Cisco Blogs


Cisco Blog > Mobility

Guest Blog: Migrating High Density University Networks to 802.11ac

Editor’s Note: This is a guest post by Joe Rogers, Associate Director of Network Engineering for the University of South Florida (USF). Hear Joe speak about his experiences with next-generation wireless in high density environments on next Tuesday’s webinar:  ”Migrating Enterprise Networks to 802.11ac” at 10am PST (Dec 17) (Register here)

Joe RogersJoe Rogers is the Associate Director of Network Engineering for the University of South Florida.  He is a graduate of USF’s Computer Science and Engineering program and has worked as a network engineer at USF for the past 20 years.  He is currently responsible for all aspects of USF’s network which provides connectivity to over 100k devices across three campuses.  He’s held a CCIE routing and switching certification since 1999.  When not working, he’s an avid mountain biker (if you can call it “mountain” biking when you live in Florida).

—--

Universities face some of the most complex design challenges in wireless networking.  Our user population is highly mobile, bandwidth-hungry, and often simultaneously using at least two wireless devices in rooms with hundreds of their classmates.  The wireless network isn’t simply a convenience to them.  It’s critical to their educational success as many of the students are taking tests or working on assignments across the network.

At the University of South Florida, we support over 20,000 concurrent wireless users on our network of over 4,000 access points.  We have more than 90,000 unique devices registered this semester.  Our biggest challenge is designing the wireless network for the device densities in our large classrooms and popular study areas.  In these locations, we often have a thousand devices in a few hundred square feet of space.

We heavily rely on band select to place as many devices as possible on 5Ghz where more channels are available.  Unfortunately many devices such as older tablets and smart phones simply don’t have an 802.11a/n radio.  So we must carefully RF engineer the environment with smaller cells to provide the necessary coverage density. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , ,

An Architectural Approach to Location-Based Services

When was the last time you looked at your mobile device? Minutes ago? Seconds ago? We can’t seem to live without them, and in the consumer space, new mobile services are popping up it seems faster than your Twitter feed can handle. Below are mobile consumer services trends from the latest VNI Service Adoption Forecast (2012 – 2017) – you can see Mobile SMS, Mobile Commerce, Mobile Video, and Mobile Social Networking are on the rise, as is the number of devices per consumer.

cmxarch

Many organizations are looking for ways to leverage this upward trend in mobility and innovative mobile services for business benefit – whether it be for increasing customer satisfaction and communicating how the general population wants to receive communication, or offering Wi-Fi so users are able to consume the mobile services they want.

Cisco has made a big investment in mobile location-based services (LBS) over the past year with the introduction of the Connected Mobile Experiences (CMX) solution. CMX enables mobile users to adopt new innovative mobile services with an added benefit of relevance. Businesses can conduct mobile commerce, send texts, extend mobile video, or integrate mobile services with social media now based on the user’s location. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Enterprise Connect Recap: Smart Desk Phones, WebEx, TelePresence, and More!

April 9, 2013 at 3:48 pm PST

In March, I make an annual journey from Dallas to Orlando – not to visit that famous mouse or take a Spring break.  No, I am there with thousands of IT, telecom, and networking professionals who have descended upon Orlando to attend Enterprise Connect, the leading conference and expo on enterprise communications and collaboration.

This year, both Jimmy Ray and Robb (along with the amazing TechWiseTV crew) joined me to capture all of the excitement, announcements, and cool demos.

 If you missed the conference, don’t fret.  We have all of the highlights here!

First, I caught up with Rob Lloyd immediately after his keynote to get the scoop on the Internet of Everything and how it will impact businesses. 

Read More »

Tags: , , , , , , , , , , , , , , ,

Cisco Enables Beyond Bring Your Own Device for the Healthcare Industry

Beyond BYOD

Cisco Systems is announcing a next-generation solution to address an increasingly complex and common challenge in healthcare settings: the need to assure high security and patient privacy, while enabling fast, role-appropriate clinical data access for providers, with seamless connectivity across a diverse array of (mobile?) devices – all at once.

The new Cisco offering is dubbed Beyond BYOD – “BYOD” standing for “Bring Your Own Device.” It enables a healthcare organization to set up and administer secure, unified, any-device access across its entire network – including wireless, wireless LAN, cellular and VPN elements.

Healthcare information infrastructure has been challenged in recent years by an increasingly distributed healthcare delivery model, the rise of electronic patient records and privacy concerns, and the explosion of mobile devices entering hospital networks. Physicians and healthcare staff are driving demand for immediate provisioning of their personal devices from smartphones, to tablets, and notebooks for use in the workplace and integration into the clinical workflow. Indeed, there are over 4000 applications specifically dedicated to the healthcare industry and a Forrester study found 41 percent of personal devices are used to access business applications.  Doctors, administrators, patients and their families all have rationales for accessing an information system – and each is likely to bring a unique device profile. Preference for their own personalized hardware over standardized, workplace-issued devices combined with the inherent need by  medical professionals for anytime, anywhere connectivity – challenges network solution providers to keep up by offering true borderless networks: secure systems that are easy to use and accept all kinds of connection-ready hardware.

Beyond BYOD from Cisco answers the call by delivering healthcare providers, patients and visitors access from any device in any healthcare space, a unified policy across the network, an uncompromised user experience, and simplified IT operations.

The BYOD challenge has confronted IT managers in the healthcare sector for some time, but Beyond BYOD goes beyond simple device acceptance. Cisco has taken a new, holistic approach to managing borderless networks. The result is a top-down, comprehensive approach that can deliver a high-quality experience while allowing management of complexity and scale for healthcare organizations of all sizes – not just the large-scale enterprise.

Beyond BYOD features:

  • A new “Identity Services Engine” (ISE) that helps users introduce personal devices to a workplace network and configure an appropriate access level without hands-on assistance from IT.
  • A new, scalable approach to WLAN infrastructure that supports rich media sharing. It’s IPv6-optimized for seamless roaming without drops and enhanced security. IPv6 compatibility is critical to next-generation BYOD strategy: Cisco VNI predicts 71 percent of smartphones and tablets – 1.6 billion in total – will be IPv6-capable by 2016.
  • Simplified IT operations through a new Cisco management platform, Prime Assurance Manager 1.1, which affords thorough real-time, network-wide views of application performance. A companion management tool, Prime Infrastructure 1.1, aids planning and deployment of Cisco infrastructure.

Beyond BYOD represents a new, more strategic approach to healthcare information network management – one that acknowledges and enables user preferences while anticipating future demands and developments.      

To learn more, click here:  http://www.cisco.com/en/US/prod/collateral/wireless/ps6302/ps9798/ps11716/at_a_glance_c45-703759.pdf

Tags: , , , , ,

Healthcare BYOD users, beware of the uninvited guest!

There are some interesting security developments on the BYOD front that may present serious HIPAA challenges for healthcare delivery organizations.  If you’re not following the story I’ll give you the quick summary.   Security consultant Trevor Eckhart discovered monitoring software from Carrier IQ on his Android based smart phone.  The software which he could not disable was placed there by the cellular carrier in an effort to monitor and enhance the end user experience.  His testing reviled that the software was able to log keystrokes, URL’s, GPS location and SMS text messages amongst other items.  All of the juicy information that is collected encrypted and uploaded to the carrier or manufacturer for “analysis” – NICE!

 The seriousness of the issue sparked a federal probe with Senator Al Franken sending a request to the software vendor, manufacturers and cellular carriers asking for specific details of the monitoring software capabilities and how the information collected is being used.   Many of the responses received to date raised many more questions than they answered. 

By the time you read this, the holiday season will be behind us.   The second longest post-holiday line over the dreaded Toys-R-Us return line is likely to be in front of the IS Support desk come “Monday Morning”.  All the Cindy Lou Who’s will be in line asking that their smart device be given access.      

It will be interesting to see the statistics, but I suspect that in comparison to previous years, it’s highly likely that many more BYOD smartphones and tablets will enter the healthcare environment.  One of the top care about for CIO’s is to provide rapid provisioning within their organization.  This is great, but I often wonder if responding to the demand could result in cutting the proverbial corner without knowing it!

Given the need to deploy a wide variety of BYOD devices quickly and securely, the healthcare Chief Security Officer (CSO) certainly has their job cut out for them these days.  The shire volume of consumer devices entering the enterprise environment raises some serious questions as to their readiness, especially in regard to security and privacy – add ePHI and the responsibilities of covered entities and you have some significant reason for concern.  Perhaps before a healthcare system adopts a BYOD policy, one should consider the ramifications of allowing the wide range of consumer devices (and contracted carriers) to access protected resources.  I’d suggest that it’s certainly time to consider the use of an enterprise ready device – one such as the Cisco Cius where you can control key aspects related to maintaining security and enhancing the user experience.

Cisco Cius with AppHQ is an Enterprise Ready Tablet

First, with the monitoring software described, don’t assume that your security policy by itself is sufficient.  Remember this software, as with others to likely follow, are key loggers.  Such applications by definition capture each and every keystroke and button press regardless of the application or transport/network encryption being used.  Many CSO’s may incorrectly conclude data loss is impossible given the use of VPN technology.   Likewise some will conclude that their adoption of VDI assures that the data stays local to the healthcare system and not to the device.  While partially true, we are effectively talking about keystrokes being logged.  Clearly a physician WILL over time enter data that is classified as ePHI – all nicely collected and uploaded unknowingly to a 3rd party.  Even SMS text messages sent or received by such a device is within scope!

My advice is to stay abreast of this developing story, and in the meantime, take the time necessary to fully understand the ramifications of allowing various devices (and carriers under contract) to access your protected resources.  It’s no longer about robust authentication mechanisms, secure encryption and remote wipes – It’s now much more than that!  Also remember that a device that is classified as “safe” today might not be in compliance after an OS upgrade or application install in the future.  Taking accountability for the device and the applications being loaded onto it by either the user or carrier is YOUR business.  Having a system in place that facilitates YOU being able to control the OS and the applications that are being installed on BYOD devices is a critical objective. 

So make sure that the next time you’re planning a BYOD party that you recognize all the guests being invited – otherwise some valuables in the form of ePHI may be slipping out the back door!

Tags: , , , , , , ,