Category Archives: WLAN

Open Mesh Brings Major Disruption to SMB Space, Goes Full-Stack

Another router coming to the SMB market generally isn’t that exciting, but this one is different for a number of reasons.

OM1

For one thing, it comes from Open Mesh. Those ports are part of the G200, which is the first router ever released by Open Mesh. It has a list price of $249 dollars, and it also brings the Open Mesh product line into the proverbial “full stack” domain.

OM2

Now customers can use access points, switches, and the G200 all from Open Mesh, and all cloud-managed in the excellent CloudTrax dashboard with no license costs.

Yes, you heard me right… I said “with no license costs”. If you are not familiar with Open Mesh, the operational paradigm is easy- you buy your components (routers, switches, and access points), you register them in the CloudTrax dashboard, and off you go with configuration and operation. CloudTrax is a pretty decent network management system in and of itself, and it is the only way you manage Open Mesh components. It’s simple, it’s feature rich, and given what Open Mesh hardware costs, the entire paradigm is an absolute steal compared to pricing and complexity of enterprise solutions that masquerade as SMB-friendly.

The G200 is a significant milestone to not only the Open Mesh product line, but also to the SMB market in that it seriously drops upfront costs and TCO while providing what may be the easiest to use interface among any of it’s competitors.

But what do you get for under $250 for features with the G200? A lot, actually. From a resource perspective, Open Mesh promises gigabit throughput compliments of a quad-core processor and dedicated crypto engine. The G200 has two passive PoE ports for Open Mesh APs to connect directly, and also has an SFP port for fiber uplink to an Open Mesh switch or 3rd party vendor switch. All the typical “router stuff” is onboard, from VLAN support, DHCP server and firewall to decent traffic classification, QoS, NAT functionality, user VPN, and even usage statistics. Not bad for an initial edge-router at this price point, that won’t hit you up in 12 months for a fat license fee to keep using it. Mine has been reliable as I could ask for in the couple of weeks that I’ve been testing it. One gripe- no site-to-site VPN, although that is coming.

g200

I can’t stress how important price is for the SMB space, and I know some of my own customers are dealing with sticker shock that comes from other cloud-managed solutions that charge big and small environments the same way when it comes to licensing (or worse, they penalize the small networks for not having volume purchasing leading to better pricing). If Open Mesh continues to evolve their edge functionality and hardware offerings, this vendor could deliver a sales smack-down to the bigger players who have become license-happy to the point of ridiculousness over the last few years.

A New Access Point and Switch, Too!

I’m a huge fan of the Open Mesh A60 dual-band indoor/outdoor 802.11ac access point. It has been the top-dog of the Open Mesh access point line for several months, with a list price of $225 (again, no licensing and free CloudTrax support). Now, as part of the same product announcement that features the G200 router, Open Mesh is also bringing out it’s new A62 access point. It’s still dual-band and indoor/outdoor, but this Wave 2 AP also sports two 5 GHz radios, support for up to an estimated 150 streaming clients, and the same $225 price tag as the A60.

The latest S24 switch also breaks new ground for Open Mesh with 10 Gbps SFP+ uplink ports and a higher PoE power budget than it’s predecessor.

Let’s Do Some Math

Open Mesh has over 100,000 network customers around the world. When I think of one of my own small sites that’s up for renewal with another cloud vendor, I’m looking at trying to explain to my customer why a 3-year renewal license on old AP costs almost as much as purchasing the latest license-free AP from Open Mesh, and why a 3-year renewal license on an older security appliance costs almost twice the price of a new Open Mesh G200 router that would never need another license. These are real dollars for small businesses, and you pay the big price for the other guys whether you ever use actual support or not.

It’s time for a shake-up at this end of the market, and I think Open Mesh is the vendor to do it.

___

Related posts:

One Example of the Just How Clueless and Misleading Wireless Device Makers Can Be

Sigh… Stop me if you’ve heard this one- A wireless device maker sells something to an unwitting customer on, shall we say, some stretched truth. The pitch that led to the sale isn’t quite the proverbial pack of lies, but certainly left out key information that may have doomed the deal if the customer had a clue about what questions to ask (or had involved their IT staff before writing the check). A fairly limited-capability WLAN client shows up, and suddenly the network has to flex itself in unsound ways to accommodate devices that arguably shouldn’t have been purchased. Can anyone relate?

Security “Lite”… or is it Security “None”?

Here’s my current problem child.

54512AA0-8B15-4C5F-A874-FA66062FFAD6

That’s a time and attendance clock. It’s networked, and it talks to a server out in the cloud. It can use a wired Ethernet connection, or dual-band wireless (we’ll talk about that in a moment). Yay! Cloud! Yay! Wireless! Perfect for just throwing several dozen in and and off they go, because you have a wireless network- it’s a slam dunk, baby!

But it’s not a slam dunk. Because the network it’s likely to land on very well might just be an Enterprise-secure WLAN. That means it doesn’t use living room grade pre-share-based wireless security. Yet the best you will get out of this particular time clock IS living room grade security. It doesn’t support 802.1X authentication or WPA2-Enterprise CCKM encryption.

What happens if you don’t have, and don’t want, a PSK-only Wi-Fi network in a large secure enterprise environment just because someone made a questionable purchase of a WLAN feature-constrained time clock? You don’t have a lot of choices, and the couple that you do have smell and taste bad. Ah well- at least it’s DUAL-BAND WIRELESS.

Yeah… sure it is.

Radios in a Lil’ Faraday Cagey Kinda Thing

I was pleased to hear that the clock was at least an 802.11ac device. Because the environment it will work in does NOT have a PSK network and the clock can’t do enterprise security, it will go on an open guest network with MAC exception so it can bypass the guest gateway (relying on application-layer security to encrypt the data involved). So, I needed the wireless MAC address to set up the exception on the test unit. It was not printed on the clock or packaging, so I opened the device to see if I could find it inside.

I did locate the WLAN adapter’s MAC address, but had to remove the adapter to read it. The clock uses a StarTech USB433WACDB which is in fact dual-band .11ac in spec. But the environment needs to be right for wireless thingies to work to their max performance spec, and things are far from environmentally right in this clock enclosure. The little USB adapter has no external antenna that might help the situation, and sits behind a circuit board and a metal plate inside the clock, with the back of the enclosure and ultimately the wall that the clock will mount on behind it.

Given the RF-unfreiendly location of the adapter inside the clock, I was curious if it would connect at 5 GHz. Here’s where I will admit that my testing was not exactly methodical, but I’ll tell you what I saw and did.

This clock came to life about five feet away from a dual-band access point in the same room, with a couple more dual-band APs beyond other walls but still within range. It first connected on 2.4 GHz. I moved it right next to the AP, and it again connected at 2.4 GHz. I disabled the 2.4 GHz radio on that closest AP, and the clock connected to a farther away AP, using 2.4 GHz. So… it doesn’t look good for “dual band” here. I did not sniff packets to see if the clock is trying in 5 GHz, so I can’t say that maybe it’s not a driver or dodgy band-steering issue. But I can say that in initial testing the clock certainly doesn’t appear to be realistically dual-band despite the adapter spec.

And so it goes…

At the end of the day, this is far from my biggest problem. I’ll hold my nose and get the clocks to work, but it is work calling out the reality that not only are not all wireless clients ready for the business WLAN, sometimes they aren’t even what they claim to be at all in spec because of the way they have been built.

We are collectively in the 5th generation of major Wi-Fi technology with .11ac, with .11ax around the corner. Our WLAN infrastructure systems are advancing with rediculously rich feature sets beefed up with every code release, yet the client device makers seemingly operate on another planet where getting in sync with business WLAN requirements doesn’t seem all that important, given that these clocks are just one very typical example.

Ah well. I realize that nothing told in this narrative is news, but at the same time it needs to be talked about once in a while. Part of that discussion is hoping for better days on the client device front. And part of it is channeling a rant into a story that you can share with others so that they know they are not alone in their own frustrations.

About That Free Fortinet Access Point From WLPC… DON’T THROW THAT CARD OUT

FortiruwoowooI’ll get right to the point- I did something silly, but explainable- and hope to head off anyone else from doing the same. I THREW OUT MY CARD FOR A FREE FORTINET (Meru) ACCESS POINT.

Don’t you do the same!

Why did I trash the opportunity to get a free access point? The answer is simple, but flawed.

I’ve known Meru through the years as a competitor to Cisco, Aruba, etc. when it comes to wireless. Meru was bought by Fortinet back in 2015, and generally fell off of my own radar. Fast forward to WLPC 2018…

Fortiru graciously offered a free cloud-managed FAP-S313C AP to all WLPC attendees, all you need to do is send in the card that was in your swag bag. But in my mind I thought this:

I don’t want to register yet another free AP, license the thing for a year for free, then either renew the license at my cost (ain’t happening) or throw it on the pile with all of the others that have come before it… Meru competes with everyone else that all license the hell out of everything and therefor Fortiru must be license-happy as well.

Did any other conference attendees think this as well?

To my chagrin- and this is something that Fortinet ought to market the absolute hell out of- there are no licenses needed for APs in the Fortiverse. Start the cloud account for free, register the AP for free, and enjoy the goodness into perpetuity. That’s not only generous to WLPC attendees, it’s also a huge differentiator for marketing and TCO.

I had the pleasure of talking recently with long-time industry friend Chris Hinsz, now the Director of Product Marketing for Wireless at Fortinet, who set me straight on the no-license thing.

Now you know!

Ventev Knows- What a Difference That Antenna Makes

Have you ever designed a WLAN for a stadium? Ever taken a tour a of a top-tier professional stadium that has just had a a new wireless network installed throughout? I’ve done both, and the challenges of stadium WLAN have to be experienced before you can fully appreciate them. Regardless of what WLAN vendor you use on the radio side, you have to get the signals to where they need to be and to manage their fidelity in an environment that has great potential to devolve into an RF cesspool during events. Antennas- and their placement- are the keys to success, Daddy-o.

There are only so many places you can stick access points and antennas in a stadium environment’s fan seating areas. Depending on the venue, you might get great bleed-out/in between the bowl area and the concourses and office areas where different WLANs are likely to be found. Then there is the sheer volume of client devices, the other RF systems on and around the field, and whatever hotspot noisemakers fans and media show up with. Precision placement, alignment, and antenna patterns are the stuff of stadium wireless networks, and it’s all gotta be done in a way that protects the WLAN gear and rowdy fans from each other.

Lately, I’ve been fortunate to spend a little time on multiple occasions with Dennis Burrell of Ventev talking about antennas and his work designing them for challenging environments. Let’s have a look at one of Ventev’s specialty solutions, straight from Soldier Field (home of the NFL’s Chicago Bears):

enclosure

And now a cutaway of that “handrail enclosure”:

img_1173

If it’s not obvious, the advantage here is that the antennas are not below the seats or at some far-away overhead mounting location, but rather at waist-height with more clear lines of sight into the adjacent seating rows, shooting in two directions out of one enclosure. You can read more about the 275 of these units at Soldier Field here.

It’s fascinating to see the stadium challenges get answered by people like Burrell who have the talent, know-how, and empowerment to do what needs to be done. I also wrote this recently, which will lead you to many more of Ventev’s stadium projects.

Finally- let’s see what you might now about the stadium Wi-Fi market. Any idea how many large venues are “out there”? My past blog “What’s the Big Deal With Stadium Wi-Fi?” will help you to appreciate this fascinating space. And in this space, you can bet that the WLAN designers and owners appreciate Ventev’s contributions.

 

The Horrible Bags We Hold For WLAN Vendors

Conventional wisdom says that “you get what you pay for” and “buy the best that you can afford” when it comes to quality in networking gear. Yeah… if only. Let me share what one of the most expensive solutions on the market gets you if you’re not careful. No vendor names will be named.

The call comes in. “Suddenly in this one area, I can see the Wi-Fi signal but just can’t get on the network. If I walk down the hallway the same device gets right on.” You look and see that the AP serving the area in question has the same uptime as those around it. The radios are on, and there are clients seemingly associated. Channel utilization is low on both radios, and there is no sign of RF trouble. Hmmm.

So you methodically rule everything out, and the end user who trusts that you keep a tight wireless ship waits. You’re both going on the assumption that the WLAN building blocks that you shell out fat coin for should be an operational foundation that you can trust. But when you’ve factored out all of the realistic possibilities, that little voice in your head starts questioning how solid that foundation is.

Too often, the one thing that we have very little control over (code) is the issue, and we find that suddenly there is a very ugly bag in our collective hand.

Welcome to the bug zone, Axl Rose.

Welcome to the bug zone we got fun and games
We got everything you don’t want- honey, you’ll call us names
We are the people that can’t find code you actually need
If you got the money honey we got your disease
In the bug zone, welcome to the bug zone
Watch it bring your Wi-Fi to it’s sha na na na na knees knees
I wanna watch your network bleed

(Sorry, Guns ‘n Roses- love you guys)

Maybe you open a support case, or take your angst to private channels where you share information with other wireless professionals who live the same pain are happy to compare notes. However you get there, you do get there… and then you find this sort of thing:

Yikes. Freaking yikes. The fix? (Always) migrate to new code.

That word “migrate” is kinda funny, too. Sounds adventurous… leave where you are, and go to someplace new.  Kind of exotic, even.

But there are no guarantees that Someplace New is any better than Where You Were, especially when it comes to expensive WLAN systems. Yet we find ourselves migratin’ all over the freakin place, outrunning one bug after another. Sigh…

Which brings us to yet another song, by the great Moe Bandy:

You always leave me holding the bag
Don’t you know it’s gettin’ purty heavy to drag
You think it’s funny but it ain’t no gag
How come you always leave me holding the bag

Indeed.

Things I Have Yet To Try Out, But Would Like To

First of all, get your mind out of the gutter, Sean.

Now I know  what you think when you think about me. Your mind wonders “Is there anything this guy hasn’t done? He’s the bee’s knees… when it comes to Wi-Fi he’s got the moves. He’s got the tools, the style, and the energy.” Yes, thank you for the sentiments- I get that a lot. But my friends, I’m here to tell you that I have NOT seen it all or done it all quite yet.

Even I have a wish list. I have products that I dream of  setting up, and gadgets I’d like to play with that I may never get around to. Let me share just a few, and I’d love to hear what’s on your own “Gee, I’d like to evaluate_________” list.

Siklu

Not to be confused with Sulu from Star Trek, Siklu is a wireless company. And I hear dreamy things about them. They don’t do Wi-Fi style wireless, but they are in the last miles/backhaul/point-to-point game.

Siklu

Evidently the city of Wichita just fell in love with Siklu, as you can read about here. Being a gonzo bloggist, I get a lot of PR from different companies. Very little of it ever raises to the level of “man, that looks like great stuff”, but Siklu gear has always tickled my curiosity. Perhaps someday…

WiFiMetrix (Nuts About Nets)

Just look at this thing. Anyone who gazes at the WiFiMetrix and doesn’t feel a stirring in their loins IS NOT A WLAN PROFESSIONAL (or a patriot) I tellya. I’m a softy for spectrum analyzers as it is, and anything that stands alone in this role without requiring a PC gets me interested. It’s nice to travel light on occasion, and this just looks neat (with a decent spec and feature set, to boot.)

wifimetrix-device-trans-717x730

Anyone have any first-hand testimonials on the WiFiMetrix?

Ubiquiti SunMAX Solar

I have taken some solar classes in the past for a specific international project I was involved with, and have long imagined a wide range of Wi-Fi, IT, and amateur radio projects powered with solar. In my mind, each is absolutely magnificent. But in reality I haven’t done all that much with solar “for real” yet.

Enter Ubiquiti’s SunMAX.

sunmax-software-collage

I currently am putting my exquisitely manly hands all over a bunch of Ubiquiti networking and video equipment. It just works, and the pricing tends to be nothing less than astounding compared to the competition.  I’m guessing that Ubiquiti’s approach to solar is as innovative and (hopefully) cost-effective as the rest of their portfolio. And with this slogan:

Democratizing Solar Technology for the World

Ubiquiti speaks to my globe-trotting, fighting-for-the-oppressed background as a Cold Warrior. ‘Merica, baby. 

There you have it. Each of the above to me is a white whale that I covet, but Christmas IS coming. If those of you reading this make some sacrifices and pool your resources, I’m guessing you could scrape together enough to set me up with all of them!

Thanks for reading- and please share your own wish list.

Future-Proofing Networks with Fabric-Attached Wi-Fi: Q&A with Extreme Networks’ Director of Wireless Product Management & Strategy

It’s easy to become desensitized to the onslaught of marketing that surrounds networking concepts like “fabric” and “unified networks” when every vendor has their own version of them. Naturally, each marketing department promises that their solution is the best, but reality shines through when you start to look past the buzzwords for substance. I was recently  introduced to (and impressed by) Extreme Networks’ own fabric accomplishments, and wrote about my impressions here. Soon after, I had the chance to talk with Extreme’s director of wireless product management and strategy, Mike Leibovitz, about where WLAN specifically fits into the company’s fabric approach.

Leibovitz is one of those people that I’m always glad to catch up with. I’ve spent time with him at different Tech Field Day events and  IT conferences, and have had opportunities to socialize with him. Beyond just being an all-around nice guy, Leibovitz has a passion for his job and believes strongly in Extreme’s products, methods and his company’s future. Our most recent conversation evolved into an informal Q& A about the Extreme Automated Campus solution and Wi-Fi. Here are the highlights from that discussion (I’m in italics).

Mike, Extreme has been busy integrating the likes of ExtremeWireless WiNG from Zebra/Motorola and Avaya’s fabric portfolio (from recent acquisitions) with Extreme’s own wireless product lines. How’s all that going?

It’s been a great run, for us and our customers. We’re fully supporting all product lines, and it’s only getting better for the end users, regardless of which hardware they use. Looking forward, the best of all our product lines will be fused into new feature options that customers of either ExtremeWireless WiNG or ExtremeWireless can take advantage of without forklift upgrades.

We’ll get to fabric and Wi-Fi in a bit, but first- is there anything on the horizon that is particularly driving Extreme’s WLAN-specific evolution, and do you have any examples of where ExtremeWireless WiNG might bring something new to Extreme’s story that customers can appreciate?

Aside from our fabric architecture taking deeper root, we see the coming of 802.11ax as significant, and that does figure into our current product evolution. As the radio side of the equation gets higher in performance, we’ll continue to leverage things like Motorola’s unique excellence in access point design for challenging and high-ceiling environments, for instance. Also, we have the successful integration of the Azara Cloud into ExtremeCloud as an example of how we make what’s good even better.

It seems that Extreme goes to great lengths to make sure that new customers gained through acquisitions are treated just as well as long-time Extreme customers. Is that a fair characterization?

Absolutely, and that’s something we work hard at. You’ve experienced and written first-hand about being a customer on the losing end of an acquisition, when the purchasing company doesn’t get it right when it comes to integrating support for its new customers. Despite being well-established, Extreme has more of a start-up mentality in that all of our customers matter. We take none of them for granted. No one should have to guess at what’s going to happen when they need support just because their vendor was acquired.

Amen to that, Mike. Now onto fabric, Extreme Automated Campus, and wireless specifically. I know that you are pumped up about this area. What’s the first thing that potential customers should know about Extreme when it comes to fabric and WLAN?

I’d say first that people should realize that our fabric offering is mature, proven, and is shipping now. That includes how our Wireless solution connects to the fabric. Other market leaders have their fabric stories ahead of their deliverables to a certain degree, but Extreme doesn’t use customers as guinea pigs while we figure out how to keep promises.

Give me a sense of how that integration of Wi-Fi to the fabric works. Do you have any  examples?

Sure. Let’s start with ExtremeControl, which competes with ISE and Clearpass for functions like onboarding, authorization, and role-based policies. ExtremeControl has always excelled at extremely granular policy constructs used to program per-session behavior of the access point, the data plane, and the likes of QoS and analytics. That’s what we’ve been doing for years. Now add in the Avaya fabric contribution. Instead of just bridging traffic to a controller or to an AP you can now bridge wireless sessions to different fabric segments, uniquely for each connected device. That’s a new level of micro-segmentation that basically means you can traffic engineer wireless user traffic literally anywhere in the enterprise campus with the policies you set for RBAC, Layer7 control, QoS, and analytics carried all the way through.

So… we’re used to thinking of wireless access points or AP/controller pairings as bridges that have 802.11 on the radio side, and 802.3 Ethernet on the wired side. Am I reasonable in suggesting that now we can replace Ethernet with fabric on the wired side when we think about access at the WLAN edge?

That’s a good way of picturing it for functional discussion.

Can you give a specific scenario where fabric-attached Wi-Fi yields obvious, easy-to-highlight benefits that solve real-world problems?

We’re already leveraging fabric-connected WLAN in healthcare environments. As a wireless networker, you know the technical importance of reducing the number of SSIDs in a given wireless environment. Think about having one single SSID for everything, with a slew of different security and policy constructs going on behind it with no dependence on VLANs. From doctors’ unique security requirements to guest access to IoT devices and their various limitations – all are configured via ExtremeControl and micro-segmentation on the fabric. We can bridge traffic anywhere it needs to be for any user or use case. It’s really impressive, and no other vendor is even close to this level of functionality yet.

 Does the new magic come at the cost of CPU or memory utilization anywhere?

 That’s a great question, but actually the opposite is true. You can even add new policies on the fly, non-disruptively, directly on our access points. The flow technology that came way back from our Enterasys purchase works wonders in keeping resource utilization low.

This is great information, Mike. It’s awesome to learn of real-world, low-hype network fabric technology that is proven, shipping, and mature. What else do you want people to know as we close?

It sounds silly to say that “fabric is the future” because for Extreme Networks, fabric is now. At the same time, our fabric today does future-proof customer environments by providing unparalleled flexibility in security, segmentation, simplicity, control, and analytics that will only evolve for the better. Extreme will be ready to add 802.11ax into our fabric-connected Wi-Fi strategy when it comes, and we’re a natural fit for IoT in its many incarnations. Our roadmap is exciting, and I encourage our customers and analysts like you to watch us as we evolve.

FTC-required disclosure: I was compensated to comment on the Extreme Networks Automated Campus referenced in this blog, by PR company Racepoint Global. I have no direct business relationship with Extreme Networks, and in no way claim to be an Extreme Networks customer or representative of Extreme Networks. At the same time, I have known Mike Leibovitz for years.