Microsoft loves wireless. Its internal wireless LAN network has been growing by about 50 Cisco access points (APs) per month to reach nearly 4,500, says Microsoft wireless network engineer Don Berry. The company supports a global, 25,000-user WLAN with a team of just five people.

This figure turns out to be a lot lower than the company initially thought. A pilot in 2000 suggested that the 40 Cisco APs in the company's Redmond offices would generate 60 technician calls a day. Microsoft did not find that acceptable, so it built its own automated management infrastructure to streamline operations, so that APs don’t have to be touched, except to be installed and replaced.

Remember: these were the days before slick radio frequency management tools became available from many start-ups and, more recently, Cisco.

Phase one: old Cisco APs and Microsoft software
The management architecture took Microsoft about four months to build and deploy, but at the end of that time, Berry was the only Microsoft employee who works full-time on the internal wireless network.

Using a console port in the Cisco AP connected to a terminal server in the cabling room, for example, network administrators can configure the AP with an IP address, troubleshoot it, and upgrade it remotely. Berry says the Microsoft network operations centre fields about 45 hours a week of wireless service calls and that about 3 percent of help desk calls are related to the wireless network.

Microsoft's WLAN is still built entirely on Cisco 340 and 350 Series APs. Cisco has replaced these devices with its Cisco IOS-based 1200 (dual-radio) and 1100 (single-radio) series devices. Berry says the Cisco 1200s have been certified for use within Microsoft (with 802.11b radios only) in future.

The next wave
Now Berry has kicked off a Wireless Service Improvement Initiative. He says his program will boost his company's wireless infrastructure from the status of an "adjunct" network to a primary service with service-level agreements.

Among the components of the initiative:

  • The company is rolling out a group policy that prevents users from changing certain configuration parameters on their PCs. Previously, users made changes that invalidated their client certificates, which they need to authenticate to the network, Berry says. "We were having half a million authentication failures per month," Berry says.
  • Microsoft recently purchased two Cisco Wireless LAN Solution Engines (WLSE). Cisco WLSE is a data center management appliance for mass configuration and control of a Cisco wireless AP infrastructure. Microsoft is using WLSE Version 2.5, which detects, locates and mitigates RF interference and unauthorized (rogue) access points. However, Microsoft purchased the WLSE 2.5 - capable of controlling 2,500 APs - primarily as an efficient way to update the VxWorks operating system that runs in the Cisco 340 and 350 Series APs that comprise Microsoft's four-year-old WLAN. Microsoft needed to quickly update VxWorks globally to fix bugs that were degrading performance, Berry explains.
  • For rogue AP detection, the software giant is poised to deploy Aruba Wireless Networks air monitors and RF Director software. To date, Microsoft has been using "sneakernet" for finding unauthorised APs, says Berry, who acknowledges, "We haven't been doing a very good job." To reduce interference, he has reserved one wireless channel for rogues "so they can interfere with each other all they want."
  • Microsoft is pushing out to its wireless clients a new wireless driver package for the Windows XP operating system. Among other improvements, the wireless update rollup package for XP primarily boosts performance as a client associates to an 802.11-based infrastructure.