Four WiFi design tips for smart buildings

​In order to achieve connectivity, performance, and security, smart building network planners must be careful when planning their wireless architecture.

Owners and operators seeking to deploy wireless IoT devices and sensors in their properties want to pay close attention to their needs from the perspective of WiFi connectivity, performance, and security. As the number of wireless devices, types, and use cases continues to increase, the weaknesses of the existing WiFi deployment architecture are exposed. Let's take a look at four ways to support WiFi deployment in modern smart buildings to better support the growing wireless needs of today's smart buildings.

 

1. Truly comprehensive coverage

Early deployments of built-in WiFi were mainly concentrated in areas where occupants tended to gather. Public places include lobbies, meeting rooms and other shared spaces. In many cases, many parts of a building may have been excluded from wireless coverage because the likelihood of someone needing a network connection in these locations is low.

 

However, due to the widespread use of wireless IoT sensors and the widespread use of facilities equipped with mobile devices, physical security and other building management teams now require complete global coverage and extend to outdoor areas. This includes previously excluded locations such as elevator shafts, maintenance rooms, roofs, and parking lots.

2. Wiring, PoE and multi-gigabit switching

From a physical layer perspective, twisted-pair cabling may need to be upgraded to take full advantage of modern WiFi 6 and 6E technologies. Category 5e cabling is still common in buildings more than 10 years old. When using Cat 5e cabling to connect WiFi 6 and 6E access points (APs) to the switch, the transmission and reception speed on the cabling can reach up to 1 Gbit/sec.

 

However, the bandwidth capacity of the latest generation of wireless APs may exceed 1 Gbit/sec. In order to get the maximum performance from the new WiFi deployment, the cabling should be upgraded to category 6A or higher cabling. This allows the switch to be upgraded to a switch using multi-gigabit Ethernet technology, which transfers data from the AP to the wired LAN at 2.5 or 5 Gbits/sec. This eliminates potential network bandwidth bottlenecks that can negatively affect overall network performance.

 

In addition, as Power over Ethernet (PoE) devices become more complex, they often require more power to operate. Older twisted-pair cables were not designed to provide more than 30 watts of maximum power over a distance of 100 meters. However, many of the latest WiFi APs, ultra-high-definition (UHD) surveillance cameras, and certain IoT sensors require up to 90 watts of PoE transmission. Therefore, be sure to evaluate your existing wiring to ensure that it can support the PoE requirements of each connected device. If not, a new cable must be pulled out to ensure safe transmission of power at a higher wattage.

3. Antenna selection

Depending on the internal or external environment of the building or campus, such as standard office spaces, atriums, maintenance/engineering floors, parking lots or outdoor public areas, choosing the right WiFi antenna is an important consideration. Most enterprise-level APs can buy built-in antennas or BNC connectors to connect to the antenna of your choice. WiFi access points with built-in antennas are designed for typical office space deployments, including physical obstacles such as dry walls, partition barriers, office-grade doors, and glass. For areas containing concrete or plaster walls, large metal machines, or WiFi signals that must propagate in a specific direction, antenna styles such as Yagi, panel, and parabola may be better choices for coverage and performance.

 

4. Secure micro-segmentation

Strict WiFi access control must be implemented to specify which devices on the wireless network can communicate with other devices. Low-cost wireless IoT devices and sensors are notorious for having outdated and insecure firmware. The micro-segmentation in many wireless LAN architectures addresses this risk by identifying specific devices/sensors and dynamically applying security access policies to these devices. If a malware outbreak occurs, the infected devices in this segment will be isolated to a small part of the entire network, thereby limiting the ability of malware to spread.

About the author: As a well-respected network architect and trusted IT consultant, with connections around the world, Andrew Froehlich has more than 20 years of experience and has multiple industry certifications in the field of enterprise networking. Andrew is the founder and president of West Gate Networks in Colorado, a company specializing in enterprise network architecture and data center expansion. He is also the founder of InfraMomentum, an enterprise IT research and analysis company. As the author of two Cisco certification study guides published by Sybex, he regularly writes articles for multiple enterprise IT-related websites and industry journals to gain insights into the rapidly changing development of the IT industry