610 likes | 861 Views
CityWide Wireless Services. Serving Fairfax City. Agenda. CWWS Team Introduction Project Goals Assumptions Technical Approach & Design Business Plan Project Timeline Summary Why CWWS? . CWWS Team Composition. Project Management – Gina Jamaldinian Engineering Design – Karen Owen
E N D
CityWide Wireless Services Serving Fairfax City
Agenda • CWWS Team Introduction • Project Goals • Assumptions • Technical Approach & Design • Business Plan • Project Timeline • Summary • Why CWWS?
CWWS Team Composition • Project Management – Gina Jamaldinian • Engineering Design – Karen Owen • Network Management – Emad Shqair • Wireless Security – Hussein Souqi • Financial Analysis & Budget – Joe Felber
Project Goals • Design a Prototype Municipal Wireless Telecommunications System for two Fairfax City Government Stakeholders • Explore Provisioning Wireless Services for City Residents & Commercial Businesses • Propose a Viable Business Model for Financial Stability by the end of five years • Develop an RF Safety Public Relations Strategy • Ensure Technical & Administrative Support Services are covered within the proposal
High-Level Assumptions • Pilot is focused on two Fairfax City Government Stakeholders • Fiscal Year begins on April 15th • Budget: • 350K for pilot phase • 150K for FY06-07 • Wireless Security is essential for certain city services • Fairfax City will provide building wireless access points • Current data center and fiber backbone can be leveraged for this project • Wireless services are required outside and within city buildings • Laptop computers will remain within fire/police vehicles
Initial Stakeholders Emergency Services Police Approximately 70 police officers on the force John C. Wood Municipal Complex, Old Lee Hwy Fire Department Fire Station 3, 4081 University Drive Fire Station 33, 10101 Old Lee Hwy Fairfax City Government IT Staff City Hall Conference or Meeting Sites OtherStakeholders City Tax Payers (22,000) Wireless Vendors RF Licensees RF Hazard Opponents Prospective tenants Stakeholders
Evolutionary Systems Design Methodology Best Fit for Fairfax User REQ’s Topology REQ’s Integrate Design Architecture Develop Test Validate Phase 1 Pre-WiMax Phase 2 Operational WiMax Phase 3 Demonstrate ROI
CWWS Technical Solution • Hybrid Wi-Fi & WiMax Solution • Phased WiMax Implementation • Quality of Service (QoS) • Priority of Service is provided to Emergency Services • Secure Data Transmission • Tie in to City 1Gbps Fiber Backbone
WLAN Performance Comparison – Why 802.16 & WiMAX? Courtesy of BAH
Wireless Pilot Design Requirements Broadband Data Rates Maintains current productivity Manageable Quality of Service Priority to Public Safety Upgrade Path to Full WiMax Phased Implementation WiMax-ready products Licensed Spectrum Safeguards against future interference
Fairfax City Requirements Defined Applications City Agencies • Mobile 2.4 hotspot in/around 10455 Armstrong St. • Ad-Hoc workgroup support for meetings, Conferences, Technical Interchanges • Showcase Wireless Connectivity City Hall Staff VPN Police Dep’t • In-vehicle incident reporting • License checks / criminal history checks • 800MHz dispatch translation service replacement * • Video transmission at incident scene Fire & Rescue Fire Marshall(s) (Fire Safety Code administration) • Pictometry (aerial hi-res images of city bldgs) • Pre-Plans, bldg sketches & footprints • ESRI Map Data from City GIS • Streaming Video from scene to nearby Hospital trauma units Bldg Inspectors • City GIS & Bldg. Plans Community Dev • City GIS, Property database(CAMA), • Database of repeat offenders • Archived network resources Public Works • City Network, email, • Financial info • Timekeeping info* Parks & Recreation * possible future req.
Hybrid Network Topology City Fiber-Optic MAN 4.9GHz Mobile Clients Power-over-Ethernet to laptop 4.9 Mobile Client Fire Station 33 Green Acres Indoor WAP Outdoor WAP City Hall Indoor WAP Outdoor WAP 4.9 Omni 2.4GHz unlicensed 802.11b LOS Circle Towers Apts Fire Station 3 Indoor WAP P2P 5.8 Backhaul P2P 5.8 Backhaul Outdoor WAP GMU 1 1 4.9 Omni 1 CHANNEL 1 John C. Wood Tower 2 CHANNEL 2 Massey P2P 5.8 Backhaul 2 2
Antenna Sites Future Antenna Locations Pilot 5.8GHz P2P, 4.9GHz P2MP GMU Comm Tower John C. Wood BASE William Pl. Water Tower 100ft 200ft BASE Radio Link Massey Bldg 70ft 110ft Radio Link 54 Mbps max Lyndhurst Water Tower GMU (Sideburn) Water Tower Green Acres center Circle Towers 94ft 140ft 109ft Fiber Tie-In Radio Link
Back-Haul Details Sideburn Water Tower Green Acres Fiber Tie In GMU Comm Tower Johnson Center
FCC Requirements for Antenna Siting • License required for 4940 – 4990 MHz Public Safety Band • License search conducted w/in range of City (6Km) reveals: • WPZQ271 – Metropolitan Washington Airports Auth. • Granted 2/19/04 expires 2/19/2014 • WQCM455 – Commonwealth of Virginia • Granted 4/7/05 expires 4/7/2015 • These are non-exclusive licenses, others allowed in same band and geographic region, 1 week turnaround expected FCC Approval City of Fairfax
Simplified Coverage Area Map – 4.9 GHz Nomadic, 5.8GHz Backhaul Radio Wireless Coverage Key = Base Station = Back-Haul Radio & Cox Tie-In = Mobile Terminal Equipment
Simplified Coverage Area Map – 2.4 GHz WiFi Symbol Key – 2.4 GHz = Wireless Access Point = Bridge to Fiber = Simulated 100-150ft radius
Radio Frequency Interference Study • Identify Geographic Boundaries, Terrain Characteristics • Conduct Site Surveys – • Winshield Surveys • Building Walkthroughs, Blueprints • GPS Data collection • Conduct Spectrum Scans • Collect USGS 1/3 arc-meter DEM data – best resolution avail. for Fairfax RESULTS • Coverage Maps • Predictive Propagation Models • Geographic Analysis • FCC license search • RadioHazard study Brian Webster -http://www.wirelessmapping.com
Radio Frequency Hazard Calculations Terrabeam Antennas well below FCC Maximum Permissible Exposure Levels
Roles & Benefits of Network Management -Identify secure data monitor/maintain AP security • Standard based configuration • Auto-discovery ensured • Archiving and config recovery -Tracks server utilization by class of user • Bandwidth control unit (QoS) • Analysis: utilization, availability, • throughput, trending and response time • - Addressing & documenting SLA • Proactive detection • Problem isolation & resolution • Dispatch 24X7 mgmt
Evolutionary NMS to Compliment Our System Engineering Methodology
SNMPv3 Network Management • Fault Management: (FM Server) • Network management enterprise tool SNMPc 7.0 from Castle Rock Inc. • Supports Secure SNMP Version 3 • Scalable, Distributed Architecture • Remote Console & JAVA Access • Email/Pager Event Notification • Real-time MIB Displays
Configurator • A centralized SNMP based management software • Can be installed on a laptop or pc running window • Entire Marquee network can be configured, tested and monitored with no additional test equipment • Marquee clients can be configured locally or remotely – Bandwidth control, test RF performance • Load and save configurations • Update the firmware of the units
VPN – Secure Network Access Trusted machine Trusted machine Full Access Authentication & Device Profile Limited Access & Secure desktop Untrusted machine Untrusted machine Scan
Fairfax Managed Wireless Network Fairfax City Data Center
802.11 WLAN Security ServerCertificate ClientCertificate Wireless Security
Wireless Security Policy • Creates a set of rules and standards for users, administrators, and managers to follow. • Bolster awareness of security and proper usage techniques. • Create a proactive environment where the tools, methods, and procedures are in place to deter attackers and combat the threats effectively. • Establishes a security model for the existing or the soon-to-be-developed network. • Helps to eliminate some of the threats to 802.1x networks.
Physical Security • Physical security standards should be in place to prevent an intruder from gaining unauthorized access or to detect the intruder if physical access is gained to the enterprise premises. • Installing a managed, supported, and Secure WLAN network throughout the enterprise, (removes the motivation for employees to install rogue APs). • Provide employees with a secure WLAN infrastructure supported by an enterprise IT department. I’ll just buy my OWN access point!
How to Secure your WLAN • Install Firewall in the Data Center to secure network. • Install personal firewall software on all connected PCs and laptops. • Remove rogue unauthorized Access Point from the network. • Use password protection on all sensitive folders and files. • Install Anti-Virus on all PCs and laptops.
Wireless Security Components • Authentication • between the client and the authentication server. • Authorization • Controlled by the WLAN membership in combination with the access controls applied at the access router terminating the VLAN. • Accounting • Provided by the RADIUS accounting communicated by the APs to the RADIUS server. • Encryption • At the link layer between the WLAN client and the AP. • are automatically derived during the authentication process.
TeraMax Security Support • Enhanced Security • WEP+ encryption • Encryption • DES (56-bit) • Blowfish (128 bit) • AES (128 Bit) • Authentication • WPA • WPA2 • Supports • RADIUS Authentication • Accounting • Firewall
RADIUS Authentication • RADIUS is a widely deployed protocol, based on a client/server model, that enables centralized authentication, authorization, and accounting for network access • RADIUS is the standard for managing network access for VPN, dial-up, and wireless networks • Use RADIUS to manage network access centrally across many types of network access • RADIUS servers receive and process connection requests or accounting messages from RADIUS clients or proxies
Communicates to the RADIUS client to grant or deny access 4 RADIUS Client 2 Forwards requests to a RADIUS server Domain Controller Client 3 Authenticates requests and stores accounting information Dials in to a local RADIUS client to gain network connectivity 1 How Centralized Authentication Works Remote Access Server RADIUS Server
Cost & Budget Assumptions • Revenue will be generated once wireless services are offered to City residents and businesses • Under Budget Savings can be applied to future years • Residents will be charged $15 per month • Businesses will be charged $150 per month • Residential and Business Wireless Growth will increase through FY2010 • Equipment will decrease in price as the wireless market matures • No Marketing costs will be incurred during the prototype • Marketing costs will be driven by user uptake metrics • Support Salaries will increase by 2.5% each year
Services Office Spt. $41,850 Project Mgmt. $80,750 Tech. Design $29,400 Install & Test $14,800 Operations $31,200 Training $2,200 TOTAL: $200,200 Equipment Base Station $7,496 Antennas $11,438 Receivers $45,150 Bridge $15,672 Cables/Misc. $1,874 Tower Lease $24,000 Radius Server $3,500 Software $12,485 TOTAL: $121,615 Base Year Cost = $321,815
Marketing Plan & PR Strategy • Marketing material will be developed prior to large scale deployment and contain info on: • Timeframe for City Wide Availability • Wireless Service and Equipment Cost • Who to call and how to obtain service • City of Fairfax News and Events Line (703.273.1776) • Where on-line and classroom training can be obtained • Radio Frequency Hazards and Safety
Marketing Plan & PR Strategy (Con’t) • Marketing Material/Distribution will consist of: • Cityscene, Fairfax Connection and Fairfax Journal Advertisements • Cue Bus Placards • External: $200-250 per month per bus (12 buses total) • Internal: $100 per month for all buses • Signs placed at the Regional Library, Cue bus stops, City Hall, Post Offices, GMU • Email to city employees • City Government Website (www.fairfaxva.gov)
CWWS Work Breakdown Structure CWWS Project Project Initiation & Planning Business Plan Prototype Design Prototype Deployment Operations& Sustainment Req. Develpm. Market Evaluation Arch. Design Installation Network Mgmt Systems Engineering Methodology Financial Analysis Network Design & Integration Testing End-User Support Training Mgmt Plans Cost Build-up System Design Technology Refreshment
Technical Approach & Design Broad requirements analysis FCC License search & Wireless Coverage mapping RF Hazard & design considerations Wireless Network Management Centrally managed VPN solution Proactive alert management & dispatch Bandwidth & QoS controls Wireless Security Standards based approach RADIUS authentication Focusing on policy/standards Financial Analysis & Business Plan Budget Analysis Summary Revenue & project plans Creative marketing & public relations Summary A summary of our offerings based on extensive research & analysis include the following: CWWS is committed to helping our customers scale new heights, deliver valuable new services, and achieve wireless coverage in areas never thought possible.
Why CWWS? • Expert Cross Functional Team • Standards Based Solution • Designed for Expansion to Residents and Businesses • Future Technical Capabilities • Full Range of Services • Requirements Development and Management • Design, Installation, & Optimization • Network Management & Support • Site Analysis • On-site technical support and in house training
The final design is not well-defined early in the process Basic life cycle is repeated to deliver successive versions and ever-increasing functionality of the product First versions are small and get product into use Allows for evolution in technology, requirements, and environment Technical Approach – Evolutionary Systems Engineering Methodology User Reqs System Reqs Operational System Time Arch Design Component Development Integration & Verification Installation & Validation Feedback from system 1 Operations 1 User Reqs System Reqs Arch Design Component Development Integration & Verification Installation & Validation Operations 2 Feedback from system 2 User Reqs System Reqs Arch Design Operations 3 Component Development Integration & Verification Installation & Validation Adapted from Systems Engineering, Coping with Complexity, p. 181
IEEE 802 Family of Standards • Wired • 802.3: Ethernet • 802.5: Token Ring • Wireless • 802.11: Wireless Local Area Networks (WLAN) • 802.15: Wireless Personal Area Network (WPAN) (e.g. Bluetooth) • 802.16: Wireless Metropolitan Area Network (WMAN); Broadband Wireless Access (BWA); Vehicular Mobility • 802.20: Wireless Wide Area Network (WWAN); Mobile BWA; High-speed mobility Courtesy of BAH