Thursday, February 25, 2016

The future of public WiFi is blazing fast...and a hacker's dream. How to be prepared.

New York City has unleashed one of the world's fastest city-wide public WiFi networks, called LinkNYC. The city has begun turning old phone booths into hot spots boasting gigabyte speeds that surpass most home and corporate office performance. Built on a fiber back-bone across the city, and leveraging Passpoint (also known as HotSpot 2.0), New Yorkers can now enjoy a seamless roaming experience between WiFi access terminals like this one pictured below.

This is not unlike the technology that cellular carriers use to hand off mobile connections from one tower to the next without dropping your phone calls. Once you've connected to the network, there's no need to log in again as you move from one access point's coverage area into another.

And oh, the speeds! To give perspective, Wall Street Journal columnist Joanna Stern reports downloading a 1 GB video in 45 seconds on the new LinkNYC network, which is 8x faster than on Time Warner's cable network, 15x faster than at Starbucks, 20x faster than at LaGuardia Airport, and 32x faster than at a Hilton Hotel. It's enough to make her want to relocate her office to the street right next to one of these access points, despite the cold.

However, free public WiFi networks are already popular targets for hackers looking to tap into exposed data streams, and a high-speed network that keeps you continuously connected across the city is an even more attractive prospect for ill-intent. We've provided tips on how to be safe with public WiFi in the wake of WiFi Sense on Windows 10 in the past, and as public WiFi becomes more and more pervasive, consumers will do well to start learning the best habits now.

1. Practice good "digital hygiene" 
Digital Hygiene refers to general maintenance practices that make your personal information on-line more difficult for hackers to penetrate. Use strong passwords (at least 8 characters long, containing at least one number, one upper-case letter, and one symbol), and a unique password for each of your important accounts. These passwords should be changed quarterly in case one is compromised without your knowledge.

You'll want to set up a secure password manager to keep everything straight -- software that remembers your passwords for various accounts and stores them securely so you don't have to. LastPass, KeePass, and Dashlane are a few popular options.

Finally, setup two-step authentication for all of your important accounts. This requires a secondary code be sent to you (generally via text or email) to log into that account after you provide your password on unauthorized devices.

2. Ensure sensitive data you submit is encrypted 
When browsing on a public network, only enter your passwords on websites that include "https" and a pad lock icon in the web address bar. This indicates the site is using a valid SSL certificate and data you enter is secure.

3. Delete public WiFi networks saved on your device
Passpoint networks are an exception to this rule, as they check your authentication against a saved profile on your iPhone. This means you won't automatically connect to a look-a-like network that a hacker might attempt to setup. However, other public WiFi networks don't have this safe-guard, and if you keep the network saved on your phone, you will automatically join it (or a disguised network setup by someone with mal-intent) when it's in range, which could put you at risk.

4. Connect with a VPN
Using a virtual private network (VPN) connection might sound a little intimidating for most consumers out there, but setting one up is simpler than it sounds and is one of the absolute best ways to protect your data transmissions on public networks. A VPN connection basically creates a encrypted tunnel from your device out to the internet. Information sent this way is very difficult to tap into.

It's worth noting that even taking these steps is no guarantee that someone with the right technical aptitude can't steal your information. However, staying safe from cyber criminals is a lot like out-running a hungry bear. The truth is that humans can't outrun bears...but you can outrun other humans. In the sea of consumers connecting to public networks, cyber criminals are most interested in the ones who haven't safe-guarded themselves with the above steps, and they are unlikely to spend the extra effort going after someone who has.

Tuesday, February 16, 2016

Cicso Meraki releases wave 2 access points, among other new products

Cisco Meraki is kicking off 2016 with key releases from all four of its products families: wireless, switching, security appliances, and mobile device management. The most noteworthy addition, is an 802.11ac wave 2 access point, crashing the market at an aggressive $1099 price point.

Meraki's new MR42 802.11ac Wave 2 access point

The MR42 sports 3x3 radio chains with wave 2's signature multi-user MIMO. It also includes a 4th radio chain dedicated to blue tooth. With multi-user MIMO in full swing, the new access point is capable of an aggregate data rate of up to 1.9 Gbps - communicating simultaneously with MU-MIMO compliant client devices. While MU-MIMO devices still have yet to hit the market, wave 2 access points currently represent the cutting edge in high-density WiFi solutions for the looming future of bring-your-own-device dynamics. WiFi experts agree that the capacity limits of 802.11n, 802.11ac wave 1 access points, and their single-user MIMO capabilities will fall short of efficiently servicing the wireless connectivity needs of the device volume we'll see by 2020. Those who want to be prepared for that future now, would do well to consider adopting 802.11ac wave 2 access points.

In Meraki's switching department, new fiber switches with 16 and 32 SFP interfaces are now available in the MS 410 series. These models feature two SFP+ (1/10 GbE) uplinks (four of them in the 32 port model), and are virtually and physically stackable up to 8 units. The MS410-16 hardware is priced at $8,500, while the 32 port version (MS410-32) is $15,000.

MS 410-16, Meraki's new 16 port, fiber aggregation switch

When it comes to security appliances, Meraki announces the MX65 and MX65w. These new firewalls feature 2 dedicated internet ports for failover, eight 1 Gig ethernet ports, along with 2 PoE+ lan ports and support up to 50 concurrent client devices. The additional ethernet ports mean cost savings for smaller network deployments, as investing in an additional switch may not be necessary to enjoy Meraki's layer 7 management capabilities in switching. The MX65w packs the same punch, but with 802.11ac wireless capabilities also built in. Hardware MSRP is $945 for the MX65, and $1,245 for the MX65w. For small office deployments, the MX65w potentially represents an all-in-one solution for not only a stateful firewall and redundant internet uplinks, but also enterprise, gigabit switching, and 802.11ac wireless connectivity.

Meraki's new MX65w: an all-in-one firewall, switch, and 802.11ac access point

Finally, Meraki rounds out its surge of product updates in a number of improvements to their mobile device manager solution, Systems Manager / Sentry. Systems Manager now includes support for Android for Work applications, FileVault2 integration, as well as added Windows 10 network options. Additionally, new Windows 10 and OSX features make desktop management easier, and include a more powerful and user-friendly installer. Systems Manager is always free to try and use for up to 100 devices. For networks needing to register more than 100 devices, MSRP is $40 per device per year, $80 per device per 3-years and $120 per device per 5-years.

All of these new additions make Meraki's cloud-based solution and industry leading layer-7 management more attainable for smaller enterprise networks. All this and more are available on our website,, with additional discounts available on Meraki orders over $5,000.