Tag Archives: 802.11n

Thoughts After Passing the CWSP PW0-204 Exam

After putting it off until the very last moment, I finally wrote and passed the Certified Wireless Security Professional (CWSP) PW0-204 exam. This was important since it had been almost 3 years since I passed the CWSP (PW0-200) exam and my credentials were set to expire on the 25th of June. Crisis averted! With the exam out of the way, I thought it would be worthwhile to share some thoughts on my experiences while preparing for it.

In no specific order, here are a few things I found very interesting about my time studying for PW0-204: 

  1. Wireless security was much less complicated 3 years ago. When I took the PW0-200 exam, I didn’t have to know anything about 802.11n, 802.11k, 802.11w, or 802.11r. All of these, now ratified, IEEE standard amendments come with their own set of additional security settings and concerns that must be taken into consideration when securing a WLAN. Continuing to educate yourself and staying on top of the latest industry developments is the easiest way to ensure that a certification’s body of knowledge doesn’t leave you behind.
  2. Experience in the field helps immensely with this exam. When I first wrote the PW0-200 exam, 3 years ago, I had a great interest in the subject but very little real-world WLAN experience. This time around, after living and breathing WLANs for 3 years, I found I was able to quickly skim or review a lot of the CWSP Study Guide since I deal with 802.1X/EAP, PKI, and WIDS/WIPS solutions quite frequently in my role as a security consultant. In my opinion, the CWSP certification is a great example of an exam that goes beyond ‘textbook studying’ and really tries to incorporate lessons that can only truly be learned through hands-on experience. Certifications like that rock because they signify practical/useful knowledge instead of just the ability to memorize answers for a test.
Next Step

Keeping my existing CWNA and CWSP credentials was just stop number one on this journey. With that out of the way, I’m now beginning my assault on the Certified Wireless Network Expert (CWNE) designation. Last time I check there were less than 100 CWNEs globally so it’s definitely going to be a challenge. I have to pass both the CWDP and CWAP exams first. Wish me luck and I look forward to posting my thoughts and insights on my next exam this summer.

Dan C.

 

Customers May Always Be Right but Clients Are Often Wrong

That’s right, you read the title correctly. This blog post is all about how many of the clients I have dealt with in the past few years have been the source of countless headaches and hours of frustration. Of course, in this case, I am referring to wireless clients such as laptops, smartphones, and handheld scanners. You didn’t think I was actually referring to people did you?

Designing, implementing, and securing wireless networks can be both rewarding and frustrating at the same time. On one hand, each engagement gives me the opportunity to help an organization experience the awesomeness that is mobility. On the other hand, there is a moment in almost every deployment where I end up scratching my head and saying: “Well that doesn’t make any sense”. The latter of the two situations usually results in large amounts of research, troubleshooting, tweaking, and testing to determine the cause of the issue and resolve it. More often than not, the source of the issue is the wireless client’s supplicant or drivers and not the configuration of the WLAN itself.

Wireless client vendors and software designers have a lot of latitude in the way they design their products to interact with a WLAN. It’s because of this design latitude that we end up with some pretty interesting WLAN connectivity and performance issues. In no specific order, here a few issues for which you might want to start your investigations at the client level instead of jumping right into tweaking your WLAN configuration:

Loss of connectivity when roaming between access points

Your first impulse might be to conclude that you don’t have a strong enough signal and start dropping in additional access points. While this could actually be the case, it is just as likely that the issue lies with the capabilities, or lack thereof, on your wireless client. It’s up to the client to decide when it is time to roam to another access point. Some will roam more aggressively than others and some tend to ‘stick’ to an access point for much longer than they should. To make matters worse, there are latency issues introduced during roaming depending on if the client is using PSK or 802.1X/EAP. You should spend some time researching and testing your client capabilities to ensure that you take latency and roaming requirements into consideration when designing your WLAN. Additional research subjects: Opportunistic Key Caching (OKC), 802.11r-2008, 802.11k-2008

Random loss of connectivity

This is a tough one. When your clients are randomly dropping their connections, you could have any number of issues at play. Some questions you might ask are: Is it happening to just a single client or all clients? If it is happening to a few clients, are they the same hardware and software versions? I’ve been involved in quite a few engagements where the final solution to this particular issue was simply to upgrade the wireless drivers and/or supplicant being used on the client. For some reason, wireless drivers never seem to be included in any kind of regular update cycle. Maybe it is time to start thinking about changing that?

“I feel the need for speed”

You’ve got your new whiz-bang, 802.11n, faster-than-light WLAN deployed but your wireless clients just don’t seem to achieve the speeds you thought they would. You’ve inspected the specs and your card is definitely an 802.11n-capable card. So what is the problem? First, ask yourself: Are all clients under-performing or just some of them? If all clients are under-performing then you might actually have some issues on the WLAN/LAN side to work out. However, if it is only some clients that leave you completely underwhelmed then you might need to dig a little deeper to see what your clients are actually capable of. Not all 802.11n clients are built equally. Some can only do a single spatial stream, some can do two, and newer clients can do three. Some might have issues with packet aggregation, block ACKs or channel bonding. All of these factors will have an impact on the connection rate and actual throughput you experience. Your client might actually be performing incredibly well and you are just pushing it too hard like an overbearing parent at a little league game. A good place to find out what your client is actually capable of is the Wi-Fi Alliance’s Certified Product Database.

There are many more examples that could be given but I think you get the point. WLAN connectivity and performance issues are quite commonly caused at the client end of the connection and not on the infrastructure side. We spend so much time planning and configuring the WLAN infrastructure that we sometimes forget that clients are a big piece of the WLAN puzzle. It’s as true for WLANs as it is in business: spending the time to fully understand your client is never a waste of time.

Dan C.

Have a question, comment, or something to add? Please feel welcome to leave a note in the comments section below.

Aruba Networks CEO Talks Mobility with NCI

A few days ago I was given the opportunity to sit down with the CEO of Aruba Networks, Dominic Orr, and a few members of his Canadian team. While the swordfish was great, I thought the conversation was even better. Listening to and discussing thoughts on the future of mobility with a team of like-minded individuals is an amazing way to spend an evening.

Here are some quick points and discussion summaries from the evening:

  1. Wireless networking and mobility is growing at an incredible rate (no surprise there). With the ever growing number of devices that are ‘wireless only’ it is more important than ever to start planning your mobility strategy. That means immediately. Not tomorrow, not next week, immediately. You don’t want to be caught in a reactive stance when your environment gets hit by the tidal wave of BYODs.
  2. It’s great to see that one of the top players in the wireless/mobility space is making a conscious effort not to leave smaller clients behind during this period of enormous market growth. Solutions like Aruba Instant allow SMBs to take advantage of enterprise-level features without going over budget. Mobility is primed to be a game-changer for everyone; not just the richest companies.
  3. Starting now, or in the very near future, context will be king. It is no longer good enough to only plan for coverage, capacity, or even secure access. To take full advantage of mobility, you will need to start providing coverage, capacity, and security based on the context of the individual users and devices connecting to your network. Using identity, device type, time, location, and application usage as the context in which you create your policies will allow for optimal, secure, and efficient use of wireless networks and mobility in the workplace.

Overall, I left that dinner feeling energized and excited about the future of mobility. Am I ready to cut all of my cables right now? No. However, as more and more device manufacturers take the option of a wired connection away, it is comforting to know that networks are set to adapt and offer a far more customized level of service than ever before.

Dan C.

What are your thoughts on the future of mobility? Do you need help developing your strategy? Leave a comment or contact us directly and let’s start the discussion.

 

Full Disclosure: NCI is a partner/reseller of Aruba Networks.

Wireless Networking for the Rest of Us

Wireless networks are everywhere and have become a part of our everyday lives because they allow people to remain connected without sacrificing mobility.Their popularity really skyrocketing in the past six months and I couldn’t be happier about that since I am a bit of a wireless junkie.  

I think a large contributor to the success of wireless networking is their relative ease-of-use. It is very easy for someone with very little wireless knowledge to setup and connect to a basic wireless network; this makes them very attractive.  Unfortunately, it is the apparent ease-of-use that masks the fact that wireless networks are incredibly complex and that they require a lot technical skill and planning to fully understand and deploy properly. With that in mind, consider this my first post in a series designed to explain the inner-working of wireless networks in language that anyone can understand. Basically, I want to take the technical-mystery out of wireless networks and help people understand how they work.

The remainder of this post is actually a republishing of a post I created for my, now retired, personal blog several months ago. Posts to follow will contain explanations of how antennas work, understanding radio frequencies (RF), and authentication and encryption. Without further ado, I give you “What You Thought You Knew About Your New 802.11n Router”: Continue reading