Voice over Wireless LAN 4.1 Design Guide
Deploying and Operating a Secure Voice over Wireless LAN Solution with Cisco Lifecycle Services
Downloads: This chapterpdf (PDF - 471.0KB) The complete bookPDF (PDF - 14.12MB) | Feedback

Deploying and Operating a Secure Voice over Wireless LAN Solution with Cisco Lifecycle Services

Table Of Contents

Deploying and Operating a Secure Voice over Wireless LAN Solution with Cisco Lifecycle Services

The Cisco Lifecycle Services Approach

Lifecycle Services Methodology—Prepare Phase

Wireless LAN Business Requirements Development

Wireless LAN Technical Requirements Development

Wireless LAN Operations Technology Strategy Development

Wireless LAN High Level Design Development

Lifecycle Services Methodology—Plan Phase

Wireless LAN Deployment Project Management

Architecture Review and Assessment

Wireless LAN Operations Readiness Assessment

IP Communications over Wireless LAN Assessment

Wireless Security Posture Assessment

Lifecycle Services Methodology—Design Phase

Wireless LAN Staff Plan Development

Wireless Security Design Development

Wireless LAN Detailed Design Development

Wireless LAN Detailed Design Validation

Wireless LAN Operations Design Development

Wireless LAN Staging Plan Development

Wireless LAN Implementation Plan Development

Wireless LAN Operations Implementation Plan Development

Wireless LAN Acceptance Test Plan Development

Wireless LAN Migration Plan Development

Wireless LAN Site Readiness Assessment (RF Site Survey)

Security Implementation Plan Development

Lifecycle Services Methodology—Implement Phase

Cisco Security Agent Implementation

Security Implementation Engineering

Security Network Admission Control Implementation

Wireless LAN Staging

Wireless Control System Implementation

Wireless LAN Controller Implementation

Wireless LAN Operations Implementation

Wireless LAN Migration

Staff Training

Wireless LAN Acceptance Test and Network Deployment Verification Audit

Lifecycle Services Methodology—Operate Phase

Wireless LAN Systems Monitoring

Wireless LAN Incident Management

Wireless LAN Problem Management

Wireless LAN Change Management

Wireless LAN Configuration Management

Wireless LAN Supplier Management

Wireless LAN Security Administration

Lifecycle Services Methodology—Optimize Phase

Wireless LAN Business Requirements Alignment

Wireless LAN Technology Assessment

Wireless LAN Operations Assessment

Wireless Security Assessment


Deploying and Operating a Secure Voice over Wireless LAN Solution with Cisco Lifecycle Services


To gain full advantage of converged mobile applications requires blending wired and wireless systems within an infrastructure that is continuously reliable, highly available, and scalable. Wireless network users expect the same level of secure connectivity, reliability, and performance for Voice over Wireless LAN applications as they experience with a wired environment.

Companies aim to design, build, and operate a voice system that is secure, yet highly available to designated users, and that offers the lowest possible total cost of ownership.

The Cisco Lifecycle Services Approach

The Cisco Lifecycle Services approach defines the minimum set of activities needed, by technology and by network complexity, to help you successfully deploy and operate Cisco Wireless LAN solutions and optimize their performance throughout the lifecycle of your network.

Figure A-1 illustrates the general Cisco Lifecycle Services methodology.

Figure A-1 Lifecycle Services Methodology

This approach is based on proven methodologies for planning, designing, implementing, operating, and optimizing the performance of a variety of secure voice and data wireless network solutions and technologies. It creates a framework for defining services that is independent of who performs the service activities—Cisco, partners, or customers themselves—enabling multiple parties to provide the support needed in a coordinated manner. Table A-1 summarizes the lifecycle methodology components summarized in the sections that follow. Each listed recommended activity links to a brief description.


Note Cisco and our Wireless LAN Specialized Partners offer a broad portfolio of end-to-end services based on proven methodologies for deploying and operating a variety of secure voice and data wireless network solutions and technologies. For more information, please see http://www.cisco.com/en/US/products/ps8306/serv_home.html.


Table A-1 Lifecycle Methodology for Cisco Voice over Wireless LAN Solutions 

General Tasks
Specific Recommended Activity
Prepare

Wireless LAN Business Requirements Development
Wireless LAN Technical Requirements Development
Wireless LAN Operations Technology Strategy Development
Wireless LAN High Level Design Development

Plan

Wireless LAN Deployment Project Management
Architecture Review and Assessment
Wireless LAN Operations Readiness Assessment
IP Communications over Wireless LAN Assessment
Wireless Security Posture Assessment

Design

Wireless LAN Staff Plan Development
Wireless Security Design Development
Wireless LAN Detailed Design Development
Wireless LAN Detailed Design Validation
Wireless LAN Operations Design Development
Wireless LAN Staging Plan Development
Wireless LAN Implementation Plan Development
Wireless LAN Operations Implementation Plan Development
Wireless LAN Acceptance Test Plan Development
Wireless LAN Migration Plan Development
Wireless LAN Site Readiness Assessment (RF Site Survey)
Security Implementation Plan Development

Implement

Cisco Security Agent Implementation
Security Implementation Engineering
Security Network Admission Control Implementation
Wireless LAN Staging
Wireless Control System Implementation
Wireless LAN Controller Implementation
Wireless LAN Operations Implementation
Wireless LAN Migration
Staff Training
Wireless LAN Acceptance Test and Network Deployment Verification Audit

Operate

Wireless LAN Systems Monitoring
Wireless LAN Incident Management
Wireless LAN Problem Management
Wireless LAN Change Management
Wireless LAN Configuration Management
Wireless LAN Supplier Management
Wireless LAN Security Administration

Optimize

Wireless LAN Business Requirements Alignment
Wireless LAN Technology Assessment
Wireless LAN Operations Assessment
Wireless Security Assessment


Lifecycle Services Methodology—Prepare Phase

In the prepare phase, a company determines a business case and financial rationale to support wireless LAN solution adoption. By carefully anticipating future needs and developing both a technology strategy and a high-level architecture to meet those needs, your business is better equipped to contain costs during deployment and operations.

Cisco recommends the following activities to support successful deployment:

Wireless LAN Business Requirements Development

Wireless LAN Technical Requirements Development

Wireless LAN Operations Technology Strategy Development

Wireless LAN High Level Design Development

These activities are described briefly in the sections that follow.

Wireless LAN Business Requirements Development

Assess and document the business requirements for end-user voice over wireless LAN service delivery that support the technology investment.

Why: Make sound financial decisions by developing a business case that establishes the financial justification for making a technology change.

Wireless LAN Technical Requirements Development

Analyze your business and voice over wireless LAN service requirements and identify the Cisco advanced technologies that support them. Document a technology strategy.

Why: Improve efficiency throughout the solution lifecycle by aligning your technology strategy to your business goals.

Wireless LAN Operations Technology Strategy Development

Create an operational strategy that defines the people, processes, and tools required to support the operations and management of the technology solution.

Why: Achieve business goals by aligning your operations strategy with your business and technical voice over wireless LAN requirements.

Wireless LAN High Level Design Development

Create a high-level conceptual architecture of your proposed voice over wireless LAN solution that addresses business and technical requirements and creates the foundation for wireless LAN solution deployment. Include specifications for availability, capacity, and security to meet service requirements.

Why: Reduce rework during the design phase by identifying and validating required technologies and features early in the wireless LAN solution lifecycle.

Lifecycle Services Methodology—Plan Phase

Successful wireless LAN deployment depends on an accurate assessment of your company's network, security state, and overall readiness to support the proposed solution. In the plan phase, a company ascertains whether it has adequate resources to manage a technology deployment project to completion. To evaluate and improve network security, a company tests for vulnerability to intruders and outside networks.

Cisco recommends the following activities to support successful deployment:

Wireless LAN Deployment Project Management

Architecture Review and Assessment

Wireless LAN Operations Readiness Assessment

IP Communications over Wireless LAN Assessment

Wireless Security Posture Assessment

Wireless Security Design Review

These activities are described briefly in the sections that follow.

Wireless LAN Deployment Project Management

Provide for one or more project managers or program managers to manage the planning, design, and implementation of your deployment project. Develop and implement a project management plan, manage information and resources, and control change.

Why: Reduce risks and resolve problems quickly by using proven project management methodologies and risk mitigation strategies.

Architecture Review and Assessment

Prepare for your technology solution deployment by assessing the readiness of your existing system infrastructure to support a new technology. Analyze the physical and logical configuration of the network, systems availability, systems capacity, quality of service, systems resiliency, security, and integration with existing platforms. Identify network and application modifications that should be made prior to implementation. Prepare for your technology solution deployment with a comprehensive site assessment that evaluates the readiness of your current facilities infrastructure to support the new technology. Identify any physical, environmental, and electrical modifications that should be made prior to implementation.

Why: Reduce deployment costs by analyzing gaps early in the planning process to determine what is needed to support the solution and to improve productivity by identifying and resolving gaps in service-level requirements associated with availability, capacity, and security specifications.

Wireless LAN Operations Readiness Assessment

Prepare for your wireless LAN solution deployment with a comprehensive operations assessment that evaluates the readiness of your current operations and network management infrastructure to support the new technology. Identify any changes to people, processes, and tools that should be made prior to implementation.

Why: Effectively plan and budget for your wireless LAN technology expenditures by gauging your operational preparedness and ability to support current and planned applications and services. Reduce network operations costs by identifying the operational changes required to support the operation and management of the technology solution.

IP Communications over Wireless LAN Assessment

Understand the readiness of the existing wireless LAN to support their proposed IP communications applications, and how migrating the proposed IP communications application may affect the existing wireless LAN / Wired LAN. Assess the readiness of your existing wireless LAN to support your proposed IP communications applications. Appraise the potential effects of migration on the interoperability between the proposed IP communications application and your existing wireless LAN and wired LAN. Review building blueprints and coverage requirements, potential interference sources, noise floor, signal strength, and more.

Why: Avoid costly and disruptive design changes during the implementation phase through early planning of design changes to accommodate IP communications over wireless LAN.

Wireless Security Posture Assessment

Protect your network from inside and outside intruders by assessing system, application, and network device vulnerabilities. Safely simulate activities typical of attacks on your network, without affecting your network. Recommend changes that should be made to the network to help prevent security breaches and reduce risk of attack.

Why: Mitigate network security threats by limiting their ability to do damage. Improve the overall security state of the corporate trusted network and the systems and information within it by identifying changes to address vulnerabilities.

Lifecycle Services Methodology—Design Phase

Developing a detailed design is essential to reducing risk, delays, and the total cost of your wireless LAN deployment. A design aligned with business goals and technical requirements can improve network performance while supporting high availability, reliability, security, and scalability. Day-to-day operations and network management processes need to be anticipated, and, when necessary, custom applications are created to integrate new systems into existing infrastructure. The design phase can also guide and accelerate successful implementation with plans to stage, configure, test, and validate network operations.

Cisco recommends the following activities:

Wireless LAN Staff Plan Development

Wireless Security Design Development

Wireless LAN Detailed Design Development

Wireless LAN Detailed Design Validation

Wireless LAN Operations Design Development

Wireless LAN Staging Plan Development

Wireless LAN Implementation Plan Development

Wireless LAN Operations Implementation Plan Development

Wireless LAN Acceptance Test Plan Development

Wireless LAN Migration Plan Development

Wireless LAN Site Readiness Assessment (RF Site Survey)

Security Implementation Plan Development

These activities are described briefly in the sections that follow.

Wireless LAN Staff Plan Development

Prepare your staff for wireless LAN solution deployment by using conventional instructional design methodologies to create a staff plan. Determine the technical activities and tasks required to support the voice over wireless solution, measure the ability of functional groups to perform those tasks, and develop a curriculum plan to address skill and knowledge gaps.

Why: Reduce ongoing operating costs by identifying proficiency issues that could affect staff productivity and performance.

Wireless Security Design Development

Develop an in-depth, implementation-ready detailed design for your wireless LAN security solution. Take into consideration your defined business requirements and the associated performance, availability, resiliency, maintainability, resource-capacity, and security criteria used to measure and confirm the delivery of the required services.

Why: Implement advanced security and intrusion detection devices and strategies effectively to keep data private and secure and lower your total cost of ownership.

Wireless LAN Detailed Design Development

Develop an in-depth, implementation-ready detailed design for your wireless LAN solution. Derive the design from availability, capacity, reliability, security, scalability, and performance specifications that align with your business and technical voice over wireless requirements.

Why: Reduce expensive, time-consuming network redesign by creating a well-engineered design early in the network lifecycle.

Wireless LAN Detailed Design Validation

Validate that your detailed design meets your business and technical voice over wireless requirements with an in-depth, detailed test plan and support for test implementation. Include testing of features, functionality, compatibility, and software applications.

Why: Accelerate wireless LAN solution adoption by validating that your design meets end-user service delivery goals.

Wireless LAN Operations Design Development

Prepare your current operations and network management infrastructure to support the new technology with a detailed design of the operations and network management processes and tools for your wireless LAN solution.

Why: Speed migration of the new voice over wireless LAN solution by improving operations preparedness.

Wireless LAN Staging Plan Development

Develop a step-by-step plan for staging the configuration, implementation, and connectivity testing of the voice over wireless LAN solution in a controlled environment that emulates, but does not affect, your production network.

Why: Reduce delays and other problems during staging with a detailed plan that addresses staging requirements including physical, electrical, and environmental conditions on the site; network hardware and software; and third-party devices.

Wireless LAN Implementation Plan Development

Develop a detailed, site-specific plan for implementing your voice over wireless LAN solution. Define the activities, configurations, and commissioning test plans required to deploy and commission the technology.

Why: Reduce delays, rework, and other problems during implementation by creating a detailed implementation plan and by accurately estimating the time and resources required to implement the new system or solution.

Wireless LAN Operations Implementation Plan Development

Develop an operations implementation plan detailing the tasks needed to deploy and commission the operations and network management system for your voice over wireless LAN solution to be deployed. Include scheduling of priorities, resources, and responsibilities.

Why: Reduce delays, disruption, and other problems by accurately estimating the time and resources required to implement new operations and network management systems.

Wireless LAN Acceptance Test Plan Development

Develop a test plan that can be used to demonstrate that the voice over wireless LAN solution to be deployed meets operational, functional, and interface requirements at implementation.

Wireless LAN Migration Plan Development

Develop a step-by-step plan for migrating your existing wireless network and associated mobility services to the proposed secure wireless LAN solution.

Why: Improve the speed and efficiency of the migration by developing a plan that covers the steps necessary to migrate from the existing state to a future state while continuing to minimize the risk and disruption to critical production systems and applications.

Wireless LAN Site Readiness Assessment (RF Site Survey)

Gauge the ability of your environment to allow secure wireless LAN access in the desired coverage area. Assess your current state and future needs so you can make informed decisions about how to build your wireless network architecture.

Why: Obtain the best performance out of your voice over wireless LAN solution by placing access points in optimal locations and reduce the interference caused by other radio emitters to a minimum.

Security Implementation Plan Development

Develop a step-by-step staging plan detailing the Cisco Security Agent installation and service-commission requirement tasks to be staged in a controlled implementation environment that emulates your network.

Why: Reduce delays and other problems during staging with a detailed plan that addresses staging requirements including physical, electrical, and environmental conditions on the site; network hardware and software; and third-party devices.

Lifecycle Services Methodology—Implement Phase

A network is essential to any successful organization, and it must deliver vital services without disruption. In the implement phase, a company works to integrate devices and new capabilities in accordance with the design-without compromising network availability or performance. After identifying and resolving potential problems, the company can speed return on investment with an efficient migration and successful implementation.

Cisco recommends the following activities to support successful deployment:

Cisco Security Agent Implementation

Security Implementation Engineering

Security Network Admission Control Implementation

Wireless LAN Staging

Wireless Control System Implementation

Wireless LAN Controller Implementation

Wireless LAN Operations Implementation

Wireless LAN Migration

Staff Training

Acceptance Test and Network Deployment Verification Audit

These activities are described briefly in the sections that follow.

Cisco Security Agent Implementation

Install, configure, and integrate Cisco Security Agent solution components in a production environment.

Why: Successfully deploy the new technology solution by following an in-depth, detailed implementation process based on leading practices.

Security Implementation Engineering

Develop security design specifications in accordance with your security policies detailing the security design topology, feature configuration, and policy implementation contains the detailed security design of the systems, including network diagrams and sample software configurations for protocols, policies, and features taking you through the initial development process, testing processes, deployment phases as well as integration, management, and the optimization processes.

Why: More effectively mitigate network security threats by using a sound implementation methodology to deploy a new security solution that will reduce your operating costs and total cost of ownership by helping to ensure consistent deployment of security policies.

Security Network Admission Control Implementation

Install, configure, and integrate Network Admission Control components as specified in your implementation plan. Complete predefined test cases.

Why: Successfully deploy the Network Admission Control components by following an in-depth, detailed implementation process based on leading practices.

Wireless LAN Staging

Stage and test your voice over wireless LAN solution in a controlled environment that does not affect your live network, as outlined in your predefined staging plan.

Why: Staging can help you to improve efficiency and reduce costly delays and rework during implementation by identifying and resolving issues.

Wireless Control System Implementation

Install/upgrade WCS and then configure the WCS software to support for the customer wireless requirements. Wireless LAN controllers will be configured in WCS along with policy provisioning, network optimization, security monitoring, and customized fault settings

Why: Realize the business and technical goals of your new system in accordance with recommendations made in the earlier phases of the lifecycle to monitor and configure the entire wireless LAN solution from a centralized appliance.

Wireless LAN Controller Implementation

Install and configure the wireless LAN controller and access points to be assigned to the required Controller according to the wireless LAN detailed design. Configure the security policy including IEEE 802.1X (or VPN) authentication to the RADIUS server and backend database will be configured along with mobility management including L2/L3 roaming (if required), RF network optimization, including RF interference detection, TX power and channel optimization, security monitoring, including rogue AP detection/containment, and intrusion detection, QOS settings, load balancing, policy provisioning, and customize fault settings.

Why: Successfully deploy the new voice over wireless LAN solution by following an in-depth, detailed implementation process based on leading practices.

Wireless LAN Operations Implementation

Install, configure, test, and commission the wireless LAN operations and network management system you are deploying in accordance with your operations implementation plan.

Why: Reduce network operating expenses by improving the efficiency of operations processes and tools.

Wireless LAN Migration

Migrate your existing network services for the solution you are deploying as specified in your migration plan. Include equipment, interfaces, applications, services, and hardware platforms.

Why: Reduce risks such as downtime, delays, and the need for rework by following a thorough, detailed implementation process based on leading practices.

Staff Training

Manage and implement the staff development plan for your deployment or operations teams. Includes scheduling classes, creating the enrollment process, providing course materials, and managing training vendors. Can include delivery of workshops or instructor-led training classes with hands-on lab exercises, e-learning, mentoring, materials for self-paced study, and leading-practice documentation.

Why: Increase overall productivity and reduce ongoing wireless LAN solution operating costs through training designed to close the skill gaps that were identified in developing your staff plan.

Wireless LAN Acceptance Test and Network Deployment Verification Audit

Perform systems-level acceptance testing by performing a survey of the RF environment for coverage, interference, and general performance of your wireless LAN solution to objectively measure operability and functionality of the system you are deploying to verify that it meets your business and technical requirements and is ready for production.

Why: Systems acceptance testing help you speed the migration process; accelerate return on investment; and reduce unnecessary risk, including disruption, delays, rework, and other problems.

Lifecycle Services Methodology—Operate Phase

Network operations represent a significant portion of IT budgets, so it's important to be able to reduce operating expenses while continually enhancing performance. Throughout the operate phase, a company proactively monitors the health and vital signs of the network to improve service quality; reduce disruptions; mitigate outages; and maintain high availability, reliability, and security. By providing an efficient framework and operational tools to respond to problems, a company can avoid costly downtime and business interruption. Expert operations also allow an organization to accommodate upgrades, moves, additions, and changes while effectively reducing operating costs.

Cisco recommends implementing the following processes to support successful operations:

Wireless LAN Systems Monitoring

Wireless LAN Incident Management

Wireless LAN Problem Management

Wireless LAN Change Management

Wireless LAN Configuration Management

Wireless LAN Supplier Management

Wireless LAN Security Administration

These activities are described briefly in the sections that follow.

Wireless LAN Systems Monitoring

Monitor, manage, and report on service-level metrics and abnormal events or trends that might adversely affect the availability, capacity, performance, and security of your wireless LAN solution.

Why: Improve service quality and reduce disruptions and outages by proactively monitoring system health.

Wireless LAN Incident Management

Manage and resolve real-time incidents with wireless LAN solution components using an incident management process that creates and maintains a report of the status of an incident from isolation to closure.

Why: Restore normal service operation quickly by providing an in-depth incident management process that includes case management, investigation, and diagnosis; hardware and software replacement or updates; and service restoration, testing, and verification.

Wireless LAN Problem Management

Manage and resolve recurring incidents using an in-depth problem management process that analyzes incident trends to identify patterns and systemic conditions.

Why: Reduce the risk of downtime and increase network and/or application availability, reliability, and stability by analyzing the root cause of recurring wireless LAN incidents and rectifying underlying problems through hardware and software support.

Wireless LAN Change Management

Standardize methods and procedures for authorizing, documenting, and performing wireless LAN solution changes.

Why: Reduce operating costs and limit change-related incidents by providing a consistent and efficient change management process.

Wireless LAN Configuration Management

Obtain an accurate, real-time logical model of your wireless LAN solution hardware, software, and applications by using an efficient, reliable process for tracking components and component interrelationships. Identify, control, monitor, maintain, change, and verify versions of individual and interrelated solution components.

Why: Improve operational efficiency by maintaining an accurate, reliable solution configuration database and managing configuration changes through an orderly, effective process.

Wireless LAN Supplier Management

Facilitate the efficient delivery of networking products and services by hardware and software vendors through management of fulfillment, assurance, and financial processes.

Why: Increase operational productivity by aligning supplier processes and tools with your organizational requirements.

Wireless LAN Security Administration

Protect the confidentiality, integrity, and availability of information on the wireless LAN network using a thorough security administration process. Manage security incidents, identify and address vulnerabilities, and secure the delivery of content.

Why: Reduce the risk of wireless LAN network disruptions by proactively identifying security breaches and defining a remediation plan.

Lifecycle Services Methodology—Optimize Phase

A good business never stops looking for a competitive advantage. That is why continuous improvement is a mainstay of the wireless LAN solution lifecycle. In the optimize phase, a company is continually looking for ways to achieve operational excellence through improved performance, expanded services, and periodic reassessments of network value. Have business goals or technical requirements changed? Is a new capability or enhanced performance recommended? As an organization looks to optimize its wireless network and prepares to adapt to changing needs, the lifecycle begins anew-continually evolving the network and improving results.

Cisco recommends the following activities:

Wireless LAN Business Requirements Alignment

Wireless LAN Technology Assessment

Wireless LAN Operations Assessment

Wireless Security Assessment

These activities are described briefly in the sections that follow.

Wireless LAN Business Requirements Alignment

Evaluate how successfully your voice over wireless LAN solution is meeting the requirements established in your business requirements assessment. Analyze data on operational and capital costs, return on investment, and other related factors.

Why: Help realize your voice over wireless LAN investment goals by making recommendations to remediate gaps in solution performance relative to your objectives and requirements.

Wireless LAN Technology Assessment

Improve the performance, availability, capacity, and security of your voice over wireless LAN solution by assessing system performance and software configurations and recommending changes.

Why: Improve network performance, availability, capacity, and security by assessing a particular system and recommending improvements.

Wireless LAN Operations Assessment

Improve the performance and functionality of the operations and network management environment supporting your voice over wireless LAN solution by assessing it and recommending changes.

Why: Help reduce solution operating expenses and improve solution operational productivity, performance, and functionality by assessing your operations and network management environment and recommending changes.

Wireless Security Assessment

Assess network security system performance. Measure your security systems for trends and exceptions related to security policy and procedures and user access. Audit intrusion-detection data. Make recommendations for improvement.

Why: Improve the security of your company's information assets and your company's ability to mitigate intrusion attempts.

Cisco and our Wireless LAN Specialized Partners offer a broad portfolio of end-to-end services based on proven methodologies for deploying and operating a variety of secure voice and data wireless network solutions and technologies. For more information, please see http://www.cisco.com/en/US/products/ps8306/serv_home.html.