Thursday, August 26, 2010

Clean Air, Green Atmosphere to Sell More

In the name of “save planet”, “green atmosphere”, “green energy” slogans which are very subtle issues and should be continued for betterment of all living creature, I somehow sense companies making all efforts to increase their sales revenues. Being a wireless guy, I would provide at least one example to prove my nous.

Have you heard about “Clean Air Technology” announced by Cisco systems? If not, you may get yourself familiar to this new technology here.

http://www.cisco.com/en/US/netsol/ns1070/networking_solutions_package.html
http://www.youtube.com/watch?v=y0vcTlXifOs

The technology has been introduced to detect RF interference faced by wireless devices from Cordless phone, Microwave, Wireless Camera, Bluetooth devices etc. Cisco has designed an AP which contains a dedicated radio to detect interference in both 2.4 and 5 GHz bands. Additionally, it can also be used to do spectrum analysis.

In the next few paragraphs, we will analyze whether presence of a dedicated radio which comes at an additional cost and powered all the time is justified or not and does it really solve a problem. Does the RF interference problem clean air technology intend to solve real?

Rebuttal # 1: AP detects RF interference experienced by clients

In a typical WLAN deployment, one can imagine one AP serving several clients simultaneously. These clients could be spatially distributed around Access Point. In such scenario, it’s not necessary that RF interference experienced by a client is equally experienced by an AP. In fact it might also possible that AP never experiences RF interference while clients do.

Rebuttal #2: AP detects microwave, cordless phone and wireless camera

Microwave causes problem with 2.4GHz wireless communication. Normally, the location of this interfering device is known and if it cannot be re-located (e.g. Microwave operating in the neighbourhood, unlikely to cause interference but considering here for completeness) then a careful deployment of dual band AP near pantry area can solve the problem.
Even if we believe cordless phone causes degradation of wireless network throughput, do we really need high end AP to detect it and that too all over? It can be banned by enforcing right policy.

Wireless camera causes jamming on a channel. Again, problem arising from wireless camera can be solved by the use of dual band AP.

Rebuttal #3: Clean Air Technology equals Green Atmosphere

A dedicated radio powered al l the time just to detect sporadic interference doesn’t qualify to be green technology. What’s the use of a dedicated RF interference detection radio after you clean your air? Just think!

Conclusion

Instead of having a dedicated radio, present in all APs and powered all the time to detect RF interference, ideally such intelligence should be present in APs and clients. Some WLAN vendors are already making progress in this direction and adding RF interference detection capabilities in APs and clients. In long term wireless monitoring systems can also play important role by providing RF interference detection intelligence along with high value security solution.

Employees carry smart phones; a data security threat silently entering into enterprises

Memories of old days of my employment are still afresh when I used to work for a big multi-national software company. The most uneasy moment that i still remember was crossing the physical security of the company. As per company policy, we were not allowed to bring in or take back any type of electronic media (CD, floppy etc.), self owned or company owned laptop. All bags entering office premises were cross examined by security personals. In this regard, the day when I went office without any handbag, gave me the most peaceful entry and probably virtually to the company as well. Only device that never bothered me was my less smart mobile phone hanging right-side in the belt.

Over years a lot have been changed. Those dummy mobile devices have evolved and became much smarter than ever and it would be not wrong if we call it mini personal computer. These smart phones are capable of storing gigabytes of data and can do personal laptop/desktop like computation in a fraction of time. Hundreds of such devices are brought inside enterprises daily and remain inside for several hours unmonitored.

Though these devices are trusted to be taken inside office premises to serve the personal need of calling by employees to their friends and relatives, it can also be misused to carry company’s confidential data. This tiny device come fully equipped to make network connectivity and can be connected to company’s private LAN without network administrator knowledge.

Most enterprise wireless LANs are secured using WPA2/802.1x security protocol which requires knowledge of domain name and password (certificate is optional for clients in PEAP). So employees can also configure their smart phones to make a connection with corporate LAN. Once the connection is done, user can access resources present on the network and siphon off confidential data.

In a large network enterprise, it’s very difficult for network admin to manage updated list of allowed MAC addresses of networking devices and hence white listing is hard to achieve. It’s difficult to monitor and contain employee carried mobile phones connecting to corporate network. NAC (Network access control) is also not going to help as user can bypass it by successfully authenticating with authenticating server.

Monitoring activity of smart phones inside office premises is increasingly becoming serious security problem. Lack of a reliable solution to contain the problem makes the situation even more alarming. This also opens opportunity for network monitoring system provider to develop innovative solution to manage tiny computers brought inside enterprises by their trusted employees.

Until then, be aware to be secure...