• Fur Affinity Forums are governed by Fur Affinity's Rules and Policies. Links and additional information can be accessed in the Site Information Forum.

Large space wifi suggestions?

DrakkenWulf

Parent Fur
I’m sure someone here has run a con where you had to manage wifi in a large space. Any suggestions to cover the following, as budget as possible?


Criteria: Must cover 60000 Square feet
Public Access on one wifi access (Uniform in all parts of the building)
Private office access wifi (Uniform and accessible in all parts of the building)
Gigabit connection.
We can run hard lines to different parts (already have some.)
Same make and compatibility.
Please Include any other boosters or hardware that may improve said systems.

thanks!
 
I’m sure someone here has run a con where you had to manage wifi in a large space. Any suggestions to cover the following, as budget as possible?


Criteria: Must cover 60000 Square feet
Public Access on one wifi access (Uniform in all parts of the building)
Private office access wifi (Uniform and accessible in all parts of the building)
Gigabit connection.
We can run hard lines to different parts (already have some.)
Same make and compatibility.
Please Include any other boosters or hardware that may improve said systems.

thanks!

I've never been to a con, let alone manage part of one, but I do have two certifications in wifi from the Wifi Alliance, but without a site survey, I can only suggest some general considerations.

How many attendees are you expecting at peak?
You're probably going to want a LOT of access points (enterprise grade) close together and at very low power. Figure each AP can support 30 clients at a time. Stagger your channels and I would limit them to 20 MHz in size for both the 2.4 and 5 GHz bands. Forget the boosters, they are garbage. Any modern AP should support the 802.11r standard for roaming so as your clients move through the space, they will maintain connectivity. Use the same make/model devices and give them the latest firmware.

You're going to need to power those APs so make sure your switches can provide enough juice. Be aware there are two standards for Power over ethernet (that provide different power levels) and some APs may not work at all if they don't get enough power, while others will work, but may automatically disable some radios or functionality if they don't get enough.

With a lot of APs, you're probably want to go with a wireless controller so you can configure the settings you want and let it push out the configs. Many controllers have the ability to manage the wifi traffic and adjust the APs settings automatically if needed.

The Ubiquity (Unify Networks) devices are nice, easy to use and pretty inexpensive, but they don't provide tech support.
We usually deploy Extreme Networks hardware or SonicWave/SonicPoints (if they have a Sonicwall already). Support for both is good.
I find the Cisco hardware a little less intuitive but their support is really good.

I suggest NOT making the network open, even for guests. Enable WPA2 security and give out a long passphrase so the data moving across the network is at least encrypted. I also suggest enabling the captive portal feature so guests must agree to the rules of use for liability purposes.
 

Raever

Chaotic Neutral Wreckage
I suggest NOT making the network open, even for guests. Enable WPA2 security and give out a long passphrase so the data moving across the network is at least encrypted. I also suggest enabling the captive portal feature so guests must agree to the rules of use for liability purposes.

Handing out the passphrase after payment versus before payment, and ensuring that it comes with a ticket purchase or something, in order to prevent people who aren't guests from accessing and bogging down the channel might be a good choice as well. I'm not tech-savvy enough to provide a how-to on that, but Marius reminded me of the general wifi protection goals and that wound up coming to mind. A lot of animecons do this.
 
You can probably assume that by the time a handful of guests have the passphrase, they will start sharing it, but the primary concern is that the traffic is encrypted.

If the network is open, anyone can download a free network analyzer, stand in the middle of the space, and potentially start collecting usernames and passwords or credit card information that any one sends over the network in clear text.

Never use WEP which can be cracked in a few minutes.
Don't use WPA because it's still unsecure. This is for legacy hardware only.
WPA2 is fine.
WPA3 might not be supported by everyone's client in the public space.
802.1X is more for corporate networks where you use a domain username/password to access the network.

Not sure if you'll be handling the backend network administration, too, but I also strongly suggest that the guests' wifi network has it's own subnet and VLAN. Using a virtual LAN means the guests will not be able to access or even see any of the internal network infrastructure which would be a massive security hole.
 
Top