MOJO Wireless http://blog.airtightnetworks.com AirTight Networks Blog Fri, 29 May 2015 17:47:09 +0000 en-US hourly 1 PCI Compliance and Wi-Fi: Friends or Foes? http://blog.airtightnetworks.com/pci-compliance-wi-fi-friends-or-foes/ http://blog.airtightnetworks.com/pci-compliance-wi-fi-friends-or-foes/#respond Thu, 28 May 2015 14:42:27 +0000 http://blog.airtightnetworks.com/?p=9321 In part 3 of the wireless PCI blog series, we focus on deployment best practices and common misconceptions when it comes to PCI compliance and Wi-Fi.   Read more

The post PCI Compliance and Wi-Fi: Friends or Foes? appeared first on MOJO Wireless.

]]>
This is part three of our blog series dedicated to wireless PCI compliance; in this installment we focus on deployment best practices and common misconceptions. Read part 1: New PCI 3.1 Guidelines Address SSL Vulnerability and part 2: 3 Trends Impacting Wireless PCI Compliance

Following our webinar on wireless PCI compliance, I sat down with Kevin McCauley bio on AirTight blog, director of retail business development at AirTight, and Sean Blanton bio on AirTight blog, systems engineering manager at AirTight, to follow up on the questions we got during the webinar.

We began by discussing how businesses can open up their Wi-Fi networks for guest engagement, while maintaining security and PCI compliance.

 

How can you balance the seemingly contradictory demands of having an ‘open’ network that welcomes visitors, but is also secure?

Kevin McCauley: A different way to look at this question is to ask – how can operators leverage the existing investment they have already made in network connectivity while maintaining PCI compliance and providing guest engagement? The biggest Wi-Fi question for me during my IT career at Yum! Brands was, “Why is guest Wi-Fi not free for me?”

I am a big believer in looking for ways to double- and triple-dip in my infrastructure investments. Guest Wi-Fi is just one of the uses you can put your wireless network to – the others being connectivity for staff productivity, wireless PCI compliance scanning and rogue detection. But keep in mind that while guest Wi-Fi and employee Wi-Fi are great to have, wireless intrusion prevention (WIPS) technology is a must-have when it comes to full PCI DSS compliance.

What are some misconceptions that IT managers and compliance officers still have when it comes to PCI compliance and Wi-Fi?

Sean Blanton: The biggest misconception out there is that creating a Wi-Fi network – either private or public – that runs off the same circuit as your CDE (cardholder data environment | via PCI Security Standards) will compromise PCI compliance. In other words, the concerns is that having both Wi-Fi and CDE traffic on the same network is a security and compliance detriment.

Quite the opposite – as long as you have proper controls in place to segment the various virtual networks, you can indeed be PCI compliant. The option we recommend is segmenting your traffic using VLAN technology and implementing proper firewall rules to make sure that your CDE network cannot talk to your non-CDE network.

The first question I ask anyone who has these concerns is whether they have managed, or smart, switches | via Wikipedia that have VLAN capabilities. VLAN is the optimal way to segment traffic and ensure security.

Is VLAN the only option?

SB: If your organization has not implemented managed switches, then definitely plan on it during your next upgrade cycle! Barring that, the NAT’ed network | via Wikipedia plus proper firewall rules at the AP level will allow you to segment your traffic. The firewall will prevent any ‘untrusted’ (guest) clients from accessing your trusted network.

 

What are some key attributes of Wi-Fi solutions hospitality operators should be looking for?

KM: Address PCI compliance and security first. No point in opening your network for customer engagement if you cannot protect your brand from breaches or data loss. Consider your customers’ experience as well – enable content filtering on your wireless system for family-friendly web browsing.

SB: To add to what Kevin said, I see some misconceptions with regards to Wi-Fi ‘abuse.’ I often have to address concerns that visitors will start streaming videos or downloading massive files from the web. IT managers worry that Wi-Fi that is drawing customers in will start having a negative impact on the business. In my experience, this has not been the case. The vast majority of users do not aim to abuse your network – it’s a great convenience, and that’s it.

There are also ways to prevent Wi-Fi ‘abuse’ in the AirTight system, such as setting time limits roughly equivalent to your typical dwell times and/or creating time-out periods, which would prevent a guest from reconnecting to the network for a specified window of time.


PCI Compliance and Wi-Fi: Friends or Foes? #PCI #WiFi Series: Part 3 of 3 via @AirTight
Click To Tweet


 

How should IT leaders work with the line of business managers to drive Wi-Fi projects forward?

KM: Don’t be afraid to experiment – run a pilot and see what kind of analytics you can gather from your airspace. Also keep in mind that Wi-Fi projects often start with a single use case in mind, but other departments – store operations, marketing and HR – soon want to jump on board.

We are seeing broad deployment of tablet-based applications, such as computer-based training, line busting or mobile POS. AirTight customers leverage our WIPS technology to lock those trusted devices to authorized Wi-Fi networks and prevent them from joining neighboring networks in the airspace.

So, can PCI compliance and  Wi-Fi be friends?

KM: Without a doubt!

This post concludes our three-part blog series dedicated to wireless PCI compliance. Read part 1New PCI 3.1 Guidelines Address SSL Vulnerability and part 2: 3 Trends Impacting Wireless PCI Compliance.

 

Additional information:

 

The post PCI Compliance and Wi-Fi: Friends or Foes? appeared first on MOJO Wireless.

]]>
http://blog.airtightnetworks.com/pci-compliance-wi-fi-friends-or-foes/feed/ 0
3 Trends Impacting Wireless PCI Compliance http://blog.airtightnetworks.com/wireless-pci-compliance-trends/ http://blog.airtightnetworks.com/wireless-pci-compliance-trends/#respond Thu, 21 May 2015 19:29:17 +0000 http://blog.airtightnetworks.com/?p=9284 This is part two of the three-part blog series dedicated to wireless PCI, which is a hot topic for retailers and other enterprises that accept payment cards. We look at 802.11ac, IoT and new network requirements, all of which create challenges for compliance and security officers. But the impact is not limited to just security personnel. IT and marketing, while focused on efficiencies and customer engagement, should also learn about wireless threats and trends. Brand protection is a team effort!

Read on for the in-depth look into the trends that impact wireless PCI compliance.
  Read more

The post 3 Trends Impacting Wireless PCI Compliance appeared first on MOJO Wireless.

]]>
This is part two of the three-part blog series dedicated to wireless PCI compliance, which is a hot topic for retailers and other enterprises that accept payment cards. Read part 1 of the series: New PCI 3.1 Guidelines Address SSL Vulnerability

Kevin McCauley recently addressed PCI DSS 3.1 requirements and the changing technology landscape in the webinar “Do My Security Controls Achieve Wireless PCI DSS?”

Wireless-PCI-Compliance-Webinar-Kevin-McCauley

Missed the webinar? View it on demand.

Wireless technologies are evolving rapidly, presenting challenges to compliance and security officers. But the impact is not limited to just security personnel. IT and marketing, while focused on efficiencies and customer engagement, should also learn about wireless threats and trends. Brand protection is a team effort!

Read on for the in-depth look into the trends that impact wireless PCI compliance.

New 802.11ac standard & the impact on wireless PCI compliance

First off, consider the adoption of the 802.11ac Wi-Fi standard and take an informed approach to securing against vulnerabilities in that spectrum. According to IDC’s 2015 Wi-Fi shipment data,

“the 802.11ac standard continues to see adoption at a breakneck pace in the enterprise segment. The 802.11ac standard already accounts for 30% of access point shipments, representing a noticeably faster adoption rate than the 802.11a/b/g to 802.11n transition several years ago.”

802.11ac standard is also coming to consumer devices, creating a large pool of potential rogue access points.

So if you have an aging 802.11 infrastructure, don’t delay an upgrade to 802.11ac technology. Best of all, this upgrade does not come at a premium as 802.11ac and 802.11n infrastructure are generally available at comparable prices.

But make sure that your new 802.11ac infrastructure indeed offers 802.11ac wireless scanning. For example, consider a leading manufacturer’s 802.11ac AP, which offers two 802.11ac radios for client access and a third radio for wireless scanning. However, this third radio is an 802.11n radio! Therefore it cannot decode 802.11ac conversation and prevent 802.11ac threats.

Internet of Things is fast becoming a reality

IDC predicts that 29 billion connected devices will exist by 2020 – how will network and security professionals cope?

“Awareness around IoT continues to grow rapidly, even though full IoT reality is expected to come to fruition over the next several years. Still, with new network infrastructure getting deployed today, having an expected lifespan of five to seven years, it is reasonable to expect it will be able to handle the increased demands of IoT-related apps and traditional network access concurrently.”

Nolan Greene, Research Analyst, IDC’s Network Infrastructure group (quoting from AirTight Launches 802.11ac AP with ‘IoT-ready’ Wireless Intrusion Prevention System)

AirTight is helping merchants prepare by scaling up network monitoring capabilities on its 802.11ac platform. It has the ability to monitor 2000 active wireless devices per AP, which is critical as industries of all kinds move into digital connectivity.

Equally important is the capacity of AirTight’s cloud management system to scale to hundreds of thousands of devices being monitored across multiple geographies and customers. This scalability is coupled with AirTight’s patented 802.11ac WIPS technology, which allows for automated 24X7 protection and reporting.

Mobile POS & guest expectations create new requirements for Wi-Fi networks

Point of sale systems are the lifeblood of any merchant’s business. This is a well-established market and upgrade cycles can be long. However, adding mobile POS and prepping for EMV is pushing 47% of restaurants to look at POS upgrades, according to Hospitality Technology’s POS Software Trend Report 2015. This will lead to more and more tablets and other mobile devices being deployed in restaurants, for example. All of them need to be secured and the sensitive traffic protected.

At the same time, the availability of complimentary Wi-Fi access is becoming an increasingly significant factor in consumers’ choice of restaurants, according to the food industry research and consulting firm Technomic. About 40% of participants in a recent study conducted by the company deemed free Wi-Fi an “important” or “very important” consideration in restaurant selection—second only to whether an establishment includes such information as menus on its website, reports Hospitality Technology.

Retailers and restaurant operators especially face the double whammy of being asked to open up their Wi-Fi networks for customer engagement, while locking it down for security. Wireless PCI compliance will be a major factor in the decision-making process for any merchant deploying or upgrading their Wi-Fi networks.

Download the whitepaper [PDF]: “PCI Compliance In The World Of New Threats: Do My Security Controls Achieve Wireless PCI DSS?” - April 2015.

Don’t forget the human factors in wireless PCI compliance

Compliance officers are rightly concerned about human factors which can often be the soft underbelly of any security policy.

To future-proof themselves against both inadvertent security lapses and malicious internal or external actions, merchants should consider solutions that offer “behavior-based” security, which includes:

  • Strong device behavioral analysis logic, since traditional signatures and threshold based security solutions can’t catch up with the evolving monitoring scenarios.
  • Fast response time to threats, to tackle the new and optimized attack and policy violation triggers.

What is behavior-based security? Learn how AirTight implements it on its WIPS system from Hemant Chaskar’s blog post: Will Target Breach Prompt Retailers to Raise the Security Bar?


3 Trends Impacting Wireless PCI Compliance via @AirTight blog
Click To Tweet


Additional Information:

The third, final installment of the series will include a Q&A with Kevin McCauley that cover the questions received during the live webinar.

Read part 1 of the series: New PCI 3.1 Guidelines Address SSL Vulnerability

The post 3 Trends Impacting Wireless PCI Compliance appeared first on MOJO Wireless.

]]>
http://blog.airtightnetworks.com/wireless-pci-compliance-trends/feed/ 0
Google Project Fi – New Era for Mobile Technology? http://blog.airtightnetworks.com/google-project-fi-new-era-for-mobile-technology/ http://blog.airtightnetworks.com/google-project-fi-new-era-for-mobile-technology/#comments Tue, 19 May 2015 17:00:15 +0000 http://blog.airtightnetworks.com/?p=9233 I view Google Project Fi as a disruptor, from both technology and business model standpoint, for three reasons:
1) For the first time, we are witnessing a MVNO (Mobile Virtual Network Operator) piggybacking on multiple major national mobile carrier networks, in this case Sprint and T-Mobile.
2) And for the first time again, an operator is successfully marrying the cellular and Wi-Fi network in a fashion that has not been done before on this scale, at the same time being completely transparent and seamless to the end user
3) If Google Project Fi manages to seamlessly transfer (roam) both voice and data sessions from one carrier to another, that’s again another industry first.   Read more

The post Google Project Fi – New Era for Mobile Technology? appeared first on MOJO Wireless.

]]>
Google Project Fi is a new program launched by Google that claims to deliver fast, easy mobile service in partnership with leading carriers to create a unique experience for its subscribers. Below is a summary of its key features as advertised:

  • Google Project Fi uses LTE (from Sprint and T-Mobile) and Wi-Fi for both data and voice.
  • At any time, it uses the network that provides the best quality. Automatically switches if the quality on the currently associated network degrades and a better alternate network is available.
  • Seamless voice session roaming from Wi-Fi to LTE – if you are on a voice call inside your home over Wi-Fi and walk outside, the ongoing voice call automatically moves over to LTE
  • The selection of the network is completely transparent to the end user.
  • Currently Nexus 6 is the only phone that supports Project Fi.

‘Network as a Service’ Disrupting Carrier and Wi-Fi Industry

I view Google Project Fi as a disruptor, from both technology and business model standpoint, for three reasons:

    1. For the first time, we are witnessing a MVNO (Mobile Virtual Network Operator) piggybacking on multiple major national mobile carrier networks, in this case Sprint and T-Mobile.
    2. And for the first time again, an operator is successfully marrying the cellular and Wi-Fi network in a fashion that has not been done before on this scale, at the same time being completely transparent and seamless to the end user
    3. If Google Project Fi manages to seamlessly transfer (roam) both voice and data sessions from one carrier to another, that’s again another industry first.

Google has created a model where a subscriber can tap into a pool of available network resources –Wi-Fi and cellular networks offered by Sprint & T-Mobile. By combining different wireless technologies (cellular and Wi-Fi) and by aggregating multiple operators’ cellular networks, the value of Google Project Fi to the consumer is suddenly magnified. It is much larger than the sum of each network’s value by itself.

Google Project Fi - Whole is greater

Click-to-Tweet >> Google Project Fi – Whole is greater than the sum of its parts?

Technical Underpinnings of Google Project Fi

Multi cellular network support

Google likely signed roaming agreements with Sprint and T-Mobile, and the SIM selects the best network to connect based on the quality of the networks available. This model is quite scalable, as adding new cellular networks to the Google MVNO network pool is just a question of signing business agreement with different operators.

Single mobile number

Irrespective of which network the phone is connected to, there would be one number assigned to a user through Google Voice. The phone would use Google Calling App as the default application to place and receive voice calls.

Network selection

The phone requires some intelligence in its software to measure the quality of each network (multi cellular networks & Wi-Fi), and use the better one for data and voice. It also needs to continuously monitor the quality of current connection, so when it degrades, the phone’s software automatically switches to an alternate network. The client software could also potentially choose to use different networks for voice and data.

Data roaming between networks

Data roaming between the cellular networks, or from cellular to Wi-Fi is not a problem. Most streaming applications like YouTube, Netflix have intelligence in the client side (buffering and HTTP based streaming) to seamlessly stream data even if they roam between networks and the IP address changes. Users would hardly notice any impact on non-streaming applications like web browsing because of roaming.

Voice roaming between networks

For seamless roaming to work across multiple networks, there needs to be one aggregation point for all the voice traffic. In this case, the Google Voice infrastructure could be that single aggregation point. The phone creates a secure Layer-2 tunnel to the Google Voice Infrastructure, over any existing network connection be it cellular or Wi-Fi. The secure Layer-2 tunnel is always on, and since the tunnel terminates at a single aggregation point, the phone can retain a single IP address through the tunnel. The layer-2 nature of the tunnel also ensures the carrier has visibility to the device’s MAC address. As the phone roams from one network to another, the Layer-2 secure tunnel gets re-established through the new network connection and the phone retains same tunnel IP. The voice is always routed through the tunnel to the Google Voice infrastructure and this way has a single point of exit and entry.

My Wish List for Project Fi

Below is a wish list, but something Google can definitely pull off once the number of Project Fi subscribers reaches an inflection point

  • Google can make a case to get Verizon and AT&T into its pool, however I doubt that it would happen easily.
  • Initiate roaming agreements with international mobile operators for international roaming.
    Partner with mobile phone makers to support Google Fi natively. This could be publicly available through some version of Android in future.
  • Launch a business program where any cable operators and Wi-Fi MVNOs like Comcast, Time Warner, Cox, Boingo, etc. can sign up as providers to the Google’s network pool.

Google Project Fi is a giant leap towards making mobile connectivity ubiquitous, and Wi-Fi has a critical role to play. This will only accelerate the adoption of newer wireless standards like Hotspot 2.0 that improves the user’s experience.

The future of Wi-Fi has never been so exciting, so buckle up!

Related information

The post Google Project Fi – New Era for Mobile Technology? appeared first on MOJO Wireless.

]]>
http://blog.airtightnetworks.com/google-project-fi-new-era-for-mobile-technology/feed/ 1
How to Hit a Home Run with iBeacon http://blog.airtightnetworks.com/how-to-hit-a-home-run-with-ibeacon/ http://blog.airtightnetworks.com/how-to-hit-a-home-run-with-ibeacon/#respond Thu, 23 Apr 2015 21:30:08 +0000 http://blog.airtightnetworks.com/?p=9178 iBeacon has been getting a lot of attention lately mainly because of claims of how it can transform the retail industry. After having talked to many retail customers, iBeacon technology providers, and others closely associated to this eco system, it occurred to me that iBeacon and baseball have a lot in common.

Just like in baseball, where a player has to advance through all the bases to score a run, there are some essential solution components to be built up before a retailer can extract value out of iBeacon. Continue reading to find out how to make your iBeacon deployment be a home run.   Read more

The post How to Hit a Home Run with iBeacon appeared first on MOJO Wireless.

]]>
iBeacon has been getting a lot of attention lately mainly because of claims of how it can transform the retail industry. After having talked to many retail customers, iBeacon technology providers, and others closely associated to this eco system, it occurred to me that iBeacon and baseball have a lot in common.

Just like in baseball, where a player has to advance through all the bases to score a run, there are some essential solution components to be built up before a retailer can extract value out of iBeacon. Read on to find out how to make your iBeacon deployment be a home run.

iBeacon 101

First things first – a quick overview of iBeacon. iBeacon is a standard for beacon advertisement over BLE developed by Apple.  It accomplishes 2 main tasks:

  1. defines how the beacon advertisement packet should look like, and
  2. allows mobile applications to listen for those advertisements.

iBeacon advertisement format has three main fields –

  1. UUID,
  2. Major version, and
  3. Minor version.

The purpose of having these three fields is to uniquely identify a beacon. Typically in retail, the UUID field is used to identify a brand, Major version is used to identify a store and the Minor version is used to identify a specific section within the store. By combining these three fields, the proximity of the user can be found when the phone detects the beacon.

Diagram: iBeacon Advertisement Format Fields are UUID, Major version, and Minor version.

iBeacon Advertisement Format Fields are UUID, Major version, and Minor version.

Customer Journey through the iBeacon Solution

Let’s trace the journey of a customer through the iBeacon solution stack. iBeacon tags, deployed in the store, advertise beacons. A phone that is in proximity of the tag hears the beacon, and wakes up the retailer’s mobile application that is listening for the specific UUID. The mobile app sends the beacon information to the retailer’s campaign management system in the backend. The campaign management system now tries to create an intelligent context around the person’s location, likes, profile, shopping behavior, some of which are obtained by interacting with backend systems and other sources and could push a context aware notification (coupon, message, etc.) to mobile app on the customer’s phone.

 

Diagram: Journey of a user through the iBeacon solution

Use case scenarios using iBeacon are plenty and is really left to one’s imagination.

iBeacon Solution Components

Let’s now break down the iBeacon solution into various components. Broadly there are three main components:

  1. Beacon Tags

Beacon tags are small BLE devices and all they do is transmit advertisement packets. The tags are usually sprayed across the retail store, and they come in various shapes and forms. Most of them are battery powered, although some can be powered over USB and some of them are integrated into the wireless access point. The tags usually operate at very low power (0 dBm), making the coverage area of one beacon very small (4 ft radius) for micro locationing. Since most of them are battery powered, operating at lower power extends the battery life on the tags.

The tags by themselves add very minimal value to the iBeacon solution. The iBeacon tags have become a commodity in the industry and retailers gain minimal value by deploying just iBeacon tags across the stores. However, the tags are an essential component towards building the iBeacon solution.

  1. Mobile Application

The next component is the mobile application (mobile app) residing on the consumer’s phone. The mobile application is the one that detects the presence of tags, creates a proximity context of the user and sends triggers to the retailer’s back end system (like the campaign management system). The mobile app is also the interface through which the retailer can interact with the user to send contextual notification, messages, coupons, etc.

To be able to detect the beacons, retailers need to build beacon ready apps. They would have to download the BLE SDK platform from one of the vendors and integrate the app with their API’s & SDKs to be beacon ready. Through the SDK, the mobile app can be configured to listen to specific UUID from the beacons. This ensures that when the phone sees a beacon inside a ‘xyz’ store, the ‘xyz’ retailer’s app is woken up and not the app belonging to another retailer. Most iBeacon hardware vendors also provide the necessary toolkit for integrating the BLE SDK into the mobile application.

The mobile app also requires a well-defined interface to integrate seamlessly with the backend campaign management system.

  1. Campaign Management

This is probably where most of the intelligence resides in the entire solution stack and the component that adds the most value. Campaign management system is responsible for designing how the retailer’s mobile app reacts to a beacon over a configured period of time. Depending on how long the user was seen, time of the day, day of the week, visit frequency, last visit period, etc., the campaign management system can send contextual notifications, messages, coupons through the mobile app to the end user. As an example, if a phone is detected in front of the TV section for more than 10 minutes (as detected by the beacon located in front of the TV shelf) this is a trigger to send a discount coupon for the TV or a message asking if the user needs any help. The use cases are plenty, but all these engagement rules combined with the tags and the mobile app is what collectively adds value.

Diagram:  iBeacon Campaign Management

 

Follow Sriram Venkiteswaran on Twitter

 

Home Run with iBeacon Solution

To score a run in baseball, the player needs to advance around all the three bases and safely return to the home plate. If a player gets out at any base before reaching the home plate, he does not score any run. Similarly, if the retailers misses any of the component laid out above, they get out before extracting any value from the iBeacon solution. So retailers considering deploying iBeacon solution should take a holistic view in building all the components to score a home run with their iBeacon deployment.

Diagram:  Home run with iBeacon solution

Summary

Following are the key considerations for retailers to hit run with their iBeacon deployment:

  • Retailers have to build their mobile application to be beacon ready by integrating with BLE SDK platform
  • They need to have a strategy to get the mobile app on the as many user’s phones
  • A well designed backend campaign management system
  • Intelligence in the backend to build user context by interacting with various systems
  • In-store Wi-Fi for engaging with the user by delivering media-rich content

 

Additional Information:

Join us for an informative webinar regarding the usage and deployment of an iBeacon solution. In this 30 minute webinar we will work through what to consider when deciding to engage in an iBeacon deployment.

On-demand webinar regarding the usage and deployment of an iBeacon solution.

iBeacon Reality Check _ Essential Considerations for an iBeacon Deployment via SlideShare

On-Demand Webinar: iBeacon Reality Check: Essential Considerations for an iBeacon Deployment

In this 30 minute webinar Sriram Venkiteswaran walks through what to consider when deciding to engage in an iBeacon deployment.

  • What is iBeacon?
  • iBeacon Reality Check
  • Components to Build an iBeacon Solution
  • iBeacon Challenges

 

 

The post How to Hit a Home Run with iBeacon appeared first on MOJO Wireless.

]]>
http://blog.airtightnetworks.com/how-to-hit-a-home-run-with-ibeacon/feed/ 0
New PCI 3.1 Guidelines Address SSL Vulnerability http://blog.airtightnetworks.com/pci-3-1-guidelines-ssl-vulnerability/ http://blog.airtightnetworks.com/pci-3-1-guidelines-ssl-vulnerability/#respond Thu, 23 Apr 2015 11:55:52 +0000 http://blog.airtightnetworks.com/?p=9136 In April 2015, the PCI Security Standards Council (PCI SSC) published PCI Data Security Standard (PCI DSS) Version 3.1 and supporting guidance. The revision addresses vulnerabilities within the Secure Sockets Layer (SSL) encryption protocol that can put payment data at risk. This blog explains what this change represents to you and your business. Includes 2 whitepapers and 1 infographic.   Read more

The post New PCI 3.1 Guidelines Address SSL Vulnerability appeared first on MOJO Wireless.

]]>
On April 15, the PCI Security Standards Council (PCI SSC) published PCI Data Security Standard (PCI DSS) Version 3.1 and supporting guidance. The revision addresses vulnerabilities within the Secure Sockets Layer (SSL) encryption protocol that can put payment data at risk.

Available now on the PCI SSC website, PCI 3.1 is effective immediately.

 

>>>  PCI DSS 3.0 will be retired on 30 June 2015.  <<<


PCI SSC explains:

Download the PCI Data Security Standard 3.1 [PDF], April 2015 via PCI Data Security Council document library.

Download the PCI Data Security Standard 3.1 [PDF], April 2015 via PCI Data Security Council document library.

“The National Institute of Standards and Technology (NIST) identified SSL (a cryptographic protocol designed to provide secure communications over a computer network) as not being acceptable for the protection of data due to inherent weaknesses within the protocol. Upgrading to a current, secure version of Transport Layer Security (TLS), the successor protocol to SSL, is the only known way to remediate these vulnerabilities, which have been exploited by browser attacks such as POODLE and BEAST.”                                         Source: PCI Council Publishes Revision to PCI Data Security Standard — PCI DSS 3.1 and supporting guidance helps organizations address vulnerabilities within SSL protocol that put payment data at risk; PA-DSS revision to follow — PCI Security Council, April 2015.

PCI 3.1 and supporting resources are available on the PCI SSC website.  This blog explains what this change represents to you and your business.

 

New PCI 3.1 White Papers Released

Just in time for the PCI SSC’s news, AirTight released two new white papers:

1) “Do My Security Controls Achieve Wireless PCI DSS? PCI Compliance in the New World of Threats”, and

2) “PCI DSS 3.1 and the Impact on Wi-Fi Security”

 

1) Do My Security Controls Achieve Wireless PCI DSS? PCI Compliance in the New World of Threats

This white paper covers wireless trends that may impact PCI compliance, such as Internet of Things, 802.11ac transition and mobile POS adoption.

The paper highlights why 802.11ac adoption may create security blind spots. According to IDC’s 2015 Wi-Fi shipment data:

“the 802.11ac standard continues to see adoption at a breakneck pace in the enterprise segment. The 802.11ac standard already accounts for 30% of access point shipments, representing a noticeably faster adoption rate than the 802.11a/b/g to 802.11n transition several years ago.”

802.11ac standard is also coming to consumer devices and anyone can buy an 802.11ac access point at a local Best Buy, creating a pool of potential rogue access points.

Many merchants may be reluctant to invest in 802.11ac technology for their Wi-Fi networks due to limited capacities of their backhaul. However, the risk of not being able to detect and mitigate 802.11ac threats is real.

From the standpoint of wireless intrusion prevention, you need 802.11ac sensors to perform your wireless PCI compliance scanning – 802.11n radios can only detect a subset of security threats in the 802.11ac spectrum.

So if you have an aging 802.11n or earlier infrastructure, this is a strong reason to upgrade to 802.11ac technology.

Download the whitepaper for additional trends and to learn how to leverage technology to lower the barriers to wireless PCI compliance.

Do my security controls achieve the spirit of wireless PCI DSS?  

Register for the webinar: May 5th 8am PDT [on-demand]

2) PCI 3.1 and the Impact on Wi-Fi Security

The paper discusses PCI DSS 3.1 requirements from the wireless perspective and provides best practices for compliance, security and IT managers.

Let’s have a look at some of the best practices highlighted in the paper:

  • Limit the scope of your PCI audit through network segmentation
    The “golden rule” is to limit the scope of your PCI audit to the card holder environment (CDE). This ensures that any network or device that does not interact with card holder data is firewalled from the systems that transmit, store or process cardholder data. Doing this will really limit the effort required to demonstrate PCI compliance.
  • Use strong wireless encryption and authentication
    This holds true for any wireless that touches the CDE, especially mobile POS which would include WPA2 encryption and strong authentication and encryption on the wireless network. Make sure that the client devices are hardened and secure so they can’t be stolen and sensitive data cannot be taken off those devices.
  • Implement an incident response plan
    Document the plan you will go through when an incident is found. Having your process documented and ready to go will help you minimize ad hoc reactions to specific incidents.
  • Establish and maintain a strong relationship with your auditor
    Maintain the same audit company and team year over year if possible, as this reduces time and effort to familiarize the auditor with your environment which will ultimately reduce the audit expense and ease the process for your internal staff. Organizations can then focus on remediating gaps and assessing new systems and environment that changes from year to year rather than bringing a new auditor up to speed on their environment.

Download the whitepaper for a comprehensive overview of wireless PCI compliance and security, including additional best practices.

 

The world of wireless PCI compliance is changing. Are you ready? 

 

Additional Information:

 

This post is part 1 of the 3-part series on wireless PCI compliance. Read part 2: 3 Trends Impacting Wireless PCI Compliance

 

Do my security controls achieve the spirit of wireless PCI DSS?  

Register for the webinar: May 5th 8am PDT [on-demand]

The post New PCI 3.1 Guidelines Address SSL Vulnerability appeared first on MOJO Wireless.

]]>
http://blog.airtightnetworks.com/pci-3-1-guidelines-ssl-vulnerability/feed/ 0
More on the Inner Workings of LTE-U for the Wi-Fi Professional http://blog.airtightnetworks.com/more-on-the-inner-workings-of-lte-u-for-the-wi-fi-professional/ http://blog.airtightnetworks.com/more-on-the-inner-workings-of-lte-u-for-the-wi-fi-professional/#respond Thu, 09 Apr 2015 12:55:09 +0000 http://blog.airtightnetworks.com/?p=9109 Part II of 2 part LTE-U blog series. In this LTE-U blog installment, I expand on 3 additional concepts: OFDMA – Yes With an “A” in the End, Wi-Fi Co-existence and LBT, and Common Backend Network between LTE and LTE-U.   Read more

The post More on the Inner Workings of LTE-U for the Wi-Fi Professional appeared first on MOJO Wireless.

]]>

The first part of this 2-part blog covered the following topics:

  1. LTE-U Channel Plan, and
  2. Carrier Aggregation (CA) – What Makes LTE-U Happen
    • LTE-U as Supplemental Downlink (SDL) to LTE
    • Small Cells and Client Side Support

Read it here:  Inner Workings of LTE-U for a Wi-Fi Professional

This second part of the blog covers the following additional topics:

  1. OFDMA – Yes With an “A” in the End
  2. Wi-Fi Co-existence and LBT, and
  3. Common Backend Network between LTE and LTE-U

1) OFDMA – Yes With an “A” in the End

Orthogonal Frequency Division Multiple Access (OFDMA) is the LTE-U’s way of doing simultaneous multiuser (MU) transmissions, which is inherited directly from LTE. The base station (called eNodeB in the LTE terminology) dynamically allocates different subsets of OFDM sub-carriers in the LTE channel to different users in the cell. Schedules for supplemental channels (in case of carrier aggregation) can be communicated over them or over the primary channel, which is ideal for LTE-U. The minimum time duration for which a block of sub-carriers (called “resource block”) can be allocated to a user is 1 ms, called as a “sub-frame” in LTE terminology. Schedules can be changed by the base station potentially as fast as every 1 ms. Both the uplink and the downlink allocations are controlled by the eNB.

This is different from Wi-Fi where all OFDM sub-carriers in the channel are assigned to a single user during the frame transmission, while simultaneous MU transmissions (in Wave-2 of 802.11ac) are done via spatial stream separation.

Below are some techniques where LTE-U air interface differs from Wi-Fi in interesting ways:

  • Scheduling: Base station controls transmission schedules in LTE-U as opposed to the contention based access in Wi-Fi. Wi-Fi suffers from collision problem, which gets worse as the number of devices that are contending for the channel increases. LTE-U does not face collision problem on downlink or uplink. The current focus of LTE-U is on the downlink (SDL – Supplemental DownLink), but it won’t be long before LTE-U is also available for uplink (SUL).
  • CQI (Channel Quality Indicator): There is constant feedback in LTE-U from the client to the eNB so that appropriate MCS (Modulation Coding Scheme) can be used for transmission. In contrast, Wi-Fi uses lack of ACK followed by rate fall back (called “rate adaptation”) to guess the suitable MCS for transmission. There are 16 MCS’s spanning QPSK, 16-QAM and 64-QAM in LTE-U.
  • MIMO Feedback (called PMI and RI): There is constant channel feedback in LTE-U from the client to the eNB to optimize MIMO parameters for transmission. In Wi-Fi, there isn’t equivalent of this for spatial multiplexing, but there is explicit feedback for transmit beam forming in 802.11ac which requires sounding packets.
  • HARQ (Hybrid ARQ): There is additional layer of quick feedback loop below ARQ in LTE-U which also uses soft combining, meaning signals from bad transmission and re-transmission are constructively combined to increase success rate of re-transmission. In contrast, Wi-Fi has only one loop of ARQ and also throws away bad frames.
  • Protocol overheads: Wi-Fi incurs MAC and PHY overhead for every frame. Also, frames such as probes, null data, sounding, RTS/CTS eat away bandwidth in Wi-Fi. In contrast, overheads within LTE-U come from pilot symbols, control channels, transmission scheduling etc.

2) Wi-Fi Co-existence and LBT

When LTE-U eNB transmits a frame which is 10 ms long (consisting of 10 sub-frames of 1 ms each), Wi-Fi devices will detect this as noise and back off (recall -62 dBm energy detection rule in Wi-Fi). LTE-U needs to provide a breather for Wi-Fi by keeping quiet for some frames. As a reference, a 10 ms time duration is about the time required to transmit an aggregated frame of 8 TCP packets in Wi-Fi at a 10 Mbps data rate. As per one proposal described by Qualcomm, the LTE-U radio will keep measuring occupancy on a channel and based on that determine how many frames to transmit and how many to stay quiet (called duty cycle). They have called it CSAT (Carrier-Sensing Adaptive Transmission).

Conversely, does LTE-U delay its frame when Wi-Fi transmission is ongoing? LTE-U does not currently specify standardized listen before talk (LBT) mechanism. So, if the Wi-Fi transmission is ongoing when LTE-U radio turns on to transmit the frame, the two will collide during the period of overlap. LTE-U will continue bursting from that point until the end of its frame or sequence of frames as determined by the duty cycle pattern. Wi-Fi will back off during this time. LTE-U will recover the part of the frame that is lost in collision via HARQ.

Since LBT isn’t standardized now, LTE-U is currently seen as applicable in regions like U.S., S. Korea, India, China etc. where LBT is not a regulatory requirement to operate in the unlicensed spectrum. That does not however mean that there will not be any LBT by the time LTE-U products hit the market. There could be proprietary LBT techniques in those products. We have to wait and watch. The 3GPP is working to standardize LTE-U, under the name LAA (Licensed Assisted Access) in Release 13. One aspect of this standardization also covers LBT, which can then make it applicable to markets like Europe and Japan where LBT is regulatory requirement.

If LTE-U deployments use CSAT as currently described, I would really like LAA to put some standardized restrictions on duty cycle as a function of channel occupancy measurements. Without such restrictions, some LTE-U devices could use large duty cycles thereby adversely affecting Wi-Fi. Fingers crossed!

3) Common Backend Network between LTE and LTE-U

It is a given that freebie spectrum in the unlicensed band is phenomenally attractive to operators in the face of a multi-billion dollar licensed spectrum auction market. This is clearly one driver behind LTE-U.

There is also another benefit to operators from LTE-U from the network deployment standpoint. Early efforts on augmenting the licensed spectrum with the unlicensed spectrum have focused on Wi-Fi offload. However, there is significant network infrastructure required behind the Wi-Fi access point for what is called Mobile Core Integration (MCI) to perform authentication, security, traffic tunneling, roaming, service authorization etc. (Hotspot 2.0 is a small part of the big MCI puzzle). If you compare that to LTE-U, there will be no such heterogeneous network requirement on the back end, because LTE-U directly works with the LTE network all the way up! LTE-U is none other than LTE itself from the network standpoint.

This also provides some insights into why some carriers are pushing LTE-U more than others. Carriers who have invested heavily into MCI aren’t in a hurry to adopt LTE-U, while those who have not want it as soon as possible.

AT&T in no hurry to test and deploy LTE-Unlicensed

LTE, Wi-Fi camps need to cooperate, not collide, on LTE-U/LAA

Source: FierceWireless

Co-opetition?

I am hoping that this 2-part LTE-U blog provided some useful technical insights into the workings of LTE-U. I fully expect the LTE and LTE-U landscape to evolve rapidly over the next two years, since big players in the wireless industry are pushing it. Wi-Fi will also continue to grow alongside it. There will be times of co-ordination and also times of friction between the two. It is going to be an interesting ride.

Read part I of this 2-part blog here:  Inner Workings of LTE-U for a Wi-Fi Professional

By the way, you don’t want to miss the Qualcomm webinar on LTE-U (April 13th 2015 and on-demand). There is Wi-Fi Alliance representation on this webinar. Would be good to find out what the two sides have to say.

 

The post More on the Inner Workings of LTE-U for the Wi-Fi Professional appeared first on MOJO Wireless.

]]>
http://blog.airtightnetworks.com/more-on-the-inner-workings-of-lte-u-for-the-wi-fi-professional/feed/ 0
How Does Restaurant Wi-Fi Pay for Itself? http://blog.airtightnetworks.com/restaurant-wi-fi-pays-for-itself/ http://blog.airtightnetworks.com/restaurant-wi-fi-pays-for-itself/#respond Wed, 08 Apr 2015 12:45:36 +0000 http://blog.airtightnetworks.com/?p=9065 Maximize Your Restaurant Wi-Fi: A Lucrative Tool for Revenue & Engagement is a how-to webinar that helps operators understand the potential of restaurant Wi-Fi, and focuses on a variety of strategies that lead to bottom-line impact.

AirTight joins forces with its partners On The Border Mexican Grill and Cantina and Industry Retail Group (IRG) to share how restaurant Wi-Fi networks pay for themselves.   Read more

The post How Does Restaurant Wi-Fi Pay for Itself? appeared first on MOJO Wireless.

]]>
Wi-Fi networks are a workhorse for internal restaurant operations. But when properly designed and implemented, they can also be highly lucrative, driving both customer loyalty and revenue.

Maximize Your Restaurant Wi-Fi: A Lucrative Tool for Revenue & Engagement  is a how-to webinar that helps operators understand the potential of restaurant Wi-Fi, and focuses on a variety of strategies that lead to bottom-line impact.

AirTight joins forces with its partners On The Border Mexican Grill and Cantina and Industry Retail Group (IRG) to share how restaurant Wi-Fi networks pay for themselves.

Webinar Highlights

  • New research findings from HT’s 2015 Restaurant Technology Study: creating better customer engagement has aligned with technology goals, driving 53% of IT projects in 2015
  • Loyalty boost from restaurant Wi-Fi: what results On The Border has seen from its Wi-Fi implementation
  • Latest trends on what restaurant CIOs are deploying: from enhanced POS to guest Wi-Fi and smart fixtures
  • Roadmap for success: practical advice on selecting technology and implementation providers

Moderator

  • Abigail Lorden, Editor-in-Chief, Hospitality Technology

Speakers:

  • Chris Andrews, Vice President of IT, On The Border Mexican Grill & Cantina
  • Paul Gillmore, Vice President of Sales, Industry Retail Group, Inc.  
  • Kevin McCauley, Director of Retail Business Development, AirTight Networks

 

Kevin McCauley, Director of Retail Business Development, AirTight Networks

Kevin McCauley, Director of Retail Business Development, AirTight Networks
How-to-webinar: Maximize Your Restaurant Wi-Fi: A Lucrative Tool for Revenue & Engagement

Beyond Technical Aspects of Restaurant Wi-Fi

The webinar goes beyond the technical details of Wi-Fi projects.  Hear from Chris Andrews how On The Border’s IT team works with line of business managers and how it bubbles up best ideas for implementation. He also discusses the role of an IT steering committee and covers early insights into the company’s business intelligence and data warehouse projects.

Paul Gillmore of IRG shares wireless and wired deployment Do’s and Don’ts – how to engineer the network properly and why SLAs are critical for restaurant Wi-Fi. You also learn about a creative way in which IRG’s customer Red Robin gets its tabletop tablet-based POS system to pay for itself.

AirTight’s Kevin McCauley discusses how Wi-Fi analytics data can fuel real-time marketing and decision making, and what it means to ‘close the data loop’ with Wi-Fi. Of course, no Wi-Fi network discussion is complete without a look at wireless security and PCI compliance – both IRG and AirTight share practical tips on how to create a network that’s both welcoming and trusted.

 

Maximize Your Restaurant Wi-Fi: A Lucrative Tool for Revenue & Engagement

April 9th 2015, 2:00 pm [EST] and available on-demand

Looking for Business Outcomes

Restaurant IT is becoming more agile and customer-driven, both internally and externally. It’s focused on business outcomes, leading to a close collaboration with marketing, store operations and human resources.

Learn how On The Border is cracking the code to make IT not only essential, but a key component of driving top line revenue.

The webinar is hosted by Hospitality Technology and requires a free registration on HT’s site. Register to attend the live webinar on April 9th or view it at your convenience on-demand.

Related information:

 

The post How Does Restaurant Wi-Fi Pay for Itself? appeared first on MOJO Wireless.

]]>
http://blog.airtightnetworks.com/restaurant-wi-fi-pays-for-itself/feed/ 0
Inner Workings of LTE-U for a Wi-Fi Professional http://blog.airtightnetworks.com/inner-working-of-lte-u-for-the-wifi-professional/ http://blog.airtightnetworks.com/inner-working-of-lte-u-for-the-wifi-professional/#respond Tue, 07 Apr 2015 13:00:00 +0000 http://blog.airtightnetworks.com/?p=8769 Inner Workings of LTE-U for Wi-Fi Professional by Hemant Chaskar @CHemantC   Read more

The post Inner Workings of LTE-U for a Wi-Fi Professional appeared first on MOJO Wireless.

]]>
Earlier in my career, I worked for a cellular network vendor where I specifically focused on 3GPP (and 3GPP2) networks. Today, I am majorly into Wi-Fi and as you would expect, cellular networking went to my back burner. There existed a clear separation between cellular and Wi-Fi networks.  That has now changed as the telco carriers turn to the unlicensed spectrum to add capacity.

Until recently, this discussion mostly centered on Wi-Fi as the data offload network for the cellular (LTE). Lately, this has turned into pitting the LTE radio itself in the 5 GHz unlicensed spectrum in lieu of Wi-Fi, called as LTE-U. For the Wi-Fi professional, it now becomes imperative to bridge any knowledge gap with LTE, myself included. I did some exploration on the inner workings of LTE-U and am posting this two-part blog to share my findings. I’m hoping that it will help you get quick technical facts about this fast emerging technology. Here goes the first part.

LTE-U Channel Plan

As per the latest specification from the LTE-U forum led by Verizon, Qualcomm, Ericsson, Samsung and Alcatel, LTE-U is presently slated for UNII-1 and UNII-3 unlicensed bands. They are called band numbers 252 and 255 in the LTE terminology. DFS band UNII-2 (band numbers 253 and 254 in LTE terminology) is out of bounds for LTE-U, for now. In general, LTE-U is presently applicable in regions and bands that do not have so called Listen-Before-Talk (LBT) regulatory requirement such as U.S., S. Korea, China, India etc. (more on LBT later).

The bandwidth of one LTE-U channel is set to 20 MHz, this is the same as the smallest channel width in Wi-Fi. LTE-U channels will be centered at almost the same places where Wi-Fi channels are centered. The only change being that there are five LTE-U center frequencies defined about each of the Wi-Fi center frequencies. For example, consider channel 48 in Wi-Fi which has a center frequency f = 5240 MHz. Then, the LTE-U channel at this location can be centered at any of the f-0.2, f-0.1, f, f+0.1, f+0.2 MHz. The same applies to channels 36, 40, 44, 149, 151, 157, 161 and 165. LTE-U also makes use of one additional channel centered at f= 5160 MHz, which is below Wi-Fi channel 36 (this would hypothetically have been channel 32).

These additional center frequencies 100 KHz and 200 KHz below and above Wi-Fi center frequencies are provided to satisfy the LTE standard requirement that bonded (intra-band, contiguous) LTE channels need to be centered at multiples of 300 KHz apart. This will allow LTE-U to create 40 MHz channels in the unlicensed spectrum in the future (ouch!).

By comparison, single channel LTE bandwidth in the licensed spectrum is typically 5, 10, 15 or 20 MHz. The peak data rates achievable on 20 MHz LTE channel are 300 Mbps for downlink (for 4×4 MIMO spatial multiplexing, highest MCS) and 75 Mbps for uplink (as per LTE Release 8 specification and after overheads).

Transmit powers in LTE-U will be on par with Wi-Fi because they are dictated by power radiation rules of the unlicensed spectrum. So LTE-U will be a small cell technology.

Carrier Aggregation (CA) – What Makes LTE-U Happen

Release 10 of the LTE standard (called as LTE-Advanced) introduced the concept of CA in the licensed spectrum. The basic idea was to be able to bond multiple LTE channels to increase data rate to the user. Bonded channels can be from the same LTE spectrum band (intra-band) or different LTE spectrum bands (inter-band). LTE refers to channels as carriers, so from now on we will also use the term carrier to indicate LTE channel in this blog.

The base station can add and remove carriers to a particular user in the cell based on various traffic criteria. CA can work both for downlink carriers and uplink carriers and can also be asymmetric meaning more carriers in one direction compared to the other. One of the carriers in CA is configured as the primary component carrier (PCC) for a user and the other carriers are referred to as secondary component carriers (SCC’s). The PCC is used to carry all control and authentication messages in addition to its own data and is the lifeline carrier, while the SCC’s can be activated and deactivated for the user dynamically. Data aggregation in CA happens at the data link layer. Current LTE products mostly focus on downlink CA only. For example, high end devices such as iPhone 6 now support CA for licensed LTE and operators have also launched CA in their networks (with some restrictions on combinable bands and channel widths).

As a side reference, LTE carrier can be of FDD (Frequency Division Duplex) or TDD (Time Division Duplex) type. FDD is where there is dedicated downlink carrier(s) and dedicated uplink carrier(s). TDD works by time duplexing downlink and uplink time durations on the same carrier. FDD is more popular today.

LTE-U as Supplemental Downlink (SDL) to LTE:

The CA mechanism in LTE-Advanced creates the foundation for LTE-U. Since a mechanism is available to bond multiple carriers in the licensed spectrum with one of them serving as a lifeline, why can’t we bond an unlicensed band carrier to the licensed band carrier, the licensed leg playing the role of lifeline. Voilà, that is LTE-U precisely! This also means that the LTE-U today is realized only with lifeline carrier for it being in the licensed LTE. In other words, LTE-U is supplemental to LTE (like walking the dog!).

Currently emphasis of LTE-U is on the downlink, that is, the unlicensed carrier carrying only downlink data (there will be uplink on the licensed lifeline carrier). Hence, the term you hear is SDL (Supplemental Down Link). This is driven by conventional wisdom that downlink traffic is higher than uplink traffic as well as by lesser complexity of CA in the downlink compared to uplink. In the later phases of LTE-U, there will have to be supplemental uplink (to increase peak rates for selfie video uploads, iCloud synchronization etc.).

In the initial phases, we will see supplemental LTE-U channel of 20 MHz bandwidth, but as discussed before the LTE-U forum specification has provision for 40 MHz channel as well (by virtue of multiple of 30 KHz inter-carrier spacing in the 5 GHz band to allow intra-band CA specified in LTE-Advanced).

Small Cells and Client Side Support:

LTE-U deployments will be in the form of a small cell base station (called eNodeB in LTE terminology) with both LTE radio and LTE-U radio in it. The supplemental carrier in the unlicensed band will be selected by eNB dynamically based on congestion in the unlicensed spectrum. Such base station may also have a Wi-Fi radio in it. That said, the LTE standard has provision also for CA across small cell and macro cell (called Dual Site CA).

In order to reach critical mass, client side support for LTE-U is critical. As we have seen in the past, the client side always lags the infrastructure. LTE-U operation will require additional LTE-U radio on the client side. There were announcements from Qualcomm at recent MWC about LTE-U chips in the oven that will be ready for sampling in the second half of the year.

There is lot more to learn about LTE-U, but this post has reached its size limit. So I will defer additional topics like LTE-U transmission schedules, wireless link efficiency techniques and Wi-Fi co-existence (including LBT) to a second blog (part II coming soon this week).

Also a heads up on upcoming Qualcomm webinar on LTE-U. There is going to be representation from the Wi-Fi Alliance on this webinar, so it should be interesting!

 

 

The post Inner Workings of LTE-U for a Wi-Fi Professional appeared first on MOJO Wireless.

]]>
http://blog.airtightnetworks.com/inner-working-of-lte-u-for-the-wifi-professional/feed/ 0
2015 Year of the Goat and Wi-Fi & Security http://blog.airtightnetworks.com/2015-year-of-the-goat-and-wifi-and-security/ http://blog.airtightnetworks.com/2015-year-of-the-goat-and-wifi-and-security/#respond Tue, 03 Mar 2015 13:00:57 +0000 http://blog.airtightnetworks.com/?p=8653 In many Asian countries, the New Year is based on the lunar calendar and is dictated by the first new moon and ends on the full moon. In the case of the Chinese calendar, each New Year is marked by the characteristics of one of the 12 zodiacal animals: the rat, ox, tiger, rabbit, dragon, snake, horse, sheep, monkey, rooster, dog and pig.

In the first part of a 2 part blog series, we started off by reflecting on the Year of the Horse and 2014. In this second installment, we look ahead to the Year of the Goat which began on February 19th 2015.   Read more

The post 2015 Year of the Goat and Wi-Fi & Security appeared first on MOJO Wireless.

]]>

In many Asian countries, the New Year is based on the lunar calendar and is dictated by the first new moon and ends on the full moon.  In the case of the Chinese calendar, each New Year is marked by the characteristics of one of the 12 zodiacal animals: the rat, ox, tiger, rabbit, dragon, snake, horse, sheep, monkey, rooster, dog and pig.

In the first part of a 2 part blog series, we started off by reflecting on the Year of the Horse and 2014.  In this second installment, we look ahead to the Year of the Goat which began on February 19th 2015.

Looking Ahead to the Year of the Goat:

Looking ahead on the coming year, we have a 4 notable areas to single out.

  1. Focus, Growth and Key Partnerships
  2. Key Wi-Fi Trends in 2015
  3. Products & Innovations
  4. Connecting with Customers 

1) Focus, Growth and Key Partnerships

All indications are that 2015 will be a banner year in the Wi-Fi industry as well as for AirTight partners and customers!

In the closing weeks of 2014 AirTight added two key executives to the company:

  • Rick Wilmer as Chief Operating Officer
  • Mike Anthofer as Chief Financial Officer
picture of Rick Wilmer, AirTight COO

Rick Wilmer, AirTight COO.

In an interview with CRN, Rick shares his thoughts on why he joined AirTight.

“The caliber of their engineering and technology talent is impressive. I believe this team has the potential to do something remarkable in the enterprise Wi-Fi space.”

Source: AirTight Networks Adds Top Exec Talent In Bid To Make Wi-Fi More Social. Via CRN News, December 2014

More information via AirTight Newsroom: AirTight Networks Positioned for Next Phase of Growth in 2015: New COO & CFO, Channel Expansion, Continuous Product Innovation.

Meet the Hot Cybersecurity Companies to Watch in 2015, via CyberSecurity Ventures.
More information at Cybersecurity 500 [interactive and searchable list].
All Indications are that 2015 will be a Banner Year
AirTight continues to see demand share shift from a direct sales model to the channel. The company is on track to achieve its goal of 80% sales through the channel in 2015 globally, while 100% of international sales will continue to be through the channel. AirTight is forging new partnerships with key managed service providers including Earthlink and Hughes.

EarthLink Secure Storefront from EarthLink on Vimeo.  

If you missed the Retail Next webinar on connected stores (featuring Greg Buzek – IHL, Kevin McCauley -AirTight, and Greg Griffiths – Earthlink) you can see a replay at rtou.ch/store-networks.

IHL Group, retail research firm, AirTight Networks and EarthLink recently partnered to conduct one of the first-ever studies that provides insights into the retail industry’s plans for store networking, WiFi, security and engagement.

Interested in the full results?  Register here to get the final IHL study.

2)  Key Wi-Fi Trends in 2015
Never one to shy away from making bold predictions, Hemant Chaskar outlines what we can expect in Wi-Fi in 2015:

        1. Super-Size: Deployments as large as hundreds, thousands and up to a million APs.
        2. Super-Charge: ISP, MSO, MSP business model enablement, increased spectrum of engagement applications, CRM integration and big data set analytics.
        3. Scalability Behind the Edge: Importance of backend systems to support Super-size and Super-charged.
        4. Right Offer, Right Time, Right Place: Integration of multiple platforms such as Wi-Fi, iBeacon and other innovations.
        5. Opinions and Requirements: Concerns around monetization, intrusiveness and privacy are hot topics in 2015

 Read the full detail behind these bold predictions or view the companion OnTheFlyWifi webcast replay. OnTheFlyWifi webcast.    

 

Executive Viewpoint 2015 Prediction: AirTight Networks – Internet of Things Will Drive Digital Transformation in Businesses | by Hemant Chaskar via Virtual Strategy Magazine, January 2nd 2015

3) Products and Innovations

Many product, service and application innovations are being introduced with many more planned for 2015.  Three such innovations include:

For NRF 2015, AirTight Networks announced updates to its Wi-Fi solution for retail, including Nano, its mobile cloud management application, now available with custom skins for key MSPs, and an in-browser messaging feature. Read the announcement on AirTight’s web site: AirTight Networks Enhances Multi-Unit Retail Wi-Fi Offering for NRF 2015.

For NRF 2015, AirTight Networks announced updates to its Wi-Fi solution for retail, including Nano, its mobile cloud management application, now available with custom skins for key MSPs, and an in-browser messaging feature.  Read the announcement.

AirTight NanoTM

For NRF 2015, AirTight Networks announced updates to its Wi-Fi solution for retail, including Nano, its mobile cloud management application, now available with custom skins for key MSPs, and an in-browser messaging feature.

“The Nano application will be a key element of EarthLink Secure WiFiTM as it provides configuration simplicity and speed, but maintains IT control and oversight,” said Mike Frane, Director of Product Management at EarthLink.

“Store-level personnel or our remote technicians can get WiFi up and running in minutes with enterprise-class features. This reduces our investment in level 1 support and greatly reduces truck rolls, allowing us to focus on valuable customer interactions.”

Nano simplifies Wi-Fi configurations and compliance reporting by exposing several key features of a cloud Wi-Fi management console via a mobile web app. The configurations done through Nano are synchronized with the enterprise cloud management console, so that retailers and their MSPs can layer additional cloud services on top of basic configurations done through Nano. They also retain full visibility into brand-wide Wi-Fi analytics and engagement metrics.  Source: AirTight Unveils Wi-Fi Config Tool for Retail via Channel Vision Magazine.

Read the announcement on AirTight’s web site: AirTight Networks Enhances Multi-Unit Retail Wi-Fi Offering for NRF 2015

In-browser Messaging

The in-browser messaging feature allows insertion of messages in a user’s web session. This provides continuous channel for engagement as the user browses the web over guest Wi-Fi. Retailers and restaurants can now promote flash sales, store specials or the venue’s loyalty program. Retailers can also place third-party ads and align them with in-store promotions, such as premium end-cap placements. The feature also provides detailed analytics on click tracking.

Hemant Chaskar discusses some of the considerations of in-browser messaging in “2015: The Year of Experience and Scale”.

WizShark:  A picture is worth a thousand framesTM. 

In February, Robert Ferruolo gave a Ten Talk on  WizShark.net  at the WLAN Professionals Conference in Dallas.  You can view the SlideShare summary and / or view the video.  A more in-depth video presentation of WizShark is also available here.

4) Connecting with Customers 

Customer engagement and store efficiencies are top of mind for retailers, hospitality and leisure operators attending Industry events like NRF, RBTE and MURTEC.   AirTight has a strong presence at these events where you can easily request a meeting or private demo.

Join us for an informative webinar regarding the usage and deployment of an iBeacon solution. In this 30 minute webinar we will work through what to consider when deciding to engage in an iBeacon deployment.

Join us for an informative webinar regarding the usage and deployment of an iBeacon solution. In this 30 minute webinar we will work through what to consider when deciding to engage in an iBeacon deployment.

You’ll want to join us for an informative webinar regarding the usage and deployment of an iBeacon solution.

In this 30 minute webinar we will work through what to consider when deciding to engage in an iBeacon deployment.

Register for iBeacon Reality Check: Essential Considerations for an iBeacon Deployment Mar 10, 2015 8:00 AM PDT

The session will cover the following topics:

  • What is iBeacon?
  • iBeacon Reality Check
  • Components to Build an iBeacon Solution
  • iBeacon Challenges

 

 

We’re off to a roaring start and all indications are that 2015 will be a banner year in the Wi-Fi industry as well as for AirTight partners and customers!

 

Additional Information:

Wireless LAN Professionals Conference – February 2015  

 

Register to download the free ebook: “A Guide for Wireless Customer Engagement and Security”

Register to download the free ebook: “A Guide for Wireless Customer Engagement and Security”

 

 

 

 

 

 

 

 

The post 2015 Year of the Goat and Wi-Fi & Security appeared first on MOJO Wireless.

]]>
http://blog.airtightnetworks.com/2015-year-of-the-goat-and-wifi-and-security/feed/ 0
AirTight at Wireless LAN Professionals Conference WLPC in Dallas http://blog.airtightnetworks.com/airtight-at-wireless-lan-professionals-conference-wlpc-in-dallas/ http://blog.airtightnetworks.com/airtight-at-wireless-lan-professionals-conference-wlpc-in-dallas/#comments Mon, 02 Mar 2015 01:30:00 +0000 http://blog.airtightnetworks.com/?p=8373 AirTight had strong representation at the Dallas conference (February 2015) with 2 keynote sessions and 4 Ten Talks. View the video and SlideShare archive.   Read more

The post AirTight at Wireless LAN Professionals Conference WLPC in Dallas appeared first on MOJO Wireless.

]]>
The Wireless LAN Professionals Conference is the brain child of Keith R Parsons  – certified Wireless LAN professional, consultant and teacher.  The conference consists of two days of fun, great topics, awesome gear, and wonderful networking.  It features presentations from a vast array of experts in the field. The event is designed with two track sessions and short powerful talks called Ten Talks.

“We designed the Wireless LAN Professionals Conference to be the kind of event we’d like to personally attend. Lots of great technical content wrapped around an opportunity to spend time with our friends, colleagues, and a chance to meet more people who shared our passion for Wi-Fi. We say it is a conference for WLAN Professionals, by WLAN Professionals.”

Keith R. Parsons

 

 

AirTight had strong representation at the Dallas conference (February 2015) with 2 keynote sessions and 4 Ten Talks.  Ten Talks are short powerful talks.  These are just like Ted Talks, only for all things Wi-Fi.

Ten Talks (10 minutes):

1)  Best Practices for Comprehensive WLAN Performance Testing

2)  Tales from the Trenches: Wi-Fi Troubleshooting in Distributed Environments

3)  Staying on Top of Security, Spectrum Rules and Network Operation in WIPS Deployments

4)  Using WizShark to help in your Wi-Fi Troubleshooting

Keynote Sessions (45 minutes):

1)  Pwnie Express PwnPhone and Wi-Fi Penetration Testing

2)  Wireless Security: Fun Hacks for You to Learn and Experience

 

AirTight TEN TALKS:

Below you’ll find an abstract for each Ten Talk, Vimeo video recording with slideware, and companion SlideShare.

1) Best Practices for Comprehensive WLAN Performance Testing 

Want to avoid your Wi-Fi having a reputation for being slow? Or will you be involved in evaluating solutions for your next WiFi upgrade? View this session with Robert Ferruolo for testing best practices from many years on the front lines of WLAN performance testing. It covers how to test voice, video, and data for single and multi AP setups. The session also discusses essential test tools, test applications, testing methodologies, troubleshooting performance issues, recommended test cases for different verticals, as well as ways to examine and present test data. From this session, you get practical techniques and fresh ideas for how to get, and keep, your WLAN fast and reliable.

Best Practices for Comprehensive WLAN Performance Testing by Robert Ferruolo  (10 minutes) via Keith R. Parsons Vimeo.


Related Content:

2) Tales from the Trenches: Wi-Fi Troubleshooting in Distributed Environments

Network issues aren’t something new in any project. However, the troubleshooting task becomes challenging when it needs to be done remotely and when there isn’t much onsite IT help. This is often the case with the distributed Wi-Fi deployments. The session discusses tools and best practices for Wi-Fi troubleshooting in distributed environments, drawing on field deployments both large and small.

Tales from the Trenches: Wi-Fi Troubleshooting in Distributed Environments by Hemant Chaskar  (10 minutes) via Keith R. Parsons Vimeo.

Are You Safe: AirTight Networks Security Assessment

Schedule a FREE Wireless Network Vulnerability Assessment.  AirTight is the only vendor rated “Strong Positive” by Gartner for wireless IPS.

3) Staying on Top of Security, Spectrum Rules and Network Operation in WIPS Deployments

This session explores best practices in wireless intrusion prevention system (WIPS). The session provides an in-depth look into wireless vulnerabilities and techniques used by WIPS to address them. Along with the technical deep dive, Hemant Chaskar provides guidelines to enhance security; avoid contravention of spectrum rules and minimize operational overhead in WIPS deployments.

   

Staying on Top of Security, Spectrum Rules and Network Operation in WIPS Deployments by Hemant Chaskar  (10 minutes) via Keith R. Parsons Vimeo.

Related Content:

4) Using WizShark to help in your Wi-Fi Troubleshooting

WizShark is a diagnostic tool built to make the process of Wi-Fi troubleshooting more enjoyable and fun. Based on the philosophy of “A picture is worth a thousand frames”, it abstracts key events of a complex packet trace in the form of rich visuals. This session demonstrates how to use Wizshark to troubleshoot Wi-Ficonnectivity issues.

Using WizShark to help in your Wi-Fi Troubleshooting by Robert Ferruolo  (10 minutes) via Keith R. Parsons Vimeo.

A more in-depth video presentation of WizShark is also available here.

 

 

 

AirTight KEYNOTES:

Senior Wireless Security Researcher Rick Farina keynoted two 45 minutes sessions:

1) Pwnie Express PwnPhone and Wi-Fi Penetration Testing

2) Wireless Security: Fun Hacks for You to Learn and Experience

 1) Pwnie Express PwnPhone and Wi-Fi Penetration Testing

Session 108 – Rick Farina from Keith R. Parsons on Vimeo.

Pwnie Express PwnPhone and Wi-Fi Penetration Testing | by Rick Farina @Zero_ChaosX  (Keynote: 45 minutes) via Keith R. Parsons Vimeo.

2) Wireless Security: Fun Hacks for You to Learn and Experience

Session 211 – Rick Farina from Keith R. Parsons on Vimeo.

Wireless Security: Fun Hacks for You to Learn and Experience| by Rick Farina @Zero_ChaosX  (Keynote: 45 minutes) via Keith R. Parsons Vimeo.

Related Information:

 Wireless LAN Professionals Conference WLPC is not to be missed – in-person and on-demand!

 

Wireless LAN Professionals Conference on-demand video archiveAdditional information:

In a 2 part blog series, AirTight reflects on the Year of the Horse and 2014.  In the second installment, we look ahead to the Year of the Goat which began on February 19th 2015.

 

The post AirTight at Wireless LAN Professionals Conference WLPC in Dallas appeared first on MOJO Wireless.

]]>
http://blog.airtightnetworks.com/airtight-at-wireless-lan-professionals-conference-wlpc-in-dallas/feed/ 1