pointer

Good news: The Cisco AP Capture Adapter just got better

The Cisco AP Capture Adapter is a feature in the OmniPeek Console that can capture and aggregate wireless packets from multiple Cisco Access Points.    This feature is especially useful to companies with large numbers of Access Points (APs) that are spread throughout offices, stores, and warehouses.    It allows any one or more of the APs to be temporarily used as probes to capture traffic, and then switched back to AP mode, all remotely through software.    Being able to multi-purpose the APs in this way increases the ROI of both OmniPeek and the Cisco AP.

So the Cisco AP Capture Adapter, as a solution, is very good.   Of course, as the developer of the Cisco Remote Adapter, I am going to say that, right?    But seriously, we have been pleasantly surprised by the  popularity of this feature, and the growing number of customers who are using it.  

However, it has its drawbacks.    Because it runs on the OmniPeek Console, the captured packets have to be streamed over the network from the APs to OmniPeek, wherever it may be.    This could be on a different segment, in a different building, or in a different country.    The stream is also not encrypted.    Furthermore, if the IP address of the OmniPeek Console machine changes, which is likely, the AP configuration has to be changed to reflect that.

The point here is that the distance the packets must travel could be long, possibly over the internet, it is not secure, and it changes locations.    These are not ideal characteristics of an enterprise solution, which is why the Cisco AP Capture Adapter is used mostly for local troubleshooting.    This is too bad, since the potential is so much greater.

Now for the good news.  (Imagine a drum roll in the background.)  Ladies and gentlemen … we have just ported the Cisco AP Capture Adapter to the OmniEngine.   (Now imagine roaring applause.)  Yes, this is good news indeed.   

By running the Cisco AP Capture Adapter on the OmniEngine, and placing the OmniEngine on the same segment or subnet as the Cisco AP wireless mesh, all of the packets from any one of the Cisco APs can be streamed and aggregated directly into the OmniEngine.   The OmniPeek Console is then used to connect to the OmniEngine and view the results of the analysis.  

By inserting the OmniEngine into the equation, a new tier is added, providing better performance, less overhead, and security.    The performance is better because the packets only have to be streamed to the OmniEngine, not all the way back to the OmniPeek Console.    This also provides a permanent capture environment, so that your AP configurations do not have to change.   

The overhead to the network is also less, since the packets have to travel  a shorter distance, through fewer routers and switches.   Security is also much better, because the OmniPeek Console interaction with the OmniEngine is through a secure and compressed connection.

But that’s not all.   There are many advantages of using a distributed OmniEngine, and now users of the Cisco AP Capture Adapter will be able to take advantage of them.   Yes, this is good news indeed.    The Cisco AP Capture Adapter  for the OmniEngine is in test now, and will be available to maintenance members soon.    I am sure it will be a big hit.

-SpacePacket

Leave a Reply