NetAlly EtherScope nXG Pics

I introduced the EtherScope nXG from NetAlly in this recent blog. As I continue to test it out and learn it’s deeper capabilities, I find myself amassing a lot of screenshots of various features. If you already have an EtherScope nXG (or the G2 version of AirCheck or LinkRunner) these random shots may bore you. If you are new to NetAlly, they might you fired up to learn more. I’m just putting them out there…  watch for coming blogs that get into specific features, capabilities, and my impressions as I go.

Now, get an eyefull:
Screenshot_20191003-060334

Screenshot_20191003-130413

Screenshot_20191003-061542

 

LinkLive1

units

LinkLive3

EtherScopenXGScreenshot_20191003-061601

LinkLive2

Screenshot_20191003-130453

There is a lot to take in, and suffice it to say I’m just scratching the surface here… more to follow.

 

NetAlly Unleashes the Right Tester, at the Right Time: EtherScope nXG

 Change is both inevitible, and fickle. Vendors come, go, and buy each other. Some product lines that we love die on the vine, others thankfully go on to only get better with time. I sat in a room with the NetAlly folks at Mobility Field Day 4 and got an eyefull/earfull of teaser information on a slick new tester that would be released later in the year that would bear these notions out in spades.

I’m here to tell you- “later” is now, and the product line that we have grown to appreciate from its start at Fluke Networks, through it’s run as part of NETSCOUT, and now as the baby of spin-off NetAlly continues its tradition of excellence with the new Etherscope nXG.

Does this look vaguely familiar?
EtherScopenXG

If you own (or have Jonesed for) either the AirCheck G2 or the Link Runner G2, that color scheme will look familiar. But the EtherScope nXG’s overall feature set makes the very-capable G2 units suddenly feel a litlle less-than, despite each being a testing powerhouse in its own right. (And if you’ve been around a while, you might remember the old yellow EtherScope from the Fluke Networks

NetAlly brings the EtherScope to market right when it is needed. What do I mean by that?

  • With the 802.11ax tide starting to rise, troubleshooting tools need to keep up
  • On the wired side, NBASE-T and 10G are becoming facts of life
  • Bluetooth is penetrating the enterprise in interesting new ways
  • “Convergence” is one of those overplayed words in networking, but the reality is that both operations and support of those operations has very much seen a convergence and fewer of us do one or the other (not to mention work in data centers and server rooms)
  • Senior engineers can’t be everywhere, and it’s not uncommon to rely on others to gather data that we then analyze from some other location
  • Performance testing and detailed path analysis of different network segments can be daunting as topologies get more sophisticated.
  • Uploading of results to a cloud repository brings huge advantages in baselining, team-wide scrutiny, and reporting.

Networks are getting more complicated. Tolerance for time-to-problem-resolution is decreasing. The EtherScope nXG is marketed as a “Portable Network Expert”, and despite my frequent disdain for grandiose marketing plattitudes, I find this to be an apt description.

Rather than regurgitate the tester’s specs, let me point you to them here (scroll down).  The full data sheet from the product docs is here and shows the product’s impressive range nicely. And to get a feel for just what the EtherScope nXG can do, have a look at these videos that show several different testing scenarios.

I’m going to cap this one here. There is just sooooo much to talk about with this new tester. Yes, I know I sound borderline giddy and buzzed on the Kool-Aid- and I’m OK with that. I can tell you that the new tester feels good in the hand, and casual kicking of the tires is in itself impressive. I have an eval unit, and will be putting it through it’s paces for real in the near future. Watch for the next blog on the EtherScope nXG.

 

 

Forti-much to Appreciate at Mobility Field Day 4

Fortinet-logo-250x82About a month has gone by since I sat in a conference room at Fortinet HQ out in Sunnyvale during Mobility Field Day 4. As I review the presentations my fellow delagates and I saw first hand, I realize just how much information Fortinet’s Chris Hinsz put in front of us. Though the this was Mobility Field Day, it’s getting harder to cleanly slice off just the wireless parts from almost anyone’s product lines. With Fortinet, we not only saw the whole enchilada,  but were treated to the entire Big Hombre Combo Platter.

Fortinet is always an interesting visit, for me. The company’s networking product line and architecture always piques my interest, never having been a Fortinet customer. It’s not uncommon to sit at the competition’s offices and sometime just feel utterly smothered by market-speak, licensing paradigms, and gratuitous complexity.  I never get that vibe at Fortinet. At the same time, the Fortinet offerings feel complete, well thought-out, robust, and not lacking in anything- like they figured out a way to do what the other guys are doing without feeling the need to puff it up in all the wrong places. They must be doing something right as even though we didn’t talk much about it, Fortinet is growing and building a new HQ.

Back to the Mobility part of this Field Day event. We did get a look at Fortinet’s starting 802.11ax/Wi-Fi 6 wireless access points:

Fortinet1

And we learned of their radio flexibility:

Fortinet3

There’s a lot more here to consider as well as Fortinet looks towards the 802.11ax world that is coming soon. We got into new multi-gig FortiSwitches to connect those APs to, various management and control options, and a tiny taste of hundreds of features added to the latest FortiOS version. Then there is IoT Security, RF Management, SD WAN and sooooooo much more.

Fortinet is and always has been about security, so it wasn’t surprising to hear about a couple of innovative new tools in the mix to round out an alrady impressive solution set:

Fortinet2

And the story just gets bigger. There is way too much to capture in a single blog, and so I recommend watching the recorded presentations from MFD4.

On a personal note- if you ever get a chance to talk with Chris Hinsz, make sure you take the opportunity. He’s just a genuine, wonderful guy to spend a little time with. It doesn’t matter if you’re talking technology or life in general, you can’t not feel good after hanging with Chris. 

 

Don’t Forget About Those OTHER Meraki MX Firewall Rules

I’m a long-time user of the Meraki MX security appliance product line. Going way back to the MX-70, I have found tremendous value in what the MX products can do for my far-off sites. (Here’s an old- and I mean old- case study that gets into the early appreciation of the MX line.) I’ve probably set up maybe 65ish total MX devices through the years in multiple states and countries, doing site-to-site VPN, stand-alone, and also some pretty creative configurations. Despite my experience, I was recently reminded that I don’t know it all about a product that I feel extremely comfortable calling myself an expert on.

In one remote site that connects to the main network with site-to-site VPAN, an NTP vulnerability was flagged on a couple of audio visual devices. The device vendor was of absolutely no help (go figure), and our security team asked if we could help from the Meraki side. “Oh sure…” says I. “We got a firewall to leverage.”

We needed to cabash NTP between the remote site and the main network. I pulled up the Firewall page on the MX and set to work. This is an area in the MX I’ve probably manipulated maybe a couple of dozen times, for everything from stopping phantom ringing on 3rd-party hosted IP phones to simple outbound protocol blocks.

L3 Firewall

That image represents like three stages of desperation in getting rules right- as nothing I did worked. I simply could not tame the NTP beast to/from the two hosts, and it was making me feel silly. My first inclination was to blame Meraki- surely this stupid box must have issues! Except it didn’t… about the only thing Meraki could have done is perhaps mentioned on the L3 Firewall Page that there is a seperate firewall rule set on the VPN configuration page for site-to-site rules. That looks like this:

Site-to-Site FW

I had just never did firewall rules for the site-to-site tunnel. I didn’t know after many years! But I did leverage the Meraki “search our documentation” repository to get educated, with this document that explains it. There’s nothing complicated about it, you just have to know where to find it the first time you need to configure rules for the tunnel versus the Internet edge.

And now you know, too.

 

The Network is Code: Cisco at MFD4

It’s always a bit of a thrill to visit Cisco HQ, and to step within the walls of this global network powerhouse. I got to do that again at Mobility Field Day 4, and as usual the presentations and the visit just went too fast. Such is the way these events go… On this go round, Cisco offered us:

Each is interesting and informative, especially when combined with the delagates questions. You’ll be glad you watched them, if you haven’t yet.

But something else jumped out at me at this event, and it may seem silly to even mention. Have a look at this sticker:
Code Pic

The wording of it got my mind working. In a number of directions.

I’m just sharing what’s in my head as a long-time Cisco wireless customer as I ponder the message on that innocous sticker.

I’m glad to see that CODE is the network, because it hasn’t always been. CODE, as presented like this, implies “reliable code, as surely you don’t want an unreliable network”. To that I would add “especially at the costs charged for licensing the hell out of everything”.  The sticker mentions CODE + the 9000 Catalyst Series, and perhaps sends the message that it’s a new day for reliability? On that topic, the CODE in this case is IOS-XE, which displaces AireOS as what powers the Cisco line of wireless controllers. I do hear often that “IOS-XE has been out a long time so it has to be solid by now” kinda talk.

I’m not sure I buy into that, but am hopeful. If I’m a little skeptical, it’s because IOS-XE packaged as a wireless controller brain is a new paradigm, despite the maturity of the OS. And… despite many, many mea culpa  sessions in private with Cisco’s wireless business unit through the years over wireless code quality, I have yet to see any sort of public-facing commitment to not repeat the development sins of the past as the new magic seeks to gain traction. This bothers me, in that I don’t know that the background culture that allowed so many problems with the old stuff isn’t being carried over into the new. My problem, I know. But I’m guessing I’m not alone with this feeling.

The other thing thing that this sticker has me thinking about is this: if  the network is code, why do I need controller hardware? Yes, I know that the 9800 WLC can run in VM- but VM instances ultimately run on hardware. As a big Cisco customer with thousands of 802.11ac access points that run the latest AP operating system, I would love to be totally out of the controller business (and all the various management servers needed) WHILE KEEPING MY INSTALLED ACCESS POINTS. If the network is code, maybe let me point these things at my Meraki cloud and simplify life?

I’m just one man, with opinions. But that sticker did get me thinking…

 

Code, Heal Thyself: Mist Systems Brings Something Badly Needed to WLAN Market

If you do any profession long enough, you’ll experience all sorts off good and bad along the way. For me, “good” has been the honor of providing reliable Wi-Fi to hundreds of thousands of client devices through the years, and “bad” has been fending off downtime and damage to organizational reputation when code bugs hit. Why focus on code bugs? To me, they are the one huge factor in WLAN system operation that we as wireless professionals can’t control. We can get everything else right from RF environmental design to RADIUS server capacity to onboarding clients, but we can’t defend against what evil lurks in the lines of code that runs the system hardware. Nor should we have to- that’s where we expect vendors to hold up their end of the deal on hardware and software that ain’t getting any cheaper.

Oh, how I have bitched and whined and complained about code bugs through the years. There was “The Horrible Bags We Hold For WLAN Vendors“. And “Code Suck Regulation: Should We Sue Vendors For Major Code Bugs?” I got a bunch of them… and it’s not just me. One of my favorite people, Jake Snyder, laid down a really good video lament on the topic. No one can forget my own video from the Wireless LAN Professional Conference in 2017 where I detailed real-world impact of code bugs. It’s a real thing, ya’ll.

I titled one post on the topic “Will Reliability Be Prioritized Before Wi-Fi’s Whiz-bang Future Gets Here?” (a house built on suck cannot stand).  This one jumped to mind yesterday as I sat in a Juniper Networks conference room in San Jose and heard Mist Systems talk about reliability. What I heard was refreshing.

Mist CTO Bob Friday and his crew presenting at Mobility Field Day 4 detailed how the company’s AI does all kinds of things- but among the most important is finding it’s own system anomalies. The gravity of the point is fairly significant, as one vendor after another wants to put a dashboard in front of you that calls out anything and everything as a wireless problem for you to chase after, but none that I know of will raise their hand and admit “OK- I’m actually the problem here… me, the system. I screwed up… I’ll fix me so we can all move on. Beg your pardon…” But now Mist is promising that, and it’s huge.

CTO Friday not only called out this capability, but was kind enough to give me a shout out for my years of crying like a school girl about code bugs, which was thoughtful.

IMG_3558.jpg

Well done, Mist Systems! There was a hell of a lot more to the presentation- and in the couple of hours I listened, I was impressed that Mist has managed to boil the hype off the concept of AI and actually did a decent job of explaining real-world, practical applications and benefits. There are several videos from the session, and they are worth watching.

More about Mobility Field Day 4 here.

 

Say Hello to NetAlly- a New Old Friend

When it comes to wireless tools, there are some products that are just beloved by most of us in the trenches. When conversation turns to WLAN verification and characterization,  the AirCheck G2 comes up pretty quickly. I’ve written about it on occasion myself, like here.  My friend Sam Clements has also covered it, and the Air Check G2 and other related products were featured prominently at last year’s Mobility Field Day 3, under the NetScout banner. The G2 and it’s related products are easy to appreciate, and get their fair share of coverage, as it should be.

But things change in San Jose.

The AirCheck G2 and select other NetScout tools and software have spun off into their own new company, called NetAlly. The press release can be found here, and the new NetAlly product family includes all of these from NetScout:

So… some tools we know and love have a new logo… big deal, right? It actually is, as NetAlly’s focus on a smaller product set (handhelds/laptop software) should bode well for product development and updates.

Speaking of which-  the new company will be presenting at Mobility Field Day 4, which can only mean new magic will be revealed. I’ll be watching it first hand, on site as company reps do their announcements. More information on that session, with eventual video  of the live streamed event, can be found at this Mobility Field Day page.

Given that the G2 products have a huge following (and many of us are waiting for AirMagnet to get new development before we pay for ongoing support), this will absolutely be worth following.

Ally