Wireless LAN management is clearly a vital element of enterprise WLAN systems and also one of the best vehicles for minimizing total cost of ownership. But even with its long history, challenges remain. These include the user interface, flexibility, ease-of-use, RF spectrum management and a future that demands the unification of wired and wireless management. Wireless industry guru Craig Mathias is here to answer your questions on the topic (or anything else in wireless and mobile that you want to talk about). Craig is one of the best-known analysts in the wireless industry. He is principal of the Farpoint Group and author of Network World's Nearpoints blog.
Wireless LAN management is clearly a vital element of enterprise WLAN systems and also one of the best vehicles for minimizing total cost of ownership. But even with its long history, challenges remain. These include the user interface, flexibility, ease-of-use, RF spectrum management and a future that demands the unification of wired and wireless management. Wireless industry guru Craig Mathias recently answered readers' questions about the best tools for WLAN management, the future of young wireless technologies like fixed-mobile convergence (FMC), IP over WiFi and white spaces and more.
Moderator-Julie: Welcome to today's chat on wireless LAN management with wireless industry guru Craig Mathias. He can answer your questions on the topic (or anything else about wireless or mobile that you want to talk about). Craig is one of the best-known analysts in the wireless industry. He is principal of the Farpoint Group and author of Network World's Nearpoints blog. [Plus, see Craig Mathias's 20's tips for WLAN management: Navigating the WLAN management maze ]
Moderator-Julie: While Craig types his answer to your first question, here's a pre-submitted question and answer. What are the issues surrounding wireless management user interfaces ... what are vendors doing wrong in this area?
Craig_Mathias: The biggest complaint I get is that interfaces are not convenient, or that particular screens display the wrong combination of information. There's often too much shifting between menus and screens and it's too difficult to correlate information quickly when it's spread out like that. UIs in general are tough because no single interface works for everyone. The future is one of customization - being able to arrange menus and screens so that they work for a given installation. Implementing this vision isn't too complex, but it does give vendors pause when it comes to support.
DwightP: Are there any additional management issues surrounding 802.11n technologies that are different from 802.11a/b/g?
Craig_Mathias: No, not really. 802.11n is a PHY/MAC addition to the standard, but looks just like other radios to management software.
Bruce: Some vendors tout they can manage multiple different vendors WLAN systems (APs in particular) with the same tool. Do you see this as a requirement in this industry? (Do many folks utilize different WLANs in the same infrastructure?)
Craig_Mathias: It's not a requirement, but it is probably going to become important in larger shops. Larger companies are likely to end up with multiple systems due to mergers, acquisitions and simply from going out to bid. The AirWave product I just tested was very useful in handling mixed-vendor environments and it was easy to use as well. So, yes, this will become more common.
gm: What are the biggest challenges you see with RF spectrum management?
Craig_Mathias: Well, just initial configuration and dynamic re-configuration of RF parameters isn't easy without this kind of automation. But going forward, solutions will consider interference, traffic loads, class of service, number of users, etc., in setting radio parameters. This is a very exciting opportunity with the potential for big performance gains.
Moderator-Julie: Pre-submitted question: What's up with features like RF spectrum management? What's the next frontier in wireless device management?
Craig_Mathias: This is a key capability of WLAN management systems, the ability to at a minimum set and dynamically adjust transmit power levels and radio channel assignments, along with load balancing, troubleshooting, and logging. The two key innovations on the horizon here are the integration of interference management into management platforms (take a look at Cisco's Spectrum Expert for possible directions here), and much-more-sophisticated RF spectrum management aimed at dense, high-demand environments. I think you'll see some interesting new functionality here shortly.
DwightP: Motorola, in some of its marketing, is saying that enterprises should and can be, completely wire-free. How close is that statement to reality, both now and in three years?
Craig_Mathias: I'm not entirely in the all-wireless camp. I think situations involving stationary users, stationary equipment, or apps that require gig-E throughput will remain wired. Data centers and network cores will remain wired. But clients, both voice and data, will go fundamentally wireless. Most end-users won't need to look for a place to plug in. Productivity will rise as a result of always being connected wherever you may roam.
Jeff at U4EA: What is the biggest challenge you see within the SMB when it comes to the decision to install a Fat Access Point solution versus a managed controller and thin APs?
Craig_Mathias: It's mostly a question of scale. If you just need a single AP, as many small companies do, then whatever is in stock at the local superstore will probably work for you (as long as it's .11n). But if you plan on growing and don't want to have to start over again, then a controller-based approach might be better. Keep in mind, though, that enterprise-class WLANs need not have a controller - take a look, for example, at Aerohive Networks.
Moderator-Julie: Pre-submitted question: Is wireless management being adequately covered by the big management vendors such as HP, CA, IBM/Tivoli? If so, is there still a need for companies to supplement with point products?
Craig_Mathias:: Actually, those companies really don't do wireless-LAN management. We divide the WLAN management world into five layers, in a hierarchy. At the bottom is a broad array of ad-hoc client tools and I'm testing many of those now for an upcoming series of articles in Network World. Above that are WLAN Management Systems, which are provided by the vendor, or as vendor-independent implementations, like the AirWave product I tested. Above that are network management tools like HP's OpenView and WLAN Management Systems are frequently structured as plug-ins - with varying degrees of integration - to these. Above that are enterprise management tools like Tivoli, which don't have much to do with managing wireless. And above that are operational support systems (OSSes), that do provisioning, billing and related functions for operators and sometimes enterprises. So, by, far, it's the bottom two here that are most important in wireless.
Kit Johnston: Craig, what do you see are the features that most customers are looking for in a vendor-agnostic management system?
Craig_Mathias: First is the ability to monitor and troubleshoot equipment from multiple vendors in a consolidated fashion and to generate management reports. Troubleshooting primarily includes responding to alert conditions defined by the installation. I also think configuration is important, but this is more difficult. For instance, the AirWave platform was much better at monitoring and reporting than at initial network setup. It's better to get the network running and then turn it over to AirWave.
TS: Does the advent of 802.11n change the back end architecture for connection to the wired network - e.g. more GIgE/10 GigE links?
Craig_Mathias: I don't think 10 GigE is a requirement, but Gig-E is certainly desirable in that you won't get full .11n performance without it. But .11n will still yield something of an improvement even on 100 Mbps nets. I'd definitely have Gig-E in my plans as I roll out .11n, but I would probably have Gig-E in my plans regardless.
Moises: I'm having a real problem with rogue AP detection. We have a Meru WLAN and its new product is Location Manager but it only monitors the wireless, not the wired, side. AirWave is not compatible with the latest Meru controller software, I've tried that for weeks. WiMetrics has WiSentry, but are they out of business? No reply to my queries.
Craig_Mathias: You should probably look into a third-party tool like AirDefense or AirTight. Many installations require separate IDS/IPS for auditing purposes anyway. Ultimately, the only way to deal with rogues is to be able to shut off the switch port that they're connected to - and this requires unified wired/wireless management. Cisco can do this today, but I'm not aware of any other vendors that handle rogues in this way.
Moderator-Julie: Pre-submitted question: What's the latest on stopping rogue APs and other such security risks? Are management tools also performing security functions?
Craig_Mathias: Security is a critical management-system function. All WLAN vendor tools can configure security (remember to use WPA or WPA2, by the way and not WEP or an open system) and many are policy-based, assigning security on a class-of-user basis. Rogue APs are most often handled by an over-the-air denial-of-service approach, but the future is in the ability to isolate the switch port that the rogue is connected to and turn it off. Cisco can do this, for example, in the latest release of WCS. You will likely still want a client-based or enterprise WLAN assurance tool or system, like AirMagnet or OmniPeek, just to be sure.
Kit Johnston: Have you tested Cisco's WCS and WCS Navigator? And more specifically, tested the Navigator as a NOC-located managed services offering?
Craig_Mathias: Not the new (5.1) release. But I did see a demo and I was impressed with how much progress they've made. If you remember release 1, it's a wonder how far they've come.
Moises: I think both AirDefense and Airtight require separate sensors - a major cost-prohibition. Cisco is probably only compatible with Cisco Aironet APs?
Craig_Mathias: Yes, it can get expensive. But AirTight will provide its stuff as a service and that's very cost-effective. You can expect that future APs will include scanner capabilities by default.
H20man: What are your thoughts on the newest version of software for Cisco's WCS/WLCs? Reliable versus Risky?
Craig_Mathias: As I mentioned, I saw a demo. I think it's far enough along and critical enough to Cisco that I wouldn't be too concerned about upgrading now.
YRmeUP: What's the latest when it comes to authenticating users trying to get access to the wireless network?
Craig_Mathias: Well, there are the basic .11/.11i capabilities, but it's really the upper-layer services (802.1X and related) that should be used in the enterprise - and that's the same as you're doing on wire.
Renegade: Craig, are there some promising authentication systems for smaller business that only have two or three AP's, no AD [Active Directory] and possibly work with LDAP? A system that could isolate or quarantine and work with some sort of NAC
Craig_Mathias: I've not used anything that I'm happy with yet (and Farpoint Group is a smaller business with six production APs). Some offered remote authentication and such, but you're in deep yogurt if your WAN connection goes down. I'll note in my blog when we settle on something.
TS: Are 802.11e type QoS mechanisms already included in .11n?
Craig_Mathias: Yes, but they're unrelated. .11e works fine on an .11n connection.
BillG: Do you know of any management issues regarding WLANs and integrating them with wireless WAN (WiMAX, 3G cellular, etc.) technologies .. especially on the voice side?
Craig_Mathias: AirWave has this, but I didn't test it. I'm not sure if this is ultimately that important, because most WiMAX networks will be operated by carriers and they will handle management and OSS - not the end-user or the enterprise. Upper-layer applications management will be most impacted here. Take a look at Cisco's application engine for an example of provisioning services across multiple wired and wireless networks. The management in that case is integrated with WCS.
tcbizdev: Are there many MSP providing WLAN Management Services, if so how do I locate them?
Craig_Mathias: I've not followed this, as I've worked mostly with larger enterprises that bring (of necessity) management in house. You might contact your vendor, though and see if there is anyone they can recommend. Some dealers offer this service, but, again, this is aimed at smaller businesses that don't have an operations staff.
Moderator-Julie: Pre-submitted question: Is wireless management of different types of networks being handled by the same products and where do the Big Mgmt vendors stand on some of this like WiMAX, 802.whateversnext, etc.?
Craig_Mathias: WLAN management in general focuses on specific WLAN systems and rarely includes functionality beyond that mission. AirWave can manage multiple WLAN products and even some WiMAX systems, but I didn't test the latter. I do believe that the future is clearly in unified management, bringing all network infrastructure (and, in some cases, extending all the way to mobile clients) under a single management umbrella. That is very difficult, clearly and in my opinion calls for a new approach beyond SNMP. I think XML would make a great platform for next-generation management systems and some vendors are already moving in that direction.
Moderator-Julie: Pre-submitted question: Where, if anywhere, does fixed-mobile convergence factor into today's wireless networks and in the management of them?
Renegade: Craig, how much have you seen open source play in the role of security (wireless) and access?
Craig_Mathias: Not so much in the mobile world, other than Linux, which has quite a lot of usable security tools. I expect, though, that open source will become dominant over the next few years - Android, Symbian, etc. That's going to be the name of the game.
YRmeUP: What are your thoughts on FMC, and managing it if it ever becomes widely used?
Craig_Mathias: Let's look at FMC just from the perspective of WLANs, using voice over IP over Wi-Fi (VoFi). Many WLAN system vendors can provide at least basic management of voice services and some (like Aruba, for example) are implementing convergence functionality. There are also third-party products, such as those from Agito and Divitas, which implement convergence. But there's still a need for integrated management consoles here and were not really there yet, just as is the case with most WLAN IDS/IPS implementations. There's also a question as to whether the wireless carriers will ultimately get into convergence, perhaps offering it via premises equipment.
Kit Johnston: Craig, Don't forget about Cisco's MSE and Intelligent Roaming (Agito's system) for FMC. I'm mainly referring to players in the FMC space, but yes in management as well being that with the MSE, all of the management will be handled through the WCS.
Craig_Mathias: Well, that's the idea. Cisco does provide a facility for that and it does result in a degree of centralization that I think customers will find attractive. It remains to be seen how many app suppliers will package their code in this way, but I think it will be very popular.
Renegade: Any promising new tech/software you seen lately? Links? Golden nuggets for us?
Craig_Mathias: Oh, my, yes. And I've love to tell you about them, but I can't just yet. But expect major new developments in .11n components and RF spectrum management shortly. The rate of innovation in wireless remains at an astonishingly high level, especially considering how old the field is (Marconi's first transmission was well over 100 years ago!). I'll post new developments as soon as I can in the blog.
Moderator-Julie: Pre-submitted question: What are your thoughts on the "white spaces" plan for Google, Microsoft, Intel and others to gain access to unused TV bandwidth for data devices?
Craig_Mathias: I have high hopes for the white spaces, but I'd restrict access to these for for-profit ventures to avoid overcrowding. The interference issue can be managed; we have the technology and dynamic, distributed capacity allocation can work just fine. I'm in general against the idea of spectrum actions, which are just another hidden tax. So, I'd make these unlicensed, similar to the rules for the 2.4 and 5 GHz. bands used for Wi-Fi and I'd limit the number of for-profit operators with access to the white spaces to three in any given geography, selecting them based on qualifications, vision and resources - what's known in the trade as a "beauty contest".
Moderator-Julie: Pre-submitted question: What do you see in terms of venture funding for wireless? Is the money still there for enterprise projects or is all going towards new fangled wireless ideas?
Craig_Mathias: I used to be a VC, and there's always some risk capital available. As I noted, I see new start-ups almost every week, so the money is there. VCs usually don't pay attention to short-term economic hiccups (I'm being kind here WRT the current situation on Wall Street); they think longer-term. But, more than ever, you'll need a first-rate business plan and especially a management team to get money today. You'll also need a lot of your own resources - time and money - in the game to get funded. These aren't the days of the cocktail-napkin business plan getting funded in five minutes. Also, think about corporate and government funding option, not just traditional VCs. And think globally! It's a big world out there, and money is available everywhere.
BillG: Are there any business benefits to femtocells, or is this just a consumer play?
Craig_Mathias: They look like they're just consumer for the time being. Enterprises can get similar benefits, however, from in-building microcells (as are often found in convention centers and similar venues) or from distributed antenna systems. I still believe that converged cellular/Wi-Fi solutions will be the solution of choice because they make the best use of spectrum - and bandwidth only becomes more critical over time.
WirelessRox: Do you expect to see convergence of wired and wireless VoIP management? Will this come from the call server vendors or the WLAN vendors?
Craig_Mathias: Yes. And that's a great question because there will be something of a battle here. Control of the customer is a key competitive strategy and management software is a great angle here. So - it could be either, or a third-party altogether. My money, however, is on the larger telecom systems vendors and the convergence vendors.
YRmeUP: Are wireless networks more "green" than their wired counterparts ... do they use less energy or otherwise reduce the old Co2 footprint?
Craig_Mathias: Depends on the AP. Some APs that I've tested will indeed run on 802.3af power. Given the cost of electricity, that could make a big difference to say nothing of holding down the installation expense.
Moises: Have you written books? I'd like to read them.
Craig_Mathias: Thank you! But no. I have this fear that I'll spend six months writing a book and it will be out of date before the ink on the first run is dry. The blog and the other articles I write keep me pretty busy. But, maybe, someday.
Moderator-Julie: Pre-submitted question: What are some of your favorite Wi-Fi gadgets you've seen for the enterprise and consumer?
Craig_Mathias: I really like the current crop of Mobile Internet Devices (MIDs), cheap, small and light notebooks from Asus, Dell, Lenovo and many others, many with built-in 802.11n. Linux is a great platform for many mobile applications and I frequently travel now with one of these. I'm encouraging enterprise users to buy handsets with Wi-Fi built in, for both convenience and to take advantage of convergence. I expect 40% (or more) of handsets sold in 2012 to include (single-stream) .11n. And, of course, .11n is real now and I wouldn't buy anything else. But I'm constantly trying new products here, so it's hard to have a favorite. Let's put it this way - I've seen no outright clunkers in the current crop of products now available. And Wi-Fi will be with us forever; there is no other technology that can stop or even limit it and nothing except new Wi-Fi will replace it over time.
Jay_Cummings: One of the problems I've faced in our environment is huge variability in connection speed. I've got a system that very frequently drops all the way down to 5.5 mbps, despite the fact that signal strength shows 5-bars/excellent. At the desk, not eigh feet away, another user's machine is very reliable at 54 mbps. I've looked for wiring in walls, drivers on the PC, OS updates and usage patterns … thoughts on what I should consider chasing next?
Craig_Mathias: The first thing that comes to mind is interference from external networks or even non-Wi-Fi wireless devices. You can have great connection speed but poor throughput due to interference. Get yourself a spectrum analyzer (Cisco's Spectrum Expert and Metageek's Wi-Spy, for example) and have a look.
Moderator-Julie: Pre-submitted question: What kind of consolidation among vendors are we seeing in the marketplace and who will be next, in your guess, to be bought or to do the buying
Craig_Mathias: We've not seen a lot of consolidation in the WLAN market so far. Trapeze got bought by Belden; I see that as expansive because Belden is huge in wire and was clearly looking for a wireless extension to its offering. Siemens Enterprise Communications and Enterasys are essentially merging, but that's expansive too, creating the potential for a strong player in unified wired/wireless networking as well as convergence. HP and Colubris is more consolidative, but their respective customer bases are quite distinct. We're not at the point of consolidation yet because the degree of technological innovation in wireless remains so high. I see new start-ups in various elements of WLANs every week, and progress remains at a close-to-amazing level. Maybe, though, we should look at consolidation here in the context of management systems - and there's clearly a need for more functionality - wired and wireless - in future "consolidated" management platforms.
Moderator-Julie: We are out of time today. Thank you for coming! If you have further questions, contact Craig at his Network World blog (post a comment) or e-mail me, jbort@nww.com.
Check out these other, recent chat transcripts.
- IPv6 strategies for the enterprise with Fred Wettling, Patrick Grossetete, Ciprian Popoviciu
- Twitter, forums, and blogs: Are social networks your friend or foe? With Curt Monash
- Network Access Control Face-Off: Joel Snyder versus Richard Stiennon
- Cisco certs and building a home lab with Wendell Odom
- Counterfeit network gear: how to detect it and protect yourself with Mike Sheldon
- Enterprise technology trends IT departments can't afford to ignore with John Hagel and Eric Openshaw
- Crimeware: understanding new attacks and defenses, with authors Markus Jakobsson and Zulfikar Ramzan