Archive

Archive for the ‘WiFi Access’ Category

Retail Business Technology Expo 2014: SMAC and Awe!

April 4th, 2014

Within the vast expanse of Earls Court, West London, RBTE 2014 has been a roaring success, again, for Airtight. This is the second year Airtight has exhibited at RBTE. Following AirTight’s rapid growth within the UK and across Europe over the past year, we couldn’t miss out on this opportunity to discuss and demonstrate our “firepower” in the retail arena.

RBTE was a great showcase for AirTight’s ease of deployment, security capabilities for brand protection, the ability to allow our clients to engage with their customers and their friends (brand connection) and the analytics we derive from this. This is known as “SMAC” (Social, Mobile, Analytics and Cloud), a term which fits Airtight to a T. There doesn’t appear to be many similar events within Europe where international retailers can get an overview of the retail landscape and the technology available and there is obviously a huge appetite for an event of this nature.

From the conversations we had it appears that prospective clients were very receptive to the idea of social Wi-Fi. This is the ability to use your social credentials, such as Facebook, Twitter and LinkedIn to authenticate to the guest WiFi in-store. Guest Wi-Fi is now expected by the consumer and they expect it for free. However free WiFi is not free for the provider, i.e the retailer, so how is this monetized? Airtight gives the retailer access to a whole host of analytics. The combined effect of social Wi-Fi and analytics gives a wealth of data to the marketing departments, allowing them to strategize, plan and do targeted marketing.

A key selling point on our stand and that of our partners’ was our security capabilities. Airtight was built upon security, the best security available. Security in retail comes in its own guise, PCI DSS. It doesn’t matter how it’s dressed up though, Airtight has the X factor, the “A list” credentials to give true security and, unlike other providers in the WiFi space, the ability to actually defend against attacks over the air and on the wire using AirTight’s unique Marker Packet technology. This has really shown us that this factor really sets us apart from the rest of the industry, while exercising the highly receptive slogan “If it ain’t secure, show it the door”. Why bother creating a guest WiFi network in it isn’t secure! Do you leave the doors and windows open at home? No.

Another key takeaway appreciated by visitors was the ease of deployment in the retail environment where hundreds or thousands of stores can have secure, PCI DSS complaint Wi-Fi, with comprehensive reporting and analytics deployed rapidly with AirTight’s cloud-managed, drop ship, plug and play access points. Combine the 3 elements of AirTight’s offering in this space – Social + Analytics, automated PCI reporting and true security – with ease of deployment and cloud management, then we have the winning formula!

It was great to see our partner presence at RBTE also, notably Hughes Europe, Aztec and Airwave, ready to drive our solution range into retail and hospitality.

The event was short but sweet, not on the feet, and definitely a show to remember! We will be ready to join the hustle and bustle of the show, so RBTE 2015 get ready!

 

PCI, Retail, WiFi Access, Wireless security

Management System Diversity: “Manage WLANs from Anywhere Using Anything!”

April 2nd, 2014

So much competitive marketing noise has been made over the last half dozen years about managing WLANs that vendors are now trying to manage WLANs from anywhere using everything. It wouldn’t surprise me in the least to hear a vendor say that they can now manage a branch WLAN in France from the comfort of their kitchen’s refrigerator’s management widget. It has gotten downright silly. I thought I would recap just how diverse the WLAN management scene has become: first for a good laugh, and second as a reference for those newcomers to the Wi-Fi industry.

You may be thinking, “why are there so many ways to manage a Wi-Fi system?” There’s a variety of answers to that question, such as:

  • Cost
  • Differing use cases
  • Partner eco-system
  • User preference

Not every vendor provides each of the management methods described below, but rest assured that every vendor will tell you that you don’t need anything other than what they sell. Can I get an amen? Below, I have offered a visual reference of the seven prevalent methods of managing a Wi-Fi infrastructure. It’s important to note that I will not address Wi-Fi client management methodologies in this post.

WLAN-management-diversity

WNMS in a Virtual Machine (VM)

One of the most popular methods of deploying a true WNMS today is as a VM. It’s a low-cost, flexible, scalable option that is profitable, easily updated, and easily distributed for vendors (since it’s only software). Customers love it because almost every organization has a VM infrastructure these days. Those who don’t typically use…you guessed it…the cloud. VM-based WNMS systems are classified as true WNMS because they can manage multiple elements across multiple locations, they usually handle policy-based management, compliance/reporting, location services, configuration/monitoring, planning, and much more.

WNMS in an Appliance

A WNMS in an Appliance is simply WNMS software that has been installed onto an appropriately-chosen hardware platform by the vendor. A set of recommended specifications are then documented by the vendor that informs user about the maximum number of devices that should/can be managed with the platform. Sometimes the vendor security-hardens the platform as a value-add.

Wireless Network Management System (WNMS) in the Cloud

Cloud management is all the rage. In fact, if you’re a vendor and don’t offer it, I dare say that you’ve fallen dreadfully behind the times. Cloud management is especially appropriate for users with distributed environments, remote or home-based workers, and those who prefer an OPEX-based (subscription-based) payment strategy.

Do not confuse putting a hardware or software controller (or set of controllers) in a data center for cloud management. A cloud management system is a multi-tenant system whereby system resources can be allocated and provisioned to various customers leveraging economies of scale. A cloud system is flexible enough to grow when/where needed and is essentially unlimited in scale. Vendor marketing departments love to cause confusion around cloud offerings when their company does not offer cloud management as an option, so be sure to ask your vendor to explain what their cloud is and how it works.

The term Public Cloud means pretty much the same thing across all vendors who use the term, but the term Private Cloud has varying meanings across vendors. It’s for that reason that I wanted to clarify the two prevailing definitions for Private Cloud:

  • Definition #1: WNMS (Appliance or VM) in a private data center
  • Definition #2: Dedicated (versus the normal shared) server space within a cloud infrastructure

Customers should ask their vendors to clarify what they mean when they use the term Private Cloud.

Application-based Management

Some vendors have chosen to put their configuration interface into an application, and these applications are now beginning to show up on mobile platforms (e.g. iPad). Application-based management software for mobile platforms is often a subset of the desktop version or controller-based management interface and is meant to offer the user an exceptionally good experience. Mobile applications are renowned for their simplicity, beauty, and flexibility. These applications are heavily focused on configuration, and are likely to have very little in the way of monitoring, reporting, location services, planning, etc.

Such management applications tend to be element managers rather than policy-based management systems, and are often not sophisticated. Their benefit lies in their simplicity and flexibility.

Controller-based Management

The reason that I don’t give controller-based management the moniker of WNMS is that controllers were never designed for full-scale management. You can think of the CLI or GUI within a controller as being designed in the original likeness of an autonomous AP. Autonomous APs had (and still have) an integrated GUI (and some had a CLI) designed primarily for configuration. While configuration is part of management, autonomous AP GUIs/CLIs had few monitoring, reporting, planning, mapping, or other management functions within the interface. Likewise, when the industry moved to controllers and controller-based APs, the controller became the original point of configuration.

While a reasonable amount of monitoring sophistication has been added to controllers over the years, controller-based management is still element-based (meaning that it only monitors itself) and contains almost none of the common enterprise-class, large-scale WNMS features.

Controller-in-Software Management

Yes, vendors actually do this. The make a software controller and run it as an application or within a VM. Either way, it acts exactly like a controller appliance and has all of the management shortcomings thereof. However, it may be offered to customers at no charge, which is a strong benefit. You still have to consider the cost of the hardware that the software must be installed onto, but that could well be a sunk cost already or minimal because it’s a set of shared commodity hardware within your data center. A saving grace of this approach is that with it being a pure software play, it’s possible for such platforms to morph more quickly into a true WNMS.

Master Access Point (AP) based Management

We have seen systems come and go over the years that sported this feature. Some vendors have installed the feature and then taken it back out again because they felt like it took away from their ability to sell other types of management (e.g. cloud). Managing a set of APs via a single Master AP can be very simple, free, and yet is always scale-limited by design. Depending on the vendor, this choice can be feature-rich or feature-poor, but it’s often great for small mid-market customers who have a single location or have a qualified administrator at each location.

Like Controller-based Management, the interface found in Master APs is usually highly geared toward configuration. There may be some modest amount of monitoring capability, but it’s not comparable to a WNMS. Further, other WNMS important features such as reporting, location services, and planning are missing. It’s for these reasons that I do not call this form of management a WNMS.

Summary

There are just so many….take your pick(s). Some are free. Some are crazy-expensive. Some are CAPEX-based, and some are OPEX-based. Most vendors offer at least two methods of managing their Wi-Fi infrastructure, and some vendors purposefully don’t offer specific types of management interfaces out of fear that it will cannibalize certain others that they sell. Some vendors go all-out and provide everything with the hope that their flexibility will win out in the end. There’s probably no best approach, so you should decide for yourself.

When you get into today’s frequently-overheard conversation about unified wired/wireless management (among the large campus enterprise vendors) the proper choice of WNMS becomes even more important. Should you go with a single-vendor or multi-vendor system? Some vendors have used multi-vendor WNMSs to woo customers away from their competitors over the years, and the strategy has worked remarkably well in some cases.

I could go on and on about management systems, but I think that gives you a good primer. What are your thoughts? Want to share any insights?

Best practices, Cloud computing, WiFi Access, WLAN planning

Away from Corner Cases: High Density, Low Throughput Wi-Fi

March 19th, 2014

In my blog called Corner Cases, I mentioned that high density, high throughput (HDHT) cases are in the extreme minority (<1%). In this blog, I would like to discuss High Density, Low Throughput (HDLT), which I believe will be the situation that over half of the installed Wi-Fi infrastructures of the world will face at some point over the next 5-7 years. I want to clarify that that when I use the term “high density”, I’m referring to client density (lots of clients in a physical area), not AP density (lots of APs in a physical area).

Unless you’ve been camping out under a rock, you may have heard the term “Internet of Things” or IoT for short. This moniker refers to the movement toward connecting previously-unconnected devices onto the Internet. To clarify, things are being connected to the Internet, thus we get Internet of Things. So how many of these things are we talking about? Oh… a few I suppose. Gartner is saying there will be 26 billion IoT devices and an additional 7.3 billion smartphones/tablets/PCs by 2020. The vast majority of these devices will connect wirelessly, so we’re about to see a crazy explosion in device density. Obviously it doesn’t all grind to a stop in the year 2020, which is truly just around the corner.

The important point to make here is how device density affects: 1) network design, and 2) the type of equipment you purchase to appropriately support your customers (over the lifecycle of your next infrastructure upgrade/refresh). Most vendor marketing departments like to tightly bind high-density and high-throughput requirements together, but they are completely separate topics. You can have the following scenarios:

  • Low Density, Low Throughput (LDLT)
  • Low Density, High Throughput (LDHT)
  • High Density, Low Throughput (HDLT)
  • High Density, High Throughput (HDHT)

HDLT: the de facto standard

I don’t think that comes as a surprise to anyone. In the Corner Cases blog, I specifically addressed HDHT networks and pointed out that they are in the extreme minority today. HDLT networks are reasonably common today, but usually not to any extreme. When IoT bears its full weight on the market (which will be far sooner than you might realize), HDLT networks will be the de facto standard. In a nutshell, this means that APs will need to associate (connect) lots of devices (I foresee 100+ devices per radio becoming common fairly soon), but the traffic to/from each of those connected devices may often be sparse. APs will likely need good QoS, a good understanding of client behavior and needs, and of course security will be all-the-more important with the breadth of devices connecting to the network.

Let’s consider a specific scenario, the average branch office (perhaps real estate or insurance) with 20 employees, to make my point. Today, the branch could possibly have the following devices connected to the Wi-Fi infrastructure:

  • Laptops
  • Tablets
  • Smartphones
  • Printers (let’s hope not, but you never know)

Let’s fast-forward to the year 2020 and consider how that same branch office might look from a technology standpoint. What items within the office could feasibly be Internet-connected in addition to what they have today?

  • Security cameras
  • Printers (they definitely will)
  • Digital signage
  • Digital picture frames at workers’ desks
  • Appliances (e.g. refrigerator, water cooler, coffee maker)
  • Cars that are within range of the in-building (or outdoor) Wi-Fi
  • Wearable technology (watch computers, eyeglass computers, etc.)
  • Building controls (thermostats, security systems, fire systems, etc.)

I’m sure I could go on and on, but for the sake of time, I’ll stop listing things. I’m sure you got my point. It’ll be a ton of things for sure. Some will want some bandwidth (e.g. picture frames sucking down 3MB photos from a file share on a server at a pace of 1 new photo every 5 minutes times 10 picture frames in the office), and some will want very little (e.g. your digital watch updating you on the temperature outside). All-in-all, the bandwidth requirements will be modest at best, but the number of devices will be ridiculous.

Remember how BYOD started? Companies tried to stop it by creating company policies. Yeah, that worked out… NOT. It will be the same way for IoT. It will progress like this:

Users: We want our things on the Wi-Fi.
Admin: No.
Users: Yes, because if you don’t, _________.
Admin: OK, you win, but your devices will be firewalled, rate-limited, and highly controlled.
Users: I don’t care so long as they work properly. Hey wait, why doesn’t my picture frame work properly. It probably needs more bandwidth. Fix it.
Admin: No.
Users: We’ll tell.
Admin: Ugh! OK, it’s fixed, now leave me alone.

BYOD stands for Bring Your Own Device, and trust me, they will, but not just smartphones, tablets, and laptops. They’re going to bring Internet-enabled pens, shoes, and heart monitors. You, Mr. Admin, will be powerless to stop it. You thought all of this BYOD stuff had just about fizzled and was limited to just a few vertical markets didn’t you? Ha. It’s barely even begun, and you haven’t seen complexity yet… just wait. How will you manage those Internet-enabled pens again? No, I don’t mean just at Layer-2… that’s the first step. I mean at Layer-7 also. Sorry I had to break that news to you. Bumpy ride ahead.

There are companies today who are building cloud infrastructures that are specifically designed to manage all kinds of IoT devices for the manufacturers who make them. That’s good thinking. Not every company in the world wants to build a cloud to keep their Internet-enabled devices up-to-date and to push content to them.

In closing, I will reiterate that it will soon be the number of devices, not high throughput, that will become the more significant issue across a large section of the Wi-Fi market as a whole. Make a note, it’s coming.

BYOD, mobile device management, smartphones, WiFi Access, WLAN planning

HIMSS 2014 – Big on Wireless

March 6th, 2014

This year’s show was huge. According to the events organizers, there were 1,200 exhibitors and 38,000 healthcare professionals in attendance and there were more nurses, physicians, IT staff and executives in attendance at this year’s HIMSS than ever before.

Connecting Right People to the Right Information in the Right Time

Some of the main areas of focus this year were patient safety, care quality, patient engagement, access to quality care and affordability, but the overarching main theme of the show seemed to be along the lines of enabling the right people to get access to the right information at the right time.

Of special note was the Interoperability Showcase with its one acre of space. This is where over 100 diverse systems demonstrated interoperability for typical patient workflows under different healthcare settings. One of the main objectives of the Interoperability Showcase is to improve overall patient care. This area of the show garnered a lot of attention and interest, and it is understandable that it would as ultimately the quality of care delivered is very much contingent of how well all of the various devices and applications work together. Hopefully the Interop Showcase will be part of future HIMSS conferences.

New Wi-Fi enabled devices and applications at HIMSS14

Wi-Fi helps disabled people walk

Wi-Fi helps disabled people walk

One of the most interesting Wi-Fi capable devices at this year’s HIMSS was a Wi-Fi enabled bionic exoskeleton. The Ekso Bionics unit (pictured above) was featured in the Lockheed Martin booth. This device is for patients with lower extremity paralysis or weakness. It enables patients to stand, walk and it can assist them with their rehabilitation. The unit is equipped with a single Wi-Fi radio. The radio supports two data streams currently. One stream allows engineers to see real-time telemetry data to determine how the unit is performing. The other stream is for the unit’s user, where information such as steps taken, distance traveled, etc., are sent over the air to an application that the user can access later.

WLAN: a necessity in today’s healthcare delivery

HIMSS14 saw all of the enterprise class WLAN equipment manufactures in attendance. And while there have not been any major publicized security breaches in healthcare lately like there have been in retail, Wi-Fi equipment companies were talking about security and protecting patient records again at this year’s show. Enabling BYOD is still front and center. Doctors and other care providers apparently really like using their tablets… So onboarding and mobile device management (MDM) solutions were the topics of many conversions between WLAN equipment manufactures and HIMSS14 attendees.

Another topic of discussion at WLAN booths was real-time location systems (RTLS) enhancements. A couple of WLAN solution providers were discussing 11ac’s impact on high definition video conferencing and moving large diagnostic images around via Wi-Fi. Another popular topic was high availability and uninterrupted care.

Were HIMSS attendees excited about catching 11ac Wave 1?

A number of IT executives in attendance stated that they are looking forward to 11ac solving density and capacity challenges; however, they will likely need to be a bit patient as there were more execs looking forward to 11ac than there were 11ac capable client devices at the show.

While there may have been 11ac capable devices at the show there were not easy to find. Checking in with manufacturers of all types of Wi-Fi enabled medical and communication devices, such as makers of infusion pumps, patient monitoring devices, RTLS systems, voice handsets and video conferencing systems, etc. did not uncover a single 11ac capable device. One vendor of workstations on wheels (WOW), equipped with a high definition video conferencing system, stated that they are in the process of retrofitting their WOW systems with 11ac radios. Their stated main reason for doing so is for scalability as they have discovered that HD video conferencing can easily overwhelm 11n, even at relatively low client densities. (But that is a subject for another blog…)

For more healthcare topics, please see our earlier posts:

802.11ac, Healthcare, WiFi Access ,

Distributed Healthcare Needs Wi-Fi That Works at Scale

February 18th, 2014

The growth and adoption of mobile technologies is impacting businesses in multiple industries, and we can see strong evidence of this by looking at the healthcare industry. I just returned from the WLAN Professionals Conference in Austin, TX where I heard first-hand evidence of this in a presentation on Continuous Wireless for Medical Devices. A strong emphasis was placed on improving patient safety through the use of mobile technologies that enabled doctors, nurses, and assistants to effectively handle their ever-increasing workload.

A reliable, stable, cost-effective, and simple to manage WLAN is required that enables healthcare professionals without causing undue distraction from their primary objective to provide high-quality patient care. The question then becomes, “how can WLANs provide these qualities for distributed healthcare organizations?”

Cloud Architecture

Network stability and availability is of primary importance for healthcare professionals relying on mobile devices to provide patient care. What’s more, this network stability must be provided in a cost-effective and simple to manage manner. Rather than relying on expensive wireless LAN controllers that are complex to manage and represent a large risk to the organization as a single point of failure, AirTight has developed a mature cloud architecture over the past 7 years that simplifies the network and is resilient to outages – the network continues to function even if cloud access is disrupted.

AirTight's datacenter locations

AirTight’s datacenter locations

Centralized Management

Distributed healthcare organizations have hundreds or thousands of locations that all require Wi-Fi access. With traditional Wi-Fi solutions, this represents a massive amount of effort to stage, configure, deploy, and manage each site individually. Even with centralized management, most Wi-Fi solutions still fail to effectively deliver simplified network management for a large number of locations.

AirTight solves this problem with hierarchical location-based administration. This allows administrators to configure one policy that is inherited across all locations. If a subset of locations require a deviation from the central policy, it is simple to override the inheritance for only the settings that deviate while still adopting the remainder of the policy. Inheritance and configuration policy can be applied at any level of the location hierarchy, thus providing both the simplified management of a large number of locations while allowing for variations.

Automatic and Reliable Security

The increase of digital information requires solutions that secure patient data and privacy. Most Wi-Fi security solutions focus solely on protecting only the infrastructure, require tedious manual configuration and tuning, and result in error-prone detection and alarming that swamp the user with false alerts.

hipaa

AirTight solves these challenges with integrated wireless intrusion prevention (WIPS) that secures both the infrastructure and mobile devices from attack. Our industry leading wireless intrusion prevention system addresses the physical and technical safeguards defined for protecting Electronic Protected Health Information (EPHI), preventing unauthorized wireless access to online medical records as well as securing the network from wireless security breaches. AirTight wireless security solutions stop wireless threats in their tracks, protect patient privacy and ease the IT burden for maintaining a robust wireless network. AirTight automatically detects, classifies, and remediates wireless threats to protect patient confidentiality, ensuring a robust wireless infrastructure that is performing well and meets HIPAA compliance. (See also our earlier post: Wi-Fi and HIPAA – A Tricky Combination).

Healthcare organizations require a WLAN that enables staff to provide high-quality patient care in a cost-effective, scalable, and highly secure manner. Be sure to visit the AirTight booth at HIMSS to find out more about our solutions for distributed healthcare.

Compliance, Healthcare, WiFi Access ,

Healthcare, Wi-Fi and HIPAA – A Tricky Combination

February 12th, 2014

What a great start to year on the industry events front – we started with NRF in January, looking forward to HIMSS and our ACTS event in February, and MURTEC in March. In NRF, high points of discussion were around Social Wi-Fi and analytics. That said, topics of security and PCI compliance were also high on the agenda prompted by the Target credit card breach that occurred just before NRF. I expect to there will be a lot of security discussions at HIMSS too.

Healthcare, Wi-Fi and HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996. It is enforced by the Department of Health and Human Services (HHS), and implemented by regulations of 45 CFR. Among other provisions it has rules mandating that healthcare organizations safeguard the privacy and security of patient health information. These privacy rules apply to patient information in all forms and the security rules apply to patient information in electronic form called as Electronic Protected Health Information (EPHI). EPHI is any patient information transmitted over a network and stored on a computer.

HIPAA states privacy and security guidelines at high level. They do not require specific technology solutions, but are clear that reasonable and appropriate security measures must be implemented. For example, Section 164.312 has clauses requiring technical policies and procedures to allow access to EPHI only to authorized persons or software programs, to prevent improper alteration or destruction of EPHI and to protect health information transmitted over electronic communication network. Section 164.308 requires among other things identifying, responding, mitigating and documenting suspected or known security incidents.

AirTight WIPS

Protection from vulnerabilities for wireless access layer

What does all this mean to Wi-Fi? Today, healthcare is seeing a flood of wireless enabled devices in day to day operation.  Hospitals are increasingly providing Wi-Fi for doctors to access medical records and VoIP for staff communication. Healthcare facilities are increasingly using Wi-Fi-enabled medical devices. This makes Wi-Fi a dominant EPHI access layer in the healthcare environment. Hence, Wi-Fi security controls built into access points (APs) and covered by intrusion prevention system (WIPS) become relevant to satisfy HIPAA security rules as applied to the access to EPHI over Wi-Fi. For example, just as it is important to enforce strong authentication and encryption on managed APs and to control BYOD, it is important to ensure that unmanaged rogue APs do not open holes into healthcare networks that store and transmit EPHI or to ensure that doctors’ tablets do not connect to Evil Twins or neighborhood APs. Comprehensive reporting and forensic capabilities are also required to satisfy the auditing requirements of HIPAA.

How our customers are addressing security and compliance for EPHI

Over last many years, we have worked with several healthcare organizations to satisfy HIPAA requirements pertaining to Wi-Fi using AirTight’s overlay WIPS and using AirTight’s software configured access point/WIPS combos. Below are some examples.

  • Overlay WIPS in large hospital complex – Maine Medical Center (MMC) is 10-building, 68-floor, 2-million square feet healthcare complex in Portland, Maine. As an early adopter of Wi-Fi technology in healthcare information systems, the MMC has large deployment of Cisco WLC Wi-Fi. However, MMC is also security conscious and performed deep down analysis of security offered by various wireless security solutions. MMC chose to overlay AirTight WIPS on top of Cisco WLC.

AirTight has integration APIs for an easy overlay on Cisco WLC Wi-Fi. Moreover, AirTight WIPS comes out to be more cost efficient from both Capex (as it does not require controllers and MSE) and Opex perspective (due to freedom from false alarms and configuration overhead) than Cisco wireless security.

  • Access Points/WIPS for distributed clinics – CHS Health Services operates onsite clinics delivering full-service solutions for a broad spectrum of industries. Due to highly distributed nature, CHS is concerned about security as well as management of it Wi-Fi infrastructure. Faced with those challenges, AirTight cloud managed Wi-Fi which has WIPS built into it at no extra cost fit the bill. In addition, AirTight’s software configurable dual radio APs provide CHS the flexibility of choosing the right balance of access and security scanning radios to fit nature of each facility.

Overall, Wi-Fi can contribute greatly to enhance the quality of healthcare by providing easy access to information and mobility of healthcare staff. With Wi-Fi however comes risk of new and evolving security threats and compliance violations. As a result, choosing right security solution becomes imperative to be able to reap full benefits of Wi-Fi for the betterment of patient care! Visit AirTight booth at HIMSS to find out more.

Compliance, Healthcare, WiFi Access

Reflections on Wireless Field Day 6

February 6th, 2014

What a week it was with WFD6 edutainment! Great minds from different vendors presented their great Wi-Fi stuff during WFD6. With so much happening, our challenge was to fit in as much update as possible in two hours.

Cloud comes first

Cloud is what AirTight is and will be evangelizing for years to come. Cloud is much more than just making device configurations remotely from a manager hosted in the Internet. Efficiency of cloud operations, provisioning to suit multiple business models including managed service providers and aggregation of services into single sign-on architecture will dictate what cloud Wi-Fi is about. We are focused on exactly this approach and WFD6 was an opportunity to display some of AirTight cloud’s capabilities to a tech-savvy audience. They say that what matters for success in e-commerce business is not just what is online, but what is in the back-office technology and processes. This applies to cloud Wi-Fi too. In order to scale the cloud, your back-end has the biggest role to play.

AirTight Networks Evolution – Cloud & MSP

Our security DNA: wireless intrusion prevention (WIPS)

WIPS business has been our hidden jewel, because we cannot publicly talk about most of customer success stories to abide by their security policies. There are subtle but crucial points which differentiate between WIPS adding value to infrastructure security or just becoming a nuisance due to false alarms. Whenever we get to demonstrate this point one-on-one with customers in bakeoffs, it was always an “aha” moment and they chose us as an overlay vendor on top of other Wi-Fi infrastructure. It is cheaper from TCO perspective and more secure. While that trend continues, now that WIPS is available at no extra cost with AirTight APs, we will see even more enterprises benefiting from it.

AirTight Networks WIPS at Wireless Field Day 6 WFD6

Finally, the great balloon heist

No WFD6 blog can be complete without the mention of our Wireless Field Day balloon. While WFD5 balloon was put to rest during a short off-camera ceremony at the beginning of AirTight’s session, a new contender has already emerged.

Watch the videos from WFD6:

More on AirTight from WFD6 delegates and participants:

AirTight Networks Rising by Lee Badman (@wirednot)
Wireless Field Day #6 – Day 1 Recap by Glenn Cate (@grcate)

WiFi Access, Wireless Field Day

Wireless Field Day 6 – We’re Back!

January 27th, 2014

Update:

Please see our recap of Wireless Field Day 6

Original post:

Last August, AirTight Networks made its Wireless Field Day debut. We had such a good time with all of the delegates and organizers that six months later we’re back as the opening presenters for WFD6 on January 29, 2014, 10 a.m. Pacific.

We welcome the returning delegates

  • Sam Clements
  • Blake Krone
  • Keith R. Parsons
  • Jennifer Huber
  • Lee Badman
  • Jake Snyder
  • George Stefanick

And also four new delegates!

  • Scott Stapleton
  • Richard McIntosh
  • Evert Bopp
  • Germán Capdehour

Of course we want to thank the Tech Field Day team for their hard work on this event

  • Stephen Foskett
  • Tom Hollingsworth
  • Claire Chaplais

Watch us live (or watch us later)

You’ll be able to see our presentations streamed live at Techfieldday.com. After the event we’ll provide links to the recordings on our web site.

10 am to noon—Pacific, Noon to 2 pm—Central, 1 pm to 3 pm—Eastern

What are we presenting?

Well that’s for you to find out on Wednesday, but here are a few clues to get you started. Another hint: if you ask enough questions on Twitter, perhaps things will start to become a little clearer.

In memory of No. 5

AirTight #5 balloon

Have you seen our balloon?

While WFD5 was an awesome experience, it was tainted with sadness and grief as our much loved #5 balloon disappeared from our premises at the end of the event. The last sighting was at the Meru WFD5 presentation. An investigation proved that Meru was in no way complicit with the disappearance. So perhaps the balloon acted on its own accord and stowed itself away on the delegates’ bus (highly unlikely). It may have been lured away by a bad man (possibly), or was unwittingly taken by an overly enthusiastic delegate caught up in the celebration (maybe likely).

So during your busy day, please take five seconds to reflect on our missing silver mylar number 5 and please keep your eyes on your own balloons – keep them safe and tell them that you love them.

Have a safe and enjoyable Wireless Field Day!

WiFi Access, Wireless Field Day ,

5 Reasons Why Facebook Wi-Fi is for Local Biz, but Not for Retail Enterprises

January 23rd, 2014

Netgear recently announced integration with Facebook on their APs using Facebook Wi-Fi API. Meraki and Cisco have also announced the same capability on their APs. Facebook Wi-Fi franchise is growing. It is easy to configure and get working (except when used on Cisco APs, which requires running separate CMX VM and per-AP license). That is good news for local businesses. However, does this architecture meet the requirements of mid-size to big retail enterprises? Not so fast! Let me explain.

Retail enterprises operate multiple stores across regions, states or countries. They run targeted marketing campaigns for customer engagement. This puts certain requirements on Social/Wi-Fi integration for retail enterprises, which are currently unmet with Facebook Wi-Fi integration.

1) Omni-channel marketing is essential for maximum reach

Facebook Wi-Fi allows only Facebook logins, obviously. So merchants miss out on other social channels like Twitter, Google+, Linkedin, Foursquare, etc. In addition to social logins, enterprises also want to promote brand loyalty programs when users access guest Wi-Fi. Facebook Wi-Fi does not allow this as well.

2) In the absence of social handles, there is no direct touch with the customers

In Facebook Wi-Fi, the update about the user being present on that Facebook page is automatically distributed when the user logs into Wi-Fi with Facebook credentials (hence, they call it check-in instead of login). However, the merchant does not get the social handles of these users. Note that this is despite the fact that these social handles are public information and the user discloses via check-in (whose default setting is “public”) the presence at that location. Without social handles, merchant cannot have direct touch with the customers. Retail enterprises thus require provision to obtain opt-in social handles of customers, which is not possible with Facebook Wi-Fi integration.

3) Need for customizable incentives to fuel social engagement

Retail enterprises want to provide incentives for using social logins – coupons or other ways to engage with the brand like premium status in the loyalty program. They may also want to provide additional incentives to user for taking a further step to Like or Follow the brand, or joining a loyalty program. Like or Follow has the benefit that the merchant can then reach out to the user with one on one messaging (much like email). Facebook Wi-Fi has only one simple incentive built in it – if you don’t use Facebook login, you may not get free Wi-Fi, though merchants do not have to enforce this as there are provisions in the configuration to bypass it or use a code in lieu of a Facebook login. In any case, the Facebook Wi-Fi check-in does not facilitate customizable incentive programs to encourage social engagement.

4) Comprehensive analytics and data ownership are important

Social Wi-Fi can provide retailers with rich analytics and user demographics. Retailers also want to own the analytics data. They want the analytics data available in standard format for integration with their existing marketing platforms. However, with Facebook Wi-Fi, engagement data is within Facebook and mixed up with all the other Facebook interactions.

5) No scaling for multi-store environment

This one is a bummer! The automatic update that is posted to user’s Facebook timeline subsequent to a login includes location address configured in the Facebook page. So, if you operate 50, 500 or 5000 stores, each location needs to have its own Facebook page. If you use single page for all those locations, the user location update will go with address configured in that page which may be inconsistent with the actual location where user checks in. This is just an example of how Facebook Wi-Fi is not designed with multi-unit retail enterprise in mind.

Facebook-Wi-Fi-for-multi-site

If you’re an IT or a marketing manager for a retail chain, imagine setting up dozens or hundreds of Facebook pages for your branches

AirTight Social Wi-Fi integration with Facebook, Twitter and others

In contrast, AirTight Networks’ social Wi-Fi is designed with multi-unit retail enterprises in mind. It uses a cloud-hosted captive portal that interacts with users on one side and multiple social media apps including Facebook, Twitter, LinkedIn, Google+ etc. on the other. The portal provides all the knobs to customize the campaigns including incentives, landing pages and updates. The captive portal securely stores social engagement information including social handles and demographics that user has chosen to share. The portal provides cleanly segregated and rich Wi-Fi analytics and also makes analytics data available to merchants in standard formats.

For more information:

Learn more about AirTight Social Wi-Fi + Analytics.

Watch a 5-min video on best practices in retail analytics.

Read our blog post on analytics data ownership (hint: in many cases, you don’t own the analytics data your Wi-Fi system generates)

 /Image via Facebook.

Retail, WiFi Access

Retail Analytics: Who Owns The Data?

January 14th, 2014

At AirTight Networks, we talk a lot of SMAC (Social, Mobile, Analytics, Cloud). Together these forces have come together to significantly impact and radically change various markets. It’s not hard to wax eloquent about SMAC for long periods of time, but in this article, I want to focus only on the Analytics piece – that numerical, statistical, miracle whip that drives business decisions.

Analytics Data: Type and Collection

In the SMAC model using Wi-Fi as the Mobile piece, data is collected from Wi-Fi access points. The analytics data itself generally falls into one of two categories: 1) Presence, and 2) Opt-in.

Presence Analytics
Presence Analytics is, as it sounds, focused around whether the client device is on-location (“present”) and whether it is inside or outside a boundary (e.g. a store front). This type of data is device-specific (MAC Address), independent from the user of a device (contains no user-identifying information), and therefore anonymous. It is collected by using Access Points (APs) to scan the air and to gather MAC addresses (which only a hashed representation thereof is stored). Presence Analytics can be used for a variety of things, but some examples might include:

  • Understanding total foot traffic (e.g. how many visitors came to your location)
  • Understanding capture rate of visitor traffic (e.g. which visitors came inside your store front and which ones stayed outside)
  • Understanding dwell time (e.g. visit duration) either inside or outside your location

AirTight Presence Analytics

The same capability that enables Presence Analytics also enables similar functions like Loyalty Analytics. Examples of this might be:

  • Understanding visitor frequency (how often do they come to see you?)
  • Understanding visit recency (when was the last time they came to see you?)
  • Understanding repeat visitor information (how many times have they come to this location over a period of time?)

Analytics: Unique visitors

Opt-in Analytics
Opt-in Analytics are obtained through a process whereby a person uses his/her mobile device to willingly engage the wireless infrastructure (and associated back-end systems). The typical scenario involves the use of a Captive Web Portal (CWP) to display terms and conditions and to allow the user to authenticate (log in) using one or more methods, such as:

  • Phone Number with SMS verification
  • Social Media integration (e.g. Facebook, Twitter, Google+, or LinkedIn login APIs)
  • Guestbook function where the user fills out a web form

Regardless of the process, the user is agreeing to the use policy in order to obtain a benefit, which is most often free Wi-Fi access, promotional coupons, location services, or perhaps all of these and more. The use policy allows the infrastructure to collect a specific amount of the user’s personal information that is determined by the user at the time of authentication.

Other Types of Analytics

Of course, all of those are just simple examples, but to be honest, analytics can get pretty sophisticated. Consider other types of relevant data, such as Engagement Analytics and Wi-Fi Usage Analytics.

Engagement Analytics 
Engagement Analytics might, for example, consist of:

  • Conversion and Bounce Rates (Did they come inside or stay outside? Did they use the Wi-Fi while in the store? Did they buy anything while in the store?)
  • Social Media Wi-Fi Authentication Visitor Logs (Who are they?)
  • Social Media Wi-Fi Authentication Demographics (How old? Male/Female? Where do they live?)

Engagement Analytics

Engagement Analytics allow the organization owner to pair up the device (which is identified with Presence Analytics capabilities) with the user of the device (which is possible because of Opt-in capabilities) and then tie those capabilities into back-end systems such as their CRM. That CRM system could then be used, in conjunction with the wireless infrastructure system and analytics engine, to:

  • Identify and locate a user’s device when it arrives on-location
  • Understand the owner of the device’s habits and desires (e.g. purchasing habits/desires if in retail)
  • Push context-relevant, location-relevant, and personalized content to the user in a timely fashion
  • Provide an entertaining experience while on-location

It might sound space-age, but it’s the holy grail of the retail market right now, and other markets will likely follow suit when retail has proven that it can be done well, end-to-end.

Wi-Fi Usage Analytics might, for example, consist of:

  • Device Types
  • Data Traffic
  • Session Duration

Having access to data such as average session duration may allow a quick service restaurant (QSR) to make a decision about how to configure their Wi-Fi infrastructure system. Some Wi-Fi infrastructure systems have a “black out timer” that imposes a no-use time after a configured period of use time. This type of data may help a coffee shop decide on whether to write their new mobile app for iOS or Android first. It may allow a financial services firm to decide on whether to upgrade their Internet backhaul pipe or apply protocol filtering to block peer-to-peer file sharing applications. There are 101 uses for Wi-Fi Usage Analytics.

All that rich data is just waiting to be mined for business-transforming information that can be easily organized into useful formats and compared across locations, and can help you decide on marketing spend and business expansion. All you need to get started is the right Wi-Fi solution.

Analytics Data Ownership

“Houston, we have a problem.” Yeah, that’s you when you find out that you don’t own the data…

“Say what? That doesn’t sound right…are you sure? Wait…where’s my contract! What do you MEAN I don’t own the data?” Yep, that’s you again…quickly growing worried and agitated since you’re the one who recommended the Wi-Fi vendor who’s either holding onto your analytics data awaiting ridiculous additional monthly fees or who has an analytics business partner who’s trying to perform unnatural acts with your wallet while the Wi-Fi vendor keeps you distracted.

“But it’s my system! It should be MY data! These are MY customers for crying out loud…who else’s data would it be?”

Oh, don’t worry… your analytics vendor has you covered. They can fix you up for… $_______ per AP per year. Or as my man Alan Jackson might say, “But don’t be downhearted, I can fix it for you, Sonny; It won’t take too long, it’ll just take money.”

Of course, if you buy AirTight Networks Wi-Fi and analytics, YOU own the data.

 

 

 

Retail, WiFi Access ,