Tag Archives: wirednot

Wireless Field Day 8 Takes “Wireless” Up a Notch

If you’re not familiar with the Tech Field Day franchise,  you’re really missing out on a fantastic resource. When the events are live and playing out, you get a nice feel of the pulses of the various spaces covered (Network, Storage, Wireless, and Virtualization).  After the live coverage is done, the session recordings become excellent on-demand resources.

I’ve had the privilege of attending a number of Wireless Field Days (WFDs), and I think the upcoming WFD8 really moves in a nice direction. Each WFD event I’ve been to  has provided a wonderful glimpse into the goings on of the presenting WLAN-related vendors. I’ve got to see and hear first-hand what the following companies have to say on their own offerings, industry trends, and what the future of wireless might look like:

  • 7signal
  • Aerohive
  • AirTight Networks
  • Aruba Networks
  • Avaya
  • Cisco Networks
  • Cloudpath
  • Extreme Networks
  • Fluke Networks
  • Juniper
  • Meraki
  • Meru Networks
  • MetaGeek
  • Motorola
  • WildPackets
  • Xirrus

WFD8 features Aruba Networks as an HP company for the first time, Cambium Networks, Cisco, Cradlepoint, Ruckus Wireless, and Zebra Technologies. I like this lineup a lot, for various reasons.

With Aruba and Cisco, it’s always good to hear from the WLAN industry’s #1 and #2. I’m a Cisco and Meraki customer, so visiting Cisco’s campuses is a bit more personal for me. I’ve long respected and admired Aruba, and I’d like to see how things “feel” now that HP is the mothership.

Cambium Networks is a bit exotic as I think of them as a backhaul company- but they certainly do more with wireless, and it’ll be exciting to hear from a relative newcomer. I did one blog entry about Cambium awhile back.

The Field Day organizers did well in my opinion to land Cradlepoint. Modern day “wireless” is about so much more than Wi-Fi, and Cradlepoint’s 4G edge-routing will take the delegates down a new WFD path that could serve as precedent for future non-mainstream Wi-Fi vendors. I’ve covered Cradlepoint in my blog as well.

With Ruckus, WFD finally lands one of the main WLAN vendors out there that I’ve not met with, though they were at #WFD3.  Ruckus covers a lot of ground, so their presentation is hard to predict, but is guaranteed to be interesting.  I’ve done a fair amount of coverage of Ruckus, both for Network Computing (like this one) and right here in this blog.

Finally, there is Zebra Technologies. I’ve personally never laid hands on a Zebra product, and for those who don’t know, Zebra bought Motorola’s Wi-Fi interests (which I blogged about.) With a fascinating product line of their own, this too should be a very interesting session.

Put a reminder on your calendars- this Wireless Field Day promises to really put a fresh spin on an already excellent event. Woo woo!

WFD-Logo2-400x398

How to Melt Your Private Parts With Wi-Fi

There has been a lot of press lately about the perceived dangers of Wi-Fi. For example, Forbes ran this one earlier in the year. There have been lawsuits about Wi-Fi endangering health. Then you have major vendors like Cisco publishing safety briefings, and online forums where IT professionals debate topics like safe distances from WLAN access points.

And if you need a laugh, give these nutjobs a few minutes of your time.

The truth is, you don’t have to wonder what safe “is” when it comes to transmitters. You can invest some time and learn what existing FCC regulations are on RF safety and how to computationally prove whether a given scenario is safe or not.  Go the lazy route, and with just a bit of information, you can figure it out using online calculators like this one.

But back to Wi-Fi fears in particular. If you’re worried about those wireless access points on the ceiling at work, you might want to forgo considering the use of a new automotive hotspot, lest you tempt the fates to wreak RF-induced havoc on your naughty parts from the Wi-Fi just a few inches away. I’m just sayin’…

WiFi-hotspot-in-car

An Open Letter to the FCC

Dear Chairman Wheeler and Commissioners,

In response to the recent Commission actions relating to Smart City  and Marriott blocking of Wi-Fi hotspots, as a WLAN professional I implore you to recognize that these actions are creating significant amounts of confusion for enterprise Wi-Fi environments and those of us who keep them operational for the millions of business clients that use them every day.

The running theme of late very much seems to be “you can’t use Wi-Fi mitigation techniques to deny individuals the use of their paid-for cellular-equipped personal hotspots” (my own words). But from here, the questions start.

DA 15-113 Enforcement Advisory states clearly “Willful or malicious interference with Wi-Fi hot spots is illegal.” That seems pretty cut and dry, until later in the document we read “No hotel, convention center, or other commercial establishment or the network operator providing services at such establishments may intentionally block or disrupt personal Wi-Fi hot spots on such premises, including as part of an effort to force consumers to purchase access to the property owner’s Wi-Fi network. Such action is illegal and violations could lead to the assessment of substantial monetary penalties.”

Given that most of us doing Wi-Fi are not lawyers and very much want to stay within legal boundaries, these questions hang over the WLAN space:

  1. What constitutes an “other commercial establishment”? Would these be hospitals? Universities? Does it even really matter? If not, why call out just hotels and conference centers?
  2. There is emphasis on Wi-Fi blocking being frowned upon especially when it is used to try to force those using hotspots onto an expensive WLAN service. What if blocking ISN’T used to try to push hotspot users onto a pay Wi-Fi service, but to try to eliminate a hotspot that’s significantly interfering with an organization’s private Wi-Fi and business operations- especially if a free Wi-Fi option is available to the hotspot users?
  3. Are hotspot users free to bring their devices anywhere and everywhere regardless of the interference caused by those hotspots?
  4. In  DA 15-113, and other FCC documents (including those related to Mariott), blocking of Wi-Fi is increasingly implied to equal “jamming”. Does blocking Wi-Fi with either wide band noise in the traditional sense OR network frame manipulation in fact now constitute jamming?
  5. Pretty much all major WLAN vendors sell network management systems that include the very mitigation tools that were used by Marriott and Smart City to block hotspots. Are these tools legal under any circumstances? (If frame manipulation now equals jamming, it would seem not.) If they do have an envisioned legal use, in what situations can they be used without an administrator needing to worry about running afoul of the law? This is perhaps the absolute murkiest aspect of the entire Marriott/Smart City situation to those of us who bought these tools on good faith from our WLAN vendors. If blocking of Wi-Fi is illegal in every situation, why are these tools allowed on the market?

Without clear guidance, there is broad room for misinterpretation of what the FCC both is and is not saying on this general matter. PLEASE consider revisiting DA 15-113 and providing greater clarity on the above questions, for the benefit of all concerned.

Kind regards,

Lee Badman

Cradlepoint Introduces a Beauty

(Quick edit, 8/17/15)

Of late, I’ve had a few opportunities to learn more about the mobile edge router space and the really powerful feature sets that exist in this market. I’ve been briefed by the big players on how their gear is winning over traditional networking in a variety of scenarios, and how slick tools like cloud management and SDR (software defined radio) make mobile edge gear pretty advanced in capability. Read more on the general topic of 4G edge-routing developments with a piece I wrote for Network Computing.

Cradlepoint’s latest announcement provides a great example of the impressive tech in play in this unique realm that creatively puts networking in a variety of interesting places, from public transportation fleets to retail kiosks that pop up and disappear as events come and go to permanent locations like restaurants and gas stations. The new product is the AER3100, and with it’s specifications and flexibility, it’s going to fast find it’s way into all of the markets that Cradlepoint serves with micro-branch/mobile and small branch style offerings.

Here’s the quick view, stolen from Cradlepoint’s web site:

AER3100

This is light-years past simple personal hotspot kind of 4G modem kit. If you ever get an opportunity to take a briefing with Cradlepoint, you’ll realize that the businesses using these sorts of components have a lot to lose by making poor choices with their networking, from lost revenue to data breeches. Cradlepoint seems to have covered all of the bases with robust security, multi-carrier support, and legitimate enterprise network feature sets (including 11ac support on the WI-Fi side) in small components that just happen to get their ISP connectivity generally via 4G.

Give the Tech Specs a look, and see if you’re not as impressed as I was when I first got familiar with them:


Technical Specifications

WAN

  • Integrated 4G LTE (with 3G failover) Multi-Carrier Software-Defined radio
    • Verizon, AT&T, Sprint, Europe, and generic models available
    • Dual integrated modem option
    • Dual SIM slot in each modem
    • Most models include support for active GPS
  • 13 10/100/1000 Ethernet ports (WAN/LAN switchable)
  • WiFi as WAN (only on AER3100)
  • Failover/Failback
  • Load Balancing
  • Advance Modem Failure Check
  • WAN Port Speed Control
  • WAN/LAN Affinity
  • IP Passthrough

LAN

  • 13 10/100/1000 Ethernet ports (WAN/LAN switchable); Supports four ports of PoE (9-12) for class I, II, or III devices (up to 15W) or two ports high power PoE for class IV devices (up to 30W)
  • LLDP support
  • VLAN 802.1Q
  • DHCP Server, Client, Relay
  • DNS and DNS Proxy
  • DynDNS
  • Split DNS
  • UPnP
  • DMZ
  • Multicast/Multicast Proxy
  • QoS (DSCP and Priority Queuing)
  • MAC Address Filtering

MANAGEMENT

  • Cradlepoint Enterprise Cloud Manager¹
  • Web UI, API, CLI
  • GPS Location
  • Data Usage Alerts (router and per client)
  • Advanced Troubleshooting (support)²
  • Device Alerts
  • SNMP
  • SMS control
  • Console Port for Out-of-Band Management

¹Enterprise Cloud Manager requires a subscription
²Requires CradleCare Support

ROUTING

  • IPsec Tunnel – up to 40 concurrent sessions
  • OpenVPN (SSL VPN)¹
  • L2TP¹
  • GRE Tunnel
  • OSPF/BGP/RIP¹
  • Per-Interface Routing
  • Static Routing
  • NAT-less Routing
  • Virtual Server/Port Forwarding
  • VTI Tunnel Support
  • NEMO/DMNR¹
  • IPv6
  • VRRP¹
  • STP¹
  • NHRP¹

¹–Requires an ECM PRIME subscription or an Extended Enterprise License

SECURITY

  • RADIUS and TACACS+
  • 802.1x authentication for Wireless and Wired Networks
  • Zscaler Internet Security¹
  • Certificate support
  • ALGs
  • MAC Address Filtering
  • CP Secure Threat Management²
  • Advanced Security Mode (local user management only)
  • Per-Client Web Filtering
  • IP Filtering
  • Content Filtering (basic)
  • Website Filtering
  • Real-time clock with battery backup for CA certificate validation

¹–Requires Zscaler Internet Security License
²-Requires a CP Secure Threat Management license

PORTS AND BUTTONS

  • 54V DC Power
  • 13 10/100/1000 Ethernet LAN
  • Console port
  • Two cellular antenna connectors (SMA)
  • GPS antenna connector (SMA)
  • Lock compatible
  • External USB port for USB modem and/or firmware updates
  • Factory Reset

TEMPERATURE

  • 0° C to 50° C (32°F to 122°F) operating
  • −20° C to 70° C (−4°F to 158°F) storage
  • Redundant internal fans for reliable cooling

HUMIDITY (non-condensing)

  • 10% to 85% operating non-condensing
  • 5% to 90% storage non-condensing

POWER

  • 54VDC 2.25A adapter
  • 802.3af (15W) or 802.3at (30W) PoE capable

SIZE

  • 12.2 in x 10.6 in x 1.75 in (310 mm x 270 mm x 45 mm)
  • 1U height for rack mount

– See more at: https://cradlepoint.com/products/aer-3100#!specs


I’m new to this space when it comes to looking at it to any real depth. What I’ve seen so far makes me think beyond my own typical wired ISP approach to certain branch environments, and it does get fascinating when you contemplate robust networking being enabled anywhere you have halfway decent 4G coverage. I’ve really just skimmed the surface of a pretty big story here, and I look forward to learning more.

Do you work with Cradlepoint gear or competing mobile edge solutions? I’d love hear your take, and examples of success or failure with kind of solution.

Tanaza and Cucumber Tony- Software Makes Cheap Wi-Fi Cloud Manageable

Quick and dirty- I have an article running at Network Computing about Tanaza and Cucumber Tony, two companies that promise to breath cloud-managed functionality into cheap Wi-Fi gear. Their web sites:

I’d love to hear opinions on the paradigm, and whether you’d ever give this sort of software/management/hotspot capability a try.

Thanks for reading!

It’s the Little Things… Hey Cisco Wireless!

When an administrative account is used to access a Cisco wireless controller, one of two things have happened. Either a legitimate admin has logged in to do config work or to view settings or whatever, or someone has gotten hold of an admin credential and your organization has bigger problems than simply protecting the pre-share key on PSK Wi-FI networks.

My question for Cisco: why can’t paying customers with proper admin credentials see their own PSK keys? Whatever “protection” is in play here is far outweighed by the nuisance of not being able to visually verify or recall what these keys are, says I.

No PSK show

You’ll notice there is no toggle to show the key. You either write it down somewhere, or do a lot of re-creating PSKs if the entered value gets lost. Sounds like maybe no big deal? I disagree. Given the dumbing down of client devices in the name of IoT and BYOD, PSK networks aren’t going away anytime soon and WLAN is only getting more popular. For some customers, hundreds of PSK networks are in play, so it can be a very big deal.

It’s time for Cisco to trust us to see our own PSK strings (and no, they don’t show in CLI, either) and to not worry that bogeymen might be standing behind us waiting to write these down.

I can’t recall another UI that doesn’t let you see the PSK. Here’s Meraki:

Meraki PSK

Whatta ya say, Cisco? Can we please get a view to our own PSK strings? Can we? 

Or am I off-base here? Please comment- and thanks for stopping by.