Tuesday, April 29, 2014

Meru Networks Introduces New 802.11ac Access Points

The Gigabit WiFi landscape is continuing to mature and grow.  Meru Networks has been a large part of that growth recently with the introduction of not one, but three new 802.11ac access points, the AP822i, AP822e and AP122.

Meru Networks AP822 Series

Meru takes aim at the "cost sensitive" 11ac market with two new AP models, the AP822i with internal antennas and the AP822e with RF connectors for four external antennas.  The AP822 is a 2x2:2ss design, dual-radio, 802.11a/b/g/n/ac wireless access point.  It is designed to offer 802.11ac speed at a lower cost than existing 3x3 solutions.

Meru envisions the AP822 being used in schools, hospitals, and hotels.  Like the Aerohive with it's new AP320, Meru is focusing on the low price of this model compared to other 802.11ac access points.  The list price is lower than most at $945 and $895 for the "e" and "i" models, respectively.  The APs make use of both the 5GHz and 2.4 GHz bands and increase the performance of 11n clients.  Real world tests show as much as a 40% increase in throughput for 11n clients.

The AP822 also runs on 802.3af (PoE) power eliminating the need to upgrade to 802.3at (PoE+) and continuing the focus on keeping costs down and staying within tight network budgets.

Features and Benefits

  • Supports 802.11ac with two spatial streams
  • Supports pervasive 80 MHz channel usage
  • Supports multiple operating modes: centralized, distributed, MESH, bridged and VPN
  • Supports either internal or external antennas
Meru Networks AP122

Meru touts the AP122 as being the first 802.11ac wall plate access point.  It is purpose built for use in hotel rooms and higher education facilities.  At $595 it is among the lowest priced 11ac APs available.

The physical design of the AP122 allows it to be placed in any location flush to a wall surface and can be installed simply using CAT5/6 cabling from a standard wall box.  It features two ethernet ports for wired connectivity in-room, one of which can carry standard PoE power up to 13 watts.

Features and Benefits
  • Wall plate mounting design
  • Multiple Ethernet out ports
  • Requires only 802.3af (standard PoE) for full operation

Friday, April 25, 2014

Aerohive Introduces 802.11ac For Less!

Are you excited about Gigabit WiFi?  Trying to find a way to fit even just a few 11ac APs into your IT budget?  I wouldn't say Aerohive's new AP230 is the answer to all our prayers but it is definitely a step in the right direction.

Purpose Built For Easy Migration

The new AP230 offers 802.11ac at a price point that Aerohive hopes is reasonable enough for more organizations to make the jump to 11ac.  The $799 list price does come in quite a bit cheaper than most 11ac APs, notably the Cisco Meraki MR34 and Aruba Networks AP220 series ($1399 and $1295 respectively).  It is also cheaper than Aerohive's other 11ac offerings (both the AP370 and AP390 list for $999).  Best of all, it's even cheaper than some 11n APs.  However, there are 11ac offerings from Meru Networks, Ubiquiti and others for even less.

Another strong asset of the AP230 is that it is capable of full 11ac functionality using standard PoE (802.3af) power.  That's right, you don't need to upgrade your existing infrastructure to PoE+ (802.3at).  This is what really makes the AP230 more affordable.  Most 11ac APs will function on PoE power but in a limited fashion.  They require PoE+ to make use of many of the features that set them apart.  Not so with the AP230.

Key Features
  • Two Ethernet ports with Link Aggregation and Gig Ethernet
  • Fully functional using standard PoE (802.3af)
  • Two radio (3x3) three stream MIMO
  • Plenum rated
  • Does not require a controller
  • Low list price of $799
You can see more about the AP230 as well as the entire line of Aerohive APs and more 802.11ac APs here.

Tuesday, April 15, 2014

Cisco Meraki: Internet Access with Facebook Check-in

Check-in on Facebook for Free Wifi

One of the most popular and easy to setup features that Cisco Meraki has released in the past year has been their Facebook Wifi authentication method.  The feature is easy to setup, widely popular and an easy way to bring a dull, never used Facebook page back from the grave.  This feature is available on all of the MR Wireless and soon to be a new feature in the MX Security Appliances.  Here's a little detail on setting up the Facebook Authentication on an MX Security Appliance.

Facebook Access Control Configuration - MX Security Appliance

As of today (4/15/14), to get the Access Control features on a Meraki MX which include direct, splash page, RADIUS and Facebook Authentication methods, your dashboard needs to accept BETA firmware.  To change the firmware settings go to: Configure -> Alerts & Administration.  I ended up calling the ever helpful support line and was able to request a manual push of the firmware.  While chit-chatting about the new features, he said the Facebook authentication method would be standard pretty soon, but didn't have an exact date.

Facebook Side of the Configuration

Once Facebook Login is selected, options to configure the Facebook settings appear. These settings allow you to link to a page you manage with your default account. For example, I'm a Facebook admin on the CopperWifi.com page so that page shows by default when I'm logged into Facebook.  Most of our customers allow the Skip check-in link to ensure options for their customers and set the session length to somewhere between 2-3 hours.  We really appreciate the option to add our own terms of service as well.

So, Whats the User Experience?

When connecting to a network with these settings enabled I am re-directed to a page asking me to check-in on Facebook to gain access to free Internet.  Once checked in the user is online and enjoying your free Internet access.

We have been installing and using this software since it was first released on the MR Wireless gear back in mid 2013.  Our customers love the ability to broadcast that another user is in their store or business.  One customer reported that a week after the installation they had a customer call in wondering why so many people were checking-in and were upset they were missing out on an event. That was immediate validation the upgrade was worth it.  Other users have gone from 0 check-ins to 1000s in under 6 months with a noticeable increase in foot traffic.  All-in-all I setup the VLAN, Access Control, and Facebook link in about 5 minutes.

Monday, April 14, 2014

Aruba Networks Publishes Update on Heartbleed Vulnerability

Is My Network Vulnerable?

Today, Aruba Networks made an announcement including details of their response to the OpenSSL 1.0.1 vulnerability otherwise known as the "Heartbleed bug."  It is possible for an attacker to exploit this Heartbleed vulnerability to gather information from the memory of web servers without leaving a trace.  This information may include security keys such as usernames, passwords, and cookies, thus enabling impersonations attacks.  This is a global internet vulnerability and is not specific to any certain type or brand of hardware or software.

Once the bug was discovered, the OpenSSL software was patched quickly and, as of the most recent version, this vulnerability is no longer an issue.  However, Aruba has recommended that some users take action.

Aruba quickly made patches available for their affected products.  Some customers, including those with active support contracts have already been notified.  There are active discussions in Aruba's Airheads Community forums.

Which Aruba Products Are Affected?

  • ArubaOS 6.3.x and 6.4.x
  • ClearPass 6.1.x, 6.2.x and 6.3.x
  • AirWave 8.0 beta
Earlier versions of ArubaOS and ClearPass used an earlier version of OpenSSL that is not vulnerable.  Patch releases have been made available on the Aruba Networks support site for affected versions of ArubaOS, ClearPass and AirWave.  Aruba Central cloud-based management has been upgraded.

How Can I Protect My Network?

  • If you are using any of the affected products, you can download the patches here.
  • If you have questions, read the Aruba security bulletin before contacting Aruba support.
  • As a precaution, change administrative access passwords after the software upgrade is complete.
We thank Aruba Networks for acting quickly to mitigate the effects of Heartbleed.

Tuesday, April 8, 2014

Cisco Meraki Introduces New Three-Radio APs

Cisco Meraki stays at the forefront of innovation with the release of it’s newest access points. The MR18 and MR26 are two new, 802.11n access points. What makes these new APs so exciting? After the success of last year’s all new 802.11ac access point, the MR34, Meraki brings some of the MR34’s advancements to it’s new 802.11n APs especially a third radio dedicated to security. The third radio is dual band, providing real-time monitoring across 2.4 GHz and 5 GHz frequencies.

The MR34 was the first AP from Cisco Meraki to offer a third radio dedicated to RF optimization and enhanced security. These enhancements are so popular with Meraki users that Meraki has made them available in the all new MR18 and MR26.

The MR18 and MR26 are similar to the MR16 and MR24 and are designed for the same use in your network but the entire device has been redesigned from the ground up. Every detail, from antenna and component placement within the device’s housing to faster processors and higher power radios has been optimized.

Of course Meraki continues to offer the same ease of use and unique features we expect. In addition to the traffic shaping, mesh routing and enterprise controls that have become standard, they have introduced support for enhanced roaming capabilities like 802.11r and 802.11k as well as enhanced layer 3 roaming.

What does that new third radio do? 
The new third radio in the MR18 and MR26 allows the other two to spend all of their time serving clients. They are just for serving client devices, making sure that data is transferred smoothly. The new third radio improves the security of the wireless network. It allows network administrators to easily track cases of interference and other threats and helps to keep the RF configuration optimal.

The dedicated security radio means you never have to choose between performance and security again. New and improved features include:

  • Auto RF - Allows the access point to automatically adapt to it’s environment, finding optimal channels and power settings based on a real-time assessment of interference sources. 
  • Spectrum Analysis - A real-time view of what is happening in the RF environment. 
  • Air Marshal - Full time wireless intrusion prevention enabling round the clock protection without suspending service to clients. Contain or whitelist rogue access points. 
And of course, the new MR18 and MR26 are completely compatible with your existing Meraki network. If you are already using Meraki APs in your wireless network, you only need to add the MR18 or MR26 where you need them. They will automatically join your network and begin serving client devices. Additionally, the MR18 and MR26 are fully compatible with and fully functional using your existing 802.11af power sources and do not require an upgrade to 802.11at.

Cisco Meraki’s continued commitment to wireless network security is impressive. The addition of a dual band, dedicated security radio to their 802.11n line of AP’s along with the existing 802.11ac MR34 makes Meraki a valuable part of any wireless network.

You can find the new APs here:
Cisco Meraki MR18
Cisco Meraki MR26