One of the cool new AMP features for 5.1 - which continues to spread across the site for 5.2 and 5.3 - is pagination. It’s something that a lot of our customers have asked for, but it’s also something that generated a few support calls.

When you load a page in AMP like Reports–>Generated AMP shows you a list of all of the items on the page. When that’s a very long list — like all of your reports, or all of the APs in AMP — the page can take a long time to load. Beginning in 5.1 we’ve begun to paginate lists in AMP. That means that big pages can take a lot less time to load. This will continue in 5.3 and beyond.

Now the reports page has a pagination bar at the top. It includes the number of reports displayed on the first page (1-20) and the total number of reports available, as well as the total number of pages of reports and navigation toggles to move between pages. It looks like this:

What some of our customers didn’t realize is that you can still see all of your reports on one page — some people really find that useful. All you have to do is click on the number of reports per page, which is a blue link. That will give a dropdown menu that gives you the option to show other numbers of reports per page, including all records on one page.

We’ll continue to paginate more lists in upcoming AMP releases, and we’re also working on a way to set pagination preferences so AMP will remember how many reports you want displayed per page.

Senior AirWave engineer Jeremy Haltom discusses what he is advising actual customers in the field interested in 802.11n to do to prepare their networks for this high-speed wireless:

• how to baseline the WLAN
• The implications of 802.11n’s higher speed and wider coverage
• Impact on client devices
• Infrastructure life cycles and replacement schedule (and their cost implications)

Click to view the “Capacity Planning WLANs: How to Get Ready for 802.11n” webcast

802.11n continues to be the hot topic in the WLAN industry and it’s only going to get hotter. I highly recommend reading eWeek’s “10 Things You Should Know About 802.11n” slide show to get a good grasp for what you are in for if you plan on deploying any time soon.

Along those lines, I was talking with a customer this week about their future WiFi roll-out plans. This customer has been using the AirWave software to manage their network for about 3 years. They are managing about 450 autonomous APs that cover their libraries, class rooms and some other public areas. They’ve recently announced plans to add an additional 450 devices. They have chosen a controller based architecture for this roll out and will be using a/b/g/n APs. Over time they hope to phase out the legacy devices but believe it will take some time.

This multi-standard environment is going to be typical for at least the next 1-2 years.

After spending time with hundreds of customers over the last couple of years, I’ve noticed a lot of issues regarding SNMP configuration and login credential on access points and controllers.

It’s surprising how many companies are still using ‘public’ and ‘private’ as their production strings!  Since these strings are passed as clear text on the network, not only should they be set to something other than the default strings, but they should be changed on a regular basis as well.  Another tactic that I’ve seen customers use is to have different strings for different devices or to have unique strings for devices in different locations.  For more security, use SNMPv3 on all the devices in your network that support v3.

SNMP v1 and v2 are really not much more secure than the way some kings in the Middle Ages sent their secret messages. They would write the message on the bald head of the messenger, let the messengers’ hair grow out, and then send them to the other King.  This is security by obscurity – it’s better than nothing but is not very effective once someone figures out to shave the heads of all the messengers! If you’re sending your SNMP v1 and v2 settings in the clear, a moderately clever intruder might be able to figure out how to get on your network.  Most enterprise-grade WLAN hardware supports SNMPv3 today… make sure your vendor provides it.

Besides, SNMP issues, I see a lot of customers still using the default credentials for login access.  Not changing the factory default credentials on your network devices is like sending out the messenger without even letting his hair grow out!  The best security in this case is to NEVER use the factory IDs and use a centralized user ID and password source.  Also, while you are at it, make sure you disable telnet and HTTP!  There is no sense in setting a secure authentication scheme to just send it out over the network in the clear.

Wireless has recently gotten a lot more expensive for large retailers. I am not talking about the actual costs of devices, but rather about the level of responsibility anyone who processes credit cards is going to have when anything “wireless” touches their network. Retailers have been deploying 802.11 devices for over 10 years, predominately in their distribution centers and more recently in their stores. The inventory applications that they run across the WLAN are mission critical and are valued in the millions of dollars on an hourly basis. Based on the success of these applications in the DC’s, retailers have quickly deployed wireless routers to their stores to run applications like POS, VOIP, and those same inventory systems.

Now with the PCI standard, retailers are being told that they have to do a much better job of securing these devices, the networks they are connected to, and just about everything else that involves credit card or customer data. I am sure most retailers would have thought twice about rolling out WiFi to their stores had these standards been in place 10 years ago. That being said, most of the WiFi infrastructure is already out there and is ingrained into the operations of the retailer and would be hugely painful to rip out. Retailers are going to be forced to do a much more thorough job of inventory and configuration management, use better encryption, and segment their network to keep all of this credit card/user data separate from everything else on their network. Management tools in general are going to be a big help to this industry in the coming months.

One of my favorite parts of working in AirWave customer support is getting to see AMP provide value to our customers in unexpected ways.  Take an email I recently got from one of my favorite customers (he’s a network admin at a university in the Midwest): he noticed one of his APs in a situation that he called “stuck” – it was showing as down in AMP.  However, when he asked his help desk to investigate they used a couple of other network monitoring tools (which will remain nameless) that were able to ping it, and they thought that all was well. 

 He wrote in asking me to figure out why AMP thought the AP was down, with the assumption that it was in fact up, and there was a problem in AMP.  He opened a remote connection for me and I logged in to his AMP, where I noticed that the error message for the AP stated that the device was missing radio cards.  This gave me my first clue:  even if a device is on the network (and pingable), AMP doesn’t consider an absence of radio cards to be a valid state.

 My next step was to take AMP out of the picture all together.  I did an SNMP walk of the command line to check what the device was reporting about its radios:

 # sw <customer IP address> <customer community string> ifDescr

 which returned data that lacked any information about dot11 radios. 

 I then did the same walk for a device that AMP was reporting as up.  The same walk returned data about dot11 radios.

 I wrote back and presented him with my findings, and within an hour or so I got a response – both radio interfaces had in fact disappeared, and he was having the AP replaced immediately.  He also thanked me for help with what turned out to be a rather unusual problem.   

 I think this is a good example of the type of support we strive to provide at AirWave: willing to dig in to a problem and troubleshoot beyond the boundaries of AMP.   And we love unusual problems!

The most common questions we’re asked by folks in enterprise IT these days are: “Should I start switching to 802.11n?” and “What do I need to do to get ready for 802.11n?”

There’s no question that 802.11n is a breakthrough technology that is going to dramatically accelerate wireless adoption by providing more throughput and better performance. At this point, though, there have probably been more 802.11n press releases than entreprise-grade access points shipped. So it’s a little early to be implementing .11n today… but it’s only a few months from reality.

What you really should be doing today is monitoring your wireless network utilization trends over the past several months. The most expensive thing you can possibly do will be to rip out all your existing 802.11abg access points and replacing them with .11n products right away. Instead of this kind of ‘forklift upgrade,’ take a look at your actual utilization patterns and trends: Where are you really approaching capacity? Are you hitting capacity limits regularly or just on rare occasions? Do usage patterns change significantly by time of day or week? Are utilization trends changing rapidly or holding relatively steady?

Your first step should be to figure out where you really need more capacity. Once you know that, you cn figure out an intelligent upgrade schedule. In the meantime, you should also start talking to your device suppliers to figure out when they’re going to start making 802.11n client devices available to you.

Being a manufacturer in the tech industry, we like to throw around big words like “security”, “scalable”, and “flexible”. But what the heck do these things really mean? Our big issue at AirWave is that we are a network “management” solution for wireless LANs. But this word “management” is so overused that anyone outside of AirWave rarely can tell exactly what we do unless we spend 5 minutes breaking it down for them. So let me try to explain all the different types of “management” involved in the wireless LAN arena and exactly what we mean by being a “network management” company.

Management can be broken down into three main categories:

• Data Management
• RF Management
• Network Management

Data Management is about what happens with and to end users packets as they travel over the WLAN and through the network. Data management can include the use of tunnels, authentication and encryption, packet analysis and just about anything that is “in the packet path”. More times than not, when people are talking about this form of “management” they are answering questions like:

• How do you determine who can get on the network?
• What applications are users working with once they are on the WLAN?
• How is the end user traffic being routed on the network?
• What is going wrong at the packet level?

RF Management is about troubleshooting and tuning communications that are truly wireless, usually between an access point and an end user’s client card. This usually has to do with the frequencies being used for communication, protocols within the 802.11 framework, location determining technologies, and other radio specific questions. Many of the advanced (auto-magic) RF features touted by the WLAN switch companies fall into this category including automatic channel setting, load balancing, and fail-over. Questions being answered include:

• How do I prevent interference?
• How can I load balance users across access points?
• What is the right channel for my access point?
• What does my spectrum look like?

That leave us with my personal favorite, Network Management. Network management is about utilization, performance, configuration, maintenance and trouble shooting. The FCAPS model does a good job of categorizing several of the functions (but I think it confuses some of the data management functions). Network management is typically done outside the packet path and collects data from the network via passive protocols like SNMP. These systems will continually collect information about the network and present information in helpful reports as well as generate alarms when certain error conditions are met. Network management will answer questions like:

• How many people were on my network last month?
• How much bandwidth is Bob Jones using?
• Is that access point up or down?
• What do my configurations look like?
• Are we meeting our service level metrics?

As you can imagine, each of these 3 different layers of management are very important in the WLAN landscape, especially for enterprise deploying mission-critical wireless LANs.

I was at a presentation yesterday hosted by Getronics on the merits of their wireless security and implementation methodology code named WISDOM. The basic gist of WISDOM is to use existing management process frameworks like x.805 and ITIL and marry them with the latest and greatest wireless and security technology (editors note: this is a huge simplification). This breaks down into looking at the network in a three dimensional landscape. On one axis you have the 3 security planes: management plane (configuration), control plane (QoS, VOIP, etc.) and end user plane. On another axis you have the 3 security layers: Application, Services (FTP, HTTP, etc.), and Infrastructure. You then have the third axis which are the 8 security dimensions: access control, authentication, non-repudiation, data confidentiality, communication security, data integrity, availability, and privacy. Getronics raps around the three legs of their practice around this model: security, process & procedure and technology.

What really stuck me about this is most WLAN technology vendors build in the security and technology aspects into their products but they almost always forget the process & procedure. Let me give you an example. Almost all LAN hardware vendors build some sort of “management” into their products or offer some software tools. Most times these tools help an engineer configure the device, change and update firmware, troubleshoot packet level problems, etc. But almost never do these tools take in mind the process & procedures an enterprise needs to go through to allow these things to take place in the first place.

For a long time I have wrestled with how to market certain features in our software that revolve around how an IT organization works with the tools they are given. We have experimented with terming our product an “Operations Management” platform versus an element manager. We tried to capture the fact that we only show data about the network to those people who are authorized to see it. As an example, someone from the help desk who logs into our product can not see configuration data versus when the admin signs in they can see and edit configuration data. We even went a step further and began to segment access so that we can allow an admin from one department to log in and see/edit data in his department only versus the entire network. We also do things like integrate with syslog, send traps to other NMS systems, have an XML interface, and log all activity within the system. The features have almost nothing to do with WLAN management but are absolutely critical for an enterprise because they support their policies & procedures.