January 31, 2005
D-Link DSA-3200: WiFi Hotspot-in-a-Box
If you�re building a community wireless project, or setting up guest wireless access for your enterprise, you face several difficult problems that make rollout a little more complicated than just plugging in a cheap WiFi access point. The first problem is user authentication: assigning user IDs and passwords, and keeping track of usage. The second is keeping network usage fair, by preventing bandwidth hogs and one or two malicious users from spoiling the party for everyone else.
While it�s always been possible to cobble together the pieces you need to pull this off � one or more APs, a managed Ethernet switch, and a Linux box running security and rate-limiting software � now you can get the whole package in a single box for under $600. The D-Link DSA-3200 Wireless G Public/Private Hot Spot Gateway combines an 802.11g access point with an authentication server supporting 250 user accounts in an internal non-volatile database. The unit also sports URL redirection, bandwidth control, network policy enforcement, timed sessions, traffic monitoring, and denial-of-service attack prevention.
The URL redirection feature captures users in their browsers, displaying a customized, branded Web page unique to your hotspot network no matter what URL a user initially surfs to. This page provides user log-in fields, as well as any pricing, policy, or usage disclaimers you wish to post. No user can fully access the WiFi network without passing through this page.
Bandwidth control and network policy enforcement let you prevent one or two users from hogging all the bandwidth, by organizing users into one of several usage groups. You can, for example, configure a limited free user group at low speeds useful for email and light browsing, reserving higher speed access for paying users. Network policy enforcement lets you limit how certain protocols are used, such as outgoing SMTP mail, to prevent network abuse by spammers and other evildoers.
Timed sessions help you provide fair access when more users compete to get online than you have resources to support; once someone�s limited session time has expired, another user gets a chance to go online. Traffic monitoring and DoS attack detection and prevention let you monitor the network to make sure it�s healthy and detected problem users, such as those with viruses that might otherwise shut down the network.
The DSA-3200 is perfect for a single-AP hotspot, providing a working radius of 300 feet or so in open space. If your hotspot network expands, you can extend the network with generic APs, making the DSA-3200 the hub of your WiFi network.
The box provides dual diversity antennas, three Ethernet ports � LAN, WAN, and DMZ � and supports SNMP, SSH, and HTTPS (SSL/TLS) management protocols. Authentication can use a built-in RADIUS server, or an external RADIUS authentication service.
Find out more about the DSA-3200 online at:
http://www.dlink.com/products/?pid=402
Posted by Mel Beckman at January 31, 2005 8:02 AM
