It is no longer a question of “if” your organization will face the new reality of mobile device proliferation, just an ever closer “how soon.” Users expect the network to enable trends like Bring Your Own Device (BYOD), and they aren’t just using smartphones and tablets to be more productive, they are falling in love with them. For businesses, simply allowing access isn’t the answer. It’s a question of relevant, secure access across the entire network, while protecting corporate assets and delivering an optimal user experience. Cisco focuses on exactly that -- how to enable a simple and secure mobility experience, with a consistent end-to-end architecture across wired, wireless and VPN access.

As a cornerstone of this wired-wireless access architecture, the Cisco Identity Services Engine (ISE) has already been helping customers like Whittier Union High School, San Antonio Water System and BlueWater Communications Group apply consistent security across the entire network through a centralized, single policy source.

Whittier Union High School District, a California high school district serving more than 13,600 students, was facing the challenge of mobile devices. Both faculty and students were bringing their personal devices on campus, many for educational apps and tools.

“It’s becoming increasingly critical to provide employees, students, and visitors access to our network and extensive educational resources given the growing expectations of our tech-savvy population,” stated Karen Yeh, Director of Information Technology, Whittier Union High School District.

Whittier needed a way to apply differentiated policy across their student and staff populations, somehow managing access for both personal and corporate devices, all without increasing IT resources. Karen called Cisco, and two weeks later her team was deploying the Cisco ISE, implementing a single point of security policy for their networks across wired, wireless and VPN. Considering that Richard Nixon, the 37^th president of the US went to Whittier High School, the flexible network access enabled by Cisco ISE may be empowering the next generation of leaders, scientist or artists. But, mobile devices aren’t confined to education. San Antonio Water System, a public utility owned by the city of San Antonio, is seeing surprisingly similar issues.

Read More »

Tags: 802.11n, 802.1x, byod, Identity Services Engine, ISE, mobile devices, mobility, network management, policy, security, Smartphones, Tablets, vpn, wi-fi, wifi, wireless, wireless LAN, wlan

So my wife and I recently took a two week vacation to Alaska – without computers or anything but camera’s and our ever important smartphones. I didn’t realize that Marie Hattar, our Segment VP was going to write a blog about the importance of vacations and productivity – see that here. Imagine that, I overachieved via a vacation!

At any rate, back to the vacation – we left on Sunday so Saturday was reserved for clothes washing and packing. Great plan until the motor on the washing machine froze. We ended up Saturday night finishing the wash at her father’s house. Then after the trip (that was fabulous by the way. Everyone needs to take a cruise through the Inside Passage!) we ended up having the repair service visit to confirm the motor was shot (new motor cost more than the washer was worth, so conclusion: buy a new one) and using his washer/dryer for another week. That meant bundling up two plus weeks of wash, carrying it to his house, doing the wash for a few hours, etc.

I was reminded of the challenges a manufacturing company would have due to an unexpected machine breakdown. You have to isolate the problem, get appropriate repairs, possibly upgrade the machine, possibly line up alternate manufacturing capability, etc. I’ve blogged before about the needs for continuing MRO schedules and the importance of properly servicing your manufacturing machines and lines. But how do you prepare for a critical machine that suddenly breaks? Can you rapidly sub out the work? Can you quickly get the machine replaced? What if the newer machine doesn’t fit in the line directly? Read More »

Tags: Alaska, Call Center, CPwE, data center, diagnostic, Ethernet to the factory, innovation, machine builder, Open, productivity, repair, Smartphones, Sustainability, vacation

I read an article recently discussing the advantages and disadvantages of smartcards. I know that there have been quite a few distributed, but it seems to me that the adoption rate and the length of time they have been available are a bit out of sync. I would have thought that we would have many more smartcards, used in more places, being as they werer actually invented in 1968, and were widely used in French pay phones starting in 1983.

Read More »

Tags: government, identity, logical security, physical security, retail, security, smartcards, Smartphones

The devil, as they say, is in the details.

One of the key tenets of engineering is to reduce complexity, but in doing so it is important to understand the implications. While we might try to view one technology as it relates to another to help us simplify the details, it is important that we recognise how and where they differ.

Case in point.

When it comes to wireless networks, I often talk about how there are two questions I dislike being asked more than any others:

1. How many clients can connect to an access point?
2. What is the maximum range of an access point?

The reason is that I believe they are the wrong questions. They are being asked from perspective of someone trying to relate to a wireless network as if it were a wired network. What they are really asking is “how many switch ports do I need to cover this area?”

But wireless networks are not switched networks. While each connected device in a wired network has its own physical cable, and thereby its own gigabit Ethernet link, in a wireless network, every device connected to a particular access point shares the same RF spectrum, the same total available bandwidth.

For a standard access point in today’s deployments, that means a maximum total bandwidth of 144Mbps on the 2.4GHz band with a 20MHz channel and 300Mbps on the 5GHz band with a 40MHz channel using channel bonding.

But that is an over simplification.

Those aggregate bandwidths assume each client is connected at the highest available data rate. As we increase range, however, the data rate decreases, thereby reducing the overall channel utilisation. Therefore, with fewer access points, we are not just sharing a limited amount of bandwidth with more clients, but we are actually reducing the total available bandwidth.

Interference, particularly as access points cover larger areas, becomes an even greater issue. An increase in the signal to noise ratio leads to a decrease in the maximum sustainable data rate. This again reduces the overall channel utilisation.  The key here is that a wireless network’s ability to not only detect, but where possible mitigate interference is critical to its ability to sustain higher data rates and maximise the total available bandwidth in each cell.

All this assumes that the wireless clients connecting to the network are even capable of supporting those high data rates.

Most smartphones on the market today support only 802.11g in the 2.4GHz band, meaning that at most they can support 54Mbps.

Newer devices, such as the iPhone 4, support 802.11n, but only in 2.4GHz, and only with a single antenna, limiting them to a single “spatial stream”—in simple terms that means the maximum data rate they can support is 72Mbps.

This applies to tablet devices as well. While the new iPad2 supports 802.11n in both the 2.4GHz and 5GHz band, it too is limited to a single spatial stream. The Cius goes one step further with support for channel bonding in 5GHz, increasing the maximum data rate to 150Mbps.

Interestingly, we are now starting to see new access points enter the market using Atheros’ first-generation silicon supporting three spatial streams. While this increases the maximum data rate in the 5GHz band to 450Mbps, as we have just seen, this will have no impact on the multitude of mobile devices given their single spatial stream limitation.

Three spatial streams represents a key milestone for the 802.11 standard, and will become increasingly important over the next 2 to 3 years as battery technology improves and wireless chipsets incorporate better power saving designs. Of course, by that time we will be looking at access points supporting four spatial streams and 600Mbps—and again, be waiting for the mobile devices to catch up.

Adding to the complexity in all this are the applications these devices are running across the network. From FaceTime and Skype, to Business Video and Personal Telepresence, voice, and video in particular, are replacing data as the primary traffic type. However, the wireless networks that have been built over the last several years were not designed for voice and video, and certainly not at the device densities we are now seeing.

As we look to support these many different mobile devices entering the market today along with their high bandwidth applications, clearly the two key areas we must consider in our wireless network designs are access point density to control cell sizes, and interference detection and mitigation capabilities to ensure that we maximise the channel utilisation in each cell.

And so, I’d like to propose two different questions to consider at the start of a wireless deployment:

1. How many different devices do you expect to connect to the wireless network?
2. And what are the applications that will run across the network and what are their associated bandwidth requirements?

Wireless and wired networks fundamentally differ at the physical layer. While its not necessarily important to understand the details of RF communications, it is important to understand the implications.

RF Matters.

Stay mobile. Stay secure.

—Mark

Tags: Cius, cleanair, Consumerization, iPad, iphone, mobility, Smartphones, Tablets, wireless