Cisco Blogs


Cisco Blog > Channels

Cisco Unified Access: Helping Partners Reduce Complexity and Maximize Productivity

Today, Cisco announced the latest additions to our Unified Access portfolio to enable One Network for wired and wireless access. I’m personally excited about this because it is finally closing a loop we started a year ago when we introduced Cisco Unified Access with One Policy, One Management, One Network. Now Cisco and partners can offer a truly converged wired and wireless experience.

Let’s take a look at what’s new and how these solutions present an excellent opportunity for you to help meet your customers’ needs.

What is being launched? Read More »

Tags: , , , , , , , , , ,

MSE Blog Series Part 1: How to Optimize Your CleanAir Experience

This is the first in series of blogs discussing various features of the Cisco Mobility Services Engine (MSE), an integral, yet often overlooked component that can turbocharge your existing interference detection capabilities. This post describes MSE and how it can help locate interference in your wireless network.

So you have a CleanAir Solution comprised of top-grade, enterprise-class Cisco access points and controllers: finally, a network of minimized interference.

But what happens when a rogue device intrudes on your peaceful network? How can you maintain crisp, fast wireless performance?

Luckily for you, the enterprise-class wireless experience enabled by CleanAir technology can be further enhanced and maintained with Cisco’s Mobility Services Engine (MSE).

MSE is a platform on which you can run services like Context Aware Service (CAS), Wireless Intrusion Prevention Service (wIPS), and Mobile Concierge, all of which are services that can help in monitoring your wireless infrastructure. Designed to integrate with existing CleanAir infrastructure, MSE is a ground-breaking technology that allows network administrators to achieve extremely high quality, interference-less wireless performance.

How exactly does it do this?

Read More »

Tags: , , , , , , , , , , , , , ,

IPv6 at CiscoLive! San Diego

Twice a year, I get to experience a peculiar mix of stress and satisfaction that comes from participating in the design and operations of internal networks for the (US and European) CiscoLive – networks these events depend upon.

My role is vital to the efficiency of the whole system, but certainly not glamorous. If I were to compare the CiscoLive network with a dental office, I’d be the technician that only fixes the upper-right tooth – and ensures you continue to breathe well. More specifically, I’d be working on “the number 6 molar” – because I deal with the client-facing setup of IPv6, and the monitoring of all the related dependencies and results.

Read More »

Tags: , , , , ,

Take the BYOD Challenge and Win a Trip to the 2012 London Olympic Games!

Come watch a special edition TechWiseTV, featuring Ike, to learn how Cisco takes you Beyond BYOD. Take the BYOD challenge for a chance to win a trip to the London Olympics or other fun mobility gadgets.

Today’s enterprise mobility requirements go beyond simply connecting mobile devices. It’s about securing any access, simply managing the complexities while scaling efficiently, and ensuring an optimal user experience while easing the IT burden. Gallant Ike does all of this and more with Cisco Enterprise Mobility Solutions.

To participate, here is what you do:

  • Visit http://www.cisco.com/go/challenge
  • Watch the 20-minute video featuring TechWise’s Jimmy Ray Purser and Robb Boyd with IKE
  • Take the Challenge!  Test your knowledge and answer 10 questions. You just may win!

Good luck!

Tags: , , , , , , , , , , , , , , , ,

802.11i, Authentication and You

January 4, 2012 at 5:00 am PST

Not too long ago I was assigned to a troubleshooting and remediation project for a hospital here in the SF bay area. The problem, after much troubleshooting and lab recreations, was determined to be due to an unique issue with client roaming and authentication. During the course of troubleshooting my coworker and myself often found ourselves explaining 802.1X and 802.11i to others working on the troubleshooting effort, or requesting technical updates. So based on that experience, I started thinking this might a be a good topic to cover here.

Let’s review the some of typical components of the enterprise wireless security model.

What is 802.1X?
802.1X is not a protocol, but rather a framework for a “port-based” access control method.  802.1X was initially created for use in switches, hence the port-based terminology, which really doesn’t fit too well in wireless since users don’t connect to a port. In the end it’s meant to be a logical concept in the 802.11 world.  802.1X was adopted for wireless networks with the creation of 802.11i to provide authenticated access to wireless networks. At a high level. the framework allows for a client that has connected to the WLAN to remain in a blocked port status until it has been authenticated by a AAA server. Essentially the only traffic allow through this virtual blocked port is EAP traffic, things like HTTP would be dropped.

What is EAP?

EAP  (Extensible Authentication Protocol) is the authentication method used by 802.1X. It can take on various forms, such as PEAP, EAP-TLS, EAP-FAST, to name a few. There is one thing to remember when determining what EAP type to use in your network, is that it is dependent upon what your client and AAA server supports. This is it, your AP or AP/Controller hardware or code version will play no part in version is supported. Unless your AP/controller is acting as the AAA server, but I’ll stay away from that in this post. I think this can be a point of confusion for people who haven’t read much or anything about EAP methods. So, if some one asks what version of EAP the AP will support, all you need to do is ask them, what does their Client and AAA server support.

What is 802.11i?

Simply put, 802.11i is an amendment to the original 802.11 standard to address the well documented security short comings of WEP. It incorporates WPA  as a part of the 802.11i amendment and adds the fully approved WPA2 with AES encryption method. 802.11i  introduces the concept of a Robust Security Network (RSN) with the Four-way handshake and the Group key Handshake.

Read More »

Tags: , , , , , , , , , , , , , , , , , ,