing MU-MIMO entirely, and that has significant implications for high-density performance.

Now let me give you the practical deployment guidance that actually makes a difference.

First: access point density. The most common mistake in 802.11ac deployments is under-provisioning AP density. The standard can deliver impressive per-AP throughput on paper, but in a venue with hundreds of concurrent clients, you need to think in terms of clients per AP, not coverage area per AP. A reasonable target for a high-density environment — a hotel conference room, a retail floor, a stadium concourse — is 25 to 30 active clients per AP. If you're planning for more than that on a single radio, you're setting yourself up for performance complaints.

Second: channel planning. This is where most deployments go wrong. Use a proper RF survey tool before finalising your AP placement. Identify sources of interference — microwave ovens, DECT phones, neighbouring networks — and build your channel plan around the available clean spectrum. In the 5 gigahertz band, use DFS channels where your hardware and regulatory domain support it. They're often less congested than the lower U-NII-1 channels that everyone defaults to.

Third: security architecture. 802.11ac itself doesn't mandate a specific security protocol, so your security posture is entirely determined by your configuration choices. For enterprise deployments, IEEE 802.1X with RADIUS authentication is the baseline. WPA2-Enterprise with AES-CCMP is the minimum acceptable standard. If you're running a guest network — which in a hotel or retail environment you almost certainly are — segment it onto a separate VLAN and SSID, enforce client isolation, and implement a captive portal with appropriate data capture for GDPR compliance.

Fourth: the upgrade conversation. If you're on Wave 1 hardware and you're experiencing performance issues in high-density areas, the upgrade to Wave 2 — or better yet, to WiFi 6 — is likely to deliver measurable ROI within twelve to eighteen months through reduced support overhead and improved guest satisfaction scores. If you're already on Wave 2 hardware and your primary use case is guest internet access and basic enterprise applications, you may not need to upgrade for another two to three years.

The pitfall to avoid: don't let vendors push you into a full infrastructure refresh based on theoretical throughput numbers. Benchmark your current deployment, identify the specific bottlenecks, and make the upgrade decision on evidence.

Now let me run through the questions I get most often from network architects and IT managers.

"Can 802.11ac support IoT devices?" — Yes, but with caveats. Many IoT devices only support 2.4 gigahertz, so you'll need dual-band APs. Keep IoT traffic on a separate SSID and VLAN to prevent it from competing with client traffic.

"What's the realistic range of an 802.11ac AP?" — In an open office or hotel corridor, expect reliable coverage at 256-QAM out to about 30 to 40 metres. At the cell edge, you'll be operating at lower modulation rates. Plan your AP placement accordingly.

"Should I enable 160 megahertz channels?" — In most enterprise environments, no. The spectrum management complexity outweighs the throughput benefit. Stick with 80 megahertz unless you have a specific high-throughput use case and a clean RF environment.

"Is WPA3 supported on 802.11ac hardware?" — Many Wave 2 APs support WPA3 via firmware update, but check with your vendor. WPA3-SAE provides meaningful security improvements over WPA2-PSK, particularly for guest networks.

"What about roaming?" — Implement 802.11r for fast BSS transition and 802.11k for neighbour reporting. Without these, roaming between APs in a large venue will cause noticeable session drops.

To bring this together: 802.11ac remains a capable, well-understood standard that, when deployed correctly, delivers excellent performance for the majority of enterprise use cases. The key is understanding its constraints — downlink-only MU-MIMO, 5 gigahertz exclusivity, the spectrum management challenges of wide channels — and designing your deployment around them rather than against them.

If you're planning a new deployment or a refresh, assess your client density requirements first. If you're consistently exceeding 30 clients per AP or you have significant uplink-heavy workloads, WiFi 6 is worth the investment. If you're within those parameters, a well-configured Wave 2 802.11ac deployment will serve you well for the next several years.

For the next steps: conduct an RF site survey if you haven't done one recently, review your channel plan and AP density against your actual client counts, and audit your security configuration against current best practice — particularly if you're handling guest data subject to GDPR or payment card data subject to PCI DSS.

You'll find detailed deployment guides, case studies, and configuration references at purple dot ai. Thanks for listening, and we'll see you in the next briefing.

Principais Conclusões

✓802.11ac (WiFi 5) operates exclusively in the 5 GHz band, requiring dual-band APs to support legacy 2.4 GHz devices.
✓Wave 2 hardware introduced MU-MIMO, allowing APs to transmit to up to four clients simultaneously, significantly reducing latency in dense environments.
✓MU-MIMO in 802.11ac is downlink only; upstream traffic remains sequential, which can bottleneck upload-heavy workloads.
✓While 80 MHz and 160 MHz channels offer higher peak speeds, they increase interference risks; 40 MHz is often the optimal choice for dense enterprise deployments.
✓High client density requires designing for capacity rather than coverage, targeting 30-40 clients per AP radio.
✓Implementing Minimum Mandatory Data Rates and roaming protocols (802.11r/k) is essential for maintaining performance and preventing 'sticky clients'.
✓Upgrading from Wave 2 to WiFi 6 is primarily justified by extreme client density or high uplink requirements; otherwise, optimized 802.11ac can serve effectively for years.

Resumo Executivo

Embora os padrões sem fios mais recentes dominem o discurso da indústria, o 802.11ac (WiFi 5) continua a ser a infraestrutura fundamental para a grande maioria dos ambientes empresariais a nível global. Desde grandes cadeias de retalho a locais de hospitalidade de alta densidade, este padrão continua a gerir cargas de trabalho de missão crítica. No entanto, alcançar as métricas de desempenho teóricas frequentemente citadas nas folhas de dados dos fornecedores exige uma compreensão rigorosa da arquitetura subjacente do padrão, particularmente a sua dependência da banda de 5 GHz, Multi-User MIMO (MU-MIMO) e esquemas de modulação complexos.

Este guia fornece uma análise técnica definitiva do 802.11ac, concebido especificamente para líderes de TI, arquitetos de rede e diretores de operações de espaços. Vai além da teoria académica para fornecer estratégias de implementação acionáveis, estruturas de mitigação de riscos e considerações claras de ROI. Ao dominar as nuances do planeamento de canais, fluxos espaciais e gestão da densidade de clientes, as organizações podem maximizar a vida útil e o desempenho dos seus investimentos existentes em WiFi 5 antes de se comprometerem com atualizações de infraestrutura dispendiosas.

Análise Técnica Aprofundada

Fundamentos Arquitetónicos

Ratificado pelo IEEE em dezembro de 2013, o 802.11ac representou uma mudança de paradigma nas redes sem fios, afastando-se da abordagem de banda dupla do 802.11n para operar exclusivamente na banda de frequência de 5 GHz. Esta escolha de design fundamental foi impulsionada pela necessidade de canais mais amplos e contíguos para suportar taxas de dados significativamente mais elevadas. O espectro de 5 GHz oferece um maior número de canais não sobrepostos, mitigando a grave interferência de co-canal que afeta a banda congestionada de 2.4 GHz.

O padrão é amplamente categorizado em duas gerações de hardware: Wave 1 e Wave 2. Os pontos de acesso (APs) Wave 1, introduzidos inicialmente, tipicamente suportam até três fluxos espaciais e larguras de canal até 80 MHz, fornecendo um débito teórico máximo de 1.3 Gbps. O Wave 2, introduzido por volta de 2015, representa o padrão totalmente realizado, adicionando suporte para um quarto fluxo espacial, canais de 160 MHz e, crucialmente, a tecnologia MU-MIMO, elevando os máximos teóricos para 3.5 Gbps.

Multi-User MIMO (MU-MIMO)

Antes do 802.11ac Wave 2, os pontos de acesso operavam usando Single-User MIMO (SU-MIMO). Neste modo, o AP comunica com apenas um dispositivo cliente em qualquer microssegundo. Em ambientes de alta densidade — como um átrio de estádio ou um movimentado piso de retalho — este processamento sequencial cria um gargalo, aumentando a latência à medida que os dispositivos aguardam por tempo de antena.

O MU-MIMO resolve isto permitindo que o AP transmita dados para múltiplos dispositivos cliente simultaneamente através de diferentes fluxos espaciais. Um AP 802.11ac Wave 2 pode transmitir para até quatro clientes em simultâneo. Isto é conseguido através de um sofisticado beamforming de transmissão, onde o AP calcula o caminho de RF para cada cliente e direciona precisamente os fluxos espaciais para minimizar a interferência entre eles.

É fundamental notar que o MU-MIMO 802.11ac é apenas em downlink. O AP pode enviar dados para múltiplos clientes simultaneamente, mas os clientes ainda devem transmitir de volta para o AP sequencialmente. Esta limitação significa que, embora as aplicações com uso intensivo de downstream (como streaming de vídeo) vejam melhorias massivas, as cargas de trabalho com uso intensivo de upstream (como centenas de utilizadores a carregar ficheiros para um servidor na cloud) ainda irão experienciar contenção.

Largura de Canal e Modulação

O 802.11ac alcança o seu alto débito em parte ao agrupar canais. Suporta larguras de canal de 20, 40, 80 e, opcionalmente, 160 MHz. Um canal de 80 MHz duplica efetivamente o débito de um canal de 40 MHz, fornecendo um 'tubo' mais largo para a transmissão de dados. No entanto, canais mais largos consomem mais do espectro de 5 GHz disponível, reduzindo o número total de canais independentes disponíveis para implementação. Em ambientes empresariais densos, a implementação de canais de 160 MHz frequentemente leva a interferência de co-canal (CCI) inevitável, o que degrada severamente o desempenho geral da rede.

Além disso, o 802.11ac introduziu 256-QAM (Modulação de Amplitude em Quadratura). Comparado com o 64-QAM usado no 802.11n, o 256-QAM codifica 8 bits por símbolo em vez de 6, resultando num aumento de 33% na eficiência espectral. A desvantagem é a sensibilidade: o 256-QAM requer um ambiente de RF excecionalmente limpo e uma alta Relação Sinal-Ruído (SNR). Na prática, os clientes só atingirão taxas de modulação 256-QAM quando estiverem relativamente próximos do AP e livres de interferências significativas.

Guia de Implementação

Planeamento de Capacidade em vez de Cobertura

O erro arquitetónico mais frequente nas implementações 802.11ac é projetar para cobertura de RF em vez de capacidade de cliente. Embora um único AP possa projetar um sinal utilizável numa grande sala de conferências, não pode suportar a conexão simultânea de 200 dispositivos sem uma grave degradação do desempenho.

Estratégia Acionável: Projete a sua rede com base no número de clientes ativos. Para cargas de trabalho empresariais típicas, vise um máximo de 30-40 clientes ativos por rádio. Em cenários de alta densidade (por exemplo, uma sala de aula universitária), este número deve ser reduzido para 20-25. Isto requer a implementação de mais APs com níveis de potência de transmissão mais baixos para criar microcélulas menores e mais densas.

Alocação Estratégica de Canais

O planeamento eficaz de canais é a base de uma rede estável Rede 802.11ac. Uma vez que o padrão depende fortemente de canais de 80 MHz para um desempenho máximo, o espectro disponível é rapidamente consumido.

Estratégia Acionável:

Realize um levantamento rigoroso do local de RF para identificar fontes de interferência existentes.
Aproveite os canais DFS (Dynamic Frequency Selection). Estes canais (tipicamente UNII-2 e UNII-2 Extended) fornecem significativamente mais espectro, mas exigem que o AP monitorize assinaturas de radar e mude de canal se o radar for detetado. Se o seu local não estiver perto de um aeroporto ou estação meteorológica, os canais DFS são inestimáveis para evitar congestionamento.
Padronize em canais de 40 MHz ou 80 MHz. Evite canais de 160 MHz em implementações multi-AP, a menos que esteja a operar em isolamento de RF completo.

Arquitetura de Segurança e Conformidade

Para implementações empresariais, o WPA2-Enterprise (802.1X/EAP) utilizando encriptação AES-CCMP permanece a linha de base padrão. No entanto, o aumento de ataques sofisticados contra a infraestrutura RADIUS exige uma abordagem reforçada.

Estratégia Acionável: Certifique-se de que os seus servidores RADIUS estão atualizados e configurados para rejeitar protocolos de autenticação legados (como MS-CHAPv1 ou LEAP). Para uma análise abrangente da segurança da infraestrutura de autenticação, consulte o nosso guia sobre Mitigação de Vulnerabilidades RADIUS: Um Guia de Reforço de Segurança .

Ao implementar redes de acesso público, como Guest WiFi em ambientes de Retalho ou Hotelaria , segmente o tráfego em VLANs dedicadas. Implemente o isolamento de clientes para evitar o movimento lateral entre dispositivos de convidados e garanta que o seu Captive Portal cumpre as regulamentações locais de privacidade de dados (por exemplo, GDPR).

Melhores Práticas

A Implementação Dual-Band é Obrigatória: Como o 802.11ac é apenas de 5 GHz, deve implementar APs dual-band (suportando 802.11n em 2.4 GHz) para acomodar dispositivos legados e sensores IoT. Certifique-se de que o band-steering está ativado para direcionar clientes capazes para o espectro de 5 GHz.
Ative 802.11r, 802.11k e 802.11v: Estes protocolos de roaming são críticos para clientes móveis (como telefones VoIP ou leitores de código de barras). Eles facilitam a transição rápida de BSS e fornecem aos clientes relatórios de vizinhança, garantindo transferências contínuas entre APs sem quedas de sessão.
Audite a Potência de Transmissão: Nunca deixe os APs na potência de transmissão 'máxima'. Isso cria problemas de encaminhamento assimétrico onde um cliente pode 'ouvir' o AP, mas o AP não consegue ouvir a transmissão mais fraca da pequena antena do cliente. Ajuste a potência de transmissão do AP à capacidade média dos seus dispositivos cliente (tipicamente 12-15 dBm).

Resolução de Problemas e Mitigação de Riscos

O Problema do 'Cliente Preso'

Sintoma: Um dispositivo permanece conectado a um AP distante com um sinal fraco, mesmo quando um AP mais próximo está disponível, resultando em baixo desempenho para esse utilizador e diminuindo o desempenho geral da célula, pois o AP gasta tempo excessivo de transmissão comunicando a baixas taxas de dados.

Mitigação: Implemente Taxas de Dados Mínimas Obrigatórias. Ao desativar as taxas de dados mais baixas (por exemplo, 1, 2, 5.5 e 11 Mbps em 2.4 GHz; 6 e 9 Mbps em 5 GHz), força os clientes a largar a conexão quando o sinal degrada, levando-os a fazer roaming para um AP mais próximo.

Interferência Co-Canal (CCI)

Sintoma: Alta utilização do canal e baixo débito apesar da forte intensidade do sinal. Isso ocorre quando vários APs no mesmo canal conseguem ouvir-se mutuamente, fazendo com que adiem a transmissão para evitar colisões.

Mitigação: Reduza as larguras dos canais (por exemplo, de 80 MHz para 40 MHz) para aumentar o número de canais não sobrepostos disponíveis. Reduza a potência de transmissão do AP para diminuir o tamanho da célula e minimizar a sobreposição entre APs adjacentes.

ROI e Impacto no Negócio

Para diretores de TI que avaliam a sua infraestrutura, a decisão de manter uma rede 802.11ac versus atualizar para WiFi 6 (802.11ax) ou WiFi 7 deve ser baseada em resultados de negócio mensuráveis, em vez de especificações puramente técnicas.

Se a sua implementação atual consiste em hardware Wave 2 e os seus casos de uso primários envolvem aplicações empresariais padrão e acesso à internet para convidados, uma rede 802.11ac bem otimizada pode suportar confortavelmente as operações por mais 2-3 anos. O ROI neste cenário advém do adiamento de despesas de capital, enquanto utiliza plataformas de análise avançadas como WiFi Analytics para extrair mais valor da infraestrutura existente.

Pelo contrário, se o seu local — como um grande centro de Transporte ou estádio — está a experienciar gargalos consistentes devido à alta densidade de clientes ou requer uma capacidade de uplink significativa, o custo operacional da resolução de problemas e da má experiência do utilizador superará rapidamente o custo de uma atualização. Nestes ambientes específicos de alta densidade, as capacidades OFDMA do WiFi 6 proporcionam um retorno sobre o investimento convincente e imediato.

Termos-Chave e Definições

MU-MIMO (Multi-User Multiple Input Multiple Output)

A technology that allows an access point to transmit data to multiple client devices simultaneously using separate spatial streams.

Critical for improving efficiency in high-density environments like conference centres, though in 802.11ac, this is limited to downlink traffic only.

QAM (Quadrature Amplitude Modulation)

A method of encoding data onto a radio wave. 802.11ac uses 256-QAM, which packs more data into each transmission compared to older standards.

Higher QAM rates require excellent signal quality. If the environment is noisy, devices will fall back to lower modulation rates, reducing throughput.

Spatial Streams

Independent data signals transmitted simultaneously from multiple antennas on the same frequency channel.

More spatial streams mean higher potential throughput. Wave 2 APs typically support four spatial streams (4x4:4).

Beamforming

A signal processing technique used to direct the RF energy toward a specific client device rather than broadcasting it omnidirectionally.

Improves signal strength and range for devices at the edge of the AP's coverage cell, enabling higher data rates.

Co-Channel Interference (CCI)

Interference caused when two or more access points operate on the same frequency channel and can 'hear' each other.

The primary cause of poor performance in dense deployments. Mitigated by careful channel planning and reducing transmit power.

DFS (Dynamic Frequency Selection)

A mechanism that allows WiFi devices to use 5 GHz channels that are shared with radar systems, provided the WiFi device vacates the channel if radar is detected.

Essential for unlocking additional spectrum in the 5 GHz band to support multiple 40 MHz or 80 MHz channels.

Band Steering

A feature that encourages dual-band client devices to connect to the less congested 5 GHz band rather than the crowded 2.4 GHz band.

Crucial for maximising the performance benefits of 802.11ac, as the standard operates exclusively on 5 GHz.

802.11r (Fast BSS Transition)

An IEEE standard that allows a client device to roam quickly and securely from one AP to another without needing to re-authenticate with the RADIUS server.

Vital for environments using WPA2-Enterprise where mobile devices (like VoIP phones) require uninterrupted connectivity while moving.

Estudos de Caso

A 300-room corporate hotel is experiencing widespread complaints regarding WiFi speeds during the evening peak hours (7 PM - 10 PM). The current infrastructure utilises 802.11ac Wave 1 APs deployed in the corridors, configured with 80 MHz channels and maximum transmit power. How should the IT team remediate this?

Redesign AP Placement: Move APs from the corridors into the guest rooms to overcome the attenuation caused by fire doors and en-suite bathrooms.
Adjust Channel Widths: Reduce channel width from 80 MHz to 40 MHz. This doubles the available non-overlapping channels, drastically reducing Co-Channel Interference (CCI) between adjacent rooms.
Optimise Transmit Power: Reduce the AP transmit power from maximum to approximately 12-14 dBm to match typical smartphone transmission capabilities and contain the RF cell within the intended coverage area.
Enable Band Steering: Force 5 GHz-capable devices off the congested 2.4 GHz band.

Notas de Implementação: The original deployment suffered from classic 'coverage-first' design flaws. Corridor placement combined with maximum transmit power and wide channels guarantees severe CCI. By shrinking the cell size and increasing the number of available channels, the network transitions from a high-interference, high-contention state to a stable, high-capacity architecture, despite using older Wave 1 hardware.

A large retail chain is deploying a new fleet of handheld inventory scanners that rely on continuous connection to a central database. Staff report that the scanners frequently disconnect and lose data when moving between aisles. The network is running 802.11ac Wave 2.

Enable Roaming Protocols: Activate 802.11r (Fast BSS Transition) and 802.11k (Radio Resource Measurement) on the WLAN controller.
Implement Minimum Data Rates: Disable legacy data rates (1, 2, 5.5, 11 Mbps) to prevent 'sticky clients' from holding onto distant APs.
Verify Coverage Overlap: Conduct an active survey to ensure a minimum of -67 dBm primary coverage and -70 dBm secondary coverage in all aisles, providing clients with viable roaming targets.

Notas de Implementação: Mobile devices like barcode scanners require seamless handoffs. Without 802.11r/k, the client must perform a full authentication handshake every time it moves to a new AP, causing the session drops reported by staff. Disabling low data rates forces the client to make roaming decisions earlier, preventing the connection from degrading to the point of failure.

Análise de Cenários

Q1. You are designing the WiFi infrastructure for a new university lecture hall that seats 400 students. The university standardises on 802.11ac Wave 2 hardware. Assuming each student brings two devices (a laptop and a smartphone), how should you approach AP placement and channel configuration?

💡 Dica:Consider the maximum client capacity per radio and the availability of non-overlapping channels in the 5 GHz band.

Mostrar Abordagem Recomendada

With 800 potential devices, capacity is the primary constraint. Targeting 30 devices per radio, you require approximately 27 AP radios. To achieve this density without catastrophic Co-Channel Interference (CCI), you must use narrow 20 MHz channels to maximise the number of available non-overlapping channels (including DFS channels). APs should be deployed using directional patch antennas mounted overhead or under-seat to create tightly focused micro-cells, and transmit power must be set to minimum levels.

Q2. A network monitoring dashboard shows that an 802.11ac AP in a busy hospital waiting area is experiencing 80% channel utilisation, yet average throughput per client is less than 2 Mbps. The AP is configured for 80 MHz channels. What is the most likely cause, and what is the immediate remediation?

💡 Dica:High utilisation with low throughput often indicates that the AP is spending excessive time waiting or transmitting at very low data rates.

Mostrar Abordagem Recomendada

The most likely cause is Co-Channel Interference (CCI) combined with clients connecting at the cell edge. The wide 80 MHz channel is likely overlapping with adjacent APs, causing devices to defer transmissions. The immediate remediation is to reduce the channel width to 40 MHz (or even 20 MHz) to find clean spectrum, and to implement Minimum Mandatory Data Rates (disabling rates below 12 Mbps) to force distant 'sticky' clients to roam to closer APs.

Q3. During a security audit, a penetration tester successfully captures a WPA2-Enterprise handshake from your 802.11ac network. What specific configuration on the RADIUS server would prevent this captured handshake from being cracked offline?

💡 Dica:Consider the authentication protocols used within the EAP tunnel.

Mostrar Abordagem Recomendada

The RADIUS server must be configured to enforce EAP-TLS or PEAP-MSCHAPv2, ensuring that legacy, vulnerable protocols like LEAP or unprotected MS-CHAPv1 are explicitly disabled. Furthermore, ensuring that client devices are strictly configured to validate the RADIUS server's digital certificate prevents rogue APs from capturing the handshake in the first place.