Wireless Networking Standards

Schools must aim to have a future-proofed network that will be able to cope with new developments and the addition of different devices.

The wireless network should be managed (installed, deployed, configured, monitored and maintained) by an appropriate Education Technology Support Partner such as the local authority. A managed wireless network can monitor performance, support rollout of updates and resolve problems more efficiently.

School planning should take account of the lifecycle of wireless networks and include budget provision for upgrade and refresh.

You should have a wireless solution in place that meets your current needs, offers scope for expansion – both in terms of adding more users, and in supporting increasingly sophisticated digital devices. The wireless solution should be operating on the latest wireless protocol standard to ensure successful mobile learning across the school.

Your wireless solution must be professionally installed, managed and maintained in line with the remaining Standards in this section, and elsewhere.

The costs of delivering wireless solutions and maintaining their currency can be expensive. Schools should also consider a solution that offers scalability to meet future needs and ambitions.

It is therefore recommended that schools deploy a local authority or recommended Education Technology Support Partner solution which can offer:

• Economies of scale in terms of purchase and maintenance
• Enterprise level management and expertise in educational deployment
• Efficiency in terms of deployment – using latest techniques and working with vendors to ensure educational relevance
• Guarantees of vendor quality and consistency in delivery.

Management of WLAN (Wireless Local Area Network) allows schools to handle time-sensitive functions, such as Layer 2 encryption, that enable WLANs to securely support voice, video, and data applications.

Schools should ensure that any autonomous (and non-standard) Access Points is removed from the wireless network. Autonomous Access Points (AP), especially where these are non-standard AP, can also cause pinch points on the WLAN if they are not operating at the latest protocol.

AP should be configured and managed centrally through a wireless LAN controller known as Lightweight access point architecture (LAP). It ensures that the wireless network as a whole can be monitored and controlled. It also allows for easier roll out of updates and protocols for network management staff.

Schools should ideally deploy wireless solutions on an enterprise basis. They should also ensure that Education Technology Support Partners understand the wireless needs of educational environments rather than environments more suited to small businesses.

Wherever schools have concerns or doubts about solution design, they should refer to their local authority for guidance and support.

Access Points must be sensibly located in learning areas - more will be needed in places with larger numbers of use.

An onsite wireless survey, conducted with your Education Technology Support Partner, should be used to determine the optimal number of APs for your school.

All AP should be installed and mounted in accordance with the manufacturer’s recommendations and accessible to support teams.

Many problems can interfere with wireless networking, including signals being blocked by materials used in the fabric of the building. As well as passive signal interference, there are also natural sources of ambient active interference from electrical equipment that generate Radio Frequency (RF) noise. Therefore, before installing wireless networking, it is important that the building is suitably surveyed to identify and mitigate potential issues which could affect the wireless service in that building.

The survey of a building ensures the installed solution matches the pre-installation expectations, and that senior leaders can be comfortable that the solution matches their requirements.

Surveying involves running tests across the school to look at signal strength and coverage. Surveying will also be required when building works such as new classrooms; school blocks; etc. are developed. Early intervention in the planning process will ensure both cost, design and dependencies are taken into consideration.

The ultimate goal of a wireless survey is to identify how many wireless access points (APs) are required and where they are to be located. Furthermore, information regarding expected signal strengths/quality; sources of interference; and infrastructure requirements (i.e. power, network switches and network cabling) should also be identified.

Decisions around the installation location and type of AP to be installed should also consider the density of mobile use that is anticipated in that area of the school. For example:

• Current implementations should take account of known dead spots and configure existing AP/additional AP to support coverage in those areas
• Both new and upgraded deployments, and upgrades to wireless AP protocols, should commence only after a comprehensive wireless survey has been undertaken
• New wireless deployments should be planned and managed in conjunction with school stakeholders including the Education Technology Support Partner.

Adequately placed access points will help ensure that mobile learning is fully supported across the school.

All AP should be installed and mounted in accordance with the manufacturer’s recommendations and accessible to support teams.

Coverage provided by each AP is optimised if the AP is mounted correctly. This ensures optimal placement of the antennae, and will allow each AP to deliver the best coverage. It also reduces the potential for dead spots and supporting true mobile deployment.

It is accepted that schools are operating on limited resources and may have limiting factors out of their control, such as the age and architecture of the school.

Therefore, schools should aim for AP to be sited at a high level and angle mounts used to ensure that the optimal performance for each AP can be achieved.

Additionally, consideration should be given for the location of an AP so that any maintenance or repair needed can be facilitated with due consideration for health and safety regulations.

Schools also have a duty of care to ensure that their implementation of wireless AP complies with the recommendations of Public Health England (PHE), which contributes to the advice currently being followed by Welsh Government.

PHE’s current advice on mobile phone use by children and Wi-Fi in Wales is that exposures to radio waves should comply with the guidelines published by the International Commission on Non-Ionizing Radiation (ICNIRP). INCIRP is formally recognised by the World Health Organisation (WHO) so that all guidance stems from international evaluation and academic rigour.

Access Points should be placed to minimise interference so that lessons are not disrupted. They should not be caged or boxed in for protection.

APs mounted above false ceilings should be specifically designed for that location.

The installation of AP should take into account the physical infrastructure of a school.

Walls can act as barriers to wireless signals. Some buildings, with steel and poured concrete used to construct them, can act like Faraday cages (where the conductivity in the metal structure blocks electromagnetic pulses) blocking the wireless signal.

Schools should also be mindful of incidental interference caused by positioning AP near metal objects which can cause this type of interference – such as metal radiators; or that they inadvertently cause interference by housing AP in metal cages.

It is expected that a specialist wireless service technician from your Education Technology Support Partner will ensure that the Standards outlined in E1 – E3 are being followed; mitigate against any issues, and ensure that you are getting the best coverage and performance from each AP in school.

In addition, as outlined in Standard E4, AP should also be able to compensate for other types of interference, such as Radio Frequency from other devices in use in school.

Access Points need to use the latest standards and protocols to help provide you with greater networking capability throughout your school.

Maintaining the wireless provision in school is essential for the school to successfully implement large scale uses of mobile devices, and different types of mobile devices.

Wireless devices use a common protocol to connect and communicate through wireless access points. This is known as 802.11.

Within this protocol, there are a number of standards which indicate how recent the wireless access points are, and consequently, how successful the solution is in supporting multiple, modern wireless devices.

802.11AX is the preferred standard with 802.11ac (Wave2) regarded as the minimum standard that schools should adopt in order to provide adequate coverage to meet their digital learning needs. 802.11AX operates at 5GHz and 2.4Ghz, to offer much greater networking capability. It also has the potential to actively manage access to reduce interference, and enable more devices to effectively use the wireless network.

802.11AX (preferred standard) and 802.11ac Wave 2 (minimum standard) allows wireless networks to:

• Attain gigabit wireless connectivity
• Support a greater number of devices per AP
• Provide an easier and smoother connection for devices
• Allow for more data rich network demands to be met.

The chosen solution should always:

• Seek to optimise best throughput to the end devices – enabling higher bandwidths for learners
• Sense and adapt to interference from other AP in proximity
• Automatically configure Radio Frequency settings to maintain coverage in the event of an AP failing.

Where AP are capable of being powered by Power Over Ethernet (POE), schools should ensure that they are.

Additional considerations for the implementation should include:

• All AP must be a minimum MIMO 2x2:2

MU-MIMO or MIMO: Short for Multi-User, Multiple-Input, Multiple-Output, MU-MIMO is an enhanced form of the MIMO technology that enables multiple independent radio terminals to access a system, which can provide significant performance gains over the original MIMO technology.

MU-MIMO features prominently in the 2013 update of the 802.11ac wireless specification (802.11ac Wave 2) and helps increase theoretical maximum wireless speeds from 3.47Gbps to 6.93Gbps for 802.11ac Wave 2.

The maximum speed of a single 802.11AX stream will be around 3.5Gbps.  Multiply that out to a 4x4 MIMO network and you get a total capacity of 14Gbps.

MU-MIMO enables multiple users to simultaneously access the same channel by providing spatial degrees of freedom. However, because of its need for sophisticated antenna systems and signal processing, MU-MIMO can only be used in the downstream direction (from an access point to multiple wireless client devices) in the 802.11ac Wave 2 specification.

• All AP should maximise throughput to the desktop

Schools should be mindful of the new AP and enterprise level (whole school) deployments of wireless such that the manufacturer’s recommended methods for maximising data flow are followed.

• All AP must be able to sense interference and adapt to that interference

As there are so many wireless devices out there, they can sometimes transmit the same or similar frequencies which cause issues with signal quality. Many APs can now sense this, and if centrally managed ‘jump’ to another frequency that has less ‘noise’

• All AP must be able to automatically configure radio frequency (RF) settings to maximise performance

Automatic configuration of RF settings allows the solution to maintain coverage in the event of an AP failing by increasing the coverage of other APs in the area to try and minimise black spots.

School IT networks store potentially sensitive information and should be configured to keep learners safe and secure.

The best way to control which devices can join and use the network is to use certificate-based authentication.

Users should always be authenticated onto a wireless network – this ensures that the right users are accessing the school IT network and its resources. Where appropriate, schools should consider certificate based authentication as the preferred route.

Certificate based authentication uses a digital certificate to identify a user or device before allowing access to the wireless network. Used in conjunction with other authentication factors such as a user name and password, it increases the security of the wireless provision in school.

The solution has some significant advantages in that it is secure and easy to use from a technical support perspective. It needs minimal input from end users (and therefore reduces the risks associated with user error) and supports a range of applications. It is also readily available on most devices and platforms.

Separate wireless networks ensures guest users have no access to areas used by learners and staff, but can access the internet and resources like Hwb.

You may also want to consider segregation of your network through a separate VLAN to manage increasingly IoT (Internet of Things) rich Business Management Systems, CCTV etc.

This ensures compliance with data security and safeguarding for school learners, and allows network monitoring tools to determine the appropriate access and settings for each type of user.

Where co-located public sector services are managed from a school building, the Govroam network should be deployed to support that access.

Guest users of a school IT network are those persons who are not immediately associated with the school. In support of wider safeguarding considerations, schools should keep the school IT network access for guests separate from the access available to staff and learners.

This segregation is provided by creating different Virtual LAN (VLAN) that local and guest users can log into.

This allows network support staff to apply any restrictions necessary; and offers visibility across the entire network whilst reducing the need for additional infrastructure.

This allows you to protect learners from other users on the school IT network to provide safeguarding assurances, as well as ensure that sensitive data is protected.

Planning for what discrete wireless networks are required will ensure that the relevant segregation takes place; management is straightforward; and any maintenance or upgrading is easy to apply.

Schools can create discrete wireless networks through Service Set Identifiers (SSID)

A service set identifier (SSID) is a sequence of characters that uniquely names a wireless local area network (WLAN). An SSID is sometimes referred to as a "network name." This name allows stations to connect to the desired network when multiple independent networks operate in the same physical area.

It is important that there are not too many SSID in place in a school, as they can become unwieldy and difficult to manage. As they are all ultimately sharing the same bandwidth connection, they could also cause congestion issues that cannot easily be identified or resolved.

Depending on the needs of a school, four to six SSID should be sufficient.

Public sector guest users should use the Govroam provision to access the internet. Provided their home organisation has joined the service, they can access their home network and the Internet from any other public sector building in Wales. Govroam is a UK wide initiative and is managed for Wales through the PSBA.

Please refer to further details on Govroam from PSBA website.

Anyone connecting to school IT networks should agree to follow the school's Acceptable Use Policy which outlines expected behaviours and responsibilities.

Management of Wireless Networks allows schools to control what access takes place and ensures that GDPR, safeguarding and other data management policies are being followed.

Wireless networks need to be appropriately protected and access to those networks should be controlled. As well as ensuring there are technical solutions in place to authenticate users onto the system, users also need to understand their responsibilities in accessing and using those networks.

An Acceptable Use Policy (AUP) gives users the rules of engagement for accessing the School IT Network including the constraints and conditions for use and the practices to follow. This might include for example expressly forbidding access to certain types of website e.g. gambling or pornography and although these sites will be blocked by the school’s web filtering and firewall solutions, it also ensures that users understand their responsibilities as well.

AUP are usually presented when a new user comes onto the system and access is denied until the AUP has been signed by them (as a way of completing the authentication process). Having an established AUP for guests and for all users of the school network should be part of the schools safeguarding and security policies.

As new, increasingly sophisticated devices are purchased for use in school, it is important to check that the school's wireless networks continue to support them optimally. Wi-Fi capability, configuration and settings should be reviewed regularly.

You should also ensure that cabling in school is sufficient to meet wireless upgrades.

As the demand for online resources and digital learning increases, and as devices themselves become increasingly sophisticated, schools need to be confident that their wireless provision can support access. Reviewing wireless provision in line with IT planning cycles – ensuring that warranty periods and lease agreements are included in this review – and replacing/upgrading equipment as needed, will help to maintain an efficient wireless network for your school.

As outlined in Standard E1 , the expense associated with wireless means that there are significant advantages in seeking support for procurement and implementation from a local authority partner.