Tag Archives: Aerohive

How Does Ekahau ESS Stay Current For APs and Antennas?

EkahauSo I’m sitting on a bench at the mall, and this guy plops down on the other end. I can hear him sobbing a little. I’m thinking “poor bastard, must be a death in the family, or his wife split…” But then I hear his kid about 10 feet away say to a pal “my dad is a complete loser- he doesn’t even know how the world’s best Wi-Fi survey and planning tool gets updated for new APs and antennas!”

Then it hit me like a ton of bricks: I really don’t know how it happens, either. I’m a loser too!

But there’s a big difference between me and Sobby Bench Guy. He’s not a gonzo bloggist with a license to ask the tough questions. That’s my turf, and that’s just what I did to get my mind right on the topic. I put on my Interrogator Fez and went gunning for everyone’s favorite European guy, Jussi Kiviniemi. Sure, he’s Ekahau’s VP of Wi-Fi Tools, but I don’t mind running in those circles now and then. I grilled Dr. J pretty good, and he gave me what I was looking for. Read on.

Q. How long does it take to get a new WLAN AP or antenna added to ESS, once Ekahau
has the technical information?
Jussi: Depending on load & urgency, it takes 1 day to 3 weeks to get it done. It’ll be published in next sw release (sw updates about every 2 months).

Q. Does Ekahau have a strategy for retiring old APs or antennas from the software
Jussi: Good question. Not really. Happens organically through Wi-Fi vendor acquisitions. We actually should probably take out the 802.11b stuff if we haven’t already 😉

Q.  How does Ekahau find out about new APs/antennas from the major vendors?
Jussi: It varies. Today, they often send the new or upcoming stuff proactively. That’s good for their business too. If not, we ask. Often customers ask us, then we ask the vendor. 

Q.  Why is it advantageous for vendors to get their stuff into ESS?
Jussi: A lot of their partners use our tool (we are tool of choice for Cisco, Aruba, Aerohive,…). And they often want to design using the actual stuff as it is more accurate. 

Q.  What’s the oddest antenna you’ve seen in ESS?
Jussi: At first, the Xirrus arrays were different. I wish we had the planner already back in the Vivato days, that would have been interesting. Also, the Ventev floor mount stuff is refreshing. 

Q.  Any other thoughts on the topic of adding products to ESS?
Jussi: I highly encourage the public and vendors to contact us to tell us which APs or antennas they are missing. It’s a free service to add them. Twitter, web site form or wifidesign@ekahau.com all work. 

We also add things like multi-SSID MAC combining as one radio, and multiple radios into one physical AP.  This requires specs from vendors too. 

And there you have it. Just a little behind-the-scenes information on how a great tool stays fresh. I’ll echo Jussi’s last point: if you see something missing, give Ekahau a shout to get the program updated. ESS is huge tool in the WLAN industry’s toolbox, so keeping it current is a win for everyone.

Additional Resources:

 

Xirrus Loses One, Wins One

One of the more curious WLAN players in the market, Xirrus is always interesting. The wireless array company certainly doesn’t sit still from a development perspective, and is usually among the first WLAN vendors to get major popular new features announced. I’ve met with Xirrus at Wireless Field Day 5 (their presentations here) and WFD 6, and followed their evolution through the years with a number of articles written about them..

Of late, Xirrus has a bit of a bad news/good news story to tell.

The bad news- they’ve been dropped from Gartner’s 2015 Wired and Wireless LAN Access Infrastructure Magic Quadrant. Many of us in the WLAN industry have fairly low regard for Gartner’s current methodology in this space, but at the same time those in the market for business Wi-Fi frequently refer to the report for information on the pros and cons of industry players. I don’t agree with Xirrus’ exclusion, but it is what it is.

On the sunnier side, Xirrus has just announced a potential game-changing feature for customers struggling to do secure guest Wi-Fi. Called “EasyPass Personal”, it’s easy to mistakenly equate the new offering to the likes of Aerohive’s Private PSK. Xirrus differs significantly from just PPSK in that EasyPass Personal allows the guest/visitor to set up their own SSID and private pre-shared key. Yeah, read that again because it’s pretty wild.

easypasspersonal

See more on Xirrus’ web site here.

My thoughts on EasyPass Personal: I’ve not tried it, so can’t speak to the feature first-hand. My only real concern is whether the generation of personal guest networks in the air creates a lot of management overhead traffic (seems like it could, at first thought). But beyond that, I applaud Xirrus for bringing an innovative new option to the ridiculously challenging paradigm of secure guest access. Hotspot 2.0 is the promised “official” answer to secure guest Wi-Fi, but it’s both complicated and going nowhere. EasyPass Personal *seems* like a nice methodology, so I’d love to hear from Xirrus users who try it.

Xirrus Debuts EasyPass for Simplified WLAN Access

I say it often: any more, access points have become secondary players in the bigger Wi-Fi story. Sure, it’s fun to read about new APs- especially with Wave 2 fueling whopping performance claims- but what makes a WLAN system truly usable is all of the other stuff that vendors are adding to their WLAN solutions. APs either work well enough to keep a company in business, or they don’t. But the magic for Wi-Fi goes way past RF doings, as evidenced by Xirrus’ newly announced EasyPass.

easypass

EasyPass isn’t exactly revolutionary unto itself, but seeing Xirrus join others in the field doing similar means that wireless users are also getting the attention they deserve amidst the running hype of new hardware announcements. That’s a good thing- and Xirrus delivers it’s new onboarding solution without added appliances to manage.

Read more on EasyPass.

As I reviewed the PR materials on EasyPass, I was struck by one notion in particular: with no need for certificates,etc, Xirrus’ new feature set has a similar feel to Aerohive’s Private PSK. I’m a huge fan, and wish every vendor offered this for guest WLAN. I did query Xirrus to make sure I was on target for EasyPass’ secure onboarding.

From Bruce Miller, Xirrus VP of product marketing (I run in those circles, you know):

Yes, security for EasyPass Onboarding is achieved through what we call a User PSK with every user assigned a unique PSK. The number of devices per user  allowed can be controlled, e.g. 1, 2, 3, etc. This allows individual Wi-Fi security and control per user without captive portals and without the complexity of 802.1x/RADIUS, for example for BYOD users and headless devices. 802.1x security with a captive portal is supported as an option. EasyPass eliminates the agent / app downloads of other onboarding systems that add significant complexity to the process. We have seen that many organizations find their employees defaulting to use the non-secured guest network for access because of its relative simplicity.

Well done, Xirrus.

Beacon Baby Steps

As I put this blog together, I do so knowing that I risk the ridicule of those who have gotten a lot farther in both understanding beacons and using them for some real-world value proposition. Though I understand transmitters of all types very well and I’ve covered other beacon-related initiatives (like Aerohive’s integration of beacons in APs ) and done my share of reading on how beacons are gaining in popularity as building blocks in a number of applications, I’ll admit to really not “getting” them yet to any technical depth. But that is starting to change, as I’ll tell you about here. And as an added bonus to you, I get to drop a few names of really smart people that I have the privilege of interacting with on occasion.

Free Beacons!

Awhile back, Ryan Adzima turned me on to a beacon giveaway that netted me three of these. Not being one to pass up free cool stuff , I got my beacons- and they ended up sitting on a shelf almost a year (I basically didn’t know what the hell to do with them.)

Fast Forward- Renewed Interest

I follow a lot of industry goings on as a freelance analyst. It’s no secret that Location-Based Services/Analytics is a running topic du jour in the tech media, and many a WLAN vendor has announced their own beacon story- like Aruba and Cisco’s Meraki. Knowing that there’s a lot of buzz around beacons, I worked them into my daily Twitter #WIFIQ question on June 4. The conversation that ensued reminded me that I was overdue to play with my Qualcomm beacons.

What sparked me to get back on the path that Ryan Adzima started me down was conversation with AccessAgility’s Zaib Kaleem and Extreme Networks’ Mike Leibovitz. Zaib turned me on to some beacon-related apps, and Mike triggered my interest on proximity to beacons being used as one component in banking authentication. Newly energized (see what I did there?), I busted out my Qualcomm Gimbals and got busy gettin’ busy.

Time to Play

Laying hands on my three neglected Gimbals first brought back the clueless feeling I had when I first looked at them and put them on the shelf. But this time I wasn’t content to stay in the dark. I took the bold step of cracking each one open and getting the watch battery connected, then I found the Gimbal Management App in the Apple app store.

At first, the App couldn’t see my beacons! Gotta be dead batteries, I thought… but then I went to the Gimbal Manager site, recovered my long-forgotten password, and figured out that I needed to activate each beacon.Gimbal

I also needed to configure each and upgrade firmware, which was quite easy. (We’ll come back to the “configure” thing.) Bingo! They showed up in the iPhone app.beacons

At this point, I realized/reminded myself of a few basic important facts:

  • Until the beacons were added to my account online, they were dead to me despite being powered up. (Private is default, you can make them “public” so anyone can see them, btw.)
  • My online account and my iOS account are synced for beacon management.
  • The beacons report their battery strength and the ambient temperature, and the mobile app tells how strong each beacon is being received
  • Though I now have three live beacons that can be managed, I still don’t know what to really do with them… no use case, no business application to hook them to, etc.

Knowing that beacons are all about proximity and location, I embarked on a simple exercise. Down a long hallway with three pictures hanging on the wall, I put one beacon on each picture frame, then watched my app show signal strength for each as I walked the hall.hall

This seemed like a reasonable way to see what might go on behind the scenes at the signal level on a walking tour, or in a retail environment where different app events are triggered by a customer coming close to a beacon. Here, this is the view as I transitioned from Beacon 1 and got close to Beacon 2, with Beacon 3 at farthest point down the hall.
.beacons1

Big deal, right? To me, it is. That’s because yesterday, I had ZERO first-hand working knowledge of beacons. With this these simple steps, I now get the technology and how it’s managed at a very, very basic level. I feel like I get the foundation, and I do understand many of the big use cases for beacons. It’s that middle ground of real-world implementation that I have yet to learn. Baby steps…

Back to the beacon config thing. For such a simple device, there are infinite permutations for what you can do with them. I think this is what is so hard to wrap your head around, especially given that along the line you may have to do some coding (or steal somebody else’s code). Zooming in on the menu gives a sense of just how many directions you might go bringing beacon-based use cases to life:
beacon menu

So… I now know a little, and know that I still don’t understand really USING beacons despite understanding the scenarios where they are employed. But with what little I now have touched and brought to life, I do understand links like this and this a bit better. Still a long way to go though, but ya gotta start somewhere!

Download Free WLAN Troubleshooting Booklet

If you’re interested in the finer points of WLAN support and troubleshooting, have a look at this excellent freebie. It’s actually a slice from the current CWNA study guide, provided by the good folks at Aerohive, delivered as a swanky booklet for your use and enjoyment.

Put it on your e-reader and use the magic of technology to get ya an eyeful of excellent, easy readin’ content, baby!

Download a free booklet about WLAN Troubleshooting | HiveNation.

 

That is all.

Aerohive and AirTight Announce IoT “Firsts”

There aren’t too many opportunities in life to claim “we’re the first to _____!”  There’s a bit of a glow that comes with being first to market, even if the first whatever isn’t really monumental or exactly disruptive.  In the last couple of weeks, both Aerohive and Airtight (cloud-managed WLAN vendors for those of you late to the party) made a “We’re first!” announcement, each with Internet of Things (IOT) implications. Let’s take a look at both.

Aerohive- First Integration of WLAN and iBeacons

Here’s the official news from Aerohive. The nuts of it is that Aerohive and beacon-maker Radius Networks are pals, and Aerohive APs can directly host ibeacons via USB port on the access point. The notion of ibeacons (and altbeacons) is really just getting started, so this could become big and will likely ripple out far beyond it’s infancy in retail spaces. Though the companies are partners on the initiative, there’s really no changes per se to Hive Mananager that goes with having RadBeacons attached to APs.

Here’s my own coverage of the story at Network Computing. If you’d like to further the iBeacon discussion, please post comments over there.

Then there’s this:

AirTight- First Access Point with ‘IoT-ready’ WiPS

I’ll admit to being underwhelmed when I saw the press for Airtight’s new C-65 access point. Sure, any new 11ac AP is worth noting, but the up-play of it’s “IoT readiness” seemed to be a stretch. So, I asked- what makes this one so special versus the competition?

Here’s what AirTight says about the C-65 in their own words:

Two key things in IoT readiness for WIPS are system scalability andoperation scalability because of increasing device volume and diversity and growing attack variants.

 
1.     System scalability
o    AirTight increased the ability to monitor active wireless devices from 500 to 2000 per AP/sensor
o    On the cloud side, we increased the ability to scale to hundreds of thousands of devices being monitored across multiple geographies and customers
 
Scalability bottleneck in IoT will be coming from neighborhood devices that you need to track for threat detection, compliance reporting, etc, rather than your own APs that you manage in the cloud.
 
AirTight’s tests and customer POCs have shown that because the competition does not have this scalability today, device history is not maintained long enough; alerts are quickly purged to maintain scalability; reporting and forensics are thin; and threat detection is slow.
 
This happens today; what will happen tomorrow with hundreds of IoT devices in your wireless neighborhood?
 
2.     Operation scalability
o    The detection is behavioral based rather than signature-, rules or MAC heuristics- based
o    “Zero day protection”: no learning or adding of signatures is required
o    Minimal human intervention required
o    False alarm free
o    Reliable automated prevention without neighbor disruption
 
Our detection algorithm has matured over the years because of our focus on WIPS and is able to handle nuanced protocol implementations. So AirTightWIPS is better suited to handle device diversity. Other vendors are mostly doing MAC heuristics to detect rogues and have not invested in detecting all variants of threats and attacks.
 
Again, we have seen the impact of this in POCs and internal tests. We have seen competition raising false alarms (false positives and false negatives), along with creating large number of alerts for the administrator to sort through. Some products even discourage users from turning on automated prevention via product messages and technical documentation.
And there you have it.  Neither of these announcements is mind-blowing yet at the same time they serve as examples of where WLAN vendors’ heads are regarding IoT at this stage.
In case it isn’t obvious, we’re likely to hear a lot more about how the Internet of Things will shape wireless solutions, and how vendors think we should be preparing for the IoT onslaught. It’s gonna continue to come at us in little chunks as the seeds of IoT take root, so keep your eyes open or you’re going miss something.