Wireless Networks in Small Spaces

Recently, I helped a friend set up a wireless network for his small business. The offices are located in a converted factory building that's divided into separate office spaces. The office spaces are large and airy, with few walls except those that define the offices. The physical setup creates very little interference problems for the half–dozen workstations that reside within my friend's business's 3000-square-foot space.

However, problems began to arise when I started to configure the client computers. Every other business in the building was running a wireless network, and each of these networks was visible on the other networks and completely unprotected. At one point, I saw no less than seven other wireless networks from the network I was setting up. I had to explain to my friend that not only did his business need the firewall we'd already set up to protect his network from external attacks, but for the security of his data, given the vulnerability of Wireless Application Protocol (WAP) networks, he'd also need to put some internal safeguards into place. Fortunately, I'd already pretty well convinced him that even in his small environment he could do everything he needed with Microsoft Small Business Server (SBS) 2003. He uses a local Value Added Reseller (VAR) who configures and supports SBS, which relieves the vast majority of any potential IT-related headaches. Using SBS also meant that my friend would be using Active Directory (AD) and would have the internal network security that AD provides.

But the immediate major problem that plagued us wasn't the potential security concern. The problem was that the other networks in the office building appeared and disappeared on my friend's network. In addition, all of his staff used notebook computers that they took home at night to use on their unsecured home wireless networks. These users had just enough knowledge of how Windows XP wireless networking works to access the other networks when they were in the office. The kicker was that the default behavior of XP encouraged these users to make connections to the other networks, in the following way. As each external network popped up on my friend's network, his users would receive an alert that a new wireless network was available. When one of these users checked on the network by clicking View Available Wireless Networks, the user would receive a message that the network isn't secure, with the option to connect to it anyway. If a curious user selected the box to allow connection, the network moved to the top of the preferred network connection list, meaning that the user's system would connect to that network before checking on any other network's availability and would do so every time the network was available.

Because of this situation, users started complaining that they couldn't access applications on their network. They shouldn't have been surprised, because they weren't connected to their network. Because Internet-based activities weren't adversely affected in this situation, users didn't notice that they weren't connected to their network until they needed something from their local server or a shared printer.

The easiest solution turned out to be configuring each of the clients manually so that my friend's network was at the top of the preferred networks list. Then, I took some time to knock on a few doors. The other businesses in the building with wireless networks were thrilled when I stopped by to give them the 5-minute course on using XP's tools for securing their networks. Keeping wireless networks independent from one another in a limited space is a difficult task for the nontechnical user to master. Given that my friend's six-employee business is the largest in the building (which caters to arts-and-crafts businesses), the lack of technical know-how in the building didn't surprise me.

I had a brief conversation with the building owner, who told me he was planning a number of similar factory building conversions. After I explained to him the technical problems I was resolving for his tenants, he realized that he could offer wireless networking as part of the package he sells to his tenants. His company already had a small IT staff, and he saw that he could generate some additional revenue by taking advantage of the staff's skills. For IT, directly generating revenue is no small accomplishment.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.