Clear To Send: Wireless Network Engineering

Robert Boardman joins the podcast to discuss his install of Ubiquiti AirFiber24 at his campus. This episode is sponsored by Metageek Ubiquiti AirFiber24 Robert Boardman is a network engineer in Monterey, CA. He recently deployed a point-to-point link using Ubiquiti AirFiber24. These are 24 GHz radios operating in unlicensed spectrum. This is one of the reasons why this looked attractive to Robert. He could have easily went with a 5 GHz deployment. Robert knew that this would potentially be an issue in the future. 5 GHz is widely deployed on his campus and didn’t want to risk any co-channel or adjacent channel interference. He decided to use the less widely deployed frequency. The reason is to avoid potential WiFi deployments that would happen in the parking lot, which this PtP has to cross. These radios operate in full-duplex, providing about 1.4+ Gbps of throughput. It’s not a bad radio to think about when it comes to creating a bridge or a backhaul connection. In this scenario, Robert used it as a backhaul to a couple of remote buildings in which lectures are done for students. Aligning the radios would seem to be a challenge but Robert mentioned how there’s an LED indicator which helps you align the radios. This is called the Radio Alignment Display. It will provide you with the signal strength indication. The radio itself is a decent size. It is 36.94 x 18.44 x 11.08″ and weighs 35.27 lbs. You may need two people for mounting just to be safe. You can find more about Ubiquiti AirFiber24 from a video recorded for the WiFi of Everything. Resources and Links * @robb_404 * robb404.com * @woe_show * Robert and Rowell have started a new WiFi YouTube channel called WiFi of Everything. * Ubiquiti AirFiber24

A look back at the podcast all the way to the beginning! Be sure to check out the giveaway at the bottom of this post! This episode is sponsored by Metageek We Made It To Episode 100! I never thought I’d make it to episode 100 of this podcast. The first episode was published in August of 2015. The reason for starting the podcast was to learn more about Wi-Fi. To get into the community and help others who were getting started. At the time I was an IT Manager with a strong interest in Wi-Fi. I didn’t have many friends of colleagues specializing in Wi-Fi which led to this podcast being born. At first it was difficult to produce an episode each week. It actually is still difficult but it comes natural now. Especially with François joining as a co-host. François and I have known each other through Twitter. I’m not sure how we even connected but a fun fact is that we didn’t meet in person until October of 2017. We met in Toronto, Canada where our families had dinner together. With the addition of François the quality of the podcast has increased. So I thank him for all this efforts! We both record at home and for me it is in my garage. We do it when we have spare time and often have enough time just to hit the publish button for the week

Steve McKim shares his experience in starting a new WISP in his town, how he gets customers, and what equipment he uses. This episode is sponsored by Metageek Starting A WISP Steve McKim, a good friend of ours, lives in Rossburn Manitoba, Canada. He recently started his own WISP to provide high speed internet to the people of his city. Steve has had previous experience in working at a WISP back in Winnipeg. So it comes natural to him. So born in Manitoba is 45networks owned and operated by Steve. What is a WISP? It stands for Wireless Internet Service Provider. In areas where internet is slow, unreliable, and maybe over-priced, a WISP can come in and with minimal installation, provide a high speed connection. There’s no construction or trenching needed to provide this connectivity. When it comes to starting a WISP, the first thing you need to do is come up with a business plan. Your mindset also much change to become consumer oriented. From there you work on your marketing through the newspaper, Facebook, and mailers. Steve created a survey using Google Forms which gathered many responses. This became his list of potential customers. What does it take to build a WISP? It starts with a survey. You can begin plotting using Google Earth. A wonderful tool at your disposal! Once you’ve found your locations a physical site survey is needed. Making sure you have line of sight to your base station with no obstructions. With the equipment Steve is using, customers can get throughput of 150-160 Mbps down and 60 Mbps up using GPS sync. The equipment he uses are Ubiquiti RocketAC Prisms. On the customer side he is deploying Ubiquiti Lite Beam Gen 2 and Nano Beam, depending on the distance. Ubiquiti is great to use because of the cost and the tools they provide you with. When it comes to interference, Steve is able to determine what his noise floor is because of the built-in utilities. In addition to interference, he can see his competitors’ channels being used. This is where Steve uses a static channel plan so he knows what to expect. Some of the tips Steve wants to share are the following: * Plan accordingly * Create a link budget * Study local regulations * Learn about licensed and unlicensed frequencies * Learn about the effects of weather on frequency bands * Lear about ground reflections Tools and Resources * 45networks * AirLink * Ubiquiti * Sonar  

Raymond Hendrix joins the show to discuss his experience in deploying event Wi-Fi. This episode is sponsored by Metageek Event Wi-Fi Raymond Hendrix is the man behind Veni Vidi Wi-Fi. It is operated by Hendrix IT. He is located in Merselo, Netherlands. This episode is an expansion of his Ten Talk from WLPC EU. Raymond got his start in RF when he worked for the Dutch Department of Defense. Quite the interesting start! In this episode, we talk about Raymond’s experience with deploying event Wi-Fi. Just like any environment, it always depends on the requirements of the event holder. They will vary quite a bit. Some of the most challenging aspects of event Wi-Fi are of course interference. You can be sure to run into interference outdoors. Whether that is from the visitors or even the exhibitors. But even more challenging that interference is time. Typically, Raymond has just days to set up Wi-Fi and that includes providing internet service for the whole event. This is a great episode to listen to if you’re being tasked with setting up Wi-Fi for an upcoming event. Some of the other topics we discuss: * In-house vs contractor hardware * Bringing in internet service * Use of mesh * Types of equipment used * Equipment selection * Survey and validation Links & Resources * Ten Talk * Veni Vidi Wi-Fi * @raymondhendrix

François talks about this experience in studying for the CCNP Wireless certification and how you can get started. This episode is sponsored by Metageek CCNP Wireless In order to get the CCNP Wireless certification, you need to pass the following 4 exams: 300-360 WIDESIGN – Designing Cisco Wireless Enterprises Networks 300-365 WIDEPLOY – Deploying Cisco Wireless Enterprises Networks 300-375 WISECURE – Securing Cisco Wireless Enterprises Networks  * 300-370 WITSHOOT – Troubleshoot Cisco Wireless Enterprises Networks François recommends studying them in the order above. They are ranging between 55 and 60 questions each and you have 110 mins to complete them and each exam is $300 USD each. How to study Self study Read the exam objectives WIDESIGN Exam Topics – The Cisco Learning Network WIDEPLOY Exam Topics – The Cisco Learning Network WITSHOOT Exam Topics – The Cisco Learning Network WISECURE Exam Topics – The Cisco Learning Network Create a study book of all of the subjects you want to study Research Cisco documentations to find more information about these specific subjects Look at the Study Materials Tab on the exam page Cisco Design Documents Cisco Support Articles Cisco Admin Guide documents If you have equipment, you can setup a lab and practise the configurations Setup your own labs you will need at least 1 AP and 1 WLC Configure dynamic interfaces Configure Interfaces groups Configure AP Groups and RF Profiles Configure different SSID configurations Troubleshoot an AP no joining Ask a friend to break your config and try to troubleshoot it Setup a freeradius server so you can test 802.1X even if you don’t have ISE If you don’t have access to a WLC, you can download a virtual WLC with a 60 days eval license at Wireless – Cisco Virtual Wireless Controller – Cisco It will be a .ova file ready to be used as a virtual machine If you don’t have a Cisco AP, you can purchase an older one on eBay for cheap (ex: 3502) Other ways to study E-Learning proposed by Cisco for $750 a course can be purchased with Cisco Learning Credits Designing Cisco Wireless Enterprise Networks (WIDESIGN) – The Cisco Learning Network Store

Hemant Chaskar, VP of Technology and CISO of Mojo Networks, joins the podcast to talk about the technical details around KRACK. Hemant Chaskar On KRACK Let’s welcome Hemant Chaskar of Mojo Networks. Hemant Chaskar is a Vice President and CISO at Mojo Networks. His past work has spanned wireless, networking and security, with the recent 12 years in enterprise WiFi as technology expert, product designer and technical evangelist. At Mojo, he has been spearheading the development of access, intrusion prevention and cloud based WiFi solutions. Mojo Networks is a provider of enterprise cloud managed WiFi solution, with a vision to create networks that reach new heights in performance, security, scalability, and ease-of-use. It strives to liberate networks from proprietary hardware and utilize the full power of the cloud to deliver Cognitive WiFi™: a self-driving network that makes things remarkably simple and reliable at massive scale. This episode gets very technical as François and Hemant go into the details of how KRACK works by starting from the beginning.. What exactly is in this episode? * Review of WPA2 crypto * CCM * Review of AES-CTR * What is an AES-CTR Nonce * What is a nonce? * How does GCM differ from CCM * Attacking the EAPOL 4-Way Handshake * EAPOL overview * Impact * Severity * Countermeasures * Attacking Group Key Handshake * Attacking 802.11r FT Handshake * Lessons learned Links and Resources * Hemant on Twitter * Hemant Chaskar videos on KRACK * Mojo Networks

Ian Beyer and Jonathan Boyle discuss helping others by deploying Wi-Fi communications. When a natural disaster hits the first thing everyone needs is reliable communications. Ian Beyer and Jonathan Boyle join the podcast to talk about their experiences in deploying Wi-Fi for first responders, families, and departments running critical operations. Ian Beyer is the Region 7 Technology Manager for Team Rubicon. Jonathan Boyle is the Region 7 Director for IT Disaster Resource Center (ITDRC). If we look at Hurricane Harvey, there was a record rainfall. Team Rubicon National Operations Center in Dallas, TX began planning for response. This started before Harvey made landfall. Team Rubicon is a Veteran-led disaster response organization with 50,000 volunteers. They work with major tech vendors such as Palantir, Motorola, Inmarsat, ITDRC, Google, and more. ITDRC’s mission is to provide communities with the technical resources necessary to continue operations and begin recovery after a disaster. Much of their efforts are made possible due to the partnerships and cooperation with numerous partners such as Dish network, Google, Ruckus, Fortinet, Cambium Networks, Dell, Cisco Meraki, HP, Intel, CiscoTACOPS, and more. ITDRC has 900+ volunteers nationwide. In this episode, Ian and Jonathan discuss what it is like to deploy where communications is needed. It all starts with volunteers with the right skillsets to configure and deploy the right technology. In most scenarios, many engineers are fortunate to have a clean and safe environment to work in. The volunteers at Team Rubicon and ITDRC run into many Wi-Fi challenges. There’s interference everywhere, hotspots running around, neighbors in the building, etc. In many cases, the backhaul can be the most challenging. Cradlepoints are often used with hotspots for connectivity. With many people using that connection it can get congested and spotty. As Ian will talk about, sometimes RRM is your friend in these hostile conditions. At the time of this recording, ITDRC had volunteers deployed in Puerto Rico. We hope to have an update in the near future after those efforts have been completed. To hear the full dialog, listen to the episode today! Links and Resources * Ian’s blog * @canerdian * @doubleoboyle * Team Rubicon * ITDRC

We provide an overview of the KRACK Attack targeting Wi-Fi security. KRACK Attack On October 16th, 2017 a vulnerability within WPA2 security was released. In this episode, we provide an overview of what the KRACK Attack is, how it affects Wi-Fi networks, and what you can do to seal this security threat. KRACK Attack targets a weakness in the 4-Way Handshake. Specifically, the key management process. Within the 4-Way Handshake it is possible for an attacker to reinstall an already in use key. This is a security weakness because it causes devices to reinstall a key. Keys should only be installed once thus causing a weakness in security. An attacker would need to perform a Man-In-The-Middle attack in order to be successful in pulling off the attack. This means Wi-Fi devices are at risk. This becomes the challenge with ensuring security. All devices would need to receive this security patch. On the infrastructure side, an attacker would be able to perform a replay attack on APs with 802.11r enabled. Major vendors are releasing a patch for this vulnerability but as a workaround you could disable 802.11r. Listen in on our discussion around KRACK Attack, our thoughts, and our opinions on security as a whole. Links & Resources * Packet6 – KRACK Attack * Semfio Networks – Understand KRACK in 2 Hours * Revolution WiFi – WPA2 KRACK Vulnerability – Getting Information * KRACK Attacks.com

Sudheer Matta, VP of Products, of Mist Systems joins the podcast to talk about how they are using machine learning and A.I. to build better wireless networks. Mist Systems The intention of Mist is to add artificial intelligence and machine learning into the wireless networking stack. This provides a lot of insight into the Wi-Fi experience of a user. Why do this now? Because there was no architecture for devops, programmability and automation for MSPs and for IT teams. What is artificial intelligence (A.I.)? A.I. at Mist is dynamically doing packet captures when an issue is occurring. It segments these problems and helps determine if a device is a victim of the problem or is it a systemic problem? Other things are identified as well such as, is it wired or wireless? If it is on wireless, what type of device is having an issue, what OS is it running, what channel is it on and on which AP, etc. For the wired side, some examples are is it DHCP, DNS, etc. What about machine learning? These insights are based on machine learning algorithms. It is about correlation intelligence. It is the foundation for A.I. driven insights. Machine learning comes in two flavors, supervised and unsupervised. Mist has large clients utilizing their technology in the retail and education space. Within a matter of days both clients have been able to solve long outstanding issues that they weren’t able to successfully fix with their prior wireless vendor. Even Managed Services can take advantage of Mist as they roll out wireless to multiple clients. You can see all service levels across the whole organization. Listen to the episode to get the whole story! Links and Resources * Sudheer Matta on Twitter * Mist Systems on Twitter * Mist’s Website

Mike Leibovitz joins the show to speak about exciting times at Extreme Networks, what they’ve done with acquisitions and where they are headed, Extreme Wi-Fi updates with AC Wave 2, and more. Mike Leibovitz of Extreme Networks 10 years Mike has been at Extreme Networks. Since 2007/2008 he has focused primarily on Wi-Fi. He has done his fair share of work from sales enginneer, switching, routing, and voice. The way Mike Leibovitz got into Wi-Fi was through a project. Now he holds Director of Product Strategy role for wireless projects. There are two Wi-Fi product lines that Extreme Networks carries. One is for the campus market and the other is for distributed enterprise. In a campus environment, you’ll want more with the control plane for things such as layer 3 roaming and centralization of traffic. Extreme Network’s flagship access point is a Wave 2 4×4 with a tri-radio. It works with their security solution, AirDefense. A key thing to know about is the Flow based characteristics which splits the data plane. Analytics runs on top and then you have flow based rules. This episode on Extreme Networks goes into so much more information. Listen to hear more about: * Beyond RF * Security * 802.11ax Links and Resources * Extreme Networks * Mike Leibovitz on Twitter

New York City flipped the switch and enabled Wi-Fi and cellular network in all underground subway stations. Jeremy Ward, of Transit Wireless, joins us to talk about this large scale project and what it took to do it. This episode is sponsored by Metageek New York City – A Connected City Jeremy Ward of Transit Wireless joins us on the show to talk about getting the underground subway stations connected with Wi-Fi and cellular connectivity. The project includes 120 miles of fiber optic cabling, 4,000 cellular antennas, and 5,000 Wi-Fi access points. The network supports the users who use mass transportation every day, public safety, transit communications, and over 3,000 Help Point kiosks for riders. Jeremy discusses the challenges that came up with deploying a solution like this in an underground subway station. Many challenges to Wi-Fi make planning very important. There are issues from the environment, including: * Noise * Dirt * Heat * Cold weather * Brake dust from the trains * Pressure washers * Vandalism * and RF It’s very possible to get RF reflected from moving trains! Placement can be tough to tackle underground. One of the important things to consider is vandalism. Jeremy’s team has tested different enclosures by taking a baseball bat to them! Other topics discussed on this episode: * Design requirements * User traffic * Hardware considerations * Extreme Networks * Motorola * Wireless LAN Controllers * Security * Analytics New York City Subway Wi-Fi Stats Links & Resources * @realjeremyward * Transit Wireless

Containment of a WLAN is the act of shutting it down! We discuss how you can find out if you’re being contained. This episode is sponsored by Metageek WLAN containment is not a situation you want to deal with. The symptom you’ll see are devices dropping from your WLAN. When they are disconnected, they often stay disconnected. Sometimes those devices won’t be able to connect at all to your WLAN. What is happening? Another network is containing your WLAN. This happens by sending deauthentication frames to devices connected to your WLAN or by sending broadcasted deauthetication frames. You can troubleshoot this issue using the following tools: AirTool Wireshark WiFi Explorer NETSCOUT AirCheck G2 (optional) Troubleshooting WLAN Containment How do you know if containment is happening? Using Airtool, capture frames on your operating channels. After 5 minutes of capturing, open up the pcap in Wireshark. Use this filter to show all deauthentication frames: wlan.fc.type_subtype == 0x000c Take note of the source BSSID. You may get lucky and find out who is containing your WLAN. Copy the BSSID and paste it into WiFi Explorer. If that same BSSID is broadcasting beacons for its own WLAN you will see it. That’s how I used Airtool, Wireshark, and WiFi Explorer to find the source of containment. By looking at the RSSI within the frames in Wireshark, you can get close to the source AP of the offending frames. Another option is to plug the BSSID into the AirCheck G2 and use the Locate feature to find the AP. Here are some screenshots from my lab performing containment on one of my APs. Remember your regulatory laws regarding containment!   This Week In Wireless * Get 25% off CWNP WiFi Trek with coupon code: CTS17 * Ekahau Product Announcement * FCC Regulations

We provide our thoughts on Mojo Networks presenting at Mobility Field Day 2. Mojo Networks Mobility Field Day 2 went live with Mojo Networks on July 25th, 2017. We visited their offices in Mountain View to see what was new with Mojo Networks. First up on the agenda, CEO Rick Wilmer, talks about Mojo Networks’ participation in the Open Compute Project. Their goal is to bring Open Standards to access points. It’s a way for companies to use a vendor’s firmware on any access point hardware. It’s an interesting project because it would dramatically reduce costs of access points making it go the way of servers. There’s still plenty of work to be done but we should check in on the status often. The newest feature of Mojo Networks is Mojo Aware. A way to gain visibility into the client journey. It’s all about the user experience. We got insight into association and authentication statistics, baselines for the wireless network, and average statistics of the clients using your network. It seems like major vendors are adding this point of view into their products. Other topics we discuss on the episode: * Mojo Packets * Mojo Network’s 3rd radio Links & Resources * Mobility Field Day 2 * Wireless LAN Professionals Podcast * WLAN Pros website * Lending Library * WiFi Explorer Pro * CWNP Wi-Fi Trek Orlando

We recap the presentation Cape Networks provided during Mobility Field Day 2. It aired live on July 26th, 2017. This episode is sponsored by Metageek Cape Networks at MFD2 A company was born a little over 3 years ago. Their goal, to help network admins and MSPs to enable a great experience on their networks. But how exactly do you do that? They began creating a sensor that would be placed near the end users to collect metrics on the quality of the wireless network. That data would be analyzed in their cloud and presented in a simple user interface of red, yellow, and green lights. All to answer a fundamental question: how good is my network? The team hand humble beginnings, learning how to make hardware at scale. They moved to Silicon Valley to get funding for their idea and now they have their sensors across the globe. It was really great to hear the story of how they began to growing to where they are now. They have really made a big achievement. During Mobility Field Day 2, they announced new features to further enhance the capabilities of their wireless sensors. This includes: * Rolling packet capture * Splash Page Support Listen to the episode for our recap of the presentation and watch the videos from Mobility Field Day 2 below. Links and Resources * Cape Networks * Mobility Field Day 2 * Episode 74 – Wi-Fi Monitoring with Sensors

We recap Netscout presenting at Mobility Field Day 2 (MFD2) which aired live on July 26th, 2017.  This episode is sponsored by Metageek Netscout At Mobility Field Day 2 Netscout has a number of network and application tools but for Mobility Field Day 2 (MFD2) they brought out the AirCheck G2 and Link-Live. The greatest feature of the AirCheck G2 is not needing an expert to use it. You might not be able to have an expert on-site and a task will need to be delegated to a field technician, or a non-technical person. That’s where the AirCheck G2 comes in handy. Chris Hinsz, Senior Product Manager, presented in front of the delegates. In this episode, we talk about some of the features that stuck out to us on this presentation: * Auto Test * CCI/ACI * Network connection tests * Channel Utilization * Profiles * And others The AirCheck G2 gives you a lot of information from the start. You can see how many APs are contending on the same channel. In that same window you’ll be able to check for 802.11 and non-802.11 channel utilization. The Profiles feature allows you to create different settings based on the tests and environments you’ll be using the Netscout AirCheck G2. Profiles make it efficient for you to perform your work. You won’t need to spend time configuring the AirCheck G2 for the wireless network. An example is having to install 802.1X certificates. This can be configured ahead of time using the AirCheck G2 Manager. What do you do after the tests have been performed? How do you keep record of them? This is when Chris gave us a look at Link-Live. A cloud service that stores all your tests from various Netscout devices. Right away I saw this as a useful tool when working with many different field technicians. A test can be uploaded to Link-Live so other people can see the results. It’s an easy way to collaborate with other team members and get work done efficiently. Check out the recorded videos from Mobility Field Day 2 and let me know what you think about Netscout below in the comments. Links and Resources * AirCheck G2 * Link-Live * Mobility Field Day 2