Cisco Systems is announcing a new set of features that enhance its HDX (High Density Experience) suite. This blog is the fourth in a series that explains the new features that comprise the enhancements to HDX.
The first three blogs in the Enhancing HDX series are here and here and here.
The rapid and massive adoption of Wi-Fi into handheld devices has created new challenges for managing a wireless network.
As a consequence, the traditional view of a rogue Access Point has to change. The advent of mobile APs and Wi-Fi Direct (client to client networking without requiring infrastructure) means that rogue devices don’t need to be “connected” to the infrastructure in order to create a potential for nuisance.
Effectively these capabilities mean that “Bring Your Own Device” (BYOD) may also mean “Bring Your Own AP” or “Bring Your Own Network” and therefore “Bring Your Own Interferer”. Thus the threat from a rogue becomes less about security and more about consuming excessive air time (a so-called “spectrum hog”) thus degrading performance in the WLAN. This can be especially troublesome in high density pubic venues but can also be problematic in enterprises.
So in addition to Cisco CleanAir (which mitigates and reports on non Wi-Fi interference) and RRM (which primarily prevents self induced neighboring AP interference via DCA and TPC for the entire WLAN) Cisco is effectively merging aspects of both of these solutions in order to provide improved mitigation of Wi-Fi that is not affiliated with the production WLAN.
Accounting for rogue Wi-Fi interference is accomplished by configuring a trigger threshold for ED-RRM. This is effectively a severity indicator so that the affected access point that has ED-RRM is additionally triggered by Wi-Fi interference.
Since rogue severity is now added to the ED-RRM metrics, this provides the capability of a faster channel change than the typical DCA cycle. In other words, if a rogue is interfering with airspace, then instead of waiting until the next DCA cycle to elapse, change the channel as quickly as possible. This is the same behavior as for mitigating non-Wi-Fi interferers with Cisco CleanAir technology.
Since Wi-Fi interference is becoming more prevalent, rogue APs that are serving traffic to clients (e.g., mobile APs) or client devices creating networks in real time means that air quality will be affected. Wi-Fi needs to be prevented from becoming a problem by reacting to the presence of client devices that are legitimately acting as independent, unaffiliated networks.
Please feel free to comment, share and connect with us on Facebook, Google+ and !
Tags: byod, Cisco CleanAir, Cisco Mobility, ED-RRM, HDX, Mobile APs, RRM, wi-fi, wlan
Controlling the wireless network can some times feel like trying to stop a river. Employees, customers and vendors have their favored mobile devices and they want to be able to use them for work and play. The momentum for this trend is strong and the promise of productivity high so it’s becoming increasingly difficult to fight this trend. As a result, companies are opening their network to guest traffic.
As you well know, this new openness isn’t without risk. The devices that people bring may not always be productive. And sometimes those devices become rogues that can impact network performance and security.
Let’s be clear that not all rogue devices have evil in mind. In fact, many employees innocently bring their own IP cameras and personal hotspots to “help expand” the capabilities of the network. At a minimum, these rogue devices can cause interference that degrades overall network performance or prohibits critical devices from connecting to the network.
The greater danger is that these rogue devices are the weak link that enables a hacker to breach network security. A hacker can tag onto a tethered personal hot spot for easy entry into the network or can sit outside the venue to gain access.
Whatever the intent of the rogue device, it’s critical that you have a solution that leverages location information to identify and mitigate these rogue devices before they compromise your network.
Omaha World-Herald, one of Warren Buffet’s Berkshire Hathaway companies, uses the location capabilities of Cisco Mobility Services Engine (MSE) to ensure rogue devices don’t derail its many offices. Using Cisco’s location and adaptive WIPS capabilities, Omaha World detects rogue devices in real time, determines their location, and mitigates the threat. Read More »
Tags: Cisco Adaptive WIPS, Cisco Aironet 3K modular access points, Cisco CleanAir, Cisco Mobility, Cisco Mobility Services Engine, mse, Wireless Threats
Cisco Systems is announcing a new set of features that enhance its HDX (High Density Experience) suite. This blog is the third in a series that explains the new features that comprise the enhancements to HDX.
The first blog in the Enhancing HDX series is here. The second blog in the Enhancing HDX series is here.
What is 802.11v? What is BSS Transition Management? Why are these Important?
In this blog, two different series are intersecting: Enhancing HDX and the series looking at the lesser known but undeservedly underappreciated amendments to 802.11 and the features/benefits they provide.
Previous blogs briefly explained the basics of 802.11k “WLAN Radio Measurements” and specifically zoomed in on the Neighbor Request/Report and also explained the basics of 802.11r “Fast BSS Transition”
This blog will briefly explain the basics of 802.11v “Wireless Network Management” and will also explain how 802.11k Neighbor Request/Report and 802.11r “Fast BSS Transition” can provide a “better together” solution with 802.11v. It also explains where it fits in with High Density Experience (HDX).
Wireless Network Management (802.11v)
Wireless network management (WNM) enables devices comprising the WLAN to exchange information with the goal of improving the quality of experience when using the WLAN. Network administrators benefit from using WNM by having additional ability to fine tune the WLAN in order to provide improved reliability of services to their end users and the end users benefit in turn from using a WLAN that has been designed to provide more than mere connectivity.
Client devices and infrastructure may both use WNM to exchange operational information so that both clients and infrastructure have additional awareness of the WLAN conditions. That awareness can help provide a firm foundation for self-correcting events and actions to be implemented. In other words, WNM isn’t about being a “control freak”; it’s about raising the bar in the Wi-Fi ecosystem so as to create better Wi-Fi networks.
But not only does WNM provide information on the state of network conditions, it also provides a means to exchange location information, supports efficient delivery of multicast (group addressed) frames, and enables a power savings mode in which a client can sleep for longer periods of time without receiving frames or being disassociated from the AP.
Given this, it can be easily appreciated why WNM has often been described as a “kitchen sink” of features. This blog won’t take the time to go through each and every feature introduced in the 802.11v amendment. But in order to emphasize the potential richness of the feature set, the following is an alphabetized list:
The remainder of this blog is going to focus on BSS Transition Management. Future blogs will cover other aspects of 802.11v.
BSS Transition Management Read More »
Tags: 11v BSS Transition Management, 802.11v, Cisco Mobility, ESS, Extended Service Set, HDX, high density experience, optimized roaming, Voice-over Wi-Fi, Wireless Network Management, wlan, WNM
Cisco Systems is announcing a new set of features that enhance its HDX (High Density Experience) suite. This blog is the second in a series that explains the new features that comprise the enhancements to HDX.
5 GHz is a great place to operate a WLAN. There is ample spectrum, and it’s far less crowded and noisy than 2.4 GHz.
However, the majority of 5 GHz spectrum is shared with radar (for both weather and military systems). Therefore, Wi-Fi Access Points not only need to detect radar in order to avoid interference but also need to avoid being an interferer to these systems.
This procedure is commonly referred to as DFS or Dynamic Frequency Selection.
For DFS operation, if radar is detected on a channel then the AP must abandon that channel from further operation for some minimum amount of time. Furthermore, the AP must ensure that any new channel it selects for operation is free from radar (and that detection also requires a minimum amount of time).
Finally, accurate detection of radar (i.e., avoiding false positives) also requires a lot of skill. Compounding the issue are many devices that emit “radar like” transmissions (including Wi-Fi clients and APs doing proprietary over the air detection and calibration).
As a result, many equipment vendors simply take the easy way out and avoid use of the channels requiring DFS.
Cisco believes it has the best DFS solution in the wireless industry and that it only gets better with a new feature we’re calling Flexible Dynamic Frequency Selection (or for short, FlexDFS). Read More »
Tags: Cisco Mobility, DBS, FlexDFS, HDX, high density experience, wi-fi, wlan
It’s a familiar scene – people sitting in a coffee shop or waiting room, fiddling with their mobile phones – punctuated by a single question. “Do you have Wi-Fi?” As Wi-Fi has become ubiquitous in everyday life, customers have come to expect some level of access when visiting businesses – from coffee shops to hospitals, from waiting areas to public parks.
Guest access has becomes an essential – almost required – service for practically every business, and, as technology has advanced, their guests expect easy access and a fast connection. Often times, such services present a pricey proposition to many smaller organizations and cost-conscious institutions. In response to this, the Cisco ISE team is pleased to announce the release of Cisco ISE Express, a comprehensive licensing bundle that offers Enterprise-level guest services – including hotspot, sponsored and self-registration portals – and RADIUS/AAA for access at an aggressive, entry-level price.
ISE Express is a complete package for guest access, and it’s fast and easy to get it up and running in your network. The bundle includes Cisco Identity Services Engine (ISE). Base licensing for 150 endpoints, an ISE virtual machine, unlimited access to the ISE Portal Builder, a web-based portal customization tool, and a quick installation guide. Cisco ISE includes native design capabilities that allow you to quickly design a portal by adding images (e.g., logos and banners) and selecting a color theme to match a corporate brand. Included with ISE Express is unlimited use of the ISE Portal Builder, a web-based tool that allows users to create highly customized portals in 17 different languages with a suite of 10 designer templates that are easily customizable and easily exportable to Cisco ISE. Read More »
Tags: AAA, Cisco Identity Services Engine, Cisco ISE Express, Cisco Mobility, RADIUSS, wi-fi