Search
A Mojo Customer Story: Universidad Alfonso X El Sabio (UAX)
Posted by Cherie Martin on May 22, 2017
undefined-114932-edited-983002-edited.jpg

Today’s learning environments are evolving and growing at a rapid pace, with more students & faculty accessing and sharing online content than ever before.  For many schools, it is a balancing act to meet the demand for ever-increasing bandwidth on a secure network utilizing fixed budgets and existing IT staffing levels.  

Posts by Topic

see all
free-on-demand-webinars.png
undefined-114932-edited-983002-edited.jpg
A Mojo Customer Story: Universidad Alfonso X El Sabio (UAX)
Posted by Cherie Martin on May 22, 2017

Today’s learning environments are evolving and growing at a rapid pace, with more students & faculty accessing and sharing online content than ever before.  For many schools, it is a balancing act to meet the demand for ever-increasing bandwidth on a secure network utilizing fixed budgets and existing IT staffing levels.  

ESC6_Logo_Dedicated_to_Serve_transparent.png
The Region 6 ESC and Mojo Partnership, Opening the Doors for Digital Learning Throughout Texas
Posted by Erika Hashemi on May 15, 2017

In March of 2016, Texas Governor Greg Abbott announced the launch of the Classroom Connectivity Initiative, designed to facilitate access to technology in a world where learning is no longer confined to the pages of a book or the walls of a classroom. Working with the Texas Education Agency and Education Service Centers like Region 6, the State aims to equip every classroom with robust connectivity to support each student’s digital learning experience.

Aerohive, Aruba, Cisco, Meraki, and Ruckus Let Users Suffer with Interference
Posted by Robert Ferruolo (Dr. RF) on May 11, 2017

How often do you say “Wow, this WiFi is great!”? WiFi is like a utility, you take it for granted until the lights don’t turn on or water doesn’t come out of the tap. Just like the electrical grid or the water infrastructure, WiFi takes planning to implement correctly and maintenance to keep running smoothly.

The great news is that WiFi keeps getting smarter and Mojo is leading the way with Cognitive WiFi™. An example of our dedication to excellent user experience is how the C-130 uses its third radio and Dynamic Channel Selection (DCS) to quickly, reliably, and automatically detect disruptive interference.

We recently performed a benchmark test to see how well access points avoided channels with high WiFi and non-WiFi interference on boot up and during operation. We evaluated how well the AP avoided interference and how user experience was impacted.

The Mojo C-130 was the only access point to avoid interference 100% of the time, on both boot up and when introduced on the operating channel. All other solutions failed to avoid a channel with a constant interference source that made the channel unusable, or failed to change channels when the channel utilization got so high that it severely impacted the user experience.

User experience was evaluated using the following quality score rating system:


WiFi - A Key Enabler of Digital India
Posted by Kiran Deshpande on May 1, 2017

Recently, I received a ‘Thank You’ letter from IEEE President & CEO for making a contribution to an IEEE fund that helps advance technology for humanity and realize full potential of IEEE. The IEEE President listed three areas of global concern – access to high speed Internet, adequate sanitation and electric power. Today Internet access is indeed as fundamental as having electric power and sanitation. This is reflected in policies across nations worldwide.

For instance, in India, Prime Minister Modi has outlined his vision for every Indian to have high speed access to Internet. Its akin to a Prime Minister laying out the vision for expressways for speedy and hassle free movement of vehicles across the country. A network of good roads and good communication infrastructure are critical to growth and prosperity. Hon. Indian Prime Minister is on the mark putting digitization along with ‘Swaccha Bharat’ as a top national priority.

In an emerging economy like India where wired network infrastructure is limited largely to urban areas, wireless Internet access is an attractive proposition. People love the convenience of wireless access even if the quality of connection is poor. You don't have to be glued to one place as it happens when using a landline phone or a computer connected to an Ethernet cable. Wireless access is ubiquitous as the entire space becomes the medium of communication. Governments around the world have recognized this as a national asset and have sold radio spectrum at a charge. While this creates revenue for governments, it can work against building affordable communication infrastructure. WiFi on the other hand operates in 2.4GHz and 5.0GHz radio spectrums that are unlicensed; one can operate in these frequency ranges without having to pay a license fee. This is very important as telecom operators, Internet service providers can build networking infrastructure using WiFi without having to pay for the spectrum. Coming to my road analogy, one needs a combination of toll roads and non toll roads. Both have their place in creating the infrastructure. In a country like India where sensitivity to pricing is high, WiFi will not only de-congest expensive licensed radio spectrum like 4G LTE but will reduce the cost significantly.

Smart cities and public hotspots are among the best known use cases of WiFi. However, many other innovative ways exist. For instance, top national colleges like IITs, NITs, IIITs and IIMs want WiFi across their campuses and spend considerable time and effort putting together vendors to look for this technology. There is a very good chance that requirements are largely the same for all of them and hence these need not be handled individually. A massively scalable WiFi Management Console that can manage WiFi at say top 100 national universities with a sharable architecture while giving flexibility to each university is feasible. The same approach can be used for smart cities, government departments and even Gram Panchayats. A unified approach for critical national digital infrastructure is efficient and possible with the current state of the art in WiFi technology.

Under the Hood of Vendor Unlocked Whitebox APs
Posted by Sudhan Kayarkar on Apr 17, 2017

The data center industry has embraced hardware/software disaggregation promoted by Open Compute Project (OCP) in servers and switches. It brings benefits of cost, flexibility and innovation. OCP has now started a working group called Campus, Branch and Wireless (CBW) to extend disaggregation concept to enterprise networking. For additional details on OCP/CBW whitebox WLAN AP, see this #wlpc 2017 video presentation by @CHemantC. Mojo Networks has been an active contributor to the CBW group. At the recently concluded Open Compute Summit in Santa Clara, we demonstrated open install of Mojo WLAN software on the latest Qualcomm 802.11ac Wave 2 AP platforms manufactured by 3 different hardware vendors (ODMs). 

Securing 30,000 Students and Beyond
Posted by Erika Hashemi on Apr 3, 2017

On any given day, the Santa Rosa County School District has 30,000 students accessing WiFi across 31 elementary, middle and high schools.  As WiFi is quickly becoming the prevalent network access technology in schools, Santa Rosa knew they needed to have a secure and reliable WiFi network in order to provide a pristine user experience on an ongoing basis.

The School District needed a comprehensive WiFi network monitoring and security solution that would provide complete visibility and control of the wireless airspace, all of which was lacking in the wireless controller solution previously deployed. With a small central IT staff to cover the 31 school locations, the ability to remotely manage and quickly troubleshoot WiFi networks was critical.

Getting on the WiFi Freedom Trail with Open AP Standards
Posted by Hemant Chaskar on Feb 10, 2017

In the past, the “open revolution” became ingrained in our lives in the form of open source software. Now it is coming to infrastructure components in the form of hardware-software disaggregation.

What is Hardware-Software Disaggregation?

Disaggregation breaks vendor lock-in between infrastructure hardware and function-enabling software. The approach is to standardize interfaces between the two. Standardization of disaggregation started with OCP (Open Compute Project) founded by Facebook. Now, OCP has vendors across the industry as active participants. OCP’s first focus areas was scale computing. Disaggregation for data center compute and storage turned out to be a big success as many vendors today provide OCP based server technologies.

intelligent-aps.png
The Impact of Cognitive WiFi™
Posted by Rick Wilmer on Feb 6, 2017

Today we announced the launch of Mojo Aware™, which is based on a technology we invented called “cognitive WiFi”. It is a core technology that goes beyond anything previously devised to create a network with independent cognitive ability. Aware is a network that thinks, and drives itself to provide faultless never ending high performance connectivity. Aware exploits the limitless resources of the cloud to serve a singular purpose: to make the network run better.

Sound impossible? It’s not.

Aware harnesses the power of cloud, big data analytics, automation, and self-awareness to deliver a pristine experience to your WiFi users – all the time, in every location, regardless of what devices and applications they’re using. Cognitive WiFi visualizes the quality of experience for every one of your users and automates root cause analysis if network problems do occur. It helps you resolve problems rapidly instead of turning them into a wild goose chase. It even proactively fixes WiFi issues before they happen, but if a user does call the helpdesk with a “WiFi problem,” it tells you exactly what's going on – even if it has nothing to do with WiFi.

Why should network admins be chained to the network? Why should users have to flag WiFi issues? They shouldn’t. We think that networks should be intelligent and self-healing, which is exactly what we’ve built.

knob-noster-schools-wifi.png
The Impact of WiFi on the Digital Learning Experience
Posted by Erika Hashemi on Jan 11, 2017

A Mojo Customer Story: Knob Noster School District

Located in West Central Missouri, Knob Noster School District provides a distinctive mix between rural and urban settings. With 1,600 students and 225 faculty dispersed between four locations, Knob Noster maintains a commitment to high-quality education by identifying ways in which technology can be integrated into all functions for their students.

Internet-things-indoor.jpg
Low Power IoT Integration with WiFi Access Points
Posted by Hemant Chaskar on Jan 5, 2017

Local wireless connectivity is critical for IoT. Early IoT applications such as appliances remote control have used WiFi due to its prevalence in homes and offices. That said, WiFi is not suitable for many other IoT applications, particularly those requiring low power operation on coin batteries. Also for many IoT applications, WiFi data rates are much higher than needed. WiFi also does not provide elegant approach to create self-organizing mesh network of IoT nodes. These gaps are filled by Zigbee, Thread and BLE.

Mojo Networks’ C-130 is Gold
Posted by Kaustubh Phanse on Dec 16, 2016

We just got notice on some very exciting news on the K-12 education and Higher Education front. Mojo Networks and its C-130 have won New Product of the Year Awards! One for best new networking product for the K-12 market in School Planning & Management, and one for best new networking product for the higher education market in Campus Planning & Management.

Mojo Cloud Managed Platform Release 8.2
Posted by Robin Jellum on Dec 9, 2016

A chill is in the air, the holiday season is upon us, and the wait for the 8.2 release is over! We are excited to announce the following new features -- now available to all our customers at no extra cost.

Like Peanut Butter and Chocolate… Performance and Rogue Detection is Always Better Together
Posted by Sean Blanton on Nov 18, 2016

We all know performance testing is as important a task as any in the WiFi business. We need to know the limits of our access points after all, and it certainly helps you to have all the information at hand to make the most informed decision you can. But performance testing focused soley on speed? Well, while it's important, it doesn't give you all the information you need. Because you, dear reader, are not just upgrading your WiFi for speed. You want all the bells and whistles that come standard with enterprise WiFi platforms today. And you want to turn them all on. And most importantly, you want to know if and how they affect speed.

Higher Education Case Study: Improving the WiFi Student Experience
Posted by Erika Hashemi on Nov 9, 2016

Walsh, a Catholic University of Distinction, is well known for its outstanding academic facilities, chapel, residence halls and unique educational programs. Over the last fifteen years, Walsh has seen an 80 percent growth in student enrollment; they soon discovered that their student capacity was growing too fast for their wireless network to keep up, and they needed to clear up the bottleneck. The Office of IT quickly found that their Cisco, controller-based wireless network was a significant contributing factor and could not maintain adequate throughput for the growing number of devices connecting to it. More importantly, they began to see that students and faculty were unable to stay connected at all.

What are the Realities of WiFi Troubleshooting?
Posted by Sean Blanton on Oct 18, 2016

It goes without saying that WiFi can be, how should I put it, a bit temperamental at times. To be fair, any mode of digital communication that occurs over-the-air is subject to subtle and invisible fluctuations that pop up in the surrounding environment at any time. But when you add on top of that the necessity that WiFi provide an uninterrupted, easy-to-access and (above all else) fast experience, you can begin to imagine the tremendous stress WiFi administrators must feel every day. But imagination doesn’t help us quantify the problem, nor fix it. That’s where a brand new survey by ZK Research comes into play.

mojo-arrow-partnership.jpg
Bringing True Disaggregation to the Network
Posted by Rick Wilmer on Oct 13, 2016

Disaggregation is a hot topic, and a major trend for data centers. Many large enterprises look for flexibility, choice, rapid deployment and cost efficiencies that disaggregation brings technology. By separating the costs of hardware from the costs of cloud software, enterprise organizations are able to find the best solutions.

mojo-aware.png
Mojo Cloud Managed Platform Release 8.1.1 — September 2016
Posted by Sean Blanton on Sep 26, 2016

Hello Mojo World! Autumn is fast upon us and as the leaves begin to change (depending on where you are of course) so too does our cloud platform with another great product release. Today I want to highlight two key aspects, each of which represent a significant foot forward towards the future of WiFi, and we are excited to share them with you today.

How Will the Wired and Wireless LAN Access Infrastructure Landscape Evolve?
Posted by Freddy Mangum on Sep 22, 2016

In today’s mature networking market, there are a good number of wired and wireless networking vendors. They offer traditional hardware pricing, complicated packages, expensive on-premise appliances, and limited cloud managed WiFi solutions. They are trusted logos and appeal to the “play it safe” mindset.

However, there are a good number of organizations that don’t want more of the same. They are looking for something innovative. They are looking for networking infrastructure solutions that offer:

mojo-ruckus-aruba.png
What Drives Great WiFi Access Point Performance? Hardware Components and Software Architecture.
Posted by Robert Ferruolo (Dr. RF) on Sep 20, 2016

Why don’t most enterprise WiFi access point vendors tell you what’s inside their AP? They don’t publish which WiFi chipset the AP uses, or the CPU specification. At best they state the amount of RAM. When you evaluate APs for your deployment, you should consider hardware components. Hardware components and the software running on it will impact the AP’s performance and user experience. The test results below demonstrate this.

Ruckus R710 Mojo C-120 distributed client benchmark test
Mojo C-120 Accepts the Ruckus R710 BeamFlex Challenge
Posted by Robert Ferruolo (Dr. RF) on Sep 15, 2016

While doing research on the Ruckus website for the R710, I noticed the statement of “Up to 2 times extended range and coverage with Ruckus BeamFlex technology.” Challenge accepted! To evaluate this claim we used a distributed client test, which determines the AP’s downstream performance when its clients are spread near and far, from excellent to marginal signal strength and points in between. This test simulates the performance of the AP in a typical enterprise, carpeted environment.

test-results-mojo-aerohive.png
Benchmark: C-120 vs. Aerohive AP250 in the Classroom
Posted by Robert Ferruolo (Dr. RF) on Sep 14, 2016

WiFi is a Utility, and Needs Capacity Planning

When is the last time you said: “Wow, this WiFi is great!”? You don’t really notice it when it works. You are more likely to say: “This WiFi is crap” when it doesn’t meet your expectations. WiFi is no longer a convenience, it’s an essential utility like electricity. You would like it work every time and without hesitation, like turning on a light.

Like the power grid, one of the biggest challenges in designing a wireless network is capacity planning. The goal of capacity planning is to determine how many access points are needed to provide a good user experience. Deploying too many APs is a waste of money and can make performance worse, but deploying too few will cause user experience problems (the equivalent of brownouts) when an AP becomes oversubscribed.

test-results-mojo-meraki.png
Let’s Have a Public Bakeoff of Mojo C-120 vs. Meraki MR53
Posted by Freddy Mangum on Sep 13, 2016

Surprisingly, we have been receiving a lot of social media chatter from Meraki folks about our latest performance testing comparing the Mojo C-120 to Meraki’s MR53, two leading 802.11ac Wave 2 access points.

Meraki MR53 MR42 benchmark performance test
Benchmark: The 4x4 Meraki MR53 vs. the 4x4 Mojo C-120
Posted by Robert Ferruolo (Dr. RF) on Sep 8, 2016

In a recent blog post we compared the performance of the Mojo C-120 to the Meraki MR42. In that blog we highlighted results of a test we ran last spring. When we test, we test the best of the competition with the latest software and published best practices at that point in time. When that test was run, the MR42 was the best Meraki had to offer. Once Meraki made the MR53 available, we tested it and here are the results.

Enhance WiFi Control and Security with Google Apps and Mojo Enforce
Posted by Freddy Mangum on Sep 7, 2016

Google Apps for Education is crushing it in the education market. They deliver tons of management features, securely via the cloud, and make their architecture highly extensible via rich application programming interfaces (APIs). To date, Google Apps for Education hosts user and device policies for more than 50 million students, teachers, and administrators around the world.

meraki-mr42-download-benchmark.png
Benchmark Test: Meraki MR42 vs. Mojo C-120 Download Throughput
Posted by Robert Ferruolo (Dr. RF) on Sep 1, 2016

Mojo Networks provides a great K-12 solution by covering the three S’s for education – Safety, Simplicity, and Savings. We provide safety with the best WIPS solution in the industry. Our cloud managed WiFi stretches E-Rate dollars, saving the unnecessary cost of controllers, and our pricing eliminates expensive AP markup. Our automatic AP configuration couldn’t be simpler. I’d like to add a fourth S to this line-up: Speed.

HD Video Streams: How Many Can Your AP Support?
Posted by Robert Ferruolo (Dr. RF) on Aug 30, 2016

The classroom paradigm continues to shift as new technology is adopted. Long gone are the days of watching a movie in class by threading the film from one reel, through the projector, onto the other reel. Film was replaced by videotape, which was replaced by laser disks and then by DVDs. The new classroom instruction model includes HD video streamed wirelessly on demand from a local/regional distribution server (or from the web) to each student, who has their own computer or tablet.

The latest paradigm is much more personal and interactive, which greatly increases the number of clients (tablets, laptops, and smartphones), the client density, the different types of applications, and the requirements and bandwidth those applications. In order to be able to support this shift, many parts of the school’s IT infrastructure must be updated, especially the wireless LAN.

benchmark test results Aruba IAP-325
Comparing Aruba IAP-325 802.11ac Wave 2 Performance to Mojo C-120
Posted by Robert Ferruolo (Dr. RF) on Aug 24, 2016

Mojo C-120 Dominates, Aruba IAP-325 Lags in Campus WiFi

When we do competitive performance testing, we expect the premiere APs from our competitors to be in the same ballpark. We were quite surprised at the poor showing of the Aruba IAP-325 in the 50 client, mixed application test. The Aruba IAP-325 performed on par with the Mojo C-120 for the video and voice clients, but at the expense of the data clients where only 40% met the 1 Mbps minimum data throughput standard.

c-130-benefits.png
The Benefits of a 3-Radio 802.11ac Wave 2 Access Point
Posted by Freddy Mangum on Aug 23, 2016

Mojo Networks recently introduced the C-130, a three-radio 802.11ac Wave 2 access point, because our enterprise and university customers demanded more functionality for their WiFi infrastructure. The C-130 is a multi-purpose access point that can dedicate the third radio for an array of functionalities and associated benefits:

future-of-cloud-wifi-v2.png
In Networking and WiFi, It’s All SDN and the Cloud
Posted by Freddy Mangum on Aug 18, 2016

It’s all about software! Software on networking devices, and a robust software management architecture delivered via the cloud that manages thousands of networking elements.

half-secure.png
The Half-Truth of SSAE 16 Certified Data Centers
Posted by Hemant Chaskar on Aug 17, 2016

To assure customers about security, vendors of cloud managed WiFi often tell their customers that they use “SSAE 16 certified data centers.” It is essential to drill down into this claim, else it stands the risk of being a half-truth, and as Mark Twain once said, “A half-truth is the most cowardly of lies.”

load-balancing-1.png
Smart Client Load Balancing
Posted by Robert Ferruolo (Dr. RF) on Aug 16, 2016

Wireless Is Great, Except When It Isn’t

One of the challenges of WiFi is that clients are notoriously self-interested and use a very rudimentary decision-making process to determine which access point to connect to. This decision is simply based on AP signal strength or signal-to-noise ratio (SNR). The IEEE 802.11k standard is designed to help the clients make better, more informed roaming decisions, but to date very few clients have implemented it.

oakland-catholic-high-school.png
A Mojo Customer Story: Oakland Catholic High School
Posted by Erika Hashemi on Aug 11, 2016

When Oakland Catholic High School implemented a new 1:1 initiative during the summer of 2014, Vernon Young (Director of Information Technology) expected to encounter some hiccups along the way, but what he did not anticipate was how poorly their controller-based WiFi would perform in a high-density K-12 environment.

warp-speed.jpg
Speed Wins… and Feels Really Good, Too
Posted by Rick Wilmer on Aug 10, 2016

I have a friend in Hong Kong who bought a new Lamborghini. As an automotive enthusiast I was inquisitive. Hong Kong traffic is horrendous, thus I was particularly curious about where he could actually drive his Lambo. I asked: “Where can you go fast?” In all seriousness he replied: “Why would I want to go fast? Nobody would ever see me!”

Benchmark 802.11ac Wave 2 Performance: See How Mojo, Aerohive, Aruba, Meraki, and Ruckus Compare
Posted by Sean Blanton on Aug 9, 2016

The backbone of any WiFi network is the access point. Speeds have increased significantly with the advent of 802.11ac, and its second iteration (referred to as “Wave 2”) we are finally seeing multi-gigabit WiFi come to the forefront. These improvements owe a lot to the advancements made by chipset manufacturers and ODMs, who in turn create an ecosystem from which all major players pull their hardware. But hardware only goes as far as the software that lives within: in reality the highest levels of performance are realized from these two aspects working together. So when it comes to understanding that performance, two questions come to mind: How do you measure WiFi performance? And: Who has the best access point performance in the market today?

K-12-checklist.png
K-12 WiFi: Four Things To Consider
Posted by Freddy Mangum on Aug 4, 2016

WiFi in K-12 classrooms is central to today’s e-learning approach to education. While there are many ways to deploy WiFi in schools, here are four simple things to consider when you upgrade the wireless network at your school.

Enterprise Wireless LAN Controllers No Longer Needed. See For Yourself.
Posted by Freddy Mangum on Aug 3, 2016

There has been much chatter over the years on controller versus controllerless WiFi for large networks. No matter your WiFi religion, there is nothing like a real-world use case to see how the market is evolving, and we have an impressive one for your consideration.

Mojo Networks has captured anonymized data from a Global 2000 customer who runs both a cloud managed WiFi and a Cisco wireless LAN controller network. This customer supports large distributed and campus networks in K-12, higher education, enterprise, hospitality, retail, and an array of other verticals. They will eventually roll out one million access points.

Are You Pokémon Go Ready?
Posted by Sean Blanton on Jul 30, 2016

Within a week of its launch, Pokémon Go has become one of the all-time hottest smartphone games.

The first popular implementation of augmented reality (AR), Pokémon Go is based on the Nintendo Game Boy games first introduced in 1996, and which then led to cartoons, card games, and more. (Ah, memories...!) The game has already captured players of all ages and pulled them into capturing Pokémon at the office, on the street, at the park, and everywhere in between. The question is, with schools starting back up in August and September, is your campus Pokémon Go ready? 

Background Scanning is Dead
Posted by Sean Blanton on Jul 29, 2016

It’s no secret that WiFi is becoming the primary (sometimes only) way to access the network in major enterprises, universities, and schools. WiFi networks are seeing growing numbers of devices, and in turn growing traffic of high-bandwidth voice and video applications. You can no longer simply plug in an access point and expect it to maintain strong, reliable connections: you need access points that can dynamically adjust themselves and the clients around them when conditions turn for the worse. But how can an access point do that? Two words: dedicated scanning.

Three Ways to Get the Most From Your RF Environment
Posted by Robert Ferruolo (Dr. RF) on Jul 26, 2016

Networks are a shared resource and as such suffer from the tragedy of the commons. In networking terms this means that applications and protocols are designed to do their job (self-interest) with no regard to the impact on the network (commons).

Comprehensive Application Control For Your WLAN
Posted by Abhinav Mathur on Jul 23, 2016

Release 8.0 of Mojo Wireless Manager included Application Visibility. With release 8.1 we are increasing application control power by adding Application Firewall. With the two together, you get robust application management. Here’s why you need it.

mojo-packets.png
Mojo Packets: Mythbusting a “Rule” of WiFi Roaming
Posted by Davneetsingh Narang on Jul 20, 2016

Every wireless troubleshooting story starts with a user complaint: “There’s a problem with the WiFi.” (Although sometimes the complaint is in more colorful language.) Here’s how we easily solved one issue using Mojo Packets, our online troubleshooting tool (formerly called WizShark), and busted the myth that stationary clients don’t roam.

Mojo Cloud Managed Platform Release 8.1 — July 2016
Posted by Sean Blanton on Jul 18, 2016

Happy summer, Mojo World! It’s time again for another cloud release and I want to take some time to highlight a couple of key items. Our goal is simple: deliver superior enterprise WiFi. And though our past releases focused on our cloud architecture built around WiFi analytics and automation, this time we want to hone in on the cool new things our access points are doing to help ensure your WiFi is the best it can be. So let’s focus on two specific additions: Mojo Air and the Mojo Cluster Protocol (MCP).

Radio Resource Management That Never Sleeps
Posted by Sriram Venkiteswaran on Jul 16, 2016

RRM (Radio Resource Management) is a collection of techniques in which access point radios continuously analyze the RF spectrum to do the following:

  1. Adjust the operating channel to mitigate co-channel interference.
  2. Adjust the operating power to optimize coverage.
  3. Provide coverage hole protection by automatically increasing the power when neighbor APs fail.
  4. Ensure clients are evenly load-balanced between the APs, between channels, and between bands.
  5. Ensure clients are connected to the best possible access points (address “sticky client” behavior) by steering them to the right access point.
  6. Ensure air time fairness by making sure less-capable clients do not consume excess bandwidth.
Targeting WiFi Dinosaurs
Posted by Rick Wilmer on Jul 14, 2016

Imagine 65 million years ago, a Tyrannosaurus rex looking up at the night sky. (Despite what we saw in Jurassic Park, the T. rex actually had excellent eyesight.) She might enjoy looking at the stars, and maybe one night, she saw a shooting star moving across the sky. She gave it a second glance, and probably should have paid closer attention, but continued to move on into the night.

e-rate-logo.jpg
The Five New Changes to E-Rate Funding You Shouldn’t Ignore
Posted by Erika Hashemi on Jul 12, 2016

Last month, USAC released E-Rate Funding Year 2016 Wave #1, and now roughly $17M in recently-approved funds is at risk of being delayed or cancelled if applicants don’t adhere to these new changes in the E-Rate funding process. We’ve sorted through all of the important updates from USAC to provide you with a simplified list of what’s new, and what’s needed in order to obtain your E-Rate reimbursements.

scalable-lg.png
A Change for the Better: How the Cloud Extends the Power of Your WiFi
Posted by Sean Blanton on Jul 11, 2016

We’ve all been there right? Stuck in a rut, unable to break free from the ways we’ve always done things. No, I’m not talking about your love life (well, not in this post, anyway), I’m talking about WiFi! Big things are happening in the world of enterprise WiFi, and we at Mojo are excited to lead the efforts to innovate our business and deliver services and specialized features that really make a difference. Let’s dive into an example, shall we?

802.11ax: Optimistic CSMA for Efficient Channel Reuse in WiFi
Posted by Hemant Chaskar on Jul 9, 2016

802.11ax is the new 802.11 standard currently in the making. Unlike earlier 802.11 standards that mainly focused on increasing raw link speeds, the design objective now is to increase airtime efficiency. One feature it introduces is OFDMA (Orthogonal Frequency-Division Multiple Access) to address the airtime inefficiency caused by short WiFi frames. The other is dynamic sensitivity control, which modifies traditional CSMA (Carrier Sense Multiple Access) to address airtime inefficiency caused by co-channel interference during channel reuse.

Putting Mojo in Your Benchmark Testing
Posted by Robert Ferruolo (Dr. RF) on Jun 29, 2016

So Many Variables, So Difficult to Control

Wireless testing is hard. Any variable can change the results. This post is for those of you who are interested in WLANs and comparing the myriad AP performance tests published by AP vendors, third-party test labs, universities, and anyone who has an AP and a client.

Red Lion by Rick Wilmer
Without Classroom WiFi, STE(A)M Doesn’t Exist
Posted by Rick Wilmer on Jun 27, 2016

Since the introduction of the STEM (Science, Technology, Engineering and Math) and STE(A)M (Science, Technology, Engineering, Arts and Math) movements about 10 years ago, there has been a focus on making sure that our students in the United States receive a great education to stay competitive in a worldwide market.

For me, the STE(A)M movement has a deeply personal connection. My background is in engineering and technology, my degree from Cal Berkeley is in Chemistry, which lead me to a 25-plus year career in technology. My education and career path have been very “left brain” (i.e. logical, analytical) focused. What I discovered over the years is that my “right brain” (intuitive, thoughtful, creative) not only needs a release but that giving that part of my mind regular exercise makes me better at my job.

Why You Need a Tri-Radio AP for the Best Real-Time Application Experience
Posted by Sriram Venkiteswaran on Jun 23, 2016

Last week, Mojo introduced the C-130, the industry’s first tri-radio Wave 2 access point with a 2x2 802.11ac third radio. (In an earlier post, Hemant Chaskar explained the security benefits of a 2x2 third radio.) In this post, I will show how that third radio provides significant performance improvements, especially for enterprises running voice and video over WiFi.

Why 802.11ac Wave 2? Speed and Capacity
Posted by Robert Ferruolo (Dr. RF) on Jun 22, 2016

WiFi, like walkie-talkies, uses a shared medium. Only one device can effectively transmit at a time. When two people talk on walkie-talkies at the same time, neither is understood. The serial nature (one transmission at a time) limits the capacity of the channel. Capacity can be increased by having users talk faster, or by compressing what is said by using abbreviations for words or phrases. (OMG, this blog post has TMI!)

Why Your Access Points Need a Third 2x2 11ac Radio for Security
Posted by Hemant Chaskar on Jun 21, 2016

WIPS monitoring requires scanning all WiFi channels in round-robin fashion to detect threats and vulnerabilities. This scanning can be in one of two forms:

  1. background scanning, in which a radio that provides WiFi access service intermittently scans off-service channels, or
  2. dedicated scanning, in which a radio is dedicated to security and does not provide WiFi access service.

For enterprises that desire strong WIPS security and/or those that deploy real-time applications, background scanning isn’t adequate for the following reasons:

c-130.png
Introducing the C-130: the Best-Priced, Highest-Performing 802.11ac Wave 2 Access Point
Posted by Freddy Mangum on Jun 16, 2016

As a leader in secure cloud managed WiFi, we look to introduce products that push the envelope in the industry. With that in mind, we’re extremely excited and proud to introduce the C-130 for a few key reasons.

First, the C-130 is the most powerful, versatile, and multi-purpose tri-radio 802.11ac Wave 2 access point. Second, Mojo Networks pricing makes the C-130 the best option on the market, even better than dual-radio access points.

monitor.png
Easier WLAN Troubleshooting with Wireless Manager’s New Monitoring Tab
Posted by Sean Blanton on Jun 7, 2016

Hello, Mojo world! As you saw, in April we had a new release that brought new features to our access points and our cloud. Today I want to hone in on Mojo Wireless Manager’s new Monitoring tab. We recognize that the average IT organization spends almost 80% of their day on monitoring and troubleshooting, and that with the growing demand for fast, reliable WiFi it’s paramount that you see what’s happening everywhere, so you can take action fast.

Easy WiFi Network Planning: Announcing Mojo Planner v6.0
Posted by Abhinav Mathur on Jun 2, 2016

Simplify Your WLAN Planning

Mojo Networks recently announced the new version of Mojo Planner, a Windows-based predictive wireless LAN planning tool for our customers and partners. It optimizes your WLAN based on WiFi coverage, capacity, and security.

twitter-image-tco-small.png
How Can You Reduce Your Overall Enterprise WiFi Costs By Up To 56%?
Posted by Sean Blanton on Jun 1, 2016

We hear this question a lot. The explosion of mobile devices and the increased bandwidth possibilities of 802.11ac Wave 2 mean even greater demands on WiFi networks. That often means more pain for network managers, but eliminating those pains is our goal at Mojo Networks.

Stop Getting Ripped Off: Don’t Overpay for Enterprise Grade WiFi Access Points
Posted by Rick Wilmer on May 12, 2016

Your current WiFi vendors are making a fortune on your back. They’re overcharging you, keeping you tied to on-premise controllers, and limiting your choices. They’re doing what’s best for them and not what’s best for you, all under the premise of “enterprise grade” and “high performance” marketing jargon.

Announcing the Mojo Lifetime Limited Warranty
Posted by Sean Blanton on May 11, 2016

It wasn’t too long ago that we announced how we’re changing the way customers purchase WiFi. We don’t want you stuck in a business model that stymies innovation and maintains expensive, inefficient processes. We know there’s a better way. And so today I am proud to announce the new Mojo Lifetime Limited Warranty: a continuation of our efforts to remove inefficiencies, promote innovation and seriously reduce your headaches. You heard it here first: no more RMA.

Mojo Cloud Managed Platform Release - April 2016
Posted by Sean Blanton on May 2, 2016

Hello Mojo world! Today I am psyched to announce yet another amazing release of the Mojo cloud managed platform and, as always, I want to take some time to share the highlights. We’re making a big jump forward as we introduce Mojo Wireless Manager 8.0 and setting the stage for an exciting year of change. We want you to have the accurate, in-depth analytics and automated processes needed to effectively monitor and troubleshoot your network.

The Future of WiFi Starts Here
Posted by Rick Wilmer on Apr 28, 2016

I am thrilled to share that following a successful trial with Global 2000 customers over the past year, Mojo is rolling out its new business strategy for enterprise WiFi to all users. Through our esteemed channel partners, our customers can now purchase our state-of-the-art WiFi hardware without a pricey markup...none, zero, no mark up...period. Customers can buy our access points just the way they always have – from Mojo partners – along with our leading cloud service to manage those access points. The access points, and thus the overall solution, is now (a lot) less costly. This revolutionary direct-to-market business model lets users save up to 50% over traditional WiFi vendors.

8 TCO Advantages for Cloud Managed WiFi
Posted by Sean Blanton on Apr 26, 2016

What factors enter into a calculation of the total cost of ownership of a WiFi network, in terms of money, time, and trouble? Let’s start with the obvious.

Three Security Scans that Cloud Networking Vendors Must Do for You
Posted by Hemant Chaskar on Apr 20, 2016

Early adopters of cloud managed networking (WiFi in particular) cited simplicity of deployment, ease of management, and favorable economics as key benefits of this architecture. While these benefits continue to hold true and improve by the year, I now see increasing awareness among customers about the security posture of the cloud. Part of the reason may be that cloud networking architecture is now transcending from niche to mainstream, even encompassing bigger enterprises and large service providers. As this happens, there are a growing number of cases where security departments in organizations weigh in on major infrastructure decisions.

What’s Next for Cloud Managed WiFi?
Posted by Hemant Chaskar on Apr 12, 2016

Necessity is the mother of innovation. Cloud managed WiFi was born out of the need to provide a management plane for controllerless WiFi, and provided additional benefits of reducing network TCO via economies of scale, multi-tenancy, and simplicity of administration.

Having come thus far, the question now is: What lies ahead for cloud managed WiFi? What are today’s needs that will drive the next wave of innovation?

802.11ax: Fighting the Menace of Small Frames for Efficient WiFi
Posted by Hemant Chaskar on Apr 8, 2016

802.11ac Wave 2 is rising fast, as legacy 802.11n networks are upgraded. Current 802.11ac Wave 1 networks may not upgrade to Wave 2 right now, but by the time these networks have hit their typical 4-5 year lifespan, the next WiFi standard will be available: 802.11ax.

Five Security Aspects Important for Cloud Managed Networking
Posted by Hemant Chaskar on Apr 5, 2016

Early adopters of cloud managed networking (WiFi in particular) cited simplicity of deployment, ease of operation, and favorable economics as key benefits. These benefits have proven themselves over years for many organizations, but of late I have seen a new consideration coming to the forefront: security of the cloud.

Design Best Practices for Campus Wave 2 WLANs
Posted by Sean Blanton on Mar 31, 2016

The campuses of today (and tomorrow) need high-capacity, reliable, and secure WiFi networks. It’s quite a challenge to design a WLAN that will support all applications, anytime and anywhere, on all devices (smartphones, tablets, and laptops). Happily, 802.11ac Wave 2 access points and clients are here. They’ll make your job easier.

Do You Have the Right Network Security Strategy?
Posted by Sean Blanton on Mar 28, 2016

A network-focused strategy for wireless security is the conventional wisdom, but is it really the right one? In our next webinar (Wednesday, March 30th, at 8:00 am PST), I’ll argue that a client-focused strategy is best.

The W-68 is Here!
Posted by Sean Blanton on Mar 22, 2016

As many of you saw last week we announced our latest release for Wireless Manager and Guest Manager - it’s packed with great new features to enhance every aspect of your wireless network. Today I want to zero in on one aspect of that release, and introduce you to another member of the Mojo Access Point family: the W-68!

School WiFi Device Management
Posted by Sean Blanton on Mar 17, 2016

In the past, a school IT department kept the phone systems running and maintained some desktop computers. Those days are long gone. Today, IT people need to monitor and maintain not just more computers than ever before, but mobile computers: tablets and laptops and smartphones. Some are owned by the school, but teachers and students also bring their own. How can IT maintain, control, and keep track of them all?

It’s easier than you think: a Mojo network comes with an extensive suite of features, each designed and built to make your job (and your life) easier. You won’t need a separate, third-party application for mobile device management (MDM) to accomplish these core tasks.

Mojo Cloud Managed Platform Release - March 2016
Posted by Sean Blanton on Mar 14, 2016

Hello, Mojo world! We’re really excited about our most recent release to the Mojo cloud managed platform and I wanted to quickly share some highlights. There’s a lot packed into this release. Both Wireless Manager and Guest Manager got updates that will help you with every aspect of your WiFi program - whether it’s for providing fast, reliable access, ensuring the most secure environment possible, or looking for cool new ways to engage with your guests after they connect.

IDC Report: IT Moves Into the Cloud
Posted by Sean Blanton on Mar 10, 2016

WiFi is changing in a big way. The explosion of wireless devices and growth in cloud applications means that enterprise-grade wireless networks are now a must for more than just the enterprise. Education, hospitality, retail, healthcare, and large public venues also need robust, secure networks.

Accton heralds the future as they open networking standards for WiFi
Posted by Freddy Mangum on Mar 9, 2016

Since launching in 2003, we’ve been committed to advancing innovation and integrity in the digital age. We take pride in creating — and constantly improving upon — cloud-managed WiFi that can meet the world’s increasing demand for seamless connectivity. We recognize that the industry has many hurdles to overcome, and as such are always excited to see fellow tech visionaries sharing our values and goals — enterprises that are focused on the present and the future needs of an increasingly cloud-first world.

Educators Need Enterprise-Grade WiFi Networks
Posted by Sean Blanton on Mar 8, 2016

Enterprise-grade isn’t just for the enterprise any more. Educators need fast, high-capacity, secure networks to handle lots of mobile devices and the classroom learning that depends on them. Old-fashioned networks with hardware controllers just aren’t enough. They are too expensive, too difficult to maintain, too hard too expand. That’s why more and more schools are turning to cloud managed, controller-less WiFi networks.

Future-proof your network with the latest in 802.11ac Wave 2 technology
Posted by Sriram Venkiteswaran on Mar 2, 2016

The explosive growth in mobile devices, high-bandwidth applications, and the Internet of Things (IoT) all place greater demands on WLANs. The new 802.11ac Wave 2 standard has come along just in time, and Mojo and Qualcomm are on board with it.

Alpha partners with Mojo to deliver prolific hotspots and business connectivity on a global scale
Posted by Freddy Mangum on Feb 29, 2016

In today‘s increasingly connected world, the need for Wi-Fi hotspots and wireless business connectivity has skyrocketed as cable operators look for ways to deliver value-added services like video, voice and high speed Wireless Internet access. With a wireless network in everyone‘s mobile device, cable providers are constantly in search of the most innovative, scalable and cost-effective products to keep up with the growing demand for connectivity.

Using Wave 2 to Quadruple the Capacity of Your Classroom WLAN
Posted by Sean Blanton on Feb 25, 2016

Classrooms are changing with the times

Forbes reported in 2014 that only 25% of all technology administrators said they have enough connectivity and bandwidth to meet student and teacher needs. Today’s classrooms increasingly need not “just” WiFi, but reliable, high-capacity WiFi. They need to deal with many challenges: the interactive learning of the “flipped classroom,” streaming video, online testing, and of course lots of mobile devices. They need to empower teachers, even those with limited access to IT support staff.

Empowering the channel with our new Mojo Force Partner Program and welcoming Ingram Micro
Posted by Kester Kyrie on Feb 16, 2016

Over the past year, we’ve been working closely with our channel partners to understand how to make it easier for them to sell and close deals faster. That lead us to completely re-engineer our partner portal to focus on speed, agility, and responsiveness, and today I’m proud to announce the result of that effort: our new Mojo Force platform. I firmly believe this platform is going to set a new standard for the relationship between vendors and the channel.

Up-level your guest WiFi engagement with Mojo Canvas!
Posted by Freddy Mangum on Jan 13, 2016

The role of WiFi is evolving to encompass much more than mere connectivity, and the growing demand for free and guest WiFi has created an opportunity to turn WiFi into another point of engagement for businesses. That’s why we’re launching Mojo Canvas, the only real-time customer engagement solution for the WLAN market. It allows retailers offering on-site WiFi to better engage with customers while they’re connecting, while remaining cost-effective, easy to manage, and flexible to scale across any location.

Introducing Mojo Networks
Posted by Rick Wilmer on Jan 11, 2016

After almost a year of behind-the-scenes work, I’m proud to finally introduce Mojo Networks to the world as the next evolution of our company as we say goodbye to the AirTight Networks brand. When AirTight was founded in 2003, WiFi was starting to gain traction as a critical piece of enterprise infrastructure. There were numerous concerns about WiFi and security and AirTight pioneered a Wireless Intrusion Prevention Solution (WIPS) to bring greater integrity and safety to networking. Eventually, our customers wanted AirTight to be their all-in-one wireless solution, and in 2009 we launched our cloud-managed WiFi platform that has since been used by Fortune 500s, Global 2000s and the highest levels of government.

Don’t Sacrifice Safety or Simplicity for E-Rate School Wi-Fi
Posted by Sean Blanton on Oct 6, 2015

By now, kids in primary and secondary schools across North America are settling back into their routines. But school IT administrators and tech-savvy principals and teachers should already be thinking about how to prepare their schools for the following year with fast and secure Wi-Fi, protect students from Wi-Fi hacking, and take advantage of available E-Rate Wi-Fi funds for next year’s deployments.

What Factors are Shaping the Method for Traffic Offload to Unlicensed Spectrum?
Posted by Hemant Chaskar on Sep 24, 2015

Telecom operators have set their eyes on offloading traffic to the unlicensed spectrum in the quest of increasing wireless capacity. To this end, we often hear terms like Wi-Fi offload, LTE-U (and its standards-based version called LAA), LWA etc. It is one thing to learn about any technology by hearing about it, but it is another to learn by getting your hands dirty working on it. I got to do exactly the latter when we engaged in the project to provide Wi-Fi offload network (of seven digit scale) for a telecom operator on the AirTight cloud Wi-Fi platform. It helped me gather better understanding of the offload technology and telco Wi-Fi market vertical.

What You Need to Know about 5 Cloud-Managed Wi-Fi Myths
Posted by Sriram Venkiteswaran on Sep 17, 2015

Any technology often sparks lengthy discussions, questions, and tends to summon some common misconceptions that can and should be disproven. Cloud Wi-Fi is no exception to this. I want to share some of the most common myths about cloud Wi-Fi that I’ve seen and show you why they are not reality.

Cloud Wi-Fi Brings Safety, Simplicity, and Savings to K-12 Schools
Posted by Sean Blanton on Sep 1, 2015

Remember the 3 R’s in K-12 education – “reading, writing, and arithmetic”? Well, at AirTight, we’re bringing the 3 S’s to K-12 education – safety, simplicity, and savings.

A New Series of 11 Webinars on Cloud Wi-Fi
Posted by Robert Ferruolo (Dr. RF) on Aug 24, 2015

A new series of 11 webinars on Cloud Wi-Fi

The most exciting advancements in Wi-Fi are happening right now in the cloud. Whether your priority is guest engagement, driving revenue, enhancing security, easier Wi-Fi management, or simply learning more about what cloud-managed Wi-Fi can do for you, this is your chance to understand how cloud Wi-Fi benefits your business!

Why SON May Be SDN Made For Wireless
Posted by Hemant Chaskar on Aug 18, 2015

There is an emerging trend to apply SDN (Software Defined Network) to Wi-Fi. Much of this discussion today is geared towards applying SDN constructs like OpenFlow and Network Function Virtualization (NFV) to Wi-Fi access points (APs). For example, OpenFlow interface on the AP to configure its settings from the SDN controller or to configure traffic handling on the AP such as packet classifiers and QoS from the SDN controller. Another discussion point is around tunneling AP traffic to NFV node for service provisioning. While these are good ideas, they do not cut to the essence of Wi-Fi, which is in the wireless. That is to say, these concepts are applied to APs in the same way they apply to other wired network elements like switches.

My Latest Webinar: Everything You Need to Know About Today’s New Cloud Wi-Fi Architectures
Posted by Sean Blanton on Aug 13, 2015

What is cloud-managed Wi-Fi and why should you care about it? This is exactly what I’ll be discussing in an upcoming webinar on Wednesday, August 19 from 11 am to 12 pm Pacific Time. This session is kicking off a brand new series on Cloud Wi-Fi webinars that Mojo will be hosting over the next several months. View the entire webinar series schedule here.

AirTight Recognized for Innovative Wireless Technology in the Mobile Industry
Posted by Kester Kyrie on Aug 12, 2015

Mobility is transforming the world around us. And we are thrilled and honored to be recognized for wireless innovation in the mobile industry.

4 Ways to Supercharge Your Outdoor Wi-Fi
Posted by Sriram Venkiteswaran on Aug 4, 2015

Great news: you can now have outdoor Wi-Fi that is easier to manage, more secure, and increases revenue.

Top Reasons to Use Wi-Fi Zoning Analytics
Posted by Sriram Venkiteswaran on Jul 27, 2015

How well do you know your customers and patrons? Do you know where they spend the most time in your building? Can you say what the busiest areas are throughout the day?

Presidio Partners: "Why We Like AirTight"
Posted by Freddy Mangum on Jul 21, 2015

At Presidio Partners, we strongly believe in the power of technology, innovation, and data to push our entrepreneurs and ourselves in ways that will make the world a better place and help us meet ever-changing societal challenges. This view informs our pursuit of investment opportunities with young, growing companies.

New Vision, New Leadership, New Growth for AirTight Networks
Posted by Freddy Mangum on Jul 14, 2015

Over the last few months, we have been thrilled to announce several new additions to AirTight Networks’ leadership team. You can read the press releases from December 18, 2014, June 17, 2015, and July 14, 2015 covering these leadership appointments, but we wanted to take some time to share a holistic view of the latest updates to AirTight’s executive team and vision. Our experienced and innovative leaders will position the company for continued success in the fast-growing enterprise Wi-Fi market.

Visit AirTight at ISTE 2015 - Booth 3161
Posted by Sean Blanton on Jun 28, 2015

Elevate the classroom experience with AirTight Secure Cloud Wi-Fi

New Mojo Networks Partner Portal
Posted by Freddy Mangum on Jun 23, 2015

I am proud to announce two new systems for Mojo end-users and partners.

MOJO SUPPORT PORTAL FOR END USERS
Mojo Support provides access to our knowledge base, makes it easy to create support tickets and contact support agents.

10 Lessons for Retailers from Recent Security Reports
Posted by Freddy Mangum on Jun 16, 2015

Recent security reports from Verizon and new data from Mary Meeker of Kleiner Perkins Caufield & Byers have important security lessons for retailers. This blog summarizes key findings from these two widely respected sources.

Zone-based Wi-Fi Analytics Made Easy
Posted by Sriram Venkiteswaran on Jun 11, 2015

Introducing Mojos Zoning feature integrated zone-based Wi-Fi analytics

PCI Compliance and Wi-Fi: Friends or Foes?
Posted by Robert Ferruolo (Dr. RF) on May 28, 2015

This is part three of our blog series dedicated to wireless PCI compliance; in this installment we focus on deployment best practices and common misconceptions. Read part 1: New PCI 3.1 Guidelines Address SSL Vulnerability and part 2: 3 Trends Impacting Wireless PCI Compliance

3 Trends Impacting Wireless PCI Compliance
Posted by AirTightTeam on May 21, 2015

This is part two of the three-part blog series dedicated to wireless PCI compliance, which is a hot topic for retailers and other enterprises that accept payment cards. Read part 1 of the series: New PCI 3.1 Guidelines Address SSL Vulnerability; part 3: PCI Compliance and Wi-Fi: Friends or Foes?

Google Project Fi – New Era for Mobile Technology?
Posted by Sriram Venkiteswaran on May 19, 2015

Google Project Fi is a new program launched by Google that claims to deliver fast, easy mobile service in partnership with leading carriers to create a unique experience for its subscribers. Below is a summary of its key features as advertised:

How to Hit a Home Run with iBeacon
Posted by Sriram Venkiteswaran on Apr 23, 2015

iBeacon has been getting a lot of attention lately mainly because of claims of how it can transform the retail industry. After having talked to many retail customers, iBeacon technology providers, and others closely associated to this eco system, it occurred to me that iBeacon and baseball have a lot in common.

New PCI 3.1 Guidelines Address SSL Vulnerability
Posted by AirTightTeam on Apr 23, 2015

On April 15, the PCI Security Standards Council (PCI SSC) published PCI Data Security Standard (PCI DSS) Version 3.1 and supporting guidance. The revision addresses vulnerabilities within the Secure Sockets Layer (SSL) encryption protocol that can put payment data at risk.

More on the Inner Workings of LTE-U for the Wi-Fi Professional
Posted by Hemant Chaskar on Apr 9, 2015

The first part of this 2-part blog covered the following topics:

How Does Restaurant Wi-Fi Pay for Itself?
Posted by AirTightTeam on Apr 8, 2015

Wi-Fi networks are a workhorse for internal restaurant operations. But when properly designed and implemented, they can also be highly lucrative, driving both customer loyalty and revenue.

Inner Workings of LTE-U for a Wi-Fi Professional
Posted by Hemant Chaskar on Apr 7, 2015

Earlier in my career, I worked for a cellular network vendor where I specifically focused on 3GPP (and 3GPP2) networks. Today, I am majorly into Wi-Fi and as you would expect, cellular networking went to my back burner. There existed a clear separation between cellular and Wi-Fi networks. That has now changed as the telco carriers turn to the unlicensed spectrum to add capacity.

2015 Year of the Goat and Wi-Fi & Security
Posted by AirTightTeam on Mar 3, 2015

In many Asian countries, the New Year is based on the lunar calendar and is dictated by the first new moon and ends on the full moon. In the case of the Chinese calendar, each New Year is marked by the characteristics of one of the 12 zodiacal animals: the rat, ox, tiger, rabbit, dragon, snake, horse, sheep, monkey, rooster, dog and pig.

AirTight at Wireless LAN Professionals Conference WLPC in Dallas
Posted by Sean Blanton on Mar 1, 2015

The Wireless LAN Professionals Conference is the brain child of Keith R Parsons - certified Wireless LAN professional, consultant and teacher. The conference consists of two days of fun, great topics, awesome gear, and wonderful networking. It features presentations from a vast array of experts in the field. The event is designed with two track sessions and short powerful talks called Ten Talks.

Year of the Horse: Wi-Fi and Security Thought Leadership
Posted by AirTightTeam on Feb 26, 2015

In many Asian countries, the New Year is based on the lunar calendar and is dictated by the first new moon and ends on the full moon. In the case of the Chinese calendar, each New Year is marked by the characteristics of one of the 12 zodiacal animals: the rat, ox, tiger, rabbit, dragon, snake, horse, sheep, monkey, rooster, dog and pig.

ISP Network on the Home Side and the Role Wi-Fi May Play
Posted by Hemant Chaskar on Feb 25, 2015

Recently, net neutrality has been a hot topic of debate. The discussion mostly centers on Internet video transmission in the ISP (Internet Service Provider) core network.

2015: Banner Year for Retail Wi-Fi
Posted by AirTightTeam on Jan 28, 2015

The New Year is a time to reflect on the changes we want or need to make. January is usually all about resolutions, setting goals and getting a fast fresh start. This applies just as much in business as it does on an individual level. All indications are that 2015 will be a banner year in the Wi-Fi industry as well as for AirTight partners and customers!

2015: The Year of Experience and Scale
Posted by Hemant Chaskar on Jan 16, 2015

Scale versus Scalability

They are different notions. Scale is mostly about numbers, but scalability incorporates business enablement in addition to scale.

Horizontal Scaling of Cloud Wi-Fi Management Plane
Posted by Sriram Venkiteswaran on Dec 10, 2014

One of the biggest benefits of using the cloud is its ability to scale. In the world of cloud managed Wi-Fi, scale really means being able to deploy tens of thousands of access points (APs) without having to worry about additional resources being available to manage them. However scaling Cloud Wi-Fi is not without its set of challenges. In this blog we will look at some interesting challenges in scaling Cloud Wi-Fi, and how they are addressed. So read on!

Kaustubh Phanse talks 4Cs and The Future with Cloud Wi-Fi
Posted by AirTightTeam on Dec 5, 2014

What is the CxOs to do? Whether you’re a CEO, CMO, CIO/CSO, or COO, your organization’s future must have a stake with cloud Wi-Fi. Dr. Kaustubh Phanse, VP of Content and Product Design at AirTight Networks recently keynoted on this very topic at CRN’s NexGenCloud Conference. In case you missed his keynote, you can flip through the SlideShare companion.

CRN 2014 Tech Innovator Awards
Posted by AirTightTeam on Nov 20, 2014

Each year, CRN Test Center's Tech Innovator Award program recognizes companies that deliver outstanding innovation in hardware and software solutions specifically developed for the enterprise.

How Long Will Wi-Fi Protect You from Carrier Monetization Programs?
Posted by AirTightTeam on Nov 13, 2014

In the last couple of weeks, several reports on carriers’ plans and practices to track and analyze their mobile web traffic caught the attention of consumers and privacy watchers.

What’s Under the Hood in WiFi Analytics
Posted by kevin.mccauley on Nov 5, 2014

Our security researchers recently took a look at Apple’s iOS8 MAC randomization feature. It was touted by Apple for its ability to protect consumer privacy from persistent WiFi tracking, but turned out to be of limited usability as currently implemented. With all the interest in privacy features, we thought we’d give you a look at what’s ‘under the hood’ in retail WiFi analytics.

AirTight Networks Honored with Two Industry Awards
Posted by AirTightTeam on Nov 3, 2014

AirTight Networks was honored with two industry awards for Cloud Wi-Fi, and Social & Analytics. AirTight won a 2014 Cloudys Cloud Channel Innovation Award and a Gold status from 2014 Golden Bridge Awards. Both awards were announced on September 8, 2014.

The Hunt for Rogue October
Posted by Rick Farina on Oct 30, 2014

Recently, I was invited to speak on Wi-Fi security at Wireless LAN Professionals Conference Europe in Maastricht, Netherlands. Excited about my first trip to the Netherlands, I quickly said yes and off I went. After meeting up with my co-worker, we arrived the evening before the conference to relax and check in. As a vendor neutral conference, the only Wi-Fi available was offered by the hotel (free!). On night one, we enjoyed some conversation with a few of our peers, and retired early to catch up on email (and sleep).

The Impact of IoT on Enterprise Wi-Fi
Posted by AirTightTeam on Oct 22, 2014

Choose your wireless network carefully. Cloud and APs are not all created equal.

Wire-Side Containment - Hidden Gem of Rogue Access Point Protection
Posted by Hemant Chaskar on Oct 16, 2014

The FCC’s decision to impose a fine on Marriott Hotels for unscrupulous Wi-Fi containment has set off numerous debates. Many in the WLAN community have opined on its implications for the use of unlicensed spectrum (see references below and follow Twitter discussion on the topic). These parleys have touched upon performance impact, security challenges and Wi-Fi monetization practices.

Wireless LAN Professionals Conference - Europe
Posted by AirTightTeam on Oct 14, 2014

Unless you've been hiding under a rock or are a WLAN newbie (in which case you’re forgiven), you know about Keith R. Parsons and WLAN Pros …

Understanding FCC decision regarding Wi-Fi containment at Marriott
Posted by Hemant Chaskar on Oct 4, 2014

Yesterday the FCC issued an order and consent decree (settlement details) DA 14-1444 in the investigation of Marriott International regarding blocking of personal Wi-Fi hot spots in the conference facilities of the Gaylord Opryland hotel property. The FCC imposed $600,000 fine. The decree mentions Marriott admitting that the blocking was performed using the rogue containment feature of a Wi-Fi monitoring system (We do not know which Wi-Fi monitoring system they used).

First Annual CWNP Conference
Posted by AirTightTeam on Sep 19, 2014

The First Annual CWNP Conference is fast approaching. Here at AirTight Networks, as participants and presenters, we’re very excited about this inaugural event. We’ll be up at 1:00 P.M. ET on Tuesday September 23rd with Robert Ferruolo and Gopinath KN leading a session on wireless troubleshooting made easy (you read correctly, it’s not an oxymoron).

Black Is The New Orange
Posted by AirTightTeam on Sep 18, 2014
View AirTight's redesigned blog site at blog.airtightnetworks.com
802.11ac WLAN Sales on a Tear
Posted by AirTightTeam on Sep 16, 2014

Did you know that sales of enterprise-grade wireless LAN equipment with the new 802.11ac Wi-Fi standard are expected to skyrocket over the next four years? This is partly due to the aggressive pricing strategies, according to a report from Dell'Oro Group.

802.11ac AP with ‘IoT-ready’ WIPS Launched
Posted by AirTightTeam on Sep 15, 2014

C-65 Wi-Fi AP/sensor makes the 802.11ac transition easy and affordable as connected devices proliferate.

On September 4, 2014, we announced the launch of our new AirTight C-65, an 802.11ac Wi-Fi point AP / sensor. It eliminates current and emerging wireless security threats and removes the tradeoffs in functionality often associated with upgrading to 802.11ac. Read the announcement.

What’s new?

High-value, no compromises in 802.11ac

The AirTight C-65 has dual concurrent 5 GHz and 2.4 GHz band radios supporting 802.11a/n/ac, 802.11 b/g/n, two spatial streams, and data rates of up to 866 Mbps and 300 Mbps, respectively. The device operates on AC power or can be powered using the prevalent IEEE 802.3af PoE standard. This does not result in any loss of 802.11ac performance unlike for some 802.11ac products, which require expensive infrastructure upgrades to PoE+ (802.3at) for full functionality.

Google Pushing HTTPS Further
Posted by Hemant Chaskar on Sep 11, 2014

Implications for Public Facing Wi-Fi Security, Advertising and Analytics

You may have already noticed - Google search has been strictly using HTTPS for some time now. Typically, people do not enter passwords in keyword search and so people probably were not terribly worried about search sites not using HTTPS (Bing still allows HTTP). Nonetheless, Google seems to have taken position in favor of HTTPS. YouTube also allows HTTPS (though HTTP option is also available today). When YouTube page is accessed over HTTPS, videos also stream over HTTPS (a way to check this is funny name option called "Stats for nerds" which shows on right click on YouTube video). One could also say Google is making a point here that HTTPS isn’t necessarily the scalability bottleneck today.

WeChat – This is how Social Wi-Fi is done in China
Posted by AirTightTeam on Sep 8, 2014

by Rohan Raheja

What Facebook friends info is shared during social login, and does it spam them?
Posted by Hemant Chaskar on Aug 20, 2014

Will my friends get spam if I use Facebook social login? What information about my friends will be shared?

Webinar Recap: Is 802.11ac Right for Your Network?
Posted by Matt on Aug 19, 2014

The third webinar in our 802.11ac webinar series was presented by our resident 802.11ac expert, Robert Ferruolo. Robert has over 20 years experience in the wireless industry and has been conducting competitive Wi-Fi performance testing for over 8 years.

Enchantment is The New Black #WFD7
Posted by AirTightTeam on Aug 6, 2014
Drew Lentz @Wirelessnerd
Riddle for Wireless Field Day 7 Delegates: What am I?
Posted by AirTightTeam on Aug 1, 2014

-- updated with the answer --

…And the Meshin’ is Easy
Posted by Dwight Agriel on Jul 29, 2014

As someone who has walked more than a few miles in a network administrator’s shoes, I’m all too familiar with the challenges of configuring and troubleshooting mesh environments. In my last position, as an administrator responsible for 300+ mesh nodes, I know the stress and frustration of dealing with dropped connections along with the other problems associated with mesh environments.

Wireless Field Day: Are you ready for Lucky Number 7?
Posted by AirTightTeam on Jul 28, 2014
...and #WFD7
WizShark Brings Collaboration to Troubleshooting
Posted by Davneetsingh Narang on Jul 24, 2014

AirTight offered early beta access to WizShark, our visual WiFi troubleshooting tool in cloud, and since then it has been a fun ride for the team. It was heartening to see a number of WiFi professionals taking interest in the tool and appreciating its graphical representation of packet captures. Of course, the positive feedback was accompanied with, as expected, feature requests!

WLAN Pros Europe: Hang Out With AirTight Experts
Posted by AirTightTeam on Jul 21, 2014

WLAN Pros Conference is coming to Europe! As Keith Parsons (the conference's chair and founder) puts it, "the Wireless LAN Professionals EU Summit consists of three days of fun, great topics, awesome gear, and wonderful networking."

Channel Bonding Caveats – Over and Above Spectrum Hogging
Posted by Hemant Chaskar on Jul 14, 2014

Popular literature on 802.11ac describes 40 MHz and 80 MHz operation (channel bonding) as doubling and quadrupling of the data rate, respectively. Every time I saw that mentioned, the following question came to my mind.

When radio transmits over 40 MHz (or 80 MHz) channel, is the total transmit power proportionally increased over 20 MHz to maintain the SNR (signal to noise ratio)? And, how is the data rate multiple with channel bonding distributed over the cell?

This question nagged me like a little stone in the shoe that is impossible to ignore. My subsequent findings from the lab tests show that the popular literature is only partially true. Read on to find out why.

Why #EdTech Needs Wi-Fi, and How FCC Aims to Help
Posted by AirTightTeam on Jul 2, 2014

ISTE 2014, the largest US education technology conference, closed July 1 - good-bye, Atlanta! The time frame coincided with new developments around FCC's proposal to close the E-rate's "Wi-Fi gap"; we cover these below.

As always happen with these large events, not everyone can go. But educators are a creative bunch. Rather than feeling left behind, they organized a parallel #NotAtISTE14 conference - complete with presentations, virtual badges and ribbons, Google+ community and hangouts, Twitter chats, karaoke (!), challenges and prizes. (Links and resources pertaining to a #NotAt... conference are at the end of the post).

We reached out to the community with a contest asking why they needed Wi-Fi for education technology initiatives.

A summary of the tweets are below, with responses ranging from robotics and iPad carts, to working with special ed kids and spurring creativity in students.

802.11ac Deeper Dive Webinar Recap
Posted by Matt on Jun 30, 2014

Last week, AirTight's Senior Technical Marketing Engineer, Robert Ferruolo (@RAFerruolo), added another chapter to the AirTight 802.11ac webinar series. Robert presented on "802.11ac Deeper Dive" focusing on features that come along with the 802.11ac wireless platform.

During the presentation, Robert broke down channel availability, QAM, beamforming, MIMO, MU-MIMO, frame aggregation, and error correction. To view the recording, click here.

Throughout this 6-part series, we'll continue to break down why 802.11ac should be a serious consideration for your wireless network. The series will address the inevitable migration from 802.11n to 802.11ac.

We'll be continuing to post our Q&A sessions for all of our webinar series. Stay tuned for more updates on upcoming webinars and their corresponding Q&A sessions.

Suddenly, Everyone Attacks Monetization - Wi-Fi Offload Summit, Day 1
Posted by AirTightTeam on Jun 19, 2014

The Wi-Fi Offload Summit is taking place in Palo Alto through today, June 19. Lots of interesting perspectives on what Wi-Fi offload is, Wi-Fi monetization and how to go about it, along with privacy discussions and the future of mobile network operators.

See Anthony's presentation on SlideShare

The number of solutions (and vendors) in the Wi-Fi monetization space seem to have exploded in the last 18 months. There are options for

  • Pure-play Wi-Fi presence analytics
  • Pure-play social engagement
  • Social engagement integrated with Wi-Fi and social media monitoring focused on SMBs (similar to what our partner Frontera Consulting is doing in this space)
  • AirTight's approach of integrating Wi-Fi, presence analytics, brand engagement and compliance/security

Antony Paladino, AirTight's president of technology services, focused his session on "unconventional engagement" - using Wi-Fi to connect communities, develop company culture, and, yes, fight crime!

802.11ac Webinar Series Launched
Posted by Matt on Jun 19, 2014

Last week AirTight launched its 802.11ac webinar series. Throughout this six-part series, we will be touching on various aspects of the 802.11ac wireless platform. The first session touched on the Essentials of 802.11ac.

Upcoming Webinars: 802.11ac Deep Dive & Beyond

We will be continuing the series next week with "802.11ac Deeper Dive." Stay tuned for later installments in our 802.11ac series, where we'll be discussing:

  • "Is 802.11ac Right for Your Network?"
  • "802.11ac Deployment Best Practices"
  • "802.11ac Channel Capacity Planning"
  • "802.11ac Network Optimization"

Wi-Fi Offload Summit: Who Will Monetize Your Brand?
Posted by AirTightTeam on Jun 17, 2014

With the theme of “Monetize Thyself!” AirTight speakers will tackle issues of real-time business intelligence, user engagement and creating value from Wi-Fi investments. Update: Please see our recap of Day 1: Suddenly, Everyone Attacks Wi-Fi Monetization.

In today’s environment even the non-traditional telecom companies are jumping into the big data and monetization fray, as seen in Google’s leaked plans to offer free Wi-Fi equipment to local businesses and Facebook’s integration of its sign-on with Wi-Fi.

Most recently, Apple announced plans to obscure MAC addresses in iOS 8 potentially impacting Wi-Fi presence analytics. The change in iOS 8 was heralded as a privacy win, but astute observers noted that the move supports Apple’s iBeacon technology, which collects location data much more comprehensive than information inferred from MAC addresses.

Carriers need to ask themselves: “Are you willing to have Google, Facebook or Apple monetize your brand, or would you rather do it yourself?” With tools and solutions available today, carriers do not have to give up control (and monetization opportunities) to others.

802.11ac Essentials - Webinar
Posted by AirTightTeam on Jun 9, 2014

Join us for a 45-min webinar on 802.11ac essentials on June 10 (11 am EST or 7 pm EST) with our senior technical marketing engineer, Robert Ferruolo.

Topics include:

  • What's new in 802.11ac standard?
  • 802.11ac capabilities compared to 802.11n
  • Should I jump in now or wait for 802.11ac Wave 2?
  • 802.11ac scalability compared to 802.11n
  • How does 802.11ac change the game for client devices?

Edit: We will update the blog with the recording and the presentation.

Meanwhile, you can register for the next webinar in the 802.11ac series to take place on June 24.

Wi-Fi Hacking 101 – Ethical of Course! (+ Video)
Posted by Zara on Jun 4, 2014

Watch the video from Wi-Fi Hacking 101 event series with Rick Farina, AirTight Networks senior wireless security researcher and resident hacker.

“Security? Who cares,” I hear most people say. They would quickly change their mind if they had met Rick Farina, AirTight’s ethical hacker (known on Twitter as @RickLikesWIPS). UK resellers got the opportunityat a series of Wi-Fi Hacking Events in May. The audience definitely got more than they bargained for with these workshops.

In attendance were partners who sell into all verticals varying from schools and colleges to banks and retailers. Rick was not only able to demonstrate the importance of providing a secure wireless solution, he showed the audience a range of wireless threats that hackers from around the globe may use to steal sensitive data.

Social Wi-Fi Finds Home in Education (+Video)
Posted by Zara on May 28, 2014

UK high school uses social networking technology to enhance student experience.

Harwich and Dovercourt High School uses social Wi-Fi to engage students

Headmasters in the UK see social Wi-Fi as an invaluable way of promoting their schools as tech savvy. Competition is fierce, especially among private schools, and social Wi-Fi is an innovative means of recruiting students and connecting with them. What better way to reach students regarding events, news and key issues than by communicating on their preferred social platforms.

“Children often find school boring, so if we as an institution are able to communicate with them on a level that they find interesting and engaging, then we are not going miss out on this opportunity. On the other hand, the need for security within education is paramount and is often a deciding factor for parents when looking for a school. AirTight social Wi-Fi supports our mission to be social, while protecting the network and securing users’ communications.”

Richard Blott, IT manager for Harwich and Dovercourt High School

EarthLink and AirTight: Retail WiFi Partnership Made in the Cloud
Posted by AirTightTeam on May 20, 2014

Read the interview with Greg Griffiths, vice president of retail solutions at EarthLink Business, on the trends in retail WiFi. Also download RIS report "Is CMO on Your Side?", courtesy of EarthLink.

What are retailers looking for in WiFi today?

We need to look at retail and restaurants separately. Restaurants have deployed WiFi for a while for their operations and mobile POS. They want to take advantage of their loyalty programs to further connect with their guests, doing more with what they already have. On the other hand, specialty retailers are just now deploying WiFi and it’s all about connecting with the consumer, especially the millennial generation. And that’s all because marketing is evolving from ‘one-to-many’ to ‘one-to-one.’
With AirTight’s scanning technology, retailers get presence analytics at the device level – when people come in, how long do they stay, etc. And with the social media integration, retailers can engage with the consumer and continue to do so even after they leave the store.

Read the interview with Greg Griffiths, vice president of retail solutions at EarthLink Business, on the trends in retail WiFi. Also download RIS report "Is CMO on Your Side?", courtesy of EarthLink.

Greg Griffiths, vice president of retail solutions at EarthLink

What are retailers looking for in WiFi today?

We need to look at retail and restaurants separately. Restaurants have deployed WiFi for a while for their operations and mobile POS. They want to take advantage of their loyalty programs to further connect with their guests, doing more with what they already have.

On the other hand, specialty retailers are just now deploying WiFi and it’s all about connecting with the consumer, especially the millennial generation. And that’s all because marketing is evolving from ‘one-to-many’ to ‘one-to-one.’

With AirTight’s scanning technology, retailers get presence analytics at the device level – when people come in, how long do they stay, etc. And with the social media integration, retailers can engage with the consumer and continue to do so even after they leave the store.

Packet Capture with AP Radios – What’s Under the Hood?
Posted by Hemant Chaskar on May 19, 2014

Wireless packet capture has always been important to Wi-Fi professionals and support engineers for resolving network problems. With the diversity of wireless clients that is already around and which is only expected to grow with the Internet of Things (IoT), packet capture capabilities will continue to be critical. Wireless packet capture can be facilitated in the AP radios using the hardware and the driver level hooks. Read on to find out what’s under the hood.

There are two main plumbing points to get frames from wireless up to the application: one in the hardware and the other in the driver software. At the hardware level, the radio supports “Promiscuous Mode” option. When this option is activated, the hardware passes all wireless frames received on the channel where the radio is operating up towards the driver software. When this option is deactivated, the hardware passes only the wireless frames for the MAC of the radio (and the frames like probe requests & beacons based on the additional sub-settings under non-Promiscuous mode) up towards the driver software.

The driver software can operate in AP, STA, or Monitor Mode.

WizShark Beta: Visual Wi-Fi Troubleshooting in the Cloud
Posted by Ryan Adzima on May 12, 2014

WizShark is changing Wi-Fi troubleshooting for the better. This tool is now open, register for a risk free trial account.

At Interop in Las Vegas, a Wireless Field Day delegate and all around wireless guru George Stefanick presented “The Wireless Engineer’s Essential Toolkit” and covered everything you could need to properly deploy, maintain, and troubleshoot a WLAN. George took extra time to emphasize how important it is to quickly get the information needed to diagnose an issue. The attendees were engaged and afterwards the conversations continued in the hallways. It’s clear that people want to know how to use the tools of the trade but not everyone has the time to learn such specific tools (I know I didn’t when I was the resident networking jack-of-all-trades).

ACTS 2014 - On the Road Again (Dallas, TX)
Posted by AirTightTeam on May 11, 2014
Register for ACTS Dallas!
What is Driving Free Guest Wi-Fi?
Posted by Sean Blanton on May 9, 2014

In the comments to my earlier blog post (Social Wi-Fi and Privacy: Keeping Balance in the Force), Dale Rapp correctly notes that brick and mortar stores can use social Wi-Fi and analytics as a way to compete with online commerce, where every click of the mouse is tracked and scrutinized.

It’s been my experience that many B&M stores begin their thinking on implementing Free Wi-Fi as simply for Free Wi-Fi’s sake – they recognize that their competitors are doing it and that more and more shoppers are using its presence as a deciding factor in where they spend their time; this creates the feeling of crap-we-need-to-do-this-too (and most people don’t like to feel that way).

New opportunities for engagement

Plain-vanilla Wi-Fi or social Wi-Fi? Savvy businesses pick social.

It’s the savvy groups that recognize that their network can provide more than just Free Guest Wi-Fi; it’s a new opportunity to communicate directly with their visitors, one that takes advantage of the latest technologies and behaviors of modern consumers – and that’s the whole idea behind Social Wi-Fi.

Social Wi-Fi and Privacy: Keeping Balance in the Force
Posted by Sean Blanton on May 8, 2014

I read with interest Lee Badman’s article in Network Computing: Social WiFi Sign-In: Benefits With A Dark Side. Despite the gloomy title, the article is a fair and balanced look at both benefits and privacy implications of social Wi-Fi.

Would you join a loyalty program to get a coupon?

Perfect timing, I said to myself. Facebook just announced that they will be adding new functionality to their OAuth capabilities which would allow users to access any service using Facebook OAuth anonymously. This is obviously in reaction to the ongoing privacy conversation across the entire Internet spectrum. And it just so happens that we at AirTight released a blog post about it on the same day as Lee Badman's article ran: Facebook ‘Anonymous Login’: What Is the Impact on Social Wi-Fi? We've maintained since the beginnings that Social Wi-Fi should allow an anonymous path for any user who does not want to engage on social media.

Facebook 'Anonymous Login': What Is the Impact on Social Wi-Fi?
Posted by Sean Blanton on May 7, 2014

Reporting from Facebook's developer conference, CNET writes:

"The biggest news for Facebook's 1.28 billion members is "Anonymous Login," a twist on the standard Facebook Login option that gives people a way to try an app without sharing any of their personal information from the social network. The move addresses concerns about user privacy as Facebook seeks ways to encourage people to explore new apps."

Note "Not so social?" option below the social login buttons.

"Facebook says it's testing the new log-in option with select developers,including Flipboard. That means you likely won't see the black button in your favorite apps for several months."

"The news aligns with one of the event's broader themes around putting people first and giving them more control over their data. Zuckerberg expounded upon this notion of improving trust and getting people more comfortable with using Facebook in conjunction with third-party apps."

How does this impact social Wi-Fi, and specifically social log-ins?

As it turns out, we at AirTight recognized early on that despite tremendous growth and acceptance of social media generally, it's essential that users are provided a means to utilize Wi-Fi services anonymously.

Wireless Mojo at MES East: Awards, Pictures and Spunk
Posted by AirTightTeam on May 5, 2014

This was the first year we attended MES (Midsize Enterprise Summit) where over 200 CIOs of midsize companies gather to discuss how to improve business outcomes through the strategic use of technology.

Vendors give a 3-min pitch during Quick Fire general session, give boardrfacebook loginoom presentations and demonstrate solutions on their booths in the showcase. We went with the Wireless Mojo theme (“we may not be the best known Wi-Fi vendor, but we have lots of mojo!”) CIOs then vote on numerous categories, including best Quick Fire, best ROI, best case study presentation, and others. (For all categories and winners, please see "XCellence Awards Honor Vendors At MES East 2014" from XChange. As you will see, we beat other Wi-Fi vendors who had attended these events for many years).

Highlights from the show:

Team ahead of Quick Fire presentation

Social Wi-Fi and Analytics Deliver Dividends for Local Businesses
Posted by AirTightTeam on Apr 30, 2014
Roosevelt's at 7

Airtight Networks has cracked the code on how to deliver meaningful customer experiences specific to each individual through the delivery of personalized analytics in real time. Understanding individual customer behaviors can now be driven by actionable data. Businesses are always looking at ways to improve sales and efficiency. AirTight analytics provide answers to common questions like:

  • How long does each customer stay and shop?
  • How often do they come in?
  • How effective are my marketing campaigns?

Lots of Wireless Mojo at MES East 2014
Posted by AirTightTeam on Apr 28, 2014
Need wireless mojo? We've got it!

This week we are at Midsize Enterprise East Summit (MES East) in Orlando. The conference brings together 220+ CIOs and senior level IT decision makers. They come together to meet with top technology vendors to focus on the latest and greatest IT opportunities for their business.

What is AirTight focusing on during the conference? Businesses are always looking at ways to improve sales and efficiency. At the same time, brand protection is paramount, especially in the light of recent high-profile security breaches at major retailers. With our analytics DNA, we are turning Wi-Fi from a cost center to a business driver - the value of the network is not just in connectivity, but in the ability to constantly monitor your environment, be it for sales & marketing or security.

EarthLink Launches Secure WiFi™ Powered by AirTight
Posted by AirTightTeam on Apr 22, 2014

EarthLink launched its Secure WiFi™ service in the US, with the official announcement out yesterday: EarthLink Launches New Secure WiFi Service, Featuring Integrated Security, Customer Analytics and Social Media

Check out the news coverage following the announcement:

Retail Fraud 2014: Yes, It’s an Event, Not Another Breach
Posted by Zara on Apr 21, 2014

This is the biggest show in the UK for physical and technical fraud protection within the retail and online industries and AirTight was invited to attend for the first time, an invite we accepted gladly as we can offer secure, PCI compliant Wi-Fi which ultimately offers brand protection, so a win-win for all!

Secret Identities

In what turned out to be a very secretive show, the majority of the audience we met protected their identity, something I haven’t experienced before. This wasn’t just the hiding of the delegate badge, but a refusal to give out names of any kind or any detail about their interests or concerns. On further questioning it transpired that some of the institutions and organisations in attendance did not want to acknowledge that they had a retail fraud issue and that their organisations couldn’t be seen attending as this by default meant they possibly had an issue! Our stand had steady traffic throughout the day with leading professionals (we guess!) from various law enforcement agencies, technology companies trying to offer an solution to their client base, high street food and fashion retailers and national coffee shops.

The Growing Prevalence of Wi-Fi Extension with Mesh
Posted by Andrew vonNagy on Apr 21, 2014

Industry professionals have tended to view mesh networking from a “realist” point-of-view as a niche solution to be avoided if possible, and have never considered the technology the most popular of Wi-Fi capabilities. This pragmatism is rooted in the typical negative performance implications of mesh networks. Just a few years ago mesh capability was limited to a few highly targeted products that served niche markets for large-scale outdoor deployments or service provider environments. These solutions typically relied on multi-radio mesh units, which provide frequency separation between uplink and downlink traffic paths as well as between upstream and downstream hops, in an attempt reduce the negative performance impact for high bandwidth backhaul links.

However, there exists a growing market for mesh networking that utilizes single-radio mesh units to provide an extension of network access across limited mesh hops for hard to wire locations.

Retail Business Technology Expo 2014: SMAC and Awe!
Posted by Zara on Apr 4, 2014

Within the vast expanse of Earls Court, West London, RBTE 2014 has been a roaring success, again, for Airtight. This is the second year Airtight has exhibited at RBTE. Following AirTight's rapid growth within the UK and across Europe over the past year, we couldn’t miss out on this opportunity to discuss and demonstrate our “firepower” in the retail arena.

Management System Diversity: "Manage WLANs from Anywhere Using Anything!"
Posted by Devin Akin on Apr 2, 2014

So much competitive marketing noise has been made over the last half dozen years about managing WLANs that vendors are now trying to manage WLANs from anywhere using everything. It wouldn’t surprise me in the least to hear a vendor say that they can now manage a branch WLAN in France from the comfort of their kitchen’s refrigerator’s management widget. It has gotten downright silly. I thought I would recap just how diverse the WLAN management scene has become: first for a good laugh, and second as a reference for those newcomers to the Wi-Fi industry.

You may be thinking, “why are there so many ways to manage a Wi-Fi system?” There’s a variety of answers to that question, such as:

  • Cost
  • Differing use cases
  • Partner eco-system
  • User preference

Not every vendor provides each of the management methods described below, but rest assured that every vendor will tell you that you don’t need anything other than what they sell. Can I get an amen? Below, I have offered a visual reference of the seven prevalent methods of managing a Wi-Fi infrastructure. It’s important to note that I will not address Wi-Fi client management methodologies in this post.

Peek Inside 802.11ac Access Point Hardware Designs
Posted by Hemant Chaskar on Mar 25, 2014

There is large and ever increasing assortment of enterprise access points offered by wireless vendors today. APs have different number of radios, number of streams, 11n/11ac, POE compatibility, peripherals, price, etc. While this diversity is overwhelming, have you wondered what lies in the hardware guts of these APs? What are the hardware design concepts that are responsible for rendering feature personality to the AP? How does the hardware ecosystem work among chip vendors, ODMs and AP vendors? What are state of the art hardware architectures for the 802.11ac APs? This blog post discusses key hardware concepts, such as SoC, dedicated CPU and offload architectures that are commonly found inside the APs, along with the ODM sourcing model for the Wi-Fi APs and its implications for product offerings.

Away from Corner Cases: High Density, Low Throughput Wi-Fi
Posted by Devin Akin on Mar 19, 2014

In my blog called Corner Cases, I mentioned that high density, high throughput (HDHT) cases are in the extreme minority (<1%). In this blog, I would like to discuss High Density, Low Throughput (HDLT), which I believe will be the situation that over half of the installed Wi-Fi infrastructures of the world will face at some point over the next 5-7 years. I want to clarify that that when I use the term “high density”, I’m referring to client density (lots of clients in a physical area), not AP density (lots of APs in a physical area).

Education Technology: Wireless as a Service, 802.11ac and Social Wi-Fi
Posted by Zara on Mar 14, 2014

Read about trends in education technology: Wi-Fi as a subscription service, outlook for 802.11ac adoption in schools and integration of social media into wireless networking.

BETT 2014, UK's learning technology show, has been and gone, but it certainly won’t be forgotten! For those in the educational technology sector, be it primary school teachers all the way to network managers of colleges and large secondary schools, this was THE event and is memorable for new technology and aching feet from over 4 days of the conference.

Wireless as as Service for Education

So what was all the fuss about and why was #BETT2014 trending on the social feeds? There were a few noticeable trends this year noted by attendees and exhibitors alike. Firstly came “XXX as a service”! As educational funding changes, so does the need to adapt and service the new legislation whilst still enabling the educational IT needs in what is a constantly evolving technology landscape.

Cloud Wi-Fi as a service

HIMSS 2014 - Big on Wireless
Posted by Robert Ferruolo (Dr. RF) on Mar 6, 2014

This year’s show was huge. According to the events organizers, there were 1,200 exhibitors and 38,000 healthcare professionals in attendance and there were more nurses, physicians, IT staff and executives in attendance at this year’s HIMSS than ever before.

New Wi-Fi enabled devices and applications at HIMSS14

Wi-Fi helps disabled people walk

One of the most interesting Wi-Fi capable devices at this year’s HIMSS was a Wi-Fi enabled bionic exoskeleton. The Ekso Bionics unit (pictured above) was featured in the Lockheed Martin booth. This device is for patients with lower extremity paralysis or weakness. It enables patients to stand, walk and it can assist them with their rehabilitation. The unit is equipped with a single Wi-Fi radio. The radio supports two data streams currently. One stream allows engineers to see real-time telemetry data to determine how the unit is performing. The other stream is for the unit’s user, where information such as steps taken, distance traveled, etc., are sent over the air to an application that the user can access later.

Restaurant Wi-Fi Primer - On-demand Webinar from Hospitality Technology Magazine
Posted by AirTightTeam on Mar 3, 2014

Last week we participated in the Restaurant Wi-Fi Primer webinar with Hospitality Technology Magazine, Boston Market and Spartan Computer Services.

Kevin McCauley presented on best practices in retail Wi-Fi analytics and social media integration. To view the webinar on demand, go to Hospitality Technology (free registration required).

You can also view AirTight's slides on SlideShare.

Corner Cases
Posted by Devin Akin on Feb 26, 2014

Most Wi-Fi manufacturer’s marketing departments would have you believe that 99% of all deployments are what I’d call “corner cases.” I call B.S. (as usual).

Here are the high-density/high-throughput (HDHT) corner cases that so many manufacturers would have you believe are so prevalent:

  • Large K-12 and University libraries, cafeterias, lecture halls, and auditoriums
  • Stadium or gymnasium bowls
  • Large entertainment venues (e.g. music and theater halls, night clubs)
  • Trade shows
  • Urban hotspots
  • Airports

Distributed Healthcare Needs Wi-Fi That Works at Scale
Posted by Andrew vonNagy on Feb 18, 2014

The growth and adoption of mobile technologies is impacting businesses in multiple industries, and we can see strong evidence of this by looking at the healthcare industry. I just returned from the WLAN Professionals Conference in Austin, TX where I heard first-hand evidence of this in a presentation on Continuous Wireless for Medical Devices. A strong emphasis was placed on improving patient safety through the use of mobile technologies that enabled doctors, nurses, and assistants to effectively handle their ever-increasing workload.

A reliable, stable, cost-effective, and simple to manage WLAN is required that enables healthcare professionals without causing undue distraction from their primary objective to provide high-quality patient care. The question then becomes, “how can WLANs provide these qualities for distributed healthcare organizations?”

Cloud Architecture

Network stability and availability is of primary importance for healthcare professionals relying on mobile devices to provide patient care. What’s more, this network stability must be provided in a cost-effective and simple to manage manner. Rather than relying on expensive wireless LAN controllers that are complex to manage and represent a large risk to the organization as a single point of failure, AirTight has developed a mature cloud architecture over the past 7 years that simplifies the network and is resilient to outages – the network continues to function even if cloud access is disrupted.

AirTight's datacenter locations

Healthcare, Wi-Fi and HIPAA – A Tricky Combination
Posted by Hemant Chaskar on Feb 12, 2014

What a great start to year on the industry events front – we started with NRF in January, looking forward to HIMSS and our ACTS event in February, and MURTEC in March. In NRF, high points of discussion were around Social Wi-Fi and analytics. That said, topics of security and PCI compliance were also high on the agenda prompted by the Target credit card breach that occurred just before NRF. I expect to there will be a lot of security discussions at HIMSS too.

Healthcare, Wi-Fi and HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996. It is enforced by the Department of Health and Human Services (HHS), and implemented by regulations of 45 CFR. Among other provisions it has rules mandating that healthcare organizations safeguard the privacy and security of patient health information.

Reflections on Wireless Field Day 6
Posted by AirTightTeam on Feb 6, 2014

What a week it was with WFD6 edutainment! Great minds from different vendors presented their great Wi-Fi stuff during WFD6. With so much happening, our challenge was to fit in as much update as possible in two hours.

AirTight at Wireless Field Day 6 #WFD6
Posted by AirTightTeam on Jan 29, 2014

Thanks to all who watched the AirTight session live stream!

Videos

You can watch the WFD6 videos on our YouTube channel.

Twitter Highlights

Here are Twitter highlights from the event (in reverse chronological order, so you will get the praise first :-) )

Wireless Field Day 6 – We’re Back!
Posted by Mike D on Jan 27, 2014

Update:

Please see our recap of Wireless Field Day 6

Original post:

Last August, AirTight Networks made its Wireless Field Day debut. We had such a good time with all of the delegates and organizers that six months later we’re back as the opening presenters for WFD6 on January 29, 2014, 10 a.m. Pacific.

Why Facebook Wi-Fi is for Local Biz, but Not for Retail Enterprises
Posted by Hemant Chaskar on Jan 23, 2014

Netgear recently announced integration with Facebook on their APs using Facebook Wi-Fi API. Meraki and Cisco have also announced the same capability on their APs. Facebook Wi-Fi franchise is growing. It is easy to configure and get working (except when used on Cisco APs, which requires running separate CMX VM and per-AP license). That is good news for local businesses. However, does this architecture meet the requirements of mid-size to big retail enterprises? Not so fast! Let me explain.

Retail enterprises operate multiple stores across regions, states or countries. They run targeted marketing campaigns for customer engagement. This puts certain requirements on Social/Wi-Fi integration for retail enterprises, which are currently unmet with Facebook Wi-Fi integration.

1) Omni-channel marketing is essential for maximum reach

Facebook Wi-Fi allows only Facebook logins, obviously. So merchants miss out on other social channels like Twitter, Google+, Linkedin, Foursquare, etc. In addition to social logins, enterprises also want to promote brand loyalty programs when users access guest Wi-Fi. Facebook Wi-Fi does not allow this as well.

Retail Analytics: Who Owns The Data?
Posted by Devin Akin on Jan 14, 2014

At AirTight Networks, we talk a lot of SMAC (Social, Mobile, Analytics, Cloud). Together these forces have come together to significantly impact and radically change various markets. It’s not hard to wax eloquent about SMAC for long periods of time, but in this article, I want to focus only on the Analytics piece - that numerical, statistical, miracle whip that drives business decisions.

Analytics Data: Type and Collection

In the SMAC model using Wi-Fi as the Mobile piece, data is collected from Wi-Fi access points. The analytics data itself generally falls into one of two categories: 1) Presence, and 2) Opt-in.

Presence Analytics
Presence Analytics is, as it sounds, focused around whether the client device is on-location (“present”) and whether it is inside or outside a boundary (e.g. a store front). This type of data is device-specific (MAC Address), independent from the user of a device (contains no user-identifying information), and therefore anonymous. It is collected by using Access Points (APs) to scan the air and to gather MAC addresses (which only a hashed representation thereof is stored). Presence Analytics can be used for a variety of things, but some examples might include:

AirTight Networks Joins with EarthLink for Social Wi-Fi and Analytics
Posted by AirTightTeam on Jan 13, 2014

AirTight Networks secure cloud Wi-Fi will power EarthLink’s new WiFi/WIPS solution designed for the multi-unit retail industry. EarthLink announced the upcoming launch of this solution at NRF 2014.

Cloud, analytics, simplicity set AirTight apart

“Consumers are already using their mobile devices in-store to enhance their shopping experience. With EarthLink WiFi, retailers can roll out corporate applications to connect with those consumers and service them more efficiently, while gathering valuable data for marketing and store operations. AirTight’s offering stood apart with its cloud-based management, rich retail analytics and ease of deployment.” -- Greg Griffiths, EarthLink Vice President of Retail Solutions

Will Target Breach Prompt Retailers to Raise the Security Bar?
Posted by Hemant Chaskar on Jan 8, 2014

Did 2013 have to end with the somber news of a big credit card security breach? But it did! It is reported that 40 million credit cards were compromised in the security breach in stores of a major U.S. retailer Target. This is only a shade second to the earlier TJX breach in which 45 million credit cards were compromised. (After this blog was published, it was reported that the number of affected accounts in the Target breach is as high as 110 million, which would make it more that double the TJX breach!)

After any breach, and surely after the breach of such dimension, discussion on the data security issues at the retailers escalates. Earlier, the TJX breach resulted in stricter wireless PCI (Payment Card Industry) compliance requirements. The current Target breach can also trigger tightening of the compliance requirements. This breach may also prompt IT, security and compliance managers at major retailers to take a hard look at the information security aspects of the various technologies that they have deployed. Add to it the fact that retailers are aggressively deploying mobile and wireless technologies like POS, kiosks and tablets in stores. What are some of the core issues they should be looking at?

The Holy Grail of Retail, Part 2
Posted by Devin Akin on Jan 6, 2014

This is part 2 of last week's post The Holy Grail of Retail. In today's installment, I discuss what it takes to reach it.

Operational Implementation

There is a set of coordinated technologies required to affect the Holy Grail. A complex set of variables if you will. It’s the responsibility of manufacturers to implement this set of technologies in such a way that they become a simplified, unified structure. This keeps the learning curve short, deployment and operational costs down, and assures a less error-prone implementation. Consider the following parts:

    • Wi-Fi infrastructure with cloud management & social media authentication
    • CRM system integration
    • Mobile devices, operating systems, and applications
    • Managed Service Provider (MSP) enablement (for those customers who want someone else to manage it for them)
    • Security services, such as WIPS and PCI compliance and reporting
    • Location services, which may be integrated with mobile applications
    • Infrastructure analytics and reporting, which may be tied into other systems

What’s even more of a challenge is when one or more of these technologies are provided by multiple vendors who have loose (or no) integration.

The Holy Grail of Retail
Posted by Devin Akin on Jan 2, 2014

In the retail market, the current Holy Grail is to unify the online and in-store shopping experiences (sometimes called ‘omni-channel’ retailing) such that the customer has a personalized shopping experience that promotes brand loyalty. The customer experience should be enjoyable and personalized, with available contextually relevant and timely information that makes interacting with the retailer effortless and transparent.

Technology Is Here
Will every salesperson know your name in the not so distant future?

The technology now exists to enable such capabilities, and retailers can drive a new generation of brand awareness and loyalty programs. The new focus will be on growing the business while leaving behind the worries of showrooming and shrinking margins.

Since the technology is here, why then isn’t every major retailer making a move toward the Holy Grail at a break-neck pace? Why can’t I walk into my local electronics store, expecting this guy to walk up to me with an iPad, and…

Network troubleshooting in distributed Wi-Fi environments
Posted by Hemant Chaskar on Nov 20, 2013

Wi-Fi is installed after everything else in the network is already set up – switches, routers, servers, firewalls, VPNs etc. Naturally, customers rely on their Wi-Fi solution provider to alleviate any network problems that arise during the Wi-Fi deployments, even though the problems are not necessarily Wi-Fi specific.

Need Wi-Fi troubleshooting? Call up a networking Jedi!

Network issues aren’t something new in any project. However, the troubleshooting task becomes challenging when it needs to be done remotely and when there isn’t much onsite IT help. This is often the case with the distributed Wi-Fi deployments. Also, due to the heterogeneity of the network infrastructure in many environments in the distributed vertical, sometimes very stealthy network problems are encountered. Take these recent troubleshooting examples which underscore these points.

Get in the Game with Wi-Fi Managed Services, Part 2
Posted by Devin Akin on Nov 14, 2013

This is part 2 of the 2-part series on the managed service provider model in Wi-Fi. Click here for part 1.

Is Wi-Fi Ready for MSPs?

An important consideration when offering Wi-Fi as a managed service is whether or not the Wi-Fi solution you will choose is designed for it, both from the technical and business aspects. There’s far more to the selection process than meets the eye, and a few (of many) requirements might include:

Get in the Game with Wi-Fi Managed Services
Posted by Devin Akin on Nov 12, 2013

This is part 1 on our two-part MSP series. Part 1 focuses on the basics of the MSP delivery, while part 2 will discuss how to make this model work for you.

Nothing’s much has changed since I last blogged about Wi-Fi managed services almost a year ago, other than that I now work for a different manufacturer. The reason for the longer-than-expected ramp-up time is that Wi-Fi manufacturers (in general) haven’t yet adequately equipped their channel partners to take advantage of this market trend. The slow ramp-up is over, and it looks like it’s a land grab of epic proportion… starting… NOW. For those of you waiting on the sidelines, it’s time to get in the game.

Market Drivers for MSPs

As the challenges of delivering high-performance wireless access networks in the face of exploding user demands become ever more daunting to the average IT guy, midmarket CIOs are still having a difficult time of adequately staffing their IT organization. Gartner and I both still believe that midmarket companies should consider using Managed Service Providers (MSPs) to solve this problem.

Wi-Fi Speeds-n-Feeds Are So Old-school
Posted by Devin Akin on Oct 30, 2013

Speed-n-feeds are not the future of enterprise Wi-Fi. Speed-n-feeds are like my grandmother's potatoes. I'll explain.

Speed is a given. Speed is a commodity. This is what you talk about when you have nothing else to offer, such as system intelligence. Some companies keep trying to rehash the speeds-n-feeds story like my grandmother used to treat potatoes. First, you'd have baked potatoes. If you didn't eat all of them, the next night, you'd have mashed potatoes – made from those same potatoes, of course. If there happened to be any left-overs after that, you'd have fried potato cakes the next night. Believe me, the list of how those potatoes could be served was endless until those potatoes were gone. Same potatoes, different day.

Bang for the buck with explicit beam forming in 802.11ac
Posted by Hemant Chaskar on Oct 16, 2013

 

802.11ac has brought with it MIMO alphabet soup ... spatial streams, space-time streams, explicit beam forming, CSD, MU-MIMO. Alphabet soup triggers questions to which curious mind seeks answers. This post is an attempt to explore some questions surrounding explicit beam forming (E-BF) that is available in Wave-1 of 802.11ac. E-BF is a mechanism to manipulate transmissions on multiple antennas to facilitate SNR boosting at the target client.

How is E-BF related to spatial streams?

E-BF is a technique different from spatial streams. E-BF can be used whenever there are multiple antennas on the transmitter, irrespective of the number of spatial streams used for transmission.

Hunting down the cost factors in the cloud Wi-Fi management plane
Posted by Hemant Chaskar on Oct 3, 2013

Mature cloud Wi-Fi offerings have gone through few phases already. They started with bare-bones device configuration from the cloud console and over the years matured into meaty management plane for complete Wi-Fi access, security and complementary services in the cloud.

MU-MIMO: The path from standardization to implementation
Posted by Hemant Chaskar on Sep 26, 2013

In earlier blog posts on 802.11ac practical considerations, we reviewed 80 MHz channels, 256 QAM and 5 GHz migration. Continuing the 802.11ac insights series, in this post we will look at some practical aspects of MU-MIMO, which is the star attraction of the impending Wave-2 of 802.11ac.

 

MU-MIMO mechanics and 802.11ac standard

 

Illustration of 802.11ac MU-MIMO

At a high level, MU-MIMO allows AP with multiple antennas to concurrently transmit frames to multiple clients, when each of the multiple clients has lesser antennas than AP. For example, AP with 4 antennas can use 2-stream transmission to a client which has 2 antennas and 1-stream transmission to a client which has 1 antenna, simultaneously. Implicit requirement to attain such concurrent transmission is beamforming, which has to ensure that bits of the first client coherently combine at its location, while bits of the second client do the same at the second client location. It is also important to ensure that bits of the first client form null beam at the location of the second client and vice versa.

Blackhat Wi-Fi Security Reports and Nuances of Detection Methods
Posted by Hemant Chaskar on Sep 12, 2013

|

Shortly following the conclusion of Blackhat’13, a few articles came out reporting wireless scanning data from the venue.

Inside the Black Hat 2013 Wi-Fi Network

Karma is a …Errr, What We Learned at BlackHat 2013

 

Both reports state that many security relevant events were detected in the Wi-Fi traffic during the conference. Given that Blackhat is attended by security experts, ethical hackers and just plain security geeks, finding security signatures in the traffic is not uncommon. Nonetheless, I think a few things still need to be matched up in these stats before arriving at sound conclusions.

Get Soaked in the Future of Wi-Fi
Posted by Andrew vonNagy on Sep 5, 2013

|

AirTight Networks is armed with Wi-Fi of the future, and blasting the message out through social media.

|

Have you ever noticed that there always seems to be a disconnect in the Wi-Fi industry whereby vendors build and sell their products based on hardware capabilities, tech specs, and geeky feature sets while customers ultimately evaluate products based on how the solution fits with their organizational objectives? That’s a problem.

|

The Wi-Fi market is on the cusp of a second-wind of tremendous growth that will be driven by focusing product solutions on the tailored needs of customers in every vertical market. However, this is a departure from the status-quo as historically the Wi-Fi market has grown by pushing products (not solutions) based on the latest hardware enhancements and improvements in speed that have come with each iteration of the 802.11 standard. But that model is breaking down as the technology matures, and hardware differentiation alone is very minimal. And customers are demanding more tailored solutions as their own markets evolve into a mobile-enabled workforce and customer experience.

11 Commandments of Wi-Fi Decision Making
Posted by Hemant Chaskar on Sep 4, 2013

Are you considering new Wi-Fi deployment or upgrade of legacy system? Then you should be prepared to navigate the maze of multiple decision factors given that Wi-Fi bake-offs increasingly require multi-faceted evaluation.

Follow these 11 “C”ommandments to navigate the Wi-Fi decision tree:

  1. Cost
  2. Complexity
  3. Coverage
  4. Capacity
  5. Capabilities
  6. Channels
  7. Clients
  8. Cloud
  9. Controller
  10. 11aC, and last but not least …
  11. seCurity!

 

|

 

AirTight is Making Enterprise Wi-Fi Fun Again
Posted by Devin Akin on Aug 19, 2013

|

Anyone who knows me knows that I'm always looking way ahead, and it's my opinion that AirTight Networks is uniquely positioned to take advantage of a major confluence of forthcoming Wi-Fi market changes and requirements. With

1) a scalable, plug-n-play, API-enabled, elastic cloud,

2) controller-less technology,

3) innovative and industry-leading security offerings, and

4) cost-effective, high-performance, feature-rich access points,

no other vendor is as well-positioned to take on managed services, plug-n-play enterprise Wi-Fi, and a wide variety of cloud services.

The need for uncompromising, flexible, and robust security (without the complexity that's normally associated with it) has become a top-of-mind issue, and AirTight is the unmistakable leader in this area.

Pleading the fifth at Wireless Field Day 5
Posted by AirTightTeam on Aug 15, 2013
AirTight R&D and support teams, based in Pune (India), tune in live to watch WFD5.
The WIPS Detective
Posted by Hemant Chaskar on Aug 13, 2013

|

With the ever increasing importance of Wi-Fi as the de facto access technology, WIPS plays a key role in overall enterprise network infrastructure security.

|

The U.S. Department of Defense (DoD) recently created a separate category for wireless intrusion detection/prevention in its approved product listing for deployments in defense agencies.

Gartner now recommends including WIPS as critical requirement in all new RFPs for wireless technologies.

Drivers for WIPS such as PCI compliance for retailers and BYOD for enterprises are compelling.

Secure Wi-Fi is also seen as medium to increase efficiency of government and public services. UK courts recently announced a program to install secure Wi-Fi in 500 court rooms. WIPS is required to make Wi-Fi secure.

Next generation cloud-based Wi-Fi management plane
Posted by Hemant Chaskar on Aug 7, 2013

In early days of cloud Wi-Fi, incumbents used to say that cloud Wi-Fi was just about moving traditional controller appliances to centralized data centers. As time progressed, it became clear that this was a gross mischaracterization of cloud Wi-Fi. In the first dimension, cloud Wi-Fi would differentiate from traditional architecture by decoupling the data plane from the control plane (also called “local switching”). However, this alone wasn’t adequate since tying the control plane to centralized controllers created an inefficient architecture. Accordingly, the second new dimension consisted in moving the control plane to the edge of the network (also referred to as “smart edge APs”).

AirTight Demos on Demand and WFD5
Posted by AirTightTeam on Jul 31, 2013

IDC's recent IT Buyer Experience Survey reveals that "45% of the buying decision is made before your potential buyer even says “hello” to your sales rep." and "buyers are more knowledgeable and connected".

If you're still in the investigation stage (as suggested by the IDC survey) and not quite ready for a customized personal demo with an AirTight expert, you might want to check out the first three installments in our Demos on Demand series.

Airtight Demos on Demand

Demos on Demand serves the communication needs of tech vendors and resellers across vertical industries with its video platform and content library. Airtight is excited to leverage this innovative platform to present in depth product information to assists buyers by showing what our product is, what it does, and how it does it.

Retail Survival: Enabling the Consumer
Posted by AirTightTeam on Jul 30, 2013

The age of the empowered consumer is upon us. According to a recent Harvard Business Review article called Mobile Shopping’s Data Goldmine, some 44% of shoppers use their smartphones while they’re shopping; more than a third of them are comparing prices. The impact of mobile research can be profound, affecting the buying behavior of nearly 90% of mobile shoppers,” according to the HBR article.| Customer empowerment is extending beyond mobile as consumers become comfortable interacting with retail companies through any channel available, including ecommerce, online, kiosk, voice, webchat, and more. The question is how aggressively retailers are moving to enable this new reality for the customer.

Showrooming Might Actually Be Good for Brick-and-Mortar Stores
Posted by AirTightTeam on Jul 22, 2013

Raise your hand if you have ever gone to a store to test a product or to try on a piece of clothing, then ordered it online, from home, for a cheaper price. Or, if you have compared prices and purchased online, right from your mobile device, right there in the store.

Controller, controller-less, cloud Wi-Fi: What does it mean to the end user?
Posted by Hemant Chaskar on Jul 17, 2013

Wi-Fi architectures today come in three main flavors: controllers, controller-less and cloud. While vendors spar over which is the right architecture for today’s and tomorrow’s Wi-Fi, customers are mostly interested in comparing them based on their derived value.

Evaluating a Wi-Fi Solutions Provider? Make Sure They Talk SMAC
Posted by AirTightTeam on Jul 15, 2013

Applying the Social, Mobile, Analytics and Cloud (SMAC) model to your Retail Wi-Fi Investment

Figure 1: Gartner Nexus of Forces is the convergence of social, mobile, information (analytics), and cloud to transform business and IT.

Social, mobile, analytics and cloud (SMAC) technologies are high on everyone’s investment priorities list—so much so that SMAC has become the new enterprise IT model. Research firm Gartner refers to the trend as the Nexus of Forces, a convergence of technologies that is building upon and transforming consumer behavior and ushering in the next-generation of business technology.

“Although these forces are innovative and disruptive on their own, together they are revolutionizing business and society, disrupting old business models and creating new leaders,” says Gartner. Therefore, the SMAC model calls for evaluating individual technology investments by how well it helps you integrate social, mobile, analytics and cloud services to transform your enterprise.

Going Beyond the Checkmark: All Things PCI
Posted by AirTightTeam on Jun 27, 2013

802.11ac (Wave-1): MORE Network Engineering Insights
Posted by Hemant Chaskar on Jun 24, 2013

In my previous blog on the 11ac series, I explored 80 MHz channel operation in 802.11ac in the context of data rate, OBSS (Overlapping BSS), network throughput, and auto-channel assignment.

802.11ac (Wave-1): Network Engineering Insights

In the present post, I explore the other speed factor of 1.33X that shows up in the Wave-1 data rate equation: (2.16 x 1 x 1.33) x 450 Mbps of 802.11n rate = 1.3 Gbps. This 1.33X factor is attributed to the new modulation technique called 256-QAM introduced in 802.11ac (802.11n had only upto 64-QAM). Consistent with the theme of this blog series that the data rate equation does not bring out critical network engineering aspects, this post explores 256-QAM from the enterprise network design perspective.

How to implement BYOD with Wi-Fi / WIPS assist
Posted by Hemant Chaskar on Jun 18, 2013

|

Fast Forward: The New Personalized In-Store Shopping Experience
Posted by AirTightTeam on Jun 11, 2013

How Retailers Can Reinvigorate Brick-and-Mortar

Many brick-and-mortar retailers have used data analytics from their online sites to create in-depth customer portraits based on geography, demographics, interests and shopping habits. But when the customer enters their physical store, suddenly the store is largely blind, unable to connect the wealth of online data to the customer walking in their store.

Perhaps this is why brick-and-mortar retailers are being hammered by online-only retailers who know so much about their customers. A recent Forrester report predicts online sales will reach $262 billion by the end of 2013, a 13 percent rise from $231 billion in 2012, while retail store sales have limped along at just under three percent growth.

802.11ac (Wave-1): Network Engineering Insights
Posted by Hemant Chaskar on Jun 6, 2013

Have you noticed all the buzz on 802.11ac especially now that Wave-1 has arrived?

How could you not! 802.11ac is the new Wi-Fi standard and it has new techniques to increase the wireless data rate above the existing 802.11n standard.

11ac is slated to arrive in two Waves – Wave-1 this year and Wave-2 next year.

At its full potential (Wave-2), the standard is characterized as: 802.11ac max data rate of (4.33 x 2 x 1.33) times the 600 Mbps max data rate of 802.11n, which comes out to be about 6.9 Gbps. The current version (Wave-1), which is commercially limited to 80 MHz channels and 3 spatial streams per AP, the standard is characterized as: 802.11ac max data rate of (2.16 x 1 x 1.33) times the 450 Mbps current data rate of 802.11n, which comes out to be about 1.3 Gbps. It is also important to note that Wave-1 does not have MU-MIMO. The MU-MIMO effect does not explicitly show up in the data rate equations, but it can have profound benefits in practice. |

So what is missing in the above characterization?

| Network engineering insights – that’s what is missing! There are several network engineering nuances which do not show up in the above equations. I will discuss them in a series of blog posts starting with this one. In this initial post, the focus is on the nuances of operating 80 MHz channels in the practical network deployments. These 80 MHz wide channels are responsible for the first multiplicative factor of about 2X in the Wave-1 data rate equation.

Don’t deploy 802.11ac without thorough RF planning
Posted by Hemant Chaskar on May 29, 2013

Wi-Fi RF Planning has never been trivial

|

Traditionally, anyone contemplating Wi-Fi deployment has always faced questions like:

  • How many access points?
  • Where do I install them?
  • What channels should they operate on?
  • Will the deployment meet my coverage and capacity objectives?
  • What will be my security exposure? and so on.

Due to the myriad of issues that need to be addressed while making these determinations, manual processes and rules of thumb have always been cumbersome and/or imprecise, particularly for Wi-Fi deployments with large footprints.

 

802.11ac will only exacerbate RF planning challenges

 

802.11ac adds more elaborate channeling structure and new techniques to raise wireless data rates. 802.11ac is slated to arrive in two Waves – Wave-1 this year and Wave-2 next year. While the decibel level in the market is raised to prematurely hasten the 802.11ac upgrade cycle, the reality is that this is just the beginning of Wave-1. Many people may not see justification to jump on Wave-1 due to a myriad of practical, network engineering, and interoperability issues that Wave-1 faces. Also important is the fact that Wave-1 lacks the complete feature set of 802.11ac and new radios will be required when Wave-2 hits with those features. All this points to Wave-2 next year to be realistic timeline for large scale network upgrade to 802.11ac.

Success Stories: Pinkberry, Garden Fresh and Noodles & Company
Posted by AirTightTeam on May 28, 2013

How much should you care about the CMO?

A lot according to IDC. By 2016, 80% of new IT investments will directly involve line-of-business executives (Source: IDC Directions 2013).

Similarly, Gartner predicts that by 2017 the marketing arm of businesses will control more of the IT spend than IT organizations at those companies.

We’ve certainly noticed this shift. In this blog post, we highlight three customer success stories where this dynamic came into play and how we were able to effectively collaborate across the different lines-of-business.

Wi-Fi networks in 5 GHz: a few observations
Posted by Hemant Chaskar on May 22, 2013

If this is your first visit to the AirTight Networks blog, please consider subscribing and following us on other social channels: Twitter, YouTube, or Facebook.

 

High Five to 5 GHz!

 

There is a lot of talk in the air about 802.11ac; and accordingly, there is also a lot of talk about 5 GHz Wi-Fi networks.

 

Lisa Phifer recently wrote a tech note on Webtorial discussing this current topic. It was great talking to her as always on hot topics in Wi-Fi. From these types of conversations and from firsthand experience with many enterprise Wi-Fi network deployments, some salient points stand out for me pertaining to operation of Wi-Fi networks in the 5 GHz band. They are as follows.

Not Your Mom’s Shopping List
Posted by AirTightTeam on May 21, 2013

Today’s Digital Lists Can Increase Basket Size and Build Loyalty

I remember my mom’s shopping list. Usually written on scraps of paper and stuffed in her purse, it served an effective single-function purpose: memory enhancement. And while it was mobile, it was easily misplaced, difficult to replicate, and sharing it with others required a physical handoff.

Attn. Retail Marketers: In-Store Shoppers are Changing. Are You?
Posted by AirTightTeam on May 16, 2013

To say that mobile technology is impacting brick-and-mortar retail is akin to proclaiming at the turn of the last century that the motorcar just might change the horse-drawn carriage business. Shoppers today are empowered by technology to gain the advantage at every turn, whether it’s using a smartphone to find the best price for the same product online, locate out-of-stock sizes or colors in the store next door, or learn what their friends or other customers had to say about a product before they buy.

Free Wi-Fi is a Win-Win for Retail Marketers and Customers
Posted by AirTightTeam on May 9, 2013

Retailers have long battled the dual pressures of online shopping and congested marketing channels just to get people to walk through their door. Now showrooming has moved the war inside the store, as a fragile economy combined with the ubiquity of mobile devices has created a savvy new breed of consumers who use their smartphones and tablets to research products and prices while they browse the aisles. It’s like having scores of invisible competitors whispering in the ears of your hard won customers.

The WiSE Article Series on CWNP
Posted by Pravin on May 8, 2013

|

BOM Math for Secure Wi-Fi Deployments
Posted by Hemant Chaskar on May 1, 2013

By Hemant Chaskar

The Retail Revival: Re-Imagining Business for the New Age of Consumerism
Posted by AirTightTeam on Apr 24, 2013

Canadian Doug Stephens, founder of "Retail Prophet” is the author of this groundbreaking new book.

To shop or not to shop, in-store Wi-Fi is the answer to that question
Posted by AirTightTeam on Apr 22, 2013

Did you know that 80% of mobile consumers are influenced by in-store Wi-Fi as a factor in deciding where they shop?

In early 2013, IDC issued the updated version of its IDC Retail Insights report outlining the top 10 predictions for the world-wide retail industry. One of the report’s authors is retail research director Leslie Hand. She and I recently met at IDC’s Directions annual conference in Silicon Valley to discuss the recently published report.

Why Casinos Fear 802.11ac
Posted by Hemant Chaskar on Apr 14, 2013

Real life Ocean’s Eleven

By Hemant Chaskar|

The expression “it’s too good to be true … then it probably is” is befitting of a recent Ocean’s Eleven type caper. In March, the Crown Casino in Melbourne, Australia was the victim of a skimming scheme. Mark Butler of the Herald Sun reported that "a gambler has been able to get into the security system remotely and, … advise the player about what other cards the other players are holding, and he's cleaned up to the tune of 32 million." Amazing isn’t it, but anything is possible for that kind of “ROI”!

|

The Future of Enterprise WLAN in 2013 and Beyond
Posted by Kaustubh Phanse on Apr 9, 2013

|

If predictions from leading technology analyst firms are to be believed, the worldwide Wi-Fi market will continue to grow.

Dell’Oro estimates the Wi-Fi market to grow to $9.9 billion by 2016 of which the enterprise WLAN segment alone is estimated to be over $5 billion in revenues.

Gartner anticipates an even faster growth for the enterprise WLAN segment, with spending expected to reach $7.9 billion in 2016.

Here are a few trends (some of which are already happening!), which will go hand-in-hand with this next wave of massive growth in the enterprise WLAN market.

<h1

A growing number of enterprises will want to extend their Wi-Fi rollout across remote locations, e.g., branch offices, retail stores, distribution centers, restaurants, and the list could go on. The key challenge then would be to have centralized visibility and management of the entire deployment—ideally from a single console.

This trend will make the traditional controller-based architecture outdated sooner than later because it was not designed to manage Wi-Fi networks across geographically distributed sites. It’s too complex, costly, and does not scale. The change of guards is evidenced in the number of recent announcements by controller-based WLAN vendors. Some are hiding the controller in the cloud, some are hiding them in arrays, some are saying that they are giving customers a “choice” to turn it off (without telling them what functions will stop working without it!), while some are simply giving their marketing a “controller-less” spin. Unfortunately, you can’t turn a fork into a spoon overnight to eat soup instead of spaghetti! Or maybe you can! ;-)

Different Shades of Cloud Wi-Fi: Rebranded, Activated, Managed
Posted by Hemant Chaskar on Feb 10, 2013
- Did you know that all cloud Wi-Fi's aren't created equal?
-

The race is on to put cloud in Wi-Fi

Currently, the cloud managed Wi-Fi space is expanding rapidly. Naturally, Wi-Fi vendors, traditional and emerging, want to be in the cloud Wi-Fi game. Nobody wants to be without a “cloud” solution! Controller-less Wi-Fi vendors have explicitly built cloud managed Wi-Fi from the ground up, while controller Wi-Fi incumbents have repositioned traditional offerings in the direction of cloud Wi-Fi.
-

The word “cloud” in the name doesn’t tell the whole story, one has to dig deeper. Here’s why.

-
When vendors associate the word cloud with their Wi-Fi solutions, they can be referring to completely different things. This is quite apparent in light of some recent developments.
Third time's NOT the charm for Cisco's adaptive WIPS (aWIPS)
Posted by Hemant Chaskar on Jan 26, 2013
Can you beleive it? - yet another alert came out about a vulnerability in Cisco's WIPS (adaptive Wireless Intrusion Prevention System or aWIPS as Cisco likes to call it):
How AirTight's new network+security console tames distributed Wi-Fi
Posted by Hemant Chaskar on Jan 14, 2013

As Wi-Fi deployments extend into large distributed environments, management of these Wi-Fi networks poses unique challenges. It could be the clinic-wide deployment for the medical facility running into 100’s of sites, branch-wide deployment for the bank running into 1000’s of sites, or store-wide deployment for the fast food restaurant running into 10,000’s sites. The network and security management needs for such deployments are very different from the traditional campus Wi-Fi. Accordingly, the network management console has to deliver on a number of fronts.

Forbes - "Stores are finally turning to WiFi" but is security lacking?
Posted by AirTightTeam on Dec 14, 2012

Really interesting article in Forbes by Verne Kopytoff on the reasons retailers have recognized the value of Wi-Fi for their customers and business processes. He notes that after years of resistance, stores have conceded that the shoppers have won the war. They want Wi-Fi and they will use their smartphones to check out deals.

Wireless IDS/IPS horror stories from the field
Posted by Hemant Chaskar on Dec 12, 2012

These are some recent stories of the IT organizations who brought in wireless intrusion prevention systems (WIPS) to secure their network environments against Wi-Fi vulnerabilities and attacks, and what they encountered was the incessant flow of security alerts that they could not keep up with. That is because, the systems constantly crunched signatures and thresholds from wireless traffic to generate volume of alerts for the security admins to consume. Admins could not grasp the enormity of problems that they would face in the production deployments based on the product previews done in the tiny lab setups and based on the marketing material they saw (hey look, we have Gazillion attack signatures, configuration settings, and thresholds in here!). Learn from their experiences, and avoid the destiny they faced by asking the right questions and making the right technology choices early on. AirTight Networks to date has helped thousands of customers avoid such misery by helping them with the strongest WIPS protection without the overhead of ongoing system management.

Cisco’s recent acquisition shows exciting times ahead for the lead players in the cloud Wi-Fi space
Posted by Hemant Chaskar on Nov 28, 2012

Barely two weeks after I posted my last blog discussing benefits of the true cloud Wi-Fi over the controller over WAN architecture using Cisco FlexConnect as example for the latter; news of Cisco acquiring Meraki broke out. I got a kick out of it since it showed that my inferences on Cisco FlexConnect and other controller centric offerings were dead on spot, that they can never become real cloud Wi-Fi by incremental touchups and jargon experimentation. I also got a kick out of its timing -- 1.2B acquisition barely 2 weeks after I wrote that post! There are several takeaways for the future of cloud Wi-Fi from this big event. First and most obvious is that the cloud Wi-Fi market is expanding rapidly. Another takeaway is that for the vendors already committed to the controller centric WLAN architecture, migration to cloud architecture is not incremental, but it is disruptive. Cisco could not do the migration in-house even after trying for few years with incremental changes like REAP, H-REAP, ELM, and FlexConnect. As I said in my last blog, cloud Wi-Fi is not about throwing controller over WAN, but is needs to be architected differently from the bottoms up. Finally, it also shows that with the standardization of access point platforms, differentiation in mainstream enterprise Wi-Fi will come from innovations in the application space such as network management, security, and integration with other services.

Is your cloud Wi-Fi genuine, or is it controller over WAN imitation?
Posted by Hemant Chaskar on Nov 7, 2012

With rising popularity of the cloud Wi-Fi in the distributed Wi-Fi deployments, there is also an attempt to pass off the legacy controller technology as the cloud Wi-Fi by deploying conventional controllers over the WAN. Realizing that it is infeasible to deploy many smaller controllers in the distributed Wi-Fi deployments such as retail, remote offices, etc., the controller over WAN architecture deploys bigger controllers at the HQ and calls it a cloud Wi-Fi. However, the controller over WAN Wi-Fi does not measure up to the true cloud Wi-Fi for many reasons as outlined below. We will use example of Cisco’s controller over WAN architecture to illustrate these differences. Earlier, Cisco called it H-REAP and ELM, now it calls it FlexConnect, but does changing terminology get controllers to measure up to the true cloud? Let us find out.

3 things to consider in selecting 3x3:3 MIMO Wi-Fi access points
Posted by Hemant Chaskar on Oct 18, 2012

Currently, market is inundated with announcements from vendors on 3-stream MIMO APs. Sure enough AirTight has also launched one being at the forefront of Wi-Fi technology. But what sticks out of some of those announcements is lopsided mention of high speed wireless connectivity, even to the extent of misleading claim of 900 Mbps for the dual radio 3-stream APs albeit with a sneaky word "upto" before the number. While connectivity speed is important consideration (actually now a commodity available out of 3-stream Wi-Fi chipsets), that consideration alone does not help to come up with a good game plan for deploying 3-stream Wi-Fi. A more holistic thinking taking into account real world performance, security, and next generation Wi-Fi architecture is required when selecting 3-stream MIMO APs.

Why retailers embrace cloud for Wi-Fi access, PCI and wireless security
Posted by Hemant Chaskar on Jun 26, 2012

Retailers are increasingly looking to deploy Wi-Fi in their stores. They want to provide guest Wi-Fi to their patrons and also want to deploy in-store applications such as wireless POS and printers, wireless kiosks, wireless digital signage, and HQ network access over Wi-Fi. Coupled with these business drivers there is also a wireless PCI compliance requirement to protect credit card transactions. Retailers however face some unique challenges which were hitherto not met by traditional autonomous or controller Wi-Fi solutions. Now cloud managed Wi-Fi has made it quite feasible for them to achieve these goals.

Securing your network from bring-your-own-device (BYOD)
Posted by AirTightTeam on Jun 12, 2012

What makes network administrators and security professionals tear their hair out - the "cool" employee who is carrying 2 or 3 or more devices and only one of them is actually issued by the company. I admit, I am one of them but not sure how "cool", just a gadget junkie. There is a lot of advice around these days about how to manage this deluge of personal smart devices entering the enterprise, but I found much of the advice given by Software Advice and CRM Market Analyst, Ashley Furness, very solid in her recent post, "Strategies to Secure Your Enterprise in the New World of BYOD". Some of it may seem obvious, but, often the obvious is overlooked for just that reason. We all know folks who do not change their password from "admin". Ashley's article is a good addition to the body of work out there about the challenges of BYOD in the enterprise. One area which is not mentioned, however, is wireless intrusion prevention (WIPS), which is the natural ally of MDM. With MDM, employees have to have an incentive to get the agent on their devices. WIPS solves that problem. AirTight WIPS as an example protects the network from being accessed by unauthorized devices - those which have credentials but are not an authorized device - by allowing administrators to set up rules which will automatically block unauthorized devices (not just rogue APs) from connecting to the network.

AirTight BYOD Survey - Only Two weeks left
Posted by AirTightTeam on Apr 12, 2012

Only two weeks left - take AirTight's One Minute Survey - BYOD: Love it? Hate it?
Click the link - take the survey - enter to win an 8GB iPod Touch.
https://www.surveymonkey.com/s/ATNBYODsurvey2012
Corporate users (e.g. employees, contractors) are accessing enterprise network and data, and bypassing corporate security controls using their personal Wi-Fi devices. This uncontrolled access can open wireless backdoors into the enterprise network, malicious activity, leakage of sensitive data, and exposure to malware.

Smart Mobile Devices -- "Stress Test" for the WIPS of the Future
Posted by Hemant Chaskar on Mar 22, 2012

Traditionally, talking of wireless security in the enterprises we talked about embedded Centrio Wi-Fi, Linksys rogue APs, open source DoS tools, and compliance requirements (PCI, DoD, HIPAA). While these topics continue to be important today, the upcoming proliferation of the smart mobile devices is the new frontier for the enterprise wireless security to address. The inundation of smart mobile devices will result into new monitoring requirements, not hitherto discussed. These requirements would amount to "stress test" for the WIPS and only the best of the breed can hold up. While the new monitoring requirements will be many and varied ranging from unauthorized BYOD to heightened rogue AP risk, in this post I wish to discuss some interesting and unique scenarios (numerous soft mobile hotspots, Nintendo chat blocking, wireless geo-fencing) I already encountered this year working with the customers.

Don't let BYOD turn into "BYOR" in your network
Posted by Hemant Chaskar on Feb 27, 2012

BYOD (Bring Your Own Device) seems to be the dominant theme for 2012 in the Wi-Fi infrastructure and security space. As people increasingly bring in personal smartphone devices on the enterprise premises, the network/security administrators are grappling with the security implications. Given how engaging the new smartphone and tablet apps are, conflict arises between the users’ desire and the network/security administrators’ intentions. You need to ensure that this conflict does not turn BYOD into BYOR (Bring Your Own Rogue AP)!

BYOD and WPA2 - not made for each other
Posted by Hemant Chaskar on Feb 21, 2012

As the BYOD (Bring Your Own Device) tide rises, the network and security admins wonder if their existing Wi-Fi infrastructure security will hold on. In particular, will WPA2 with PEAP, which is pretty much the norm for the Wi-Fi infrastructure security in the enterprise networks today, continue to be adequate? WPA2 with PEAP is simple enough, still strong enough, and has served the enterprise Wi-Fi security needs very well in the past several years. The forthcoming BYOD revolution however pops a new challenge for WPA2 and will require additional thinking on part of the network and security admins about how to complement PEAP to address some of the BYOD security issue. This new challenge comes from the ease with which people can bring in personal mobile devices on the enterprise premises and connect them to the WPA2 enterprise Wi-Fi network without administrator knowledge or help.

Even at Shmoocon, Security Can't Be Taken for Granted
Posted by Rick Farina on Feb 3, 2012

Shmoocon labs is a group of vendors and attendees who get together before Shmoocon begins for a learning experience. The task – build a stable and SECURE network infrastructure to meet the needs of the convention. The idea is to teach people how to use the hardware from various vendors and make it all work together as a network that remains secure, stable and functional throughout the conference, no matter what.

A tale of the two WLAN controllers, do we need to be chasing our tail for the WLAN security?
Posted by Hemant Chaskar on Jan 31, 2012

Right when the Wi-Fi access and security management are moving towards the controller-less architecture, another interesting architecture seems to have evolved at the other extreme. This architecture seems to be advocating not one, but two WLAN controllers in tandem – and that too from two different vendors. And, some optional (additional?) security management servers on top of the tandem. You think I am kidding? Then check this announcement from Aruba Networks, which is a leading controller-based WLAN vendor: http://www.arubanetworks.com/solutions/by-application/byod-services-on-your-existing-wi-fi/. The stated business case seems to be to put a band-aid on the Cisco WLAN’s (another leading controller-based WLAN vendor) insufficient security features.

AirTight SpectraGuard Products Achieve FIPS 140-2 and DISA UC APL Certification
Posted by AirTightTeam on Dec 16, 2011

This month, AirTight Networks' flagship product, SpectraGuard® Enterprise, achieved FIPS 140-2 validation from the National Institute of Standards and Technology (NIST) of the United States and the Communications Security Establishment of Canada (CSEC).

Skyjacking attack – then Cisco, now Aruba?
Posted by Hemant Chaskar on Jul 18, 2011

Recall “Skyjacking” vulnerability discovered with Cisco LAPs couple of years ago? It allowed hacker to transfer control of enterprise Cisco LAPs from enterprise WLC to hacker controlled WLC in the Internet with over-the-air attack. Once control is transferred, the hacker could change configuration on those LAPs in any way by adding, deleting and modifying SSIDs. The hacker could also tamper with Cisco monitor mode APs and take away the security layer. Cisco Skyjacking exploited vulnerability in Cisco’s over-the-air controller discovery protocol. Know more about it here.

Now a similar vulnerability seems to have been discovered in Aruba OS and AirWave console. The advisory states: “[a]n attacker could plant an AP with maliciously crafted SSID in the general vicinity of the wireless LAN and might trigger a XSS vulnerability in reporting section of the ArubaOS and AirWave WebUIs. This vulnerability could potentially be used to execute commands on the controller with admin credentials.” Though modus operandi is different from Cisco, the end result is similar - transferring the control of Wi-Fi controller to hacker by launching over-the-air attack.

No system is free from vulnerabilities and such things will continue to be discovered. But, you don't have to give away "hack one, get one free". You don't have to give hackers control of Wi-Fi coverage and Wi-Fi security in a single shot. This can be achieved by ensuring that the Wi-Fi security layer operates independent of Wi-Fi infrastrucutre.

IMF, Citigroup, Sony Hacks - Security Lessons to be learned
Posted by AirTightTeam on Jun 13, 2011

This article in Information Week by Mathew J. Schwartz is well worth reading. It is time that security came first and compliance second IMHO. Click on the link below and I would love your feedback on the article and my comments.

WIPS complements MDM security by blocking personal smart devices
Posted by Mike on May 27, 2011

With the explosive growth of smart devices in the enterprise, Mobile Device Management (MDM) is a hot topic among IT departments these days. In order to secure the network and protect sensitive data on mobile endpoints, many organizations are deploying tools to secure, monitor, and manage smart devices accessing their networks. Installing an MDM agent on mobile assets gives the IT department the ability to enforce VPNs, remotely wipe data off stolen/lost devices, and ensure that devices under management by the IT staff are running the most current and secure applications.

Android found vulnerable to sidejacking!
Posted by Kaustubh Phanse on May 18, 2011

Last Friday, a vulnerability in Google's ClientLogin Protocol was disclosed that makes most Android users vulnerable to "sidejacking." All services (Calender, Contacts, Picasa, Stock Quotes, etc.) that use the Google's ClientLogin API for "Auto Sync" are vulnerable.

Sidejacking (aka session hijacking) is not new to Wi-Fi. Firesheep that caused a stir last October is a recent example of a tool demonstrating sidejacking attack against Twitter and Facebook. The latest vulnerability though holds significance given the huge userbase of Android smartphones commonly using their smartphones at Open Wi-Fi hotspots.

AirTight demos PCI and WiFi cloud solutions at NACStech conference
Posted by Mike on May 12, 2011

AirTight Networks will be demonstrating cloud-based PCI compliance and Wi-Fi access solutions at the NACStech conference in Las Vegas, May 16-18.

Are Smartphones the New Platform for "Mobile Hacktivism"
Posted by Mike on May 9, 2011

There's been a lot of news in recent weeks surrounding the Sony PlayStation Network breaches. One of the questions that I have received multiple times since this started is whether or not this was a wireless breach or if wireless was in any way part of the Sony vulnerability.

SMBs, WEP still a target for War Drivers
Posted by Mike on May 9, 2011

After the TJX breach, the PCI security council strengthened their wireless security standard in an attempt to prevent such catastrophic incidents from reoccurring. While some of the largest retailers strengthened their wireless security, small and medium businesses need to take a look at their own security practices because they are just as susceptible, maybe more. In its annual Data Breach Investigations Report earlier this week, Verizon said "criminals are increasingly hitting smaller businesses as it becomes harder to steal financial data from big companies."

Webinar 4/26 - Smartphones Outsmarting Your Network Security Perimeter?
Posted by AirTightTeam on Apr 18, 2011

When: Tuesday 26 April 2011, 11:00 AM - 12:00 PM
Time Zone: (GMT-08:00) Pacific Time (US and Canada); Tijuana

Are smartphones outsmarting your network security?
Posted by Mike on Apr 1, 2011

If you are concerned about the proliferation of smart devices (Iphones, Droids, tablets) and the impact on your network security, then this is a "can't miss" webinar. The inability to detect and block unauthorized personal devices from attaching to your network puts your business at risk. AirTight CTO and Founder Pravin Bhawat discusses the challenges with mobile device management and the limitations of existing wireless network security measures.

Wireless Threats: Fact or Fiction?
Posted by Gopinath K N on Feb 15, 2011

1. Have you wondered if Wi-Fi threats can be present in your network?

Network World: Gartner slams Cisco's single vendor network vision
Posted by Mike on Jan 31, 2011

I meant to publish something when I first saw this article in Network World. Apparently Gartner debunks the myth that a single vendor network solution is more cost effective and easier to manage. Pretty strong statement by Gartner and there were some pretty strong reactions if you look at the comments on the Network World site.

The Cloud Provides CFO Friendly Wi-Fi
Posted by Mike on Jan 31, 2011

Controller based WiFi architectures have been the standard for some time, but the advantages of the cloud appear to be a perfect fit for deploying a scalable, and more importantly, manageable WiFi infrastructure. Cloud based solutions are intended to drastically reduce the cost and complexity of delivering an enterprise solution. And WiFi should be no exception.

By now, you have discovered CFO’s like cloud computing. IT solutions that can be purchase as a cloud solution eliminate up front capital expenditures, depreciation, and product obsolescence.

Cloud solutions improve cash management because there is no need to write a big check all up front. Paying only for the capabilities you need, lowers your organizations financial risk. And the recurring (often monthly) operational costs of cloud based solutions provide easy to forecast and budget IT expenditures. Lastly, because deployment time and on-going operational overhead can be recognzed in weeks not months, results are easier to measure.

If you are considering a new WiFi deployment or are ready for a refresh, take a look at this video to see how AirTight's Cloud Services can help.

Wi-Fi Insecurity Wrap-up for 2010
Posted by Ajay Gupta on Dec 27, 2010

The year 2010 witnessed continued growth in the enterprise WiFi deployments. The growth was fueled by the latest 802.11n revision to WiFi technology in the late 2009 and ready availability of WiFi in most consumer electronic devices launched in 2010, including the smart phones, printers, scanners, cameras, tablets, TVs, etc. The year 2010 also witnessed popularity of the specialized WiFi centric devices, such as MiFi.

However, the year 2010 also has some major WiFi security revelations/incidents in its kitty, which re-emphasize the continued need for adoption of the best practices for secure Wi-Fi deployment/usage. Here is the run-down on significant WiFi insecurity events which we witnessed in 2010:

  • Windows 7 virtual WiFi can turn a machine into a soft Rogue, which took Rogue AP thinking to a new level beyond the commercially available AP hardware.
  • Insecurity exposed due to MiFi like devices after the WiFi malfunction was experienced at two major trade shows in 2010 due to these devices – the first one was Google’s first public demo of Google TV and second was iPhone 4 launch at Apple Worldwide Developers Conference. Though this manifested as performance problem, it did show how easy it had become to set up personal HoneyPot AP or Hotspot AP on enterprise premises.
How to eat the cake and have it too...well, at least in wireless security
Posted by Hemant Chaskar on Sep 20, 2010

Will deploying wireless intrusion prevention make me better "protected" or will it leave me "frustrated" because of the increased operational overhead? If you as a network or security administrator are looking for answer to this question, the answer is: Depends! That is because; it depends on how your wireless intrusion prevention is architected. This video will tell you more about it .

WPA2 Hole196 Webinar Q&A
Posted by Kaustubh Phanse on Aug 21, 2010

Due to the overwhelming attendance and response we got to the recent WPA2 Hole196 webinar, we did not have time to answer all the questions asked during the webinar. In this post, we are keeping our promise and answering those webinar questions.

By the way, the webinar slides and recording from this webinar as well as answers to the frequently asked questions on Hole196 and a white paper are available here.

So here we go!

WPA2 finds itself in a "hole"! Vulnerable to insider attacks!
Posted by Kaustubh Phanse on Jul 23, 2010

Wi-Fi security has experienced a lot of churn over the last decade. As protocols like WEP and TKIP fell by the wayside, WPA2 emerged as the "Last Wi-Fi Security Protocol Standing." Wi-Fi Alliance recently announced its plan to phase out WEP and TKIP, promoting WPA2 as the go-to security standard.

With solid protection in the form of AES encryption and 802.1x based authentication, there was no reason to look beyond. WPA2 did its job well keeping the bad guys outside, out of the network. And traditionally that has always been the focus of Wi-Fi security.

But...!

One fine day in New Delhi
Posted by Gopinath K N on Jul 7, 2010

I am just back from a trip to New Delhi (along with my colleague, Prabhash Dhyani). The weather was quite hot and humid. Amidst flight delays and apparently unstoppable Delhi traffic, we managed to meet up with some interesting folks and exchanged several ideas. You may be wondering what this has got to do with a security blog, hold on, you will soon find out!

Goodbye, WEP & TKIP
Posted by Gopinath K N on Jun 18, 2010

Wi-Fi Alliance has (finally) decided to take some giant steps in improving the state of wireless security. Starting Jan 2011, TKIP will be disallowed on new APs and from 2012, it will be disallowed on all Wi-Fi devices. Come Jan 2013, WEP will not be allowed on new APs and from 2014, WEP will be disallowed on all Wi-Fi devices. This is the good news. But, let us also get to the “bad” news.

Google or Apple, WiFi spares no one!
Posted by Hemant Chaskar on Jun 10, 2010

Last week we saw Google facing legal tangles for “accidental interception” of WiFi signals and this week it was Apple facing “mysterious disappearance” of WiFi signals during iPhone-4 demo at WWDC keynote. So “what’s going on”, does WiFi not like us any more? Well, because these things struck Eric and Steve, we got to hear about them, but in fact they strike Tom, Dick and Harry everyday.

But there is a way out of this WiFi chaos.

Has your data been "Woogled"?!
Posted by Kaustubh Phanse on Jun 3, 2010

The WiFi snooping row Google has gotten itself into seems to be far from over. In April, Google revealed that its Street View cars had been collecting basic data such as the MAC addresses and SSIDs of WiFi networks in the vicinity. But after German authorities asked Google to audit the data, it admitted to have been "mistakenly" snooping payload data from Open WiFi networks. Apparently, a piece of WiFi data analysis code, written by Google engineers back in 2006, was part of the software used by the Street View cars, in turn leading to the WiFi snooping (of about 600 GB of data across 30 countries!).

Wi-Fi Packet Capture Made Easy
Posted by Gopinath K N on May 8, 2010

Recently, there have been multiple instances of Wi-Fi issues related to iPads. Apple has also acknowledged some of the issues - e.g.,an iPad may not automatically rejoin a known Wi-Fi network on a dual band router . Also, Princeton university has faced serious network problems due to iPad. This has been attributed to a problem in the DHCP client on iPad. Here is an interesting theory on how the IEEE 802.11 Power Save mode may be playing a role in this. The Wall Street Journal reports that such issues have lead to the ban of iPads at several universities. This is a cause for concern.

Wireless Forensics: A Review from RSA Conference 2010
Posted by Kaustubh Phanse on Apr 30, 2010

With more enterprises deploying wireless LANs and employee-owned WiFi devices flooding enterprises, wireless LAN forensics is becoming a key component of any network forensic audit -- whether to prove compliance with a regulation such as PCI DSS or in response to a security incidence. But wireless presents unique challenges to forensic audits.

Last month, at RSA 2010 conference in San Francisco, I had the oppourtunity to discuss this issue with experienced auditor and certified PCI QSA Jim Cowing. Here you can view the video recording of an abridged version of our RSA 2010 talk "Anatomy of a Forensic Audit: How Wireless Changes the Game."

 

Let me summarize the highlights from the talk:

Interference combat guide for WiFi networks: Part 1
Posted by Hemant Chaskar on Apr 19, 2010

We often hear that WiFi network performance degrades due to radio interference. We also hear that interference is a complex beast which cannot be easily tamed. There are two types of interference sources which affect WiFi network performance - non-WiFi sources and WiFi sources. This post provides a guide to some practical steps to combat often cited non-WiFi interference sources such as microwave oven, Bluetooth, baby monitors, cordless phones, wireless cameras and jammers. The WiFi interference sources will be discussed in later post.

Humpty Dumpty sat on a wall...
Posted by Kaustubh Phanse on Mar 16, 2010

Every now and then we run into network administrators and CSOs that brag about how their organization is not vulnerable to wireless security threats, only to see their rash confidence fizzle out once the results from a wireless vulnerability assessment or penetration test are out.

Today, most are aware that Open WiFi on enterprise network is foolish and using WEP encryption is a bad idea and that WPA2/802.1x is the way to go. Then where do they go wrong?

Windows7 Virtual AP - Why is it a big deal now?
Posted by Jatin Parekh on Mar 4, 2010

Windows7 Virtual AP – Why is it a big deal now?

Ever since WiFi radios were available, there have been open source and priced software that allowed users to convert their client cards into APs. While these were available only on Linux based operating systems to start with; ‘Soft AP’ drivers and software has been available for most operating systems for at least a few years now. Also available were USB devices that operate as an AP. In addition; the WiFi interface could always have been put into ad-hoc mode, allowing other clients to connect to it, effectively creating the same vulnerability as a soft AP

So, why is soft AP suddenly a big deal when Windows7 provides this as a built in option in the OS?

Windows 7: A New Wireless Risk for the Enterprise - Webinar
Posted by AirTightTeam on Mar 3, 2010

Last week AirTight presented the first Webinar designed to educate network administrators and security professionals about the wireless risk introduced with Windows 7. The response was so overwhelming that we are presenting it live again on March 10. I guess we hit a nerve since AirMagnet is bringing up the rear now and presenting a Webinar on the subject. But if you want an in depth look at this topic and solid advice on protecting your network, join AirTight experts for a live encore presentation of our webinar:
Windows 7 - a New Enterprise Wireless Risk

When: Wednesday 10 March 2010, 10:45 AM - 12:00 PM
Time Zone: (GMT-08:00) Pacific Time (US and Canada); Tijuana

SIMFI: Convert your cell phone into a WiFi honeypot!
Posted by Gopinath K N on Feb 16, 2010

My previous post "WiFi Hots(Honey)pots Go Mobile" (http://blog.airtightnetworks.com/wireless-security-mobile-hotspot/) talked about Palm Pre/Pixi Plus going the hot(honey)pot way.

WiFi Hots(Honey)pots Go Mobile
Posted by Gopinath K N on Jan 22, 2010

Are you already having trouble preventing your enterprise Wi-Fi clients from connecting to some of the existing public Wi-Fi networks (e.g., T-Mobile, Google WiFi)?

SSL Renegotiation Vulnerability: Journey from Theory to Practice to Prevalence
Posted by Hemant Chaskar on Dec 2, 2009

The SSL renegotiation vulnerability disclosure created mood swings in the security community over last month. Immediately after the disclosure, security community was split in opinion about its severity and relevance.

What, wireless security violation over flower vase?
Posted by Hemant Chaskar on Nov 26, 2009

Ever cared to take objection to someone putting flower vase on the table in your office, as it violates your wireless security policy? That is preposterous, isn’t it? Not any more. Look at the artistic WiFi router design from STC.

How "soft APs" can create "soft spots" in your network security
Posted by Hemant Chaskar on Nov 13, 2009

In several of my recent wireless scanning exercises, I have encountered soft APs much more often than before. In one case, it was an employee who returned from business trip who had used USB WiFi AP in hotel to share his Internet connection with fellow workers (well, they did not all want to pay $5 per hour, if they can get around by paying only once!) and did not care to remove it from laptop before connecting into enterprise network. In another case, it was an employee in no-WiFi organization who used to impress others by creating soft AP on his Window’s laptop for others to access. The moral of these stories is that the occurrence of rogue AP on the enterprise network in the form of soft AP has become more pronounced of late. I think the reasons behind this are the ease with which operating systems (notably Microsoft Windows) allow soft AP configuration on embedded WiFi interfaces as well as off-the-shelf availability of PCMCIA cards and USB sticks designed for soft AP operation. It is also worth noting that soft AP is also a perfect “solution” to put rogue AP on network evading wireside controls such as 802.1x, NACs and wireside-only rogue AP scanner.

802.11w Tutorial
Posted by Gopinath K N on Nov 2, 2009

The new 802.11 security protocol called 802.11w was recently ratified. Check this 802.11w-Tutorial to know how it works and what it means for your WLAN.

Wi-Fi vulnerabilities exposed in Today Show video
Posted by Mike on Oct 29, 2009

Interesting piece on Wi-Fi security on the Today Show this morning. The Today Show aired a piece called “Is your Wi-Fi connection safe?”
The story shows war driving through a residential neighborhood to show that many residential Wi-Fi users still deploy their wi-fi devices without passwords, leaving their connections vulnerable to eavesdropping.

Making the right choice for rogue access point detection technology
Posted by Hemant Chaskar on Oct 7, 2009

At every turning point big or small, mankind has faced the challenge of making choices between available technologies. May it be “DC vs AC” debate which laid foundation for our electrical distribution systems, or “mainframe vs workstation” debate which created platform for the modern Internet. At this turning point today when WiFi is poised to become mainstream enterprise networking technology, the network security administrator faces challenge of making right technology choice for WiFi security.

Among other things, one important technological choice the administrator will have to make is between wireless intrusion prevention systems (WIPS) which use “active” vs “passive” network connectivity detection methods.

Robust detection of wireless access points' connectivity (or non-connectivity) to the enterprise network being protected lies at the heart of security and manageability aspects of the WIPS. A false negative, i.e., network connected AP called as not connected, results in security hole as it can cause rogue access point (AP) to go unnoticed. A false positive, i.e., network unconnected AP called as connected, results in nuisance and also creates hindrance to initiating to automated blocking.

Cost Stifles PCI DSS Compliance, Many Perceive Wireless as Top Threat: New Survey Finds
Posted by Hemant Chaskar on Sep 27, 2009

An interesting survey on PCI DSS compliance was recently published by the Ponemon Institute. There are many interesting findings in the survey some of which I summarize here.

Ugly, Bad and Good of Wireless Rogue Access Point Detection
Posted by Hemant Chaskar on Sep 20, 2009

One critical requirement from wireless intrusion prevention system (WIPS) is that it should offer robust protection against rogue wireless access points. The protection should entail instant detection followed by automatic blocking (prevention). Rogue AP detection should be free from false alarms – both on positive and negative sides.

Rogue AP means unauthorized AP wired to (connected to) monitored enterprise network. In other words, rogue AP satisfies two conditions: i) It is not on the authorized AP list, AND ii) it is wired to the monitored enterprise network.

The first of the above two conditions is easy to test, just compare BSSID of detected AP with your managed AP BSSID list. The second condition is where things start to become interesting. Accurately and reliably detecting if every AP seen in air is wired or not wired to the monitored enterprise network requires technological sophistication. Based on the level of sophistication, three types of rogue AP detection workflows are prevalent in wireless intrusion prevention system (WIPS) solutions available in the market.

802.11n ratified as IEEE standard
Posted by Kaustubh Phanse on Sep 14, 2009

Finally the news that everybody in the WiFi world has been waiting for! Exactly six years after the 802.11n task group was formed, 802.11n got the final ratification as IEEE standard last Friday.

Is a strong inner layer of defense needed for robust wireless security?
Posted by AirTightTeam on Sep 9, 2009

When talking about wired security, enterprise IT administrators talk about multiple layers of defense such as internet firewalls, VPNs, admission control, email filtering, content filtering, web application scanning and many others. It is like a hacker has to peel multiple layers of an onion before getting to the core. Each layer of security is independent and is preferably sourced from different vendors. Each layer compounds the amount of work that a hacker has to perform to get in.

When considering the security of a wireless network, the same enterprise IT administrators are content with the basic security mechanisms integrated into the wireless LAN infrastructure by vendors such as Cisco Systems and Aruba Networks. IT departments have a hard time understanding why an inner layer of defense for wireless network security is needed in the form of an advanced wireless intrusion prevention system (WIPS). The wireless network security posture of an organization is the weakest when the security integrated into wireless LAN infrastructure is the only layer protecting the core network. Without an inner WIPS layer, the core network is open to rogue APs, unauthorized client connections, ad-hoc networks, MAC spoofing and many other attacks that the wireless LAN infrastructure security cannot protect against.

The New Attack on WPA/TKIP: Much Ado About Nothing?
Posted by Deepak Gupta on Sep 8, 2009

The recently announced improved version of the original Beck-Tews attack on WPA/TKIP appears to have put the wireless security community in a tizzy again. In this post, I argue that the new attack is neither groundbreaking in academic terms, nor is it more worrying in practical terms.

The proposed attack assumes (somewhat unrealistically) that the AP and client cannot hear each other but the attacker can hear both (and can thus act as a man-in-the-middle). In terms of attack speed as well, it is actually slower than the original attack under its stated assumptions.

Skyjacking: What went wrong?
Posted by Deepak Gupta on Sep 2, 2009

Security is hard to get right and shortcuts -- be it coding shortcuts or design shortcuts – come back and haunt the product designers when the rubber hits the road.

The recently discovered “skyjacking” vulnerability of the Cisco LAPs seems to be a classic example. The “Over The Air Provisioning” (OTAP) feature allows an out-of-the-box Cisco LAP to automatically discover available WLC controllers to connect to by listening to wireless OTAP packets broadcast by neighboring Cisco LAPs. This feature obviously has attractive plug-and-play benefits for the end user but has also resulted in some critical security holes in the Cisco wireless infrastructure as reported recently. Malicious OTAP packets transmitted by an intruder can make a LAP connect to a “rogue” WLC controller on the Internet. This controller can modify the wireless settings of the AP in devious ways resulting in an AP that is in your airspace, connected to your wired network but completely controlled by an attacker.

Many security vulnerabilities are due to coding bugs (for example, inadequate input checking or the infamous buffer overflows). In contrast, the skyjacking vulnerability has its root, in my opinion, in two questionable design decisions that were probably made as early as the requirements definition stage.

Wireside-only Rogue Detection: Inadequate For Both Security and Compliance
Posted by Gopinath K N on Sep 2, 2009

Rouge AP is an unauthorized AP connected to enterprise wired network. It can allow access to the enterprise wired network from its RF spillage outside of the premises. While it is well established in the mainstream that wired-wireless correlation is the only robust technique to detect such rogue APs, there also have been some wireside-only scanning techniques around to detect rogue APs connected to the enterprise wired network. At first sight, wireside-only scanning appears attractive from cost and deployment perspective as it does not require RF scanners. However the reality is that wireside-only scanning fails to detect many common types of rogues on the wired network.

Cisco AP Skyjacking
Posted by AirTightTeam on Aug 26, 2009

This latest vulnerability on Cisco WLAN (AP Skyjacking) points out the importance for customers to deploy overlay WIPS to have a zero day response capabilities in place. Making changes to your WLAN controller, APs, and firewalls takes time and new vulnerabilities like this will continue to surface.

Is skyjacking a mere DoS threat against Cisco WLAN?
Posted by Pravin on Aug 26, 2009

Skyjacking vulnerability which allows Cisco LAP to be diverted to connect to rogue controller by manipulating OTAP could be more dangerous than what has been clarified by Cisco in its advisory. The advisory says that “An exploit could prevent the device from functioning properly, resulting in a DoS condition. There is no risk of data loss or interception by the rogue access point or Wireless LAN Controller.”

Cell Phone Jamming in Prisons - Could it be done?
Posted by AirTightTeam on Aug 18, 2009

I recently read a statement put out by Senator Kay Bailey Hutchison urging support for her bill, " The Safe Prisons Communications Act creates a framework for the FCC to test and approve jamming equipment and to review applications from corrections facilities seeking to install cell phone jammers. Most importantly, to ensure the integrity of wireless networks for public safety and commercial wireless providers, and minimize any chance of interference, the legislation outlines the coordinated efforts from all stakeholders, including prisons and the telecommunication providers."
http://ourtribune.com/article.php?id=7975
According to Hutchison cell phones are used within the prison walls to coordinate crimes outside the wall, including murders, intimidation and fraud. The idea struck me as one that could be a slippery slope but one could hardly argue that prisoners have a "right" to cell phones - or do they. I would love to hear comments on this one.

CNN - Security experts warn of dangers of rogue Wi-Fi hotspots
Posted by AirTightTeam on Aug 11, 2009

Security experts warn of dangers of rogue Wi-Fi hotspots

Story Highlights from CNN International

  • Security experts warn Wi-Fi users to be more vigilant against hackers
  • Experts say it's difficult to distinguish between legitimate and rogue networks
  • Wi-Fi Alliance says spread of Wi-Fi hasn't led to an 'epidemic' of hacking
  • Users urged to protect their networks, use VPN for sensitive data

LONDON, England (CNN) -- You're sitting in an airport lounge and seize the chance to check your e-mails before your flight departs. You log on and are tempted by a wireless Internet provider offering free Internet access. So, do you take it?

Security experts warn that hackers may be masquerading as free public Wi-Fi providers to gain access to the laptops of unsuspecting travelers.

SSLstrip: Even Careful Users Can Be Trapped by Wireless Honeypots
Posted by Hemant Chaskar on Aug 9, 2009

Moxie Marlinspike presented SSLstrip at Blackhat early this year. The author made observation as to how most people initiate access to secure (HTTPS) websites using insecure connection (HTTP) which creates opportunity for the man-in-the-middle (MITM) attacker to get into the middle of the connection without flashing certificate mismatch message on the user’s machine. It is also possible to display a fake lock icon on the browser. This is unnerving because even those scrupulous users who pay heed to the certificate mismatch warnings can no more avoid MITM attacks by just doing that.

WiFish Finder: WiFi Honeypot vulnerability assessment made simple
Posted by Pravin on Aug 2, 2009

What % of WiFi laptop users in your organization are vulnerable to WiFishing attacks? The odds are very high that you don’t have an exact answer.

WiFi Rogue AP: 5 Ways to (Mis)use It
Posted by Gopinath K N on Jul 28, 2009

“The notion of a hard, crunchy exterior with a soft, chewy interior [Cheswick, 1990], only provides security if there is no way to get to the interior. Today, that may be unrealistic.”-- What Firewalls Cannot Do, Firewalls and Internet security

Rogue APs are Access Points (APs) that are deployed in an enterprise network without the consent of the network administrator. In certain cases, the intent behind a Rogue AP may be benign – for example, an employee who wants to access the network from his favorite corner of the office. While in other cases, a Rogue AP can be deployed with a malicious intent – say, by an attacker or his accomplice.

Sneaking in Rogue APs into an enterprise may not be difficult. Pocket size WiFi APs for less than $50 are readily available in retail stores. Due to spillage of RF signal, a Rogue AP enables an attacker sitting in the parking lot to directly access your enterprise wired network. After interacting with some of our customers and prospects, I have realized that they are familiar with Rogue APs but, lack a complete picture of what all damages one can inflict via a Rogue AP. Hence, I thought of compiling this list of “uses” for a Rogue AP (yes, “use” from the perspective of an attacker or an unauthorized user).

  1. Data Leakage One of the most basic uses of a Rogue AP is the wealth of information it can expose through leakage of enterprise data. Just by passive sniffing of the leaked data, an attacker can gain information about the users in the network and their communication. Packets may be leaking network related information such as host names & IP addresses (All of us know about tons of broadcast packets that network devices transmit). Or, worse, in some poorly configured networks, sensitive information such as user names, passwords, email and data communication may also leak out.
PCI Security Council Clarifies Wireless Security Requirements for PCI DSS Compliance
Posted by Kaustubh Phanse on Jul 23, 2009

Any organization handling payment card data should pay immediate attention to the PCI DSS Wireless Guideline published by the PCI Security Standards Council Wireless Special Interest Group last week.

The key highlights are:

5 Wireless Intrusion Prevention Questions You Should Ask
Posted by Gopinath K N on Jul 20, 2009

In my previous blog post (5 Wireless Intrusion Detection Questions You Need to Worry About), I talked about the key questions that are related to the detection of Wireless (WiFi) based intrusions in your enterprise. Today, let’s turn the focus on to the other important aspect of WiFi security – Intrusion Prevention. Here are the 5 questions you should ask on wireless intrusion prevention in your enterprise. Let me know if your answer to all of these questions is in the affirmative.

  1. Does my wireless security solution provide accurate and automatic prevention? If your solution requires a manual intervention for blocking a detected intrusion, you may be too late. Hence, the key to any intrusion prevention solution is the ability to automatically block the intruder. Although this requirement may seem obvious, it is interesting to note that getting this right is non trivial. For example, a poor implementation can end up blocking your neighbor’s communication - highly undesirable and in certain regions, illegal. Unless your security solution can accurately classify WiFi communication (authorized, unauthorized and don’t care/external), you will not be able to achieve this key functionality.
Wireless Challenges in Meeting Critical Infrastructure Protection (CIP) Standards
Posted by Hemant Chaskar on Jul 19, 2009

North American Electric Reliability Corporation (NERC) has promulgated Critical Infrastructure Protection (CIP) standards for cyber security in electric power industry. A recent white paper in Automation World magazine brings out challenges faced in CIP implementation due to proliferation of wireless networking. The paper lays out various scenarios such as approved wireless use, inadvertent wireless use, covert wireless use etc. which break conventional perimeter security model. It recommends state of the art wireless monitoring and control to enforce wireless perimeter security for energy assets.

Health Care & Wi-Fi networking
Posted by AirTightTeam on Jul 15, 2009

Recently we did a webinar with one of our health care customers (Maine Medial Center) and it was interesting to note how Wi-Fi networking has become mission critical in health care driven by applications. Various patient care applications enabled via Wi-Fi networking increases patient care quality, improves efficiency, and drives down overall cost. Given all the current discussion regarding healthcare reform and driving down costs, this is interesting to note how a technology like Wi-Fi networking can help you do that.

5 Wireless Intrusion Detection Questions You Should Worry About
Posted by Gopinath K N on Jul 13, 2009

If you own an enterprise grade local area network (LAN), you need to be aware that wireless (WiFi) based intrusions can potentially be exploited to create security backdoors into your network. This is true even if you have not rolled out your wireless LAN (WLAN) or have rolled out a WLAN that adopts the best-in-breed cryptographic security.

Today, Chief Security Officers (CSOs), Chief Information Officers (CIOs) and network security administrators have different perceptions on the extent of WiFi based intrusions. Hence, they have adopted different solutions to secure their enterprise network from WiFi intrusions.

  1. At the one end of the spectrum, there are users that believe that wired IDS/IPS and Networks Access Control (NAC) solutions are adequate to thwart this threat.
  2. Next, there is a class of user who are believe in “moderate security”. They have adopted part time wireless intrusion detection capabilities in their networks.
  3. At the other end of the spectrum, there are users that believe in dedicated & specialized wireless intrusion detection and prevention (WIPS) systems to defend against this threat.

Independent of which of the above groups you may belong to, here is my list of 5 intrusion detection questions that you need to worry about. If you don't agree, I would love to hear your views.

Not All Cyber Criminals Are that Smart
Posted by AirTightTeam on Jul 6, 2009

This story seems to come from the files of "I am ten feet tall and bulletproof." Many of us have a mixed reaction to those who are able to manipulate computers and code to their advantage for criminal acts. We wonder why they do not use their talents to simply make money the old fashioned way but also are outraged at their actions which disrupt our lives, compromise our security and cost us money. But then you read a story such as the one Robert McMillen of IDG posted over the weekend about the security guard and ersatz hacker who allegedly videotaped his cyber exploits at the clinic he was supposed to be protecting and then posted them to YouTube. He claimed to be adding botnets which would allow him to do a denial of service attack on July 4 just for the fun of it. He did get caught. You really have to read this story which is both funny and sad at the same time.

Defending Against Zero Day Attacks in WLANs
Posted by Hemant Chaskar on Jun 26, 2009

Zero Day Attack is exotic name for hacks which will be realized in future and which we don’t know about today. Conventionally, it is believed that a zero day attack will create some anomaly in the network behavior and hence some form of anomaly detector can provide protection from zero day attacks. However, there have always been practical difficulties in implementing robust anomaly detector. Fortunately for 802.11 WLANs, there is also an alternative viable way to defend against zero day attacks.

Using neighborhood wi-fi to get kids into the car
Posted by Mike on Jun 16, 2009

My 12 yr old son was fiddling with his iTouch in the back seat of the car last week when it finally dawned on him that he could see several available wi-fi networks in our neighborhood from the front of the house . "Hey, I can connect to Marci's wi-fi ! Can we sit in the driveway for a couple minutes so I can download some songs?"

Live Alerts: A Unique Addition to AirTight`s WIPS functionality
Posted by Ajay Gupta on Jun 16, 2009

Live Alerts helps system administrators to quickly identify the ongoing vulnerabilities and performance related issues in an enterprise Wi-Fi deployment.

Before Live Alerts, it was very difficult for an administrator to identify the ongoing threats from the list of reported threats/anomalies. However, with the introduction of Live Alerts, he can now easily distinguish and prioritize between ongoing and past threats/anomalies.

Introduction:

Realizing mobility advantages in businesses, Wi-Fi is increasingly being deployed in corporate premises. However, due to the nature of Wi-Fi technology, an administrator has to face certain security and performance challenges while managing the corporate Wi-Fi space.

Voice Mobility powered by Wi-Fi Telephony
Posted by Ajay Gupta on Jun 15, 2009

Wi-Fi telephony is the upcoming technology that can be set up on existing enterprise Wi-Fi network and empowers enterprises with voice mobility benefits in an easy, scalable and cost-effective way.

Increased deployment of superior Wi-Fi networks to achieve wireless data access and increased adoption of VoIP technologies to make cost-effective calls has led the concept of Wi-Fi telephony to emerge in the recent years.

With Wi-Fi telephony in place, voice mobility can be achieved in an easy to use and inexpensive way. Voice mobility in general refers to flexibility for users to make telephone calls from any place within a premise. Enterprise premises empowered with voice mobility have more productive employees, increased employee convenience and improved business process resulting in faster decision making, increased responsiveness and greater overall productivity and efficiency.

Number of antennas on AP – bellwethers of WLAN technology generation
Posted by Hemant Chaskar on Jun 10, 2009

Early 802.11b APs used to have 1 antenna on them, which later became 2 in the 802.11g/a era, which now have become 3 or 6 in the current 802.11n era. So why do number of antennas keep changing as WLAN technology advances to every next generation.

TKIP Primer on Security Tube
Posted by AirTightTeam on Jun 8, 2009

Michael is the Message Integrity Code adapter by the TKIP standard. Michael is actually a weak code which uses simple additions and shift operation which are computationally less expensive, but strong enough as a intermediate solution from WEP. Michael was chosen as MIC in TKIP, so that the already deployed low end Access Points can also be software upgraded to TKIP without any hardware change. This video explains the working of MIC in TKIP.

AirTight on Wired/Wireless Security at HP Technology Forum
Posted by AirTightTeam on Jun 5, 2009

AirTight's director of technology joins HP ProCurve executives for two informative sessions at the HP Technology Forum in Las Vegas
June 15-18, 2009, Mandalay Bay, Las Vegas, Nevada, USA
Session: Wired/Wireless Management
Speakers: Dr. Hemant Chaskar, Director of Technology, AirTight Networks, Carl Blume, HP
This session offers timely advice for managing wireless and integrated wired/wireless networks from the perspectives of security, policy enforcement, performance optimization, and scalability.

Is Obama Right - Cyber Security in Private Enterprise Is a Homeland Security Issue
Posted by AirTightTeam on Jun 1, 2009

Do you believe that IT security in private enterprise is a national security issue? I do and would love to hear your thoughts. You might want to take a look at the Airport WiFi and Financial District wireless vulnerability studies that AirTight performed recently to see just how badly some organizations are following b est practices when it comes to wireless security.
It appears that in some quarters folks felt that the President did not tell us anything we did not know in his speech on Friday about cyber security. I think we need to understand, however, that the key phrase there is "anything WE did not know." At times we who work in technology live in a bubble and assume that everyone understands what we understand. But technology or cyber security is our business - it is not the core business of the financial institution, the hospital, the school, the utility etc.

Karmetasploit: Integrated Tools Lower Bar On Hacking Wireless Clients
Posted by Hemant Chaskar on May 25, 2009

Metasploit Framework integrated with KARMA! Metasploit is most potent security penetration and exploit development platform, while KARMA is a potent Evil Twin (Honeypot) tool with attracts unassuming wireless clients. With this integrated tool, it is all the more easier to establish wireless connectivity with probing wireless clients and “Metasploit” them.
http://trac.metasploit.com/wiki/Karmetasploit
http://blog.trailofbits.com/karma/

For Secure WiFi, Focus on Addressing Building Block Vulnerabilities …
Posted by Hemant Chaskar on May 21, 2009

… and Don’t Sweat Chasing Hacking Tool Signatures!

You feel pretty good and more secure when you receive that daily signature update from your anti-virus software. I feel the same and why not - anti-virus technology is fundamentally rooted in signature analysis. But don’t make the mistake of applying the same metric to wireless intrusion prevention system (WIPS). Wireless security fundamentally works differently from anti-virus software.

Web attack that poisons Google results gets worse
Posted by AirTightTeam on May 20, 2009

If you did not know about this or if you did not get the latest, you really ought to read Bob McMillan's article in Network World. This is a very sneaky and vicious attack and apparently growing like wildfire. They almost got me but being fleet of foot, I got away. :-)

DoT Regulation on Secure Use of WiFi
Posted by Kaustubh Phanse on May 18, 2009

The Department of Telecommunications (DoT), Govt. of India, has set a June 2009 deadline for complying with its regulation on WiFi security. Here's a position paper that evaluates the DoT regulation and suggests best practices for secure use of WiFi.

MiFi = WiFi on the move!
Posted by Kaustubh Phanse on May 15, 2009

Interesting gadget from Novatel/Verizon that lets you carry your WiFi hotspot with you. You can even share it with your friends. Check this out!

Data Leakage in the Enterprise
Posted by AirTightTeam on May 13, 2009

Today Network World released an interesting real-life case study of data leakage in the enterprise - refer to http://www.networkworld.com/news/2009/051109-data-leak-audit.html?page=1

Wireless Vulnerability Study of 7 Financial Districts’ Airspace Reveals Wi-Fi Security Risks
Posted by AirTightTeam on May 13, 2009

You may want to take a look at AirTight's scans of financial districts in 7 U.S. cities and London. Not a lot of wireless security best practices being used in them. Find the landing page here: Financial Districts Scanning Report

Clarifying the WIDS/WIPS Jargon - Overlay, Integrated etc.
Posted by Hemant Chaskar on May 12, 2009

These days, certain terms are often used to characterize Wireless Intrusion Detection/Prevention System (WIDS/WIPS) architectures – overlay and integrated being most commonly used and that too with variable meanings. This post explains what these terms mean or should mean to be consistent with fundamental underpinnings of WIDS/WIPS architectures and functions.