Right now, we have ~120 Trapeze APs deployed, with ~100 more sitting in
the warehouse waiting to be deployed.  And plans to deploy about 1000
more in the next year. 

Our goal is 98% wireless coverage, indoor and out.  The outdoor will
mostly be used by our public safety people, and our staff when it is too
nice outside to be locked in a cube. ;)

Before we selected Trapeze we went through a couple of iterations of fat
APs, and testing of a few different thin APs.

On the fat AP side of things, we tested Proxim, Cisco, HP, Foundry, and
3Com.  

For the first deployment we did, we used Proxim APs.  However, the
support on the Proxim APs was terrible, and they would crash almost
constantly.  Before we ripped them down to replace them with Trapeze, we
had a script run that rebooted them every night.

Some areas on our campus deployed Cisco 1200 APs.  Aside from paying a
premium for the APs, the Cisco 1200s were solid APs.

HP, Foundry, and 3Com are all Accton reference design based APs.  The
inital versions of the Accton reference design wouldn't allow you to
turn off WPA.  Since we were using 802.1X before WPA was available, we
needed the APs to use WEP.  Windows machines had no problem connected to
WPA in a mixed mode.  (TKIP and WEP)  But, the Mac machines did have a
problem.  After complaining to Apple, the 802.11g cards on the Macs were
fixed, but mixed mode on the 802.11b cards is broken.  

After a few revisions of the code, the HP, Foundry, and 3Com APs
actually started to look and act like different APs.  IMHO, they all are
currently pretty solid APs.  Foundry doesn't yet have WPA2 support, but
they say it will be out next month.  3Com has a firmware update out for
the AP we tested that will allow it to convert to a thin AP.  (The 3Com
controller is an OEMed Trapeze.)  HP has a firmware out there that
supports WPA2, but my HP has been having issues so I have not been able
to test it. :-/


On the thin AP side of things, we tested Airespace, Trapeze, and Aruba.
By the time we got to testing thin AP solutions, we had decided that it
was the only way to go.  Trying to keep even 100 fat APs operational,
with configs in sync was just painful.  And then the fat APs broke, you
ended up on the top of a ladder with a serial cable, trying to fix it.

When we did our tests, there were certain things we were looking for.
We wanted to make sure that we had maximum control over the
encryption/authentication options.  The configuration needed to be sane,
and fairly easy for someone to pick up.  The APs had to support
802.11a/b/g, multiple SSIDs, mobility.  But, the most important thing we
wanted out of a vendor was a good close relationship, so that we could
get issues resolved quickly and stay on top of new technologies.  It
also had to be cost effective.  With a plan to deploy ~1200 APs, even a
few dollars difference in the price of the equipment could result in a
fairly large amount of money.

When we tested the Aruba gear, we managed to lock ourselves out of it
several times.  To the point that we had to plug in with a serial cable,
and wipe the configuration to get it to work again.  During our testing
we also crashed their switch several times.  It turned out that the
reason we were locking ourselves out of the switch is because we weren't
going through the steps to set up an AP in the right order.  However,
even the documentation didn't have things in the right order, and the
interface never warned us that we were doing something wrong.  As we had
fought issues like this with another vendor's fat APs, it soured me
pretty quickly.  In addition, the Aruba gear seemed to want to be more
than just a wireless network device.  It handles VPN connectivity, IDS
functionality (similar to air defense), switching, routing, etc.  In
order to support all of those things, you need to build your hardware
extra big to do it.  This results in higher cost.  Having multiple
functions like that also make configuration and software more complex.

When we tested the Trapeze gear, we found that they didn't have all of
the features of the Aruba.  However, Trapeze also didn't have the
"charge-you-for-every-little-feature" attitude that Aruba did.  The
Trapeze gear didn't crash when we tested it.  There was a learning curve
to get over in order to get it fully configured, but once the reasoning
for the configuration was explained, it started to make sense.  The
Trapeze could also broadcast more SSIDs than the Aruba could.  And, the
APs were *MUCH* better looking that the Aruba APs.  (For some buildings
on our campus, people are very picky about how things look.)

Right as we started looking at Airespace, they were acquired by Cisco.
We had been going through a lot of pain with the Perfigo system that we
had just purchased, so getting involved in another Cisco acquisition
wasn't very exciting.  I have always felt that Cisco has a long history
of making a mess of companies that it acquires for several years before
they start to make progress again.

Of the three, Trapeze has the best control over the authentication and
encryption settings.  Trapeze doesn't make the erroneous assumption that
if you enable TKIP you want to do WPA1 and if you enable CCMP you want
to do WPA2.  Instead, they give you control over each cipher type, and
how you want it enabled.  So, you could run WPA1 with CCMP and WEP, but
not TKIP.  

To test how willing Trapeze was to work with us, we asked them to add a
lock hole to the bottom of the APs so that we could lock them in place
in areas where they are likely to disappear.  The next revision of the
AP had that hole.

Based on all of this, we elected to go with Trapeze.  After having it
for a while, we picked up a copy of their Ringmaster management
software.  Ringmaster has some warts, but has been getting a little
better each revision.  If you go with Trapeze, and decide to use
Ringmaster, make sure you take the training.  Their virtual site survey
tool is pretty good, if you know how to operate it correctly.  If you
combine that with a good physical site survey you end up with good
coverage.

Overall, I think the Trapeze gear is worth looking at.  And I will
gladly answer any questions anyone has about the installation, and
maintenance of the gear. 

On Fri, 2006-03-24 at 11:38 -0600, Seth H. Bokelman wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> We're also in the early stages of rolling out the Enterasys version of
> the Trapeeze gear, I've configured all of 8 access points so far, but
> it's going better than the test did before we purchased it.  Several of
> the bugs I encountered during our initial test have already been fixed,
> and setup has only been a minor pain, most of which was mistakes I made.
> 
> We selected them because they integrated well with our existing
> multiple-VLAN & SSID structure.  I couldn't get a call back from Meru,
> so never got to test them, and Aruba called me back once, then never
> followed up as they promised, same with Cisco, surprisingly.
> 
> We also tested the system that Chantry/Siemens makes (also used by
> Extreme Networks), and while I liked that setup better, unless I was
> doing a forklift upgrade I couldn't choose it. Trying to make it coexist
> with our existing 130 Proxim access points was going to be a major pain,
> so the Nortel & Enterasys Trapeze-based gear was our final choice.  We
> wound up opting for Enterasys because that's also who our wired-switch
> provider is.
> 
> Nathan Hay wrote:
> > I sent out a similar list of questions for Meru earlier in case this
> > sounds familiar...
> >  
> > We are looking into using Trapeze for a large wireless deployment.  Is
> > anyone currently using them? 
> >  
> > If you are, here are some questions:
> > How stable of a system is it? 
> > How many APs are you running on a controller?
> >  
> > If you have looked at them and decided on another vendor, what
> > influenced your decision?
> >  
> > Thanks,
> >  
> > Nathan
> >  
> >  
> > Nathan P. Hay
> > Network Engineer
> > Computer Services
> > Cedarville University
> > Office: 937-766-6516
> > Email: [EMAIL PROTECTED]
> > Web: www.cedarville.edu********** Participation and subscription
> > information for this EDUCAUSE Constituent Group discussion list can be
> > found at http://www.educause.edu/groups/.
> 
> - --
> Seth H. Bokelman ([EMAIL PROTECTED])
> Systems Administrator
> ITS-Network Services, University of Northern Iowa
> 15 Curris Business Building, Cedar Falls, Iowa  50614
> Phone: (319) 273-7423
> http://www.sethb.com/
> ICQ#: 6497760  MSN Messenger: [EMAIL PROTECTED]
> AOL/AIM: sethb2  Yahoo Messenger: sethbokelman
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQFEJC6bOiUz+Af5BIIRAlMiAJ42YT72xQW62lfeFHgMK6UP3FTr/gCgyDBi
> v4envPCHA26GJTq8YokCHdo=
> =eO7V
> -----END PGP SIGNATURE-----
> 
> **********
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discussion list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Reply via email to