Clients      Employees

April 3, 2015

No Comments


How to Protect Your Wireless Network against Attack

Wi-Fi is quickly becoming an essential business tool in many industries. Gartner expects the majority of users will reach for tablets and smartphones for all online activities by 2018. This ongoing shift from desktop to mobile is enabling improved employee productivity, better customer service and greater operational efficiency.


Wi-Fi access in the workplace isn’t just for employees. Customers, vendors and business partners expect to have the same level of on-demand connectivity that they enjoy at home or in their own workplace. A guest wireless network enables organizations to meet demands for free, reliable Wi-Fi access while isolating sensitive company data and business applications on the corporate network.


The expanded use and business value of Wi-Fi mean that organizations need to go the extra mile to ensure that security concerns are addressed. News headlines continue to show that even the largest enterprises aren’t immune to major security breaches, many of which have been the result of vulnerabilities in the Wi-Fi network. Traditional network security solutions such as firewalls and network segmentation don’t go far enough.


A wireless intrusion prevention system (WIPS) can help stop attacks and unauthorized access to the wireless network, and provide a cost-effective way to meet regulatory compliance requirements. A WIPS is a device that looks for the types of attacks that are commonly launched against wireless networks, preventing hackers from gaining access to credentials that can be used to dig deeper into your network.


A WIPS also monitors the Wi-Fi network for rogue and misconfigured access points (APs) that can be unknowingly installed by an employee or vendor, or deliberately installed by a criminal. Rogue APs can connect to an otherwise isolated segment of your network, providing criminals with unlimited access to sensitive data. In addition to data and identity theft, an attacker can carry out a digital denial of service (DDoS) attack that can shut down operations. A criminal can also pretend to be an authorized device in order to connect to an authorized AP, resulting in the same consequences.


The Payment Card Industry (PCI) Data Security Standard (DSS) is one of several regulations that requires scanning for rogue APs. PCI DSS specifies that scans be conducted on a quarterly basis at minimum, but such infrequent scanning can lead to weeks or months of undetected vulnerability. The misconfiguration of APs has also become a major compliance issue — Garter has found that the majority of wireless-related security incidents occur because of misconfigured APs. A WIPS is more cost-effective than manual scanning, making it an important tool in maintaining regulatory compliance.


A WIPS helps ensure that the guest network is truly segmented from the production network, and determines which devices are truly authorized to access the production network. And because the WIPS is constantly monitoring the network, it provides logging, event notifications and geographic information that can be used to identify potential attacks, investigate successful attacks, meet compliance requirements and improve the overall performance of the wireless network.


Because the wireless network is a key component of the IT infrastructure, you need the right tools to ensure robust security. Let ICG show you how a WIPS can help maintain regulatory compliance and protect your Wi-Fi network from attack in a way that traditional security solutions can’t.

March 9, 2015

No Comments


The Latest Wi-Fi Standard Part 2: 7 Steps to Prepare for Migration

In our last post we the critical importance of the Wi-Fi network in today’s IT environment. Once considered a convenience, Wi-Fi is now viewed as a strategic business asset. In order to provide on-demand access to business data and applications from mobile devices and enable the use of bandwidth-heavy applications such as videoconferencing without performance glitches, organizations need a reliable, high-performance wireless LAN (WLAN).

The Institute of Electrical and Electronics Engineers introduced the 802.11ac wireless standard to meet the demands of high-density Wi-Fi environments. Built upon the foundation of the 802.11n standard, 802.11ac dramatically improves speed and capacity and supports more users per stream while reducing latency and interference.

802.11ac products are being introduced in two “waves.” Wave 1 products, which are available now, use the less-crowded 5GHz band and 20MHz, 40MHz and 80MHz channels. Although Wave 1 access points (APs) generally support three spatial streams, many tablets and smartphones are single-stream devices, resulting in a wide variety of data rates.

Wave 2 products support multi-user MIMO (MU-MIMO) technology that maximizes the number of megabits transmitted per megahertz of spectrum. MU-MIMO improves upon the capabilities of the 802.11n technology by supporting up to four simultaneous user transmissions on each spatial stream. 802.11ac also doubles the number of spatial streams from four to eight. This allows for much higher user density.

The challenge is that many wired networks use 1 Gigabit switches and Cat5e cabling to connect APs to the network. The wired network will be slower than 802.11ac Wave 2 devices, which promise speeds greater than a Gigabit. In addition, 802.11ac devices require 30W Power over Ethernet Plus (PoE+), but many organizations have only 15W PoE capabilities.

Clearly there are a number of things to consider before deploying 802.11ac. Organizations seeking to migrate to this new technology should prepare by taking the following steps:

1) Assess your wired network. 10 Gigabit Ethernet (10GbE) uplinks are typically required and backhaul infrastructure may need to be upgraded in order to avoid performance degradation. You’ll also need to evaluate your (PoE) capabilities.

2) Assess your WLAN controller. The WLAN controller must be 802.11ac-aware and capable of supporting the additional capacity provided by 802.11ac.

3) Evaluate capacity requirements. Determine the number of wireless devices that must be supported, the number of devices that will be used at the same time, and what types of applications will be used. This will help you plan for both capacity and access point density.

4) Review RF requirements from a 5GHz perspective. Organizations should plan to use both the 2.4GHz and 5GHz bands, but 802.11ac delivers maximum bandwidth and performance in the 5GHz band.

5) Consider a dense deployment strategy. Because 5GHz is a shorter wavelength, a denser deployment of access points is required. Also, a dense deployment strategy will shorten the distance between endpoints and help to sustain performance.

6) Determine a deployment plan for both coexistence and migration. Keep in mind that 802.11ac is compatible with 802.11n, so upgrading to 802.11ac shouldn’t require you to rip out existing equipment. A phased migration may be the ideal approach to take.

7) Consider operations and management capabilities. Because effective management is critical with Wi-Fi optimization, organizations should consider combining wired and wireless management and upgrading to an enterprise-grade management console.

ICG’s Network Infrastructure team has extensive experience in the design, implementation and support of high-performance network solutions. Let us help you develop a wireless networking strategy that meets your current and future business requirements.


March 2, 2015

No Comments


The Latest Wi-Fi Standard, Part 1: What 802.11ac Brings to the Table

A reliable wireless LAN (WLAN) has become as important to the day-to-day operations of the enterprise as the telephone and fax machine were 25 years ago. More than a convenience, Wi-Fi enables greater flexibility, agility, efficiency, productivity and customer service, all of which contribute to a bigger bottom line.


A reliable WLAN makes it possible to implement a bring-your-own-device (BYOD) policy so employees can have anytime, anywhere access to business applications and data from their favorite devices. Everything employees need to perform their jobs is within arm’s reach. They may leave the office, but the office never leaves them.


Now, simply having WLAN isn’t enough. There’s a constant demand to improve the speed, reliability, coverage and capacity of Wi-Fi. Users expect to be able to use bandwidth-intensive business applications and collaboration tools such as videoconferencing without compromising performance.


The growing demand and importance of WLAN has spurred the development of the latest Wi-Fi standard, 802.11ac. According to the Institute of Electrical and Electronics Engineers (IEEE), 802.11ac builds upon the technology of its predecessor, the 802.11n standard, delivering a number of performance-boosting enhancements.


The most notable improvements in the 802.11ac Wi-Fi standard include:


More horsepower. 802.11ac is capable of tripling the speed of 802.11n with a theoretical maximum rate of up to 1.3Gbps. An even faster version has been tested at speeds of 7Gbps.


Wider roads, less traveled. 802.11ac exits the busy 2.4GHz spectrum and its 40Mhz channels for the more spacious 5GHz band, where less traffic and wide 80MHz and 160MHz channels allow for faster speeds, higher throughput and less interference.


Smarter spectrum allocation to support more users. A major upgrade from 802.11n’s single-user multiple input, multiple output (SU MIMO), 802.11ac’s multiple user (MU) MIMO uses smart antenna technology to support up to four simultaneous user transmissions on each spatial stream. The standard also doubles the number of spatial streams from four to eight, resulting in much higher capacity and lower latency.


Increased data rate. 802.11ac uses a higher order modulation, 256 quadrature amplitude modulation (QAM), to boost the data rate by 33 percent. This data rate is then doubled, thanks to the increase in spatial streams mentioned previously.


What do these improvements to the Wi-Fi standard mean for your organization?

802.11ac take the speed and performance of the WLAN to a whole new level. New users and mobile devices are constantly being added to enterprise networks, and 802.11ac is much better-equipped to handle a higher density wireless environment. Employees can access and share large amounts of data and utilize real-time, streaming media applications with a much smaller risk of bandwidth bottlenecks. And because 802.11ac operates on a band unused by most mobile devices, minimal interference and greater reliability contribute to a better user experience.


In Part 2 of this post, we’ll explains the two “waves” of 802.11ac products and discuss adoption trends and strategies. Meanwhile, contact ICG if you’re ready to take advantage of faster Wi-Fi in your business.