Tag Archives: 7Signal

802.11ac Is A Big Fat Pack of Lies

We’ve been hoodwinked. They snookered us. The wool has done been pulled over our eyes. Ah yes, the snake oil convention came to town, and we all went in the big tent and bought us some. But who could blame us for getting all sparkly-eyed when you breathe in the aroma of those fat numbers promised by 802.11ac? It’s intoxicating stuff, this getting-ever-faster Wi-Fi. But alas… it’s also fraudulent promises, broken hearts, and “Ha! Made you look!” all put in a shit sandwich that we’re willingly nibbling on.

OK- so maybe it’s not quite that bad. But it’s safe to say that with 802.11ac, and even 802.11n, the standards-authors are writing certain checks that the Bank of Reality just can’t cash, despite the giddy marketing folks’ best efforts to convince us otherwise.

Have I bummed you out yet? You might be wondering what could put an upbeat, good-looking fella like myself in this sort of funk. Well, I’ll tell you what sir (or madame)… I just read me an excellent- and I mean excellent- whitepaper from the very smart folks at 7signal, titled 802.11ac Migration: Real World Best Practices. I should have saw what was coming with the subtitle “Learn what vendors won’t tell about 11ac performance in real-world deployments”. Here’s the kicker: there’s nothing really new here, per se. But the cold hard facts of what a given standard “supports” versus what reality allows are presented extremely eloquently in this document. Ideally, it would be required reading for WLAN vendor marketing departments and technical managers and execs not familiar with such things.

7sigpaper
(
Download here)

I won’t give it all away, but here are a few teases:

  • We never did get to the top-end of 802.11n’s promised 600 Mbps data rates, and it’s highly doubtful we’ll recognize 11ac’s hyped 6.7 Gbps either
  • 256 QAM is awesome- if you’re standing close to an AP or have one in your pocket
  • Channel bonding is the stuff of high data rates… but you’re probably expecting too much out of this feature
  • Despite rapid adoption of 11ac, what we’ll see out of it in terms of big, impressive performance numbers will be a mere fraction of what hype tells us to expect
  • There are several other depressing little nuggets

Get the document, read it, and share it. It really is well written and injects a needed dose of reality to the 11ac buzz.

At the same time, don’t be as pissy as I’m making myself out to be in this blog (I’m a writer, and this is called creative license for those of you watching at home). 11ac is still moving the Wi-Fi cheese deeper into the 5 GHz spectrum, which is a huge gain for the greater wireless good. And…we’re still getting better rate-over-range with 11ac versus 11n, and with Ruckus breaking the ice on Wave 2, we’re getting into 4×4 APs with MU-MIMO (though 7signal deflates the MU-MIMO bluster a bit as well in the whitepaper). 

So maybe 11ac isn’t really a big fat pack of lies… perhaps it’s more like a series of Brian Williams-style “embellishments”.  But the truth here does matter for managing expectations, and that’s the point of 7signal’s excellent document.

Fluke Networks AirCheck Like You’ve Never Seen It

Image

I’ve been spending some quality time (under NDA) with the new version of AirCheck, and I’m very pleased with what Fluke Networks has done with the product line. Now that the wraps are off the new version, I’m tickled to be able to share what I’ve learned so far with a community that counts a lot of fans of the original AirCheck handheld tester in it’s ranks.

The premise is simple: put a tool in the hands of front-line network types that allows everyone to test the same way, and share their results with others when needed. Whether it be Enterprise Wi-Fi installers, service provider techs, or carriers that set up hotspots, the new AirCheck version is a nice add to the Windows 7 or 8 devices they are likely to be schlepping.

AirCheck for Windows amounts to:

  • Software (will be part of your My AirMagnet inventory)
  • License (same process as any AirMagnet tool
  • I used the Proxim 8494 a/b/g/n USB adapter provided by Fluke Networks (identical to Ekahau’s DNUA-81) (Supported adapters are shown here)

Your device’s built-in adapter is used for active testing, while the external adapter I was provided was used for monitor mode functions. I do wish AirMagnet could have found a smaller one to use. I tend to run very small laptops, and the 8494 really sticks out- it feels like an accident waiting to happen. But.. that’s my only real beef with the AirCheck for Windows, and I’m not quite sure that the external adapter is needed in all cases after viewing the product spec sheet.  The solution installs like any other AirMagnet product.

What it Does

The start menu shown above gives you a sense of what the new AirCheck does. You wanna see all APs and/or clients in the area, along with their WLAN-related info? That’s easy. Do a sight survey? Sure- that’s there as well. So is overall channel information for both bands. This is still AirCheck, baby…

Easy to navigate in a well designed, minimalist GUI, you can run through a variety of findings and save them as a Project. The results of the project can be turned into a nice report, or shared with others who can reopen them in their own copy of AirCheck for WIndows.

This is all very nice, but there is one feature that I really appreciate,

AirCheck User Experience

In the name of quantifying the user experience in a given location on the WLAN (call it Service Assurance, if you will, although here it’s not nearly as granular as the likes of 7signal or Streetwise), I can configure any number of Test Profiles on my AirCheck for Windows and export it to technicians to use, so we’re all testing the exact same way on trouble tickets.

You can set destinations, thresholds, and repetitions for testing:

  • What WLAN SSID gets used (there is a provision for Web portal logins if needed)
  • DNS resolution time, what URLs you want to test
  • Ping destinations
  • http and FTP download times
  • audio and video streaming quality

Again- I like the idea of being able to have even less skilled techs run the same battery of tests I might run when responding to trouble, while also giving the more savvy WLAN support folks flexibility to add other tests. All the results can be saved and exported for reference later on, or for analysis by senior troubleshooters.

Of course, the non-AirMagnet WLAN adapter in use on each client device will have a bearing on the test results (remember, the AirMagnet adapter only runs in monitor mode) and so you’ll want to consider what platform you run AirCheck for Windows from.

But wait-there’s more!

-If you run AirCheck for Windows from a laptop. you can also test through the Ethernet jack for comparing the WLAN feel to that of the LAN (nice option).

-And… an Android app version is also coming in Q2 of this year.

AirCheck for Windows ballpark list price: around $900

Other screenshots for AirCheck from Windows:

AirCheck Channels AirCheck Discovery NetCheckSplash winAirCheck

AirMagnet Changes It Up- With a WLAN Security Overlay

(OK, so it’s a Performance and Security overlay…)

I was an AirMagnet fan long before Fluke Networks bought them. I’m sure that I’m not alone in appreciating the long line of excellent tools that have come from AirMagnet, from the software-based utilities to the likes of AirCheck. But for some reason I was also a bit surprised to get wind of Air Magnet Enterprise as a big old’ overlay- think AirTight for security, and 7Signal for performance.

First Impressions, Having Never Tried It

For me, Enterprise is just different from all of the AirMagnet tools that you can hold in your hand. It gives me a bit of discomfort, because there’s yet another server or two to upkeep as part of the solution. There are sensors to deploy that have to be kept up in parallel with installed APs. There’s yet another system to learn, while you learn to ignore those same functions that are part of the system you probably already own… These mushy feelings of concern have nothing to do with Air Magnet, but rather they come from having well  over a decade of running and managing many small and very large WLANs and suffering pain, a la:

  • Managing a WLAN is a lot of work, managing the boxes that manage the WLAN can suck
  • When you make a significant investment in the likes of CleanAir (or anybody’s native equivalent) it’s hard to get a clear read on what yet one more system will do for you as a delta, and how that delta is worth the usually steep accompanying price
  • Dashboards full of rogues and interference sources that you often can’t do anything about (thousands of ’em sometimes) because you are located in an urban setting become visual noise that get ignored
  • Auto-containment sounds nice- until you lay waste to a network switch or an important client after putting faith in a tool that promises not to do the bad thing that it just did
  • Trying to figure out how your WLAN security posture might be so deficient with your own vendor’s native capabilities (that you spent big, big coin on) that you still need an expensive overlay is a miserable task

But I realize that these are MY issues. Again, no reflection on AirMagnet (or 7Signal, or AirTight).

What immediately looks nice with Air Magnet Enterprise:

  • Can be set set up in VM
  • Uses a mix of pretty sweet looking hardware sensors and software agents
  • Transactional stuff feels like it might be 7Signal-esque
  • Hardware sensors can do wireless backhaul where wiring is difficult/cost prohibitive (yes!!)
  • Full-time security scanning versus APs that only do that as a small percentage of their operational time
  • Scales well for large environments
  • It’s Air Magnet- which implies maturity of feature set and good design (to me, at least)

It’s hard to say much more about it without trying a tool like this. And if you’re busy or don’t feel obvious performance or security pain, it’s hard to make the time or case for something as involved as an Enterprise trial done right. At the same time, WLAN is the preferred mode of access for a growing number of complicated environments with PCI/HIPPA/etc. concerns that are also likely BYOD hornets’ nests that might be distributed over a number of sites that aren’t easily covered by limited IT staff- and so I can picture a client base (but it’s likely to be a small fraction of the number of WLAN environments that have bought other AirMagnet products).

Personally, I’d love to see a major WLAN vendor or two completely scrap their own performance/security suites and partner with specialists like Air Magnet or 7 Signal for that side of the total solution.

Here’s What I Want NOW From My Wireless Management System

When it comes to the management and security of wireless networks, I want a lot of things. I want new things, and I want legacy things that aren’t going away to get better. I want slick, I want fast and I want effective. I want powerful, feature-rich, and a say in what features are worth devoting UI resources to. I want it all, baby- and here’s my latest rant on the topic. You’re going to love this.

Before I drop the bomb, lets set the stage.

I had the privilege of hanging out with the fellows from 7signal at the recent Wireless Field Day 5 event, and seeing how they do WLAN RF health characterization,  as well as getting a peek at what AirTight is up to. Being a long-time Cisco wireless customer, my mushy brain cant help but bring everything back to my vendor for comparison; but more on this in just a bit.

In my spare time, I’ve been having more fun than a person should be allowed to with the addicting Wi-Fi Pineapple (along with some tricks from the much-revered BackTrack Linux.) And at work, we’re gearing up for thousands of students to flood back into the dorms, which means Rogue Hunting Season is neigh. Put all this together and feed it into the “It’s Easy For Me To Demand Things From Other People That I Can’t Do” engine, and out pops the following wireless support and security gem:

Wouldn’t it be cool if…

  • You could take one of your in-service APs and turn it into a virtual client that associates with other APs? (stay with me, I know you’ve heard this part before)
  • Synthetic testing with said virtual client was possible: do my DHCP and RADIUS servers work? Can I reach the Internet? Can I reach other locations, from each of my SSIDs?
  • The virtual client AP could report on nearby rogue networks, after I set a min threshold value, (getting closer to the money shot) and tell- Is the SSID open or protected?
  • My virtual client could associate to the open SSIDs, and report back what the public IP is of the rogue?  (I could find it then through MAC or ARP tables if on my own network- doesn’t need to be automated)
  • Here’s the LAGNIAPPE, baby- If the rogue SSID was encrypted, I’d like my virtual client to execute Aircrack-NG, Reaver, Fern, or whatever. Somehow, the power of my management system harnessed to this virtual client/pen testing-mode AP would give me a big-assed, infinite dictionary from hell and lots of power to crack. Then I could go back to the “find the public IP” step, which to me is the ultimate and definitive “game over” versus a lot of wireside detection systems that are so-so with their success rates.

I know there are lots of ways to do “wireless support”, but I am enamored with the force-multiplying capabilities of a well-constructed virtual client mode for installed APs (as I imagine them working). I’ve been beating the drum for Cisco to consider basic virtual client functionality for years, to no avail.

But now I want even more- I want a “virtual client AP meets BackTrack Linux, and they have offspring” mode.

I’m not asking for too much, am I?

Gimme A Wireless Virtual Client Function, Already!

I’ll start this post with two admissions:

1. Of late, I’ve been interested in the capabilities of 7Signal.

2. Long before 7Signal came to the WLAN space, I’ve been beating the drum for my WLAN vendor (and all vendors) to deliver what I call virtual client functionality. 

On 7SIgnal, I’m struggling with sticker shock and trying to figure out where it’s very cool capabilities stop and where they overlap with tools like Cisco’s CleanAir (which isn’t cheap either). I am hearing good things about 7Signal from current customers.

About that virtual client thing, it is something 7Signal can do (along with a slew of other cool  things). But by now, I also think this is one of those capabilities that should be built into enterprise WLAN systems. (If I’m not mistaken, Motorola comes closest to having something like this.)

Quick note to vendors- you give us one innovation after another that you think would benefit your clients. Thank you. But how about this one that is long overdue? Your customers that actually run the WLANs of the world would LOVE you for it.

Here are two versions of what I’m looking for:

Simple version:

  • I can do all of this through my wireless management system
  • I can schedule the function to run at regular intervals and report on it
  • I choose one of my installed APs to put into “Virtual Client Mode”
  • Through the wire, I can have my Virtual Client connect to each of my SSIDs and exercise the likes of RADIUS, Credential Stores, DHCP/DNS, L2 and L3 paths via ping, traceroute, etc, rate limiting, throughput tests, whatever
  • All of this is coordinated in a way that doesn’t disrupt the existing client environment

Advanced Version:

  • All of the above, PLUS
  • I can manually choose any AP within a given range
  • I can tell the virtual client to test itself against every AP it can hear within a certain range

You probably get the gist. The payoff- I can “be” in buildings or at sites that I don’t have to travel to. The Virtual Client would be a force multiplier, and in many situations would bring far more value than seeing pages upon pages of rogues and interfering signals from neighboring WLANs that I couldn’t react to if I wanted (hallmark of many current systems).

I can’t believe that I’m about to say this- I get tired of the sometime extreme feature licensing that has come to be all too common in the WLAN industry. But I’d actually pay (a fair price) for GOOD virtual client functionality. 

Am I asking for too much? Are there WLAN vendors beyond 7Signal that are natively doing this that I don’t know of?