Overview
CenterEdge Mobile provides access to system functions throughout your site without being wired to the system. To set this up, however, your site must meet certain wireless networking requirements so that the CenterEdge Mobile system can operate efficiently.
Operating a wireless network within a facility is usually a task that requires some degree of specialization. This is especially true for a large facility or one where you accept credit cards. As a result, if you do not have your own IT department we strongly recommend contracting with a third-party IT firm that specializes in wireless networks.
Network Type
CenterEdge Mobile uses a standard 802.11ac WiFi network for communications, but we recommend installing 802.11ax for an increased range. If you want to futureproof your network, the 802.11ax or WiFi 6 is the best option because it provides a better range and a faster connection for devices that support it.
Most installations require multiple wireless access points (WAPs) to provide coverage to all necessary areas. Because of this, we strongly recommend the use of a centrally-managed wireless system. This kind of system synchronizes the configurations across all WAPs, handles channel management, and provides additional security features. Examples of centrally managed wireless systems include Meraki and Sophos.
Wireless Range
The range of a single wireless access point varies depending on the quality of the WAP and its surroundings, which makes it difficult to predict. You will typically get approximately 100-150 feet of range from a single access point, but in some cases you might get more range. It can be affected by physical obstructions, electromagnetic interference, and other devices that are operating in that area.
For example, a thick concrete wall or a large metal ride can reduce your effective range. Microwave ovens are also known to produce a lot of interference, so try to avoid placing your mobile devices or your access points near microwaves. Additionally, if you decide to offer public WiFi access via the same set of access points, you will see an increased load on your WAPs. This may require more access points to help handle the load. An experienced network technician should be able to help you design your wireless coverage to the best effect.
There might also be some experimentation and adjustments needed after your network is online.
Network Topology
The wireless network should show up as a single SSID with the same passphrase across all WAPs. Once all the WAPs are connected, they should be passing traffic to the same logical network. With this configuration, devices can move around a site jumping from one WAP to another automatically without the user having to reconnect to each WAP as they lose range from the last WAP. The network should use DHCP to assign IP addresses to devices.
The wireless network is not required to be on the same logical network as your main CenterEdge system. However, using the same logical network is a simpler configuration. If you are not using the same logical network, it must still provide a low-latency connection to the CenterEdge server at a consistent IP address. It is also best if devices on the wireless network are still able to resolve the name of the server via DNS.
Network Security
The wireless network to be used by the CenterEdge Mobile system must be a secured network. As of this writing, this means it must use WPA2-AES encryption. Additionally, you should either use RADIUS enterprise authentication or change your wireless passphrase every 90 days. Using a passphrase that you change every 90 days is usually the simpler option. Ensure that you pick a secure passphrase that will be difficult to guess.
If you have heightened security concerns, you can also isolate your wireless network from your main network with a firewall. In this case, you must forward certain TCP ports through the firewall to your CenterEdge server. Depending on your application, some of these ports may not be required. You can consult with a CenterEdge Support technician regarding your specific needs. These ports are:
- 80 – Digital signage media
- 1433 – SQL Server (unless using a named instance or non- standard port, in which case this may change)
- 15050-15051 – Licensing
- 15054 – Fingerprint validation, reporting, patches
- 15055 – Digital signage data
- 15056 – Mobile device service
- 31419 – If processing credit cards via PC-Charge
- 31420 – If processing credit cards via the CenterEdge Credit Card Service
- 58008 – Embed ECS Interface
- Windows file share ports (helpful when installing software for the first time)
It is important to note that operating a WiFi network can affect your PCI DSS compliance for credit card processing. If you are using integrated credit cards at your facility, you are required to operate any wireless network in a secure manner. It will affect your SAQ questionnaire, where you will be required to answer questions about your wireless network and the steps you are taking to ensure it is secure.
Other Requirements
- Recommended WAN from ISP for CenterEdge .
- Dedicated 10Mbps down (minimum) 1.5Mbps up (minimum)
- Low latency for communication to our cloud infrastructure.
- Recommended 5ms - 15ms for a hardwired connection
- Recommended 25ms - 55ms for Wifi connection
- Internal LAN for Servers, workstations, etc
- 1Gbps Cat 6, 1Gbps switches.
- Network hubs are not supported
- If you need to open ports for a firewall please see the firewall document
- CenterEdge only uses outgoing ports
See other documents for Embed, Sacoa, Intercard, and all other third-party Network configurations.
Comments
0 comments
Please sign in to leave a comment.
Related articles