Category Archives: 802.11n

Wireless Field Day 5: What You Did and Didn’t See…

Last week, we participated in our second Wireless Field Day event and hosted 11 of the industry’s top wireless professionals at our headquarters to dive into demos of our Omni Distributed Analysis Platform 7.5. For those of you who missed the live stream of our presentation, we thought a quick wrap-up of what happened when cameras were rolling – and even when they weren’t – would help you feel like you were in the room with our delegates!

Want to know what went down? Read on, as we give you the inside scoop and what the cameras did and didn’t capture at Wireless Field Day 5.

Capturing 802.11ac Packets in Real Time
Demonstrating a live 11ac capture was one of our favorite parts of the day, as it’s something we’ve been working hard on, and we’re the first to deliver a solution. Although we weren’t using 802.11ac as the primary wireless network, we had a separate laptop connecting to a Linksys 11ac AP and sending traffic over an 11ac network.

We used a 1-steam 11ac WLAN adapter, the Cisco AE6000, to capture 11ac traffic for analysis in OmniPeek. We showed summary-level views of the 11ac traffic in OmniPeek’s Compass dashboard, and drilled into detailed views of the 11ac packets themselves. With OmniPeek’s new support for MCS and spatial stream reporting, all key metrics of any WLAN, including 11ac, are at your fingertips. And with support for 11ac USB WLAN adapters for capturing, you can continue to use OmniPeek as your go-to portable WLAN network analyzer and capture 11ac anywhere, at any time.

Here’s the video of us capturing 802.11ac traffic.

VoFi (Voice over Wi-Fi) Capture
In addition to capturing single-stream 11ac traffic, we also demonstrated packet analysis of a VoFi call, which you can watch us do below. With OmniPeek, we showed how users could capture an entire VoFi call, store it, and play it back to see where problems may have occurred.

By highlighting the specific call in our “calls view” interface, you can easily drill in to see detailed analysis of the call as a whole, including details like the number of control packets, control flows, signaling flows, and signaling packets. And in our “media” view we provide even more details regarding the call, including key metrics like MOS, R-Factor, jitter, and packet loss so you can determine exactly how each and every call on you WLAN is performing.

What you didn’t see…
Well, if you’ve checked out any of the videos, one thing you’ll notice is that there are a lot of Macs among the WFD delegates, and we’re demonstrating from a PC – clearly a technology mismatch. But before the delegates left our offices, many were already running OmniPeek on their Macs (either using Boot Camp or the VM of their choice) AND capturing 802.11ac packets with the very same Cisco AE6000 we used in our demonstration. Needless to say they left a very happy bunch.

In case you missed Stephen Foskett’s original stream of the event, you can catch the remaining videos here. As always, if you have any questions or just want to get some conversation going, leave us a comment on this blog.

Sniffing Out Your Network’s BYOD Problems

Bring Your Own Device (BYOD) is here to stay. Why do we say this? We’ve noticed it in our own customers’ habits, through surveys, and most importantly in our own behavior.

SC Magazine recently reported on a survey from Sophos Labs on the number of mobile devices per person per country. The US ranked second at 3.0 devices per person, with Germany taking the lead at 3.1. In another recent survey from OVUM, one third of employees reported that they are using their personal device to do work without informing their IT department. So, even if employers strictly forbid BYOD, employees are accessing data on their personal devices.

Whether you are actively trying to create a BYOD policy or trying to squash it altogether, you should have a plan in place to ensure that BYOD is not hogging bandwidth or introducing security risks on your network. Here are a few really easy steps to help sniff out BYOD problems that are, or could be, lingering on your network.

Create a Wi-Fi SSID specifically for mobile devices
This provides folks with an easy way to access the Internet, but not the internal network, which is what most users want anyway. Why do we like it? It’s a simple, proactive step that shows that IT is working with users and reacting to their needs. And if access to internal networks is necessary, it is quite easy to set up VPN access over this dedicated Wi-Fi network, giving employees the access they need for mobility while providing a single point of management for mobile users.

Manage access to the network
Once you’ve established a dedicated entry point for your mobile users, the next step is to manage their access. First, you can decide whether or not you want security on this network, whether for the users’ protection, the company’s protection, or both. We strongly recommend the use of strong wireless security, like WPA2, but issues like simplicity of guest access may factor into your decision. Perhaps you’ll want to offer several dedicated Wi-Fi networks, one for your trusted corporate users with WPA2 and one that’s open for guests?

Again, requiring VPN access for your corporate users is key if they are going to access company assets, whether data or applications. It’s best to set up a VPN structure that is separate from overall wireless security, since you can’t guarantee that users will always be using the dedicated corporate wireless network. When traveling, your mobile employees will still demand access, even over untrusted wireless networks like those in hotels and coffee shops. Your best defense is to always require a VPN connection to access corporate data.

Track Mobile Users
Once you’ve committed to working with your mobile employees you’ll want a way to track their access and usage so you can continue to respond to their network needs based on accurate data. The best way to do this is with a packet-based wireless network (WLAN) analysis solution. There are two main approaches when using such a system.

The first approach is by using portable analysis for troubleshooting and routine baseline measurements. With a portable solution you simply put the analyzer in the area to be monitored and let it run. Portable analysis can show you who is accessing your network, how much bandwidth they are using, as well as the applications they are running. The flexibility of this technique makes it perfect fit for the uncertainties of managing mobile devices.

The second approach is to use packet-based network recording. The software and analysis in this approach is similar to that for portable analysis, but in this case you record all wireless network traffic, at the packet level, for detailed analysis at a later time. Network recording allows you to be more flexible, and more responsive, to network problems, and it also allows for detailed usage-level analysis, including policy compliance. Network recording requires the deployment of dedicated probes that collect wireless network traffic 24×7.

Regardless of your approach, keep in mind that mobile access is quite different from wired access, so monitoring and troubleshooting techniques need to adapt to this new workflow. One key area to address is roaming. Given the limited range of a single access point, typically a few hundred feet within buildings, mobile users move from access point to access point as they move around the WLAN. This is called roaming. At the protocol level, a roam is a fairly complex transaction, and it exposes the users to short periods where no network is available. Typically these periods are no more than a few hundred milliseconds or less, and the users continue to work just as if nothing happened. But roaming is one of the key contributors to WLAN connectivity issues, so effective monitoring for roaming is very important.

As a network administrator, troubleshooting roaming issues can be complex because a roaming user moves from one AP to another as well as from one channel to another. To effectively analyze roaming events you need a WLAN analysis solution that monitors multiple channels simultaneously, and compiles the data into a single analysis session. This allows you to track the movement from one channel to another and report the time it takes for the user to make the transition. Roaming events can simply be logged, or tracked by AP or station, which greatly simplifies roaming analysis and quickly identifies problem areas.

Sniff out Rogue Users
Even with strong security and user access control in place you will still have rogue devices connecting to your network. These could be just new devices from trusted employees, or they could be true security threats from hackers. Packet-based wireless network analysis is also very helpful in identifying rogue users, regardless of their intentions. First, you can specify which devices are trusted based on previous network scans, making it very easy to isolate new users or devices on your WLAN. Also, common devices like iPads, iPhones, or MacBooks have a unique signature and are easy to identify within a network, making it easy to see not only who but what is accessing the WLAN. Once a rogue is identified, a few minutes of watching network behavior based on a filtered view of just that user will indicate the user’s overall intentions, allowing you to indicate friend or foe and guiding your next steps.

As the Borg says “Resistance is futile”, so embrace BYOD. Working with users and providing realistic solutions are much more effective and will provide the ongoing control you need to deal with this new form of network access.

Why Customers Choose WildPackets

Customers come to us for a multitude of reasons. Some aren’t happy with their current network monitoring solutions; others are experiencing network glitches that they cannot solve; and some simply need a cohesive analysis solution. WildPackets offers a suite of products that bring customers to us from far and wide, many of whom need specific capabilities in their monitoring solution. Let’s take a look at just a few of the reasons WildPackets is the leading network analysis solution.

10G Analysis
WildPackets led the way in 10G analysis, being the first to introduce a network recorder to break the 10G barrier. When our TimeLine network recorder was introduced in 2010 it was the only network recorder to capture and store packet-level data, with no data loss whatsoever, at 11.7Gbps. Since then, WildPackets has continued to refine TimeLine, offering even more real-time statistics, increasing our overall data throughput, and adding support to capture directly from 40G network segments.

Network Forensics
Going hand-in-hand with network recording is network forensics. As you’re streaming packets to the network recorder perhaps you see a troubling trend in the real-time dashboard, or maybe a user enters a trouble ticket. Network forensics allows you to analyze a subset of your recorded data while the overall high-speed capture continues uninterrupted.

Often associated with security, network forensics goes well beyond security and also helps solve far more common issues on your network, like spikes in utilization, drops in VoIP call quality, and increased latency in both network and application performance. If a problem does occur, you no longer have to try to recreate the problem, which is typically the most time consuming task in any troubleshooting session. Instead, with TimeLine, you simply go back in time, find the problem on the dashboard, and solve it.

Remote Analysis
The days of using a laptop to perform portable analysis, especially on high-speed wired networks, are now extinct. Corporate networks are highly distributed, even for small to medium sized businesses. Even if your company operates from a single location, odds are you host some services remotely, and use some level of software-as-a-service (SaaS), making it difficult to always be where problems are occurring. WildPackets’ Omni Distributed Analysis Platform provides a wide range of options for remote network analysis, from “lightweight” software solutions like OmniPeek Remote Assistant and OmniEngine software probe, to high performance network recording appliances like TimeLine. With a WildPackets solution, network engineers can monitor and analyze highly distributed network architectures without ever leaving their desks.

Top-Down Approach to Network Monitoring
For an overall, top-down view of any network segment, customers find WildPackets flagship OmniPeek network analyzer most helpful, whether as a portable analyzer or as a console to any of our remote analysis solutions. OmniPeek provides complete visibility into your network – including Ethernet, Gigabit, 10G, 802.11a/b/g/n/ac, and VoIP and video. OmniPeek provides visual context into the network so that even junior IT staff can drill down into performance problems and solve performance issues across multiple network segments. This ensures maximum network uptime and user satisfaction.

The Full Suite of Network Monitoring and Analysis Products
And for a complete view across your entire network, WildPackets offers WatchPoint network monitor. This solution builds on our suite of distributed analysis products and provides a comprehensive graphical interface of overall network performance, including top talkers, top applications, overall utilization, VoIP performance, and detailed reporting of detected network and application problems (Experts). WatchPoint also provides a direct link for detailed, packet-level analysis to determine the root cause of any issue.

What is your favorite WildPackets product? Feel free to leave us a comment and share your thoughts.