Wireless network in a school should provide access to the Internet throughout the school building and offer bandwidth sufficient for comfortable use of network services by students, teachers and administrative staff. The key factors in choosing the devices is their bandwidth and the maximum number of supported users.
The Internet can provide easy and fast access to useful knowledge as well as to content that distracts the student’s attention, so the school network should be subject to certain restrictions such as time windows, bandwidth, available content, etc.
The best practice for building this type of wireless network is to create several completely independent SSIDs (Service Set Identifiers) so that individual user groups connect to specific WiFi network. Such networks should be created for:
- students,
- teachers,
- administrative staff,
- guests after classes.
The most important thing is that the wireless networks are to be isolated – devices connected to one network cannot be visible to devices in another.
It’s obvious that the network equipment should be modern and reliable. A long warranty period for the network devices and effective technical support are essential as well. These conditions are perfectly met by TP-Link devices.
TP-Link has been redefining the way we think about wireless networks for over 20 years. By focusing on reliability and performance, the manufacturer can boast a product portfolio where everyone is able to find something for themselves, at any level of requirements and budget. By placing the customer first, products with this brand have gained trust of hundreds of millions of people in more than 120 countries, making the company the global leader in the WLAN market.
Typical school network should consist of three types of devices: router, switches, access points.
- Router is an Internet gateway for all devices connected to the school network
- Switches are used to connect access points and desktops to the router
- Access points broadcast the WiFi network throughout the school building and around the school (e.g on sports fields)
Building such a network, the designer/installer should rather choose network equipment making use of PoE technology (supporting 802.3af or 8032.3at standard). The application of access points powered directly from PoE switches will significantly reduce the wiring in the school. The power capacity of the 802.3af standard is 15.4 W per port, and of the 802.3at version is 30 W per port. The most important advantages of PoE solutions are:
- transmission of power and data via a single cable reduces wiring and installation costs
- at least 100 m range (with appropriate cabling)
- high security and and reliability – in typical conditions the risk of electric shock is low (the voltage is below 60 V) and the technology involves auto-testing procedures
- protection of devices not compliant with the standard
- ease of installation
- backward compatibility with older versions
How to do it?
The size of a school determines the actual need for the number of wireless access points to cover with WIFi connectivity the whole building(s) and associated area. The switch or switches should have the adequate number of ports for connecting all the access points plus any other network equipment in the school.
I – students’ devices, II – teachers’ devices
An example set of TP-Link devices used for deployment of wireless network in a school
Such a set can be composed of:
Smart PoE Switch TP-LINK T1500-28PCT N29962 has 24 10/100 Mbps ports supporting 802.3at/af compliant PoE devices. With this feature, it can power multiple PoE wireless access points (PoE) via the same cables that are used for data transmission. The switch offers intuitive web management interface.
|
|
TP-Link EAP access points can be particularly recommended for creating efficient and reliable WiFi networks in the demanding school environments. Modern design and ease of installation on a wall or ceiling make them the perfect choice for any room or interior space. The functions of the software include real-time monitoring, graphical analysis of network traffic and batch firmware updates.
|
|
As mentioned above, such school network can/should be seen by the users as four WiFi networks, each appropriate for the specific group of users:
- SP109_pupil – students’ network
- SP109_teacher – teachers’ network
- SP109_office – administrative staff’s network
- SP109_guest – guests’ network (coming after classes)
View of network selection window on a mobile phone
Thanks to the management software, each of the networks has specific features and user authentication methods:
- Students’ network (SSID: SP109_pupil)
- The network (data) is not encrypted
- To log in, the student has to enter individual User Name and Password (which allows for identification of the user)
- The logged in users only have access to the Internet (they do not see one another)
- The network is accessible from 7:00 to 16:00
- Teachers’ network (SSID: SP109_teacher)
- The network is protected with WPA2-PSK protocol
- To log in, the teacher has to enter individual User Name and Password
- The logged in users have access to the Internet and to school’s local network (e.g. to network projectors and printers, multimedia boards)
- The network is available around the clock
- Administrative staff’s network (SSID: SP109_office)
- The network is protected with WPA2-PSK protocol
- The logged in users have access to the Internet and to school’s local network (e.g. to servers and network printers)
- The network is available around the clock
- Guests’ network (SSID: SP109_guest)
- The network is protected with WPA2-PSK protocol (the password can be found in the school hall or in other visible place)
- The logged in users only have access to the Internet (they do not see one another)
- The network is accessible from 16:00 to 6:00
The logging window of a student can look like this:
In the case of a teacher, to log on to the network (SSID SP109_teacher), the user has to perform two steps:
- Connect to the encrypted wireless network with WPA-PSK protocol
- Enter individual User Name and Password
The username and password database is located on an external server (Radius). This role can be performed e.g. by RouterBoard RB2011UAS-RM N242011 (MikroTik). The separation between networks is done using VLANs (all network devices must support this functionality). The main router is also responsible for bandwidth management and queuing (QoS).
Which wireless equipment to install?
The optimum device for indoor applications is the TP-Link EAP225 N2567 wireless access point. EAP225 is a dual-band device operating in 2.4 GHz and 5 GHz bands. In the case of multiple users, the main limitation is rather the maximum number of users connected to a single access point than the range of operation. It is recommended not to exceed 25 users per device in one band (as the device has 2.4 and 5 GHz bands, it can connect up to 50 users). In places with higher concentration of users, it is necessary to install several such devices.
Thanks to Load Balance function, the network will automatically limit the number of users (set by the administrator) connected to one device – another user will be connected to a less-loaded AP. This function can also switch users that move in the building to APs with stronger signals. Another important feature is Band Steering distributing the load proportionally among 2.4 and 5 GHz bands.
Below there is an example layout of TP-Link EAP devices in a building.
An example of deploying TP-Link EAP EAP225 N2567 units in a building
Wireless Access Point TP-LINK EAP110-Outdoor (802.11n/300Mbps, PoE) N2569
The diagram below shows an example of such an outdoor installation.
TP-Link N2569 devices deployed outside a three-part building