Cambium Networks’ Quick Deploy Positioner is a Force-Multiplier


If you’ve ever installed point-to-point bridges to extend a network, you know that alignment can be the hardest part. The longer the link is, the more difficult alignment gets, and even those of us in the business who have a good knack for alignment can get thrown for a loop on occasion. To compound matters, sometimes wireless bridges get installed in tricky, dangerous places. It’s not uncommon to use bridges for short-duration connectivity needs, like for events or even battlefield operations. I’ve set up my share of wireless bridges, and I’ve that occasional situation where even after a few days, the alignment bolts are starting to strip and we’re no closer to getting a stable link. I have a feeling I’m not alone here.

Cambium Networks has recently introduced what can only be described as a “force multiplier” when it comes to getting their popular point-to-point hardware aligned. The Quick Deploy Positioner is not the only device on the market that promises to help with automatic bridge alignments, but Cambium does feel they have a winner in the Quick Deploy Positioner thanks to a number of differentiators:

  • Usable, optimized links are brought to life in under 5 minutes
  • Non-experts can successfully create high-speed links using the Positioner
  • Power options including PoE, AC, and even solar

I challenged Cambium on the Positioner’s list price (a little north of $18K) and was convinced that the cost very well would be justified in the right circumstances. According to Cambium:

  1. Some of these links are deployed in extremely remote areas where travel would be difficult and time-consuming. Sending an extra person just to align the antenna could cost them a day out of the office every 30 days for every positioner deployed.
  2. For emergency response and disaster recovery there isn’t always room to take along someone else in the vehicle to perform this function.
  3. In some cases (Border Patrol and Dept. of Defense applications, for example) there is danger to the personnel on-site.  So each additional person requires extra security, and adds extra risk to the mission.

The Positioner looks pretty sweet, and I can see it earning it’s keep on the Cambium bridges that it’s compatible with (PTP 650, PTP 700, PTP 450i and PMP 450i).

Read more in the press release above, or at the Positioner’s product page.


Related- I had the pleasure of meeting Cambium’s staff in person, at Wireless Field Day 8. See their presentations here.

I was not compensated by Cambium in any way for this blog- I just think the Quick Deploy Positioner happens to be a slick bit of kit, baby. 

Comcast WiFi Pro Won’t Sit Well With WLAN Engineers

As a WLAN architect and widely-published gonzo bloggist livin’ in the world, I get a fair amount of email invites to talk with different industry folks about what’s going on with new initiatives. I’m profoundly thankful to be able to feel the pulse of the WLAN industry up close and personal on occasion, and I try not to be hyper-critical (unless something really, really sucks). Earlier this week, I saw Twitterflashes of Comcast’s new WiFi Pro service whizzing by, a la:


Shortly after, I got an email invite from a very nice PR gent asking if I wanted to to talk with Comcast about WiFi Pro. Being quite busy, I had to decline a call but did promise to write it up if I could get a few basic questions answered. The PR guy did indeed get responses, and he got them quickly (obviously a fellow man of action). The answers from John Guillaume, vice president of Product Management at Comcast Business, weren’t unexpected, and I’ll share them here before I find fault:

Me: What WLAN hardware is in use? What of routers, switching?

WiFi Pro is delivered using a high-performance wireless access point using the latest AC chipset capable of 1Gbps performance. The WiFi Pro device is cabled to the cable modem via Ethernet.

Me: What is SMB measured as here- how many APs?

We define small business as 1-20 employees, and mid-sized businesses as 21-500 employees. In most cases, WiFi Pro would be used in a small business or enterprise branch location. With WiFi Pro you can have multiple access points – up to 2 APs to expand your reach, depending on the configuration needed. This is a managed solution, so the equipment and access points are installed and managed by expert technicians.

Me: Will Comcast SMB wireless use design best practices that their consumer side doesn’t- like WLAN channel planning and only using non-overlapping channels?

The WiFi Pro access point uses an advanced auto channel algorithm that searches for the cleanest airspace in both the 2.4GHz and 5.0GHz spectrum and ensures channel overlap avoidance.  

WiFi Pro is designed to allow businesses to simply create and manage two high-performance commercial Wi-Fi networks – a guest network for consumers and a private network for employees all through a simple mobile application.  This design, having separate networks for consumers and employees, provides performance and range benefits as well as control and security benefits. WiFi Pro also uses the latest AC chipset to support the fastest WiFi speeds and maximum range.

Plus, with WiFi Pro you can get unparalleled control over almost every aspect of the network – via a smartphone – using the web-app. Businesses can get analytics and reporting to obtain insight into their deployed WiFi networks with metrics on connected access points and customer counts.  Best of all, businesses can reach their customers like never before using marketing tools to promote their brand via guest networks and splash pages.

OK. Here’s why WLAN professionals HATE services like Comcast’s WiFi Pro (other than the fast-and-loose “capable of 1 Gbps performance” thing. I’m CAPABLE of dating Halle Berry but it ain’t happening- she keeps calling the house, my wife is getting pissed.) 

The WiFi Pro access point uses an advanced auto channel algorithm that searches for the cleanest airspace in both the 2.4GHz and 5.0GHz spectrum and ensures channel overlap avoidance.  

Join me for a second in a collective WLAN-admin face palm. Really grind your forehead into your hand… You don’t have to go very far to find a whole bunch of Comcast or Time Warner residential wireless networks sitting on bad channels. Nobody is telling Mr. Guillaume that if you’re on anything other than 1,6, and 11 in 2.4 GHz, then you are making life tough for your nearby neighbors. I’m guessing their is also no output power adjust om the nameless high-performance wireless access point. Put another way, to the professional WLAN community, Comcast is flunking WLAN 101 and losing credibility along the way.

The thing that sucks here is if you look at the rest of what WiFi Pro promises, it might actually be a good deal. But for the love of cheese, what will it take to get cable providers and personal hotspot makers to follow WLAN best practices as they flood the landscape with their devices?


Trilithic 802 AWE- A Star Is Born

802_AWEIt’s not often that a new stand-alone handheld tester comes to market. If I could see into all of your minds, I’d find most of you picturing the Fluke Networks AirCheck right now. And you’d also be likely digging around in the sawdust of your brainpans trying to remember the last time you saw anything that might come close to what the AirCheck can do in a self-contained package. You won’t find much in that sawdust, because short of Berkeley Varitronics’ specialty gear, there really isn’t a competitor out there for the AirCheck.

Until now.

Quick pause, and level-set on where Fluke Networks and myself stand in relation to each other. I have a deep and long-running appreciation for Fluke Networks’ network test platforms. Yes, I use a bunch of their offerings in my day job, but I have also been covering their products in my media role since almost day one of the company’s existence. The first real freelance article I wrote was about the original NetTool (I still have one, sixteen years later). I’ve covered oldies like LAN MapShot, Protocol Inspector, Network Inspector, early OptiView, ClearSight, fiber microscopes, and many more all the way through AirMagnet Enterprise. And yes, I use and have covered AirCheck’s various versions. Like the rest of the WLAN community, I loves me some AirCheck, and I loves me some Fluke Networks.

But I also know value and a good thing when I see it. And I’m seeing value and a good thing in Trilithic’s new baby.

Let’s talk about the good first:

  • The tester costs well under $1000
  • Support is free (software updates for life)
    • Put those two bullets together, and you have low TCO
  • 2-year warranty
  • Trilithic is new to WLAN, but not to test equipment- a mature American company
  • Comes with a snappy case
  • Screen shots, reports, etc
  • Is easy to use (I’m using it!)
  • Supports the same WLAN protocols that AirCheck does (through 11ac, but at 11n speeds)
  • Also supports Bluetooth and ZigBee
  • 802 AWE recently won an industry award
  • You can get familiar with this video
  • Screen shots, reports, etc

I’m really enjoying taking the evaluation unit for a test drive. I’m waiting on a firmware update to unleash all of the few not-yet-available features that will make the 802 AWE the home-run I expect it to be, but am also reserving my full praise for the tester until I see true feature parity with the AirCheck in action.

My early testing has me quite pleased, and I’ll update as warranted.

The following image was brazenly stolen from here.


My Early Take on .11ah- HaLow

802.11ah is a technology that WLAN doers and those in the business of systems that might fall under the heading of Internet of Things really need to get to know. The Wi-Fi Alliance’s own PR is here, and you’ll find endless perspectives on HaLow- the cute name for .11ah- without Googling very hard.

My advice- read everything you can on .11ah, but watch out for the over-the-top “it’s gonna save the world!” type hype that comes with any new wireless technology. HaLow is a bit of a wild card at this point, we’ll have to see where it goes.

My own full take is running at Network Computing, where I’ve been writing and blogging professionally for almost 16 years. Have a read, and please post any thoughts or questions you might have.

A Crazy-Assed Idea For Business Wi-Fi

Free your minds. Are they free? OK then… What I’m about to describe is a notion so profoundly bold and stupid that I know some of you reading will think that crazy bastard just might be onto something here. We’re talking Wi-Fi, in the business setting. Where big dollars flow for infrastructure components, and where there is a precision of approach and knowledge that goes into doing Wi-Fi “for real”.

Read that last sentence again.

<pause, for dramatic effect>

What if there was another way of doing enterprise-grade WLAN that didn’t put cables in hard to reach places using expensive pathways? That didn’t need that precision approach? No, I’m not talking about meshing wireless.. that’s old news.

What if we were able to leverage the wired computers that so many businesses have, by using wizardry like Connectify to provide wireless connectivity? Add a decent WLAN adapter to your typical GigEthernet-connected PC, use magic software, and BAMMY! You got a Wi-Fi hotspot! In a business, it’s BAMMY! x100, or 500, because there’s lots of computers!

<deep breath>

So that was fun to contemplate about for about 5 seconds, but then the WLAN professionals among us start thinking “bah, what an idiot. What about channels, and power, and proper AP placement, and fast secure roaming, and big areas where there are no PCs  that still need WLAN coverage?” And there are many other problems too with this idea.

But remember… we’re talking bold and stupid.  And that makes many things possible in conversation.

What if some whizz-kid developer took the Connectify paradigm and blew it out to infinite scale, and magically coordinated all those new PC-hotspots with orchestration sorcery that could manage the RF environment, and let these new soft APs actually be part of a hybrid architecture that included real access points for areas where there are no PCs?

Here’s where I admit two things:

  • This isn’t completely my idea. A pal named Andrew who happens to be an Active Directory God planted the seed when we were talking about Connectify as we both learned about it for the first time.
  • I just had a decent shot of Jameson’s.

In my mind, it all makes absolutely perfect sense as I picture people a lot smarter than me whipping up the code that makes my strange vision work.

Laugh if you choose… but as a technologist who likes to daydream I have to think that maybe something like this isn’t as silly as it might sound to the ears of Wi-Fi folks that have always done it “the old way”.

What do you think? Is this bold and stupid? Just stupid? Bold and maybe not so stupid? I’d love to hear your opinion, or your own crazy idea.

Update: One of the really smart guys out there in WLAN thought leadership has already been down this road! 

What’s Not Being Mentioned For Google Glass 2.0 Signals a Bigger Disconnect

Google is at it again, and you don’t have to look very hard to find press coverage on the “coming soon!” next edition of Google Glass. Here’s one to orient you in case you’re not caught up yet. Beyond “Enterprise Edition”, I’m also seeing it referred to as “For Work”, and even 2.0. Let’s see which one sticks… With the words “enterprise” and “for work” being associated with the new version, I’m here to tell you that trouble may be brewing for the WLAN industry, for clients, and for those who run wireless networks. I hope I’m wrong on this. But regardless, there’s a big fat stinky elephant in the room.

Let’s zoom in on some of what’s getting people all excited about New Glass. This screen scrape comes from the above-linked article:
Glass 2

That the new unit has dual-band support (2.4 GHz and 5 GHz) on Wi-Fi is indeed a step forward. But of the dozen of so articles I looked at on New Glass, I see no mention whatsoever that this model will support enterprise wireless security (based on 802.1X). The first one did not, which brings us to a number of points of concern:

  • The fact that “IT journalists” can look right past wireless security when they get all gushy about new devices is troubling. I’ve ready cheesy articles about Original Glass being a wonder tool in the operating room (kind of like the worshiper/journalist who declared Chromecast as being perfect for enterprise board rooms far and wide). Evidently if the product is COOL, wireless security is irrelevant to many writers.
  • The once-great Wi-Fi Alliance HAS been security-focused in the past. They came out with pre-802.11i security measures to plug holes in early 802.11 standards, and did wonders for the industry by advancing the message that WLAN very much can be as secure as wired networks if designed and implemented right. But somewhere the Alliance backed off, and became an advertising agency for it’s members rather than a steward of secure WLAN. Rather than beating the drum for clients that can work at home AND in the enterprise setting where many migrate to, the recent message is basically “wireless is good, buy more wireless.” Ugh. We need cheer-leading for SECURE wireless, not just wireless, now more than ever.
  • When Glass 2.0 hits, it will have a line of wannabe users stretching out the door, from all professions. It’ll spark as many “wouldn’t it be cool to use it like THIS…” ideas just as the original did. Users then didn’t care about WLAN security, and they won’t with 2.0 either. That should be Google’s responsibility- if the powerhouse company wants it used At Work, the device needs to be made to fit into Work Wireless. It can’t demand that we all change our business WLAN environments or build one MAC-bypass portal after another because WLAN security was left out. Where Enterprise WLAN admins can’t easily put one-offs on the WLAN (and original Glass was very much a one-off), users get pissed off. This many years into the wireless thing, the industry ought to be past the fragmented state of client device capabilities.
  •  Those of us in the business of secure wireless are trained that security counts (read CWNP’s Certified Wireless Security Professional course materials for reference). One common mantra is “if clients can’t do enterprise security, replace them with ones that can”. But we’re getting barraged with clients that can’t do enterprise security anymore. One side of the industry is not talking to the other, and the current dichotomy is not sustainable.
  • If there is a delineation between “consumer” and “enterprise” anymore from the client device perspective, it’s getting harder to find. Whether it’s the Amazon Echo, Google Glass, Apple TV, Chromecast, wireless weather stations, or printers and projectors, devices used at home 100% will find their way to work. In the current fragmented client space, we frequently have to violate our own policies to dumb down network security to accommodate the devices that were built on the lazy/cheap. Again, this is unsustainable.

Back to the new Google Glass. I don’t know that it won’t support enterprise security. But I really don’t expect it to. If that’s how Google plays it, well then shame on them. But one fact prevails- you can’t have low-security devices on high-importance networks and not have eventual breaches as a result. I’d love to see Google draw a line in the sand here, and say “Glass 2.0 is 802.1X capable!” and then play that up big-time to educate the masses on why that’s important.

And, I want a pony.


Oh Say Can You See- What’s Driving Up Your Small Site Data Costs?

One of my small rural customers was frustrated. A site I’d not yet been involved with has a single PC that runs a specific agricultural application that occasionally checks into a web database used by all of their sites. And since the problem location is in the boonies, they had no options beyond 4G for Internet service. The frustrations:

  • Huge data bills that weren’t making sense for a single PC
  • No sense of what was going on at the site over the network
  • Getting to the site isn’t exactly a quick drive

I researched the agricultural application and found that it shouldn’t be using but a few MB at a time when it synchronized, yet usage was well into the GB per day. It was time to visit the site, and to do some sleuthing.

More Than Just One PC After All, Other Oddities

The notion of Network Policy can be hard to formalize in small businesses where everyone knows everyone, and it’s as much like family at times as it is a business. When I first  got to this site to do my investigation, I confirmed with the site chief that yes, there was only a single computer. And a time clock, behind the 4G connection. That was all that was officially in service operationally. When I got into the 4G modem though, I could see multiple Wi-Fi clients connected to the 4G hotspot… <the plot thickens>. It also turns out that the fairly lightweight application- the only reason the 4G link was being funded to begin with- had it’s own story.  And… the data plan itself was pretty pricey as it had not been freshened up in years.

The Fix(es)

To get the costs under control, and to remove all mystery about what was going on here, I did the following:

  1. Calculated what the application should need, along with Windows updates, etc. then found a newer, more generous plan than what they were on. I recommended 12 GB/month plan for $80, which should provide fixed cost and at least 300% headroom on my estimated usage. (The bonus, Verizon throws in an extra 2 GB per month on this plan.)
  2. Had the application vendor audit the application behavior. What was taking 600 MB per day was dialed down to around 60 MB by changing from continuous sync to a 4-hour interval (which still met the owner’s needs).
  3. Reigned in the 4G rogue client use. On this modem, the Wi-Fi can’t be disabled. But I changed the SSID and password, lowered the number of allowed users to 1 (the minimum) and instructed the owner to tell the staff that this network is off-limits even if they can figure out how to get back on,  along with a message that “the IT guy monitors everything!”
  4. Both eliminated any mystery and took control of the bad habits associated with the PC by installing a Meraki Z1 Teleworker appliance between the 4G modem and the PC and time clock. Weedsport3

With the Z1, I was able to accomplish a number of things:

  • Use traffic analysis to remotely see what else was going on with the PC, besides the ag application
  • Use firewall rules and application controls to put an end to all non-authorized applications
  • Provide a client VPN-endpoint so I can access the environment for troubleshooting if need be
  • Monitor data usage and get automated reports on what’s going on in the small environment
  • Get alerted should either the PC or time clock go offline
  • Make myself the heavy in the situation, and take that title off of the owner

After the changes, I’m seeing total site usage of only around 80-90 MB per day in an operational paradigm where I’ve budgeted for around 400 MB per day. As I see recreational traffic pop up, I can quietly block it remotely, without the owner constantly needing to re-enforce the rules (staff here have specialized skills, they can’t just be replaced). And I’ve given the owners a 3rd-party they can turn into a bogey man if they need to should anyone complain (this in itself has value).

Bottom line- this was a fun one to solve. We were able to contain costs, remove any mystery, and provide remote monitoring and alerting. Also- by using the Z1, the time clock can benefit from site-to-site VPN back to the main site where another Meraki MX is in use with the Time and Attendance server.

Though I have used many Meraki wired and wireless products, this was my first outing with the Z1. It’s an impressive little gem, and very much “feels” like it’s big brothers, the MX line.