Right now, we have ~120 Trapeze APs deployed, with ~100 more sitting in the warehouse waiting to be deployed. And plans to deploy about 1000 more in the next year.
Our goal is 98% wireless coverage, indoor and out. The outdoor will mostly be used by our public safety people, and our staff when it is too nice outside to be locked in a cube. ;) Before we selected Trapeze we went through a couple of iterations of fat APs, and testing of a few different thin APs. On the fat AP side of things, we tested Proxim, Cisco, HP, Foundry, and 3Com. For the first deployment we did, we used Proxim APs. However, the support on the Proxim APs was terrible, and they would crash almost constantly. Before we ripped them down to replace them with Trapeze, we had a script run that rebooted them every night. Some areas on our campus deployed Cisco 1200 APs. Aside from paying a premium for the APs, the Cisco 1200s were solid APs. HP, Foundry, and 3Com are all Accton reference design based APs. The inital versions of the Accton reference design wouldn't allow you to turn off WPA. Since we were using 802.1X before WPA was available, we needed the APs to use WEP. Windows machines had no problem connected to WPA in a mixed mode. (TKIP and WEP) But, the Mac machines did have a problem. After complaining to Apple, the 802.11g cards on the Macs were fixed, but mixed mode on the 802.11b cards is broken. After a few revisions of the code, the HP, Foundry, and 3Com APs actually started to look and act like different APs. IMHO, they all are currently pretty solid APs. Foundry doesn't yet have WPA2 support, but they say it will be out next month. 3Com has a firmware update out for the AP we tested that will allow it to convert to a thin AP. (The 3Com controller is an OEMed Trapeze.) HP has a firmware out there that supports WPA2, but my HP has been having issues so I have not been able to test it. :-/ On the thin AP side of things, we tested Airespace, Trapeze, and Aruba. By the time we got to testing thin AP solutions, we had decided that it was the only way to go. Trying to keep even 100 fat APs operational, with configs in sync was just painful. And then the fat APs broke, you ended up on the top of a ladder with a serial cable, trying to fix it. When we did our tests, there were certain things we were looking for. We wanted to make sure that we had maximum control over the encryption/authentication options. The configuration needed to be sane, and fairly easy for someone to pick up. The APs had to support 802.11a/b/g, multiple SSIDs, mobility. But, the most important thing we wanted out of a vendor was a good close relationship, so that we could get issues resolved quickly and stay on top of new technologies. It also had to be cost effective. With a plan to deploy ~1200 APs, even a few dollars difference in the price of the equipment could result in a fairly large amount of money. When we tested the Aruba gear, we managed to lock ourselves out of it several times. To the point that we had to plug in with a serial cable, and wipe the configuration to get it to work again. During our testing we also crashed their switch several times. It turned out that the reason we were locking ourselves out of the switch is because we weren't going through the steps to set up an AP in the right order. However, even the documentation didn't have things in the right order, and the interface never warned us that we were doing something wrong. As we had fought issues like this with another vendor's fat APs, it soured me pretty quickly. In addition, the Aruba gear seemed to want to be more than just a wireless network device. It handles VPN connectivity, IDS functionality (similar to air defense), switching, routing, etc. In order to support all of those things, you need to build your hardware extra big to do it. This results in higher cost. Having multiple functions like that also make configuration and software more complex. When we tested the Trapeze gear, we found that they didn't have all of the features of the Aruba. However, Trapeze also didn't have the "charge-you-for-every-little-feature" attitude that Aruba did. The Trapeze gear didn't crash when we tested it. There was a learning curve to get over in order to get it fully configured, but once the reasoning for the configuration was explained, it started to make sense. The Trapeze could also broadcast more SSIDs than the Aruba could. And, the APs were *MUCH* better looking that the Aruba APs. (For some buildings on our campus, people are very picky about how things look.) Right as we started looking at Airespace, they were acquired by Cisco. We had been going through a lot of pain with the Perfigo system that we had just purchased, so getting involved in another Cisco acquisition wasn't very exciting. I have always felt that Cisco has a long history of making a mess of companies that it acquires for several years before they start to make progress again. Of the three, Trapeze has the best control over the authentication and encryption settings. Trapeze doesn't make the erroneous assumption that if you enable TKIP you want to do WPA1 and if you enable CCMP you want to do WPA2. Instead, they give you control over each cipher type, and how you want it enabled. So, you could run WPA1 with CCMP and WEP, but not TKIP. To test how willing Trapeze was to work with us, we asked them to add a lock hole to the bottom of the APs so that we could lock them in place in areas where they are likely to disappear. The next revision of the AP had that hole. Based on all of this, we elected to go with Trapeze. After having it for a while, we picked up a copy of their Ringmaster management software. Ringmaster has some warts, but has been getting a little better each revision. If you go with Trapeze, and decide to use Ringmaster, make sure you take the training. Their virtual site survey tool is pretty good, if you know how to operate it correctly. If you combine that with a good physical site survey you end up with good coverage. Overall, I think the Trapeze gear is worth looking at. And I will gladly answer any questions anyone has about the installation, and maintenance of the gear. On Fri, 2006-03-24 at 11:38 -0600, Seth H. Bokelman wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > We're also in the early stages of rolling out the Enterasys version of > the Trapeeze gear, I've configured all of 8 access points so far, but > it's going better than the test did before we purchased it. Several of > the bugs I encountered during our initial test have already been fixed, > and setup has only been a minor pain, most of which was mistakes I made. > > We selected them because they integrated well with our existing > multiple-VLAN & SSID structure. I couldn't get a call back from Meru, > so never got to test them, and Aruba called me back once, then never > followed up as they promised, same with Cisco, surprisingly. > > We also tested the system that Chantry/Siemens makes (also used by > Extreme Networks), and while I liked that setup better, unless I was > doing a forklift upgrade I couldn't choose it. Trying to make it coexist > with our existing 130 Proxim access points was going to be a major pain, > so the Nortel & Enterasys Trapeze-based gear was our final choice. We > wound up opting for Enterasys because that's also who our wired-switch > provider is. > > Nathan Hay wrote: > > I sent out a similar list of questions for Meru earlier in case this > > sounds familiar... > > > > We are looking into using Trapeze for a large wireless deployment. Is > > anyone currently using them? > > > > If you are, here are some questions: > > How stable of a system is it? > > How many APs are you running on a controller? > > > > If you have looked at them and decided on another vendor, what > > influenced your decision? > > > > Thanks, > > > > Nathan > > > > > > Nathan P. Hay > > Network Engineer > > Computer Services > > Cedarville University > > Office: 937-766-6516 > > Email: [EMAIL PROTECTED] > > Web: www.cedarville.edu********** Participation and subscription > > information for this EDUCAUSE Constituent Group discussion list can be > > found at http://www.educause.edu/groups/. > > - -- > Seth H. Bokelman ([EMAIL PROTECTED]) > Systems Administrator > ITS-Network Services, University of Northern Iowa > 15 Curris Business Building, Cedar Falls, Iowa 50614 > Phone: (319) 273-7423 > http://www.sethb.com/ > ICQ#: 6497760 MSN Messenger: [EMAIL PROTECTED] > AOL/AIM: sethb2 Yahoo Messenger: sethbokelman > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFEJC6bOiUz+Af5BIIRAlMiAJ42YT72xQW62lfeFHgMK6UP3FTr/gCgyDBi > v4envPCHA26GJTq8YokCHdo= > =eO7V > -----END PGP SIGNATURE----- > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
