Wireless Networking Archive

Feature Article – Basic information about provisioning public Wi-Fi hotspot service

Introduction

You might be considering setting up that complimentary hotspot for your guests to use but there are certain risks to be aware of concerning the security of your business and your guests’ data and identity.

Risks that have been highlighted include confidential-data and identity theft performed against customers as they work this data from their portable devices; as well as clandestine computer activity like the downloading or serving of illegal content; or the distribution of spam email, performed using computers connected to public Internet networks like wireless hotspots.

As well, there may be other imperatives required of people who provide Internet access to the public. These imperatives, asked for by various local, state / regional or national governments may include requirement like keeping a log of whom you provide Internet access to or requirement for session tracking. Therefore I am not therefore in a position to explain how to satisfy these needs and it is best to seek local advice on this topic.

Therefore, your business should know who is using the hotspot service and be able to make sure that the people who benefit are the business’s customers or guests. This means that the customers or guests are actually going to be operating the network device that they use when connecting to the service and also operate it on your premises. As well, your customers know that they are going to actually benefit from your hotspot service when they log in to this service.

The cafe or bar as a “second office”

This is more important for the cafe as an increasing number of businesspeople use these places as “second offices” where they can work without unnecessary office-borne distraction or as places where they meet their colleagues or business partners. Here, these people will be working on workplace-confidential data and most of these workplaces place high value on the security of this data as it travels between the laptop and the workplace’s main computer systems.

In fact, the reason I have decided to publish this article was because a cafe that I regularly visit in Camberwell (Melbourne, Australia) had just started to offer free public Wi-Fi access but I had wanted them to provide a free Wi-Fi service that is safe for their customers. Here, they had an ordinary wireless router as the Internet service but they needed help in getting this service working properly and safely. They also wanted to make sure that this resource was available just to their customers as part of their customer service.

Your equipment

When you start out with your complimentary-use hotspot service, you may use a wireless router hooked up to a separate Internet service or use one with a “guest-access” or hotspot function and is connected to your common Internet service.

This should be set up to cover your public area such as the bar areas in your bar or the dining room in your cafe. In some situations, you may need to use an additional access point to cover larger areas or get your signal past thick walls. This is something I have covered in this site as a separate article.

As well, if your equipment works on 802.11n technology, it should be set to work in compatibility mode where it can work with 802.11g and 802.11n devices. This is to cater for the fact that most devices that are in circulation, especially smartphones, are likely to work with 802.11g technology and people may operate battery-operated 802,11n-capable devices in 802.11g mode in order to conserve battery runtime.

Dual-band setups

It may be an asset to consider a dual-band setup for your wireless hotspot. This will use a radio presence on the 2.4GHz band as well as the newer 5GHz band and is supported by an increasing number of newer laptops, tablets and smartphones. The new waveband comes in to its own for multimedia applications like video conferencing or photo and video uploads to social media as well as taking some pressure off the 2.4GHz band for legacy equipment to use.

This can be achieved with a router / gateway or access point that implements simultaneous dual-band operation or you can add a 5GHz access point or a dual-band access point set up for 5GHz operation to your existing network.

Here, you need to make sure you still have your network set up for 802.11b/g/n operation for the 2.4GHz band and 802.11n operation for the 5GHz band. If your equipment supports 802.11ac Wi-Fi, you may have to make sure that the 5GHz aspect works in a compatibility mode for both 802.11n and 802.11ac equipment. As for the SSID (Network Name) which is talked about below, you can use the same SSID for both bands and the clients’ computer equipment switches between the bands automatically.

Your SSID or Network Name

The SSID or network name is very important to your hotspot’s identity. Here, it should reflect your business’s name and have a reference to public or guest Wi-Fi service. An example that I used for a basic complimentary-use Wi-Fi hotspot that I set up at a coffee lounge just recently was MORAVIA-PUBLIC-WIFI. Here this reflected the coffee lounge’s name (MORAVIA) as well as stating that the service was a public Wi-Fi hotspot service hosted by this business. Therefore, you can then identify any “evil-twin” or “fake-hotspot” devices left on or near the premises that exist to capture customers’ sensitive data.

This SSID must be used in all signage advertising your hotspot and the signage must reflect your company’s identity. This means that it either has your company logo and name or be in your company’s styling. In this case, the signage about the hotspot should at least exist beside the cash-register and the door, preferably at eye-level or near the main handle or pull.

Hotspot security

Basic security

Your hotspot network should be secured with a WPA-PSK passcode which your staff should give out to customers who want to use hotspot service. As well, the network should have wireless-client isolation enabled, so that customers who are using the hotspot cannot browse on to each others’ computers.

Previously, there wasn’t any wisdom in implementing link security on a public-use wireless network but now that most computers and handheld devices support WPA-based link security for wireless networks, adding this function to WPA-level is still worth it for achieving some control and security in a public-use wireless network.

It is still important to change the WPA-PSK passphrase regularly such as at least twice a month. Some environments may require the passphrase to the changed every week. This is so that it becomes hard to set up a “fake hotspot” using your service’s credentials or keep a computer logged in to the hotspot service without you knowing.

People who use “open-frame” computing devices based on recent versions of Android or Windows may find that this job may be simplified. One method, which works with both the operating systems, is to use WPS push-button setup on consumer routers that are suitably equipped and are serving as dedicated hotspot devices. But another method is to make a QR code representing the SSID and WPA passcode as a machine-readable form and print this out on to a card that you hand to your customer. Then they scan this code with their Android or Windows 10 device with the appropriate reader software.

As well, your hotspot should properly support VPN pass-through for all protocols so that business users can log in to their workplace VPNs  without any headache.

Special hotspot-gateway devices

It may be worth knowing that if you want greater control over your public Internet service, it may be worth implementing a “docket-printer-based” wireless hotspot gateway like the Netcomm HS-1100, Solwise WAS-105R or Zyxel N4100.

Here, these devices direct users to a login page where they have to key in a session login and password that they transcribe from a paper docket that is printed from a docket printer attached to the hotspot gateway. If you intend to offer a paid service, these devices put you in a position to use the payment methods and paths that you use to accept payment for your goods and services.

This is unlike some other hotspot gateway setups that require the potential user to pay another company directly using their credit card or an account maintained by that other company using a payment form hosted by that hotspot. Typically, a lot of these setups are managed in a manner where you don’t have much control over how the service in provided and the service may be provided in a manner not dissimilar to how most vending and amusement machines are provided where you don’t own the equipment, representatives visit the premises to maintain the equipment and you get a small “cut” from the takings.

As well, the session login parameters that your users type in from these dockets exist only for a particular time limit. This is also important for people who run a paid service, but can be useful for managing complimentary service so you can be sure that the people who are using your service are your customers or guests who are in your public areas.

If you do run one of these dedicated hotspot gateway devices, such as a “docket-printer-based” device, the wireless network that these devices operate should still have WPA-PSK security with the passphrase changed regularly. The “docket-based” devices will list the WPA-PSK passphrase on that same docket so your customers can still log in to your hotspot from their device.

Hotspot 2.0 / Wi-Fi Passpoint functionality

Hotspot-gateway devices that supports Hotspot 2.0 or Wi-Fi Passpoint operation, including firmware updates that bring this functionality to existing equipment, is also worth its salt. This provides for improved login experiences including the ability to have your venue described in the list of available Wi-Fi networks when your customers use compatible along with a simplified signup or login procedure. It also supports link-level security between the user’s computer or phone and the access point.

When you enable Hotspot 2.0 or Passpoint functionality on your hotspot gateway device, make sure that your establishment’s details are properly entered when you fill out the setup form for this function. Here, if your users have equipment that supports this technology to the letter, they can identify your establishment in a more qualified manner so they are sure that the Wi-Fi service they are connecting to is the one you are providing at your business.

Of course those of us who use devices that don’t support this functionality can still benefit from Wi-Fi hotspot service on these services as long as “universal” authentication is enabled on the gateway device.

Branding options

If you do implement these devices, make sure that you know how to brand the customer-facing user interfaces.

Most of these devices can allow you to upload a graphic and integrate it in to the login interface or they can allow you to upload customised login screens or point to a Web server for the login interface graphics. The latter option may appeal to you if you have a good hand with creating basic HTML Web pages.

Here, make sure that you have your business name and logo and, if you can do it, set the colour scheme to your business’s colour scheme. As well, make sure that your business name appears on the access dockets that your hotspot gateway prints out.

Power outlets

With a hotspot, always expect that some of your customers will use the power outlets on your premises to power their laptops or smartphones from AC power to avoid compromising battery runtime. This is more so with customers are operating older equipment that has batteries that are “on their last legs” or are working VPN sessions in order to “pick up” files from work and want to be sure this is done properly.

Here, a few double outlets near the tables can work wonders here and if an outlet is used for powering a device like a lamp, the device could be connected to the outlet via a multi-socket power-board with extra outlet space for a few appliances.

Conclusion

Once you know how to choose and set up your public-use wireless network properly, you can make sure that this is a service that your customers and guests will benefit from fully. This may even put your business “on the map” as far as customer-service extras are concerned.

UPDATES

I have done some revisions to this article which was originally published in August 2011 to reflect the arrival of newer technologies like 802.11ac dual-band Wi-Fi wireless technology, Wi-Fi network credentials via QR codes, and Wi-Fi Passpoint technology.

Send to Kindle

“Wi-Fi-ready” consumer electronics–what should you know

Article

Why you should avoid proprietary Wi-Fi dongles | Crave – CNET

My comments

Previously, I had written an article about using HomePlug to connect a TiVo device to your home network if you don’t have Ethernet connectivity near the TiVo device. This was after I had seen poor Wi-Fi performance from the TiVo-specified 802.11g Wi-Fi adaptor that a TiVo that was on show at a consumer-electronics show was connected to. This is infact the beginning of a trend by consumer-electronics manufacturers to differentiate their product ranges.

What does it mean if consumer-electronics is “Wi-Fi-ready”

Consumer-electronics manufacturers will place a range of network-enabled consumer-electronics products like flatscreen TVs or Blu-Ray players as “Wi-Fi-ready” or “Wi-Fi-enabled” units. These units will be cheaper than the products that have Wi-Fi functionality integrated in them and this fact is used as a way of differentiating between particular models or ranges.

When you want to use the “Wi-Fi-ready” TV or Blu-Ray player on your home network’s Wi-Fi segment, you have to buy a special Wi-Fi network-adaptor module from the consumer-electronics manufacturer through their retail front. Most such adaptor modules will come in the form of a USB “dongle” that plugs in to a specified USB socket on the device but some manufacturers may require that their technicians install the module in the set for you. This latter practice may be more so with TVs sold by some European manufacturers who are used to having add-on functionality modules available for installation by their technicians at a later date upon their customers’ request.

Of course, nearly all of these items of consumer electronics will have an Ethernet socket on them so you can connect them to an Ethernet network segment or a HomePlug networks segment with the appropriate bridge device.

The Wi-Fi dongles or modules

The dongles or modules are usually peculiar to a manufacturer’s products or may only work with a certain subset of their products such as those that are based on a particular design. They usually cost more than a USB-Wi-Fi network adaptor sold for general-purpose computers. As well, the modules, especially the dongles, may not give the same kind of Wi-Fi performance as a setup where the Wi-Fi functionality is integrated in the device.

It may also be worth paying attention to the price difference for the model that comes with Wi-Fi and the model that is “Wi-Fi-ready”. If the device of concern is a TV set, I would suggest that you compare the two models that have the same screen size and display technology. It is also worth asking if the retailer does sell the Wi-Fi module and how much for. This is because in some cases, the aforementioned price difference at the store may be less than the cost of buying this module.

What can you do with a “Wi-Fi-ready” device if you don’t have Ethernet at its location?

This same situation can also hold true if you wish to go for the cheaper “Wi-Fi-ready” model yet integrate it in to the home network in a “no-new-wires” manner.

I would suggest that you use a HomePlug AV setup to connect the “Wi-Fi-ready” device to the home network if you don’t have an Ethernet connection in place at the device’s location. This also includes situations where you may move the device to a newer location such as “pushing” the existing Internet-enabled “Wi-Fi-ready” TV to the secondary lounge area or bedroom.

Most of the HomePlug AV starter kits which comprise of two HomePlug AV-Ethernet bridges (a.k.a “homeplugs”) can typically cost the same as the add-on Wi-Fi adaptors. It is also worth knowing that if you pay a bit more, some of these kits even come with an integrated Ethernet switch which may be useful if you have two or three network-enabled video peripherals near the TV or are likely to connect the PS3 or Xbox 360 to the TV.

Other comments

One situation that I would fear most with consumer-electronics would be to use the optional Wi-Fi module technique used in the current crop of “Wi-Fi-ready” equipment to provide network / Internet connectivity to cheaper equipment at extra cost to the consumer.

Here, the equipment would have no Ethernet socket yet still show “network-function” teasers in its user interface and describe the functions in its user manual and marketing literature. But the user would have to buy a Wi-Fi or Ethernet module in order to link the device to the  home network before they benefit from network and Internet functionality.

Like with the Wi-Fi-ready scenario, the user wouldn’t be able to use cheaper or better-value hardware to network-enable their device, therefore end up paying the premium for network connectivity.

Send to Kindle

Consumer Electronics Show 2011–Part 3

Now we come to the issue of network-infrastructure equipment that will need to support the increasing demands placed on the home network by the previously-mentioned smartphones, tablet computers and Internet-enabled TVs.

Network Infrastructure

Network Connectivity

Some newer chipsets have appeared which will increase network bandwidth for the 802.11n Wi-Fi segment and the HomePlug AV segment. The current implementations may use manufacturer-specific implementations which won’t bode well with the standards.

The first new “call” is the 450Mbps 802.11n WPA2 WPS Wi-Fi segment which is being provided by most network makes for their midrange routers and access points. Access points and routers that work with this specification use three 802.11n radio streams to maintain the high throughput. The full bandwidth may be achieved if the client device is equipped with an 802.11n wireless network adaptor that supports the three streams but your existing devices may benefit due to reduced contention for the wireless bandwidth due to the access point / router offering three streams.

Most of the routers shown at the Consumer Electronics Show this year that support the 3-stream 450Mbps level for the 802.11n wireless network functionality also offered dual-band dual-radio operation to the same specification. Here, these devices could work on both the 2.4GHz band and the 5GHz band at this level of performance.

Some manufacturers were trying out the idea of a 60GHz high-bandwidth media network which may be based on a Wi-Fi (802.11 technology) or other proprietary scheme. This could lead to three-band multimedia routers and access points that use 2.4GHz and 5GHz for regular whole-home wireless networking and 60GHz for same-room wireless networking.

The second new “call” is the 500Mbps throughput being made available on high-end HomePlug AV devices. These powerline network devices may only achieve the high bandwidth on a segment consisting of the high-bandwidth devices that are based on the same chipset. Here, I would wait for the HomePlug AV2 standard to be fully ratified before you chase the 500Mbps bandwidth on your HomePlug segment. Of course, these devices can work with HomePlug AV segments.

The third new call is for midrange high-throughput routers to have Gigabit on the WAN (Internet) port as well as the LAN ports. This is more relevant nowadays as fibre-based next-generation broadband services are rolled out in most countries.

Everyone who exhibited network-infrastructure equipment offered at least one 450Mbps dual-band dual-radio router with Gigabit Ethernet on the WAN (Internet) connection as well as the wired-LAN connection. As well, most of these routers are equipped with circuitry that supports QoS when streaming media and some of them have a USB file-server function which can also provide media files to the DLNA Home Media Network.

Trendnet also offered an access point and a wireless client bridge that worked to this new level of 802.11n performance. They also demonstrated power-saving circuitry for Wi-Fi client devices which throttles back transmission power if the device is in the presence of a strong access point signal for their network. This was ostensibly to be “green” when it comes to AC-powered devices but would yield more real benefit for devices that have to run on battery power.

They also ran with the TPL-410AP which is a HomePlug AV Wireless-N multi-function access point. Another of those HomePlug access points that can “fill in the gap” on a wireless network or extend the Wi-Fi network out to the garage, barn or old caravan.

They also issued the TEW-656BRG 3G Mobile Wireless N Router, which is an 802.11n “MiFi router” that is powered by USB and works with most 3G / 4G modem sticks available in the USA. It is of a small design that allows it to be clipped on to a laptop’s lid or a small LCD monitor.

TP-Link had their 450Mbps three-stream dual-band dual-radio router with Gigabit on bot WAN and LAN Ethernet connections. As well they fielded a single-stream 150Mbps USB stick as the TL-WNT23N.

They also tried their hand with IP surveillance with the TL-SC4171G camera . This camera can do remote pan-tilt, and 10x digital zoom. It connects to the network via Ethernet or 802.11g Wi-Fi (not that much chop nowadays) and is equipped with an IR ring for night capture, as well as a microphone and speaker.

Netgear were more active with the 450Mbps three-stream routers with Gigabit LAN. Two of the models are broadband routers with Gigabit WAN, while one is an ADSL2 modem router which I think would serve the European and Australian markets more easily. The top-end model of the series has a USB file server function which works with the DLNA Home Media Network and also with Tivo “personal-TV devices”.

They also released the XAV5004 HomePlug AV switch which is the 500Mbps version of the their earlier “home-theatre” four-port HomePlug switch. Of course, they released the XAV2001 which is a compact “homeplug” adaptor which connects to the regular standards-based HomePlug AV segment.

They also have released the MBR1000 Mobile Broadband Router which works with 3G/4G wireless broadband or  Ethernet broadband. This unit is being provided “tuNrnkey” for Verizon’s new 4G LTE service.

Netgear have also fielded the VEVG3700 VDSL2/Gigabit Ethernet dual-WAN router with Gigabit Ethernet LAN, Cat-IQ DECT VoIP phone base station. This device, which is pitched at triple-play service providers also supports DLNA server functionality. As well, they also had a DECT VoIP kit available for these providers

As well, Netgear have tried their footsteps in to IP-surveillance for home and small business with a camera and an Android-driven screen for this purpose.

D-Link’s network hardware range include the three-stream 450Mbps routers with Gigabit WAN/LAN, a multifunction access point / repeater for the 802.11n network as well as a new DLNA-enabled network-attached storage range

As far as the MoCA TV-coaxial-cable network is concerned, Channel Master is the only company to release any network hardware for this “no-new-wires” network. It is in the form of a MoCA-Ethernet 4-port switch for the home theatre.

“Mi-Fi” wireless-broadband routers

Every one of the US cellular-telecommunications carriers are catching on to the 4G bandwagon not just with the smartphones and tablets but with the wireless-broadband routers.

Sprint have a unit for their WiMAX service while Verizon are fielding a Samsung LTE “Mi-Fi” as well as the aforementioned Netgear MBR1000 router.

Computer hardware and software

Monitors

Some of the companies who manufacture monitors are looking at the idea of “Internet-connected” monitors which have a basic Web browser in them so you don’t have to fire up a computer to view the Web.

CPU/GPU combo chips

These new processor chips combine a CPU which is a computer’s “brain” as well as the graphics processor which “draws” the user interface on to the screen. AMD and Intel were premiering the “Accelerated Processor Units” and the Core “Sandy Bridge” prcessors respectively at the CES this year.

Intel were trumpeting the fact that this technology could make it harder to pirate movie content but this is more about mainstream computing and small-form-factor hardware being behind this space and power saving processor hardware.

Sony had lodged a commitment to AMD to use the Zacate “Accelerated Processor Unit” in some of their VAIO laptops.

Other hardware

AMD haven’t forgotten the “performance computing” segment when it comes to processor chips and released the quad-core and 6-core “Phenom” desktop and gaming-rig CPUs.

Seagate have also made the “GoFlex” removable / dockable hard disks a standard by building alliances with third-parties to make hardware that works to this standard. Could this be another “VHS-style” alliance for dockable hard disks?

Microsoft also used this show to premiere their Touch Mouse which uses that same touch operation method as Apple’s Magic Mouse. Do I see an attempt for them to “snap at” Apple when it comes to “cool hardware” as well as software?

The Microsoft Platform

There has been some activity with the Microsoft Windows platforms now that set-top boxes and tablet computers are becoming the “order of the day”

One direction Microsoft is taking is to port the Windows Platform, which was primarily written for Intel-Architecture processors, to the Acorn ARM-architecture processors. The reason that this port is taking place is due to these energy-efficient RISC processors being commonly used in battery-driven applications like tablet computers. They are also popular with other dedicated multimedia devices like set-top boxes and TV applications.

As well, Microsoft will be working on a lightweight Windows build for TV applications like set-top boxes. This is although they have previously written Windows-CE builds for this class of device.

Microsoft also want to make a variant of the Windows Phone 7 for tablet computers and are starting work on the Windows 8 project.

Similarly, Somsung has demonstrated the second incarnation of the Microsoft Surface platform This one comes in a slimmer table-based form rather than a unit that is as thick as the 1980s-style “cocktail-table” arcade game machine.

Conclusion

The Consumer Electronics Show 2011 has certainly put the connected home on the map. This is due to affordable smartphones and tablet computers becoming more ubiquitous and Internet-provided video services becoming an increasing part of American home life.

It will be interesting to see what will happen for the other “pillar” of the consumer-electronics trade fair cycle – the Internationaler Funkaustellung; and how more prevalent the Internet TV, smartphone and tablet computer lifestyle will be in Europe and Asia.

Send to Kindle

Wi-Fi and HomePlug collaborate on the smart-grid aspect of the connected home

Articles

WiFi, HomePlug Collaboration Facilitates Interoperability of Smart Grid Applications -  SmartGrid.TMCNET.COM

Wi-Fi, HomePlug Alliances Collaborate On Smart Grid Apps – InformationWeek.com

Wi-Fi strikes alliance with mains networking tech – The Register (UK)

From the horse’s mouth

Wi-Fi Alliance® and HomePlug® Powerline Alliance Collaborate on Connected Smart Home – HomePlug Powerline Alliance

My comments

This news article is certainly placing the two main “no-new-wires” network technologies that exist in most home networks as being able to have their place in the “smart-grid” home-automation and energy-management scenario.

General home-network applications

From what I have read in this article and also from my experience with handling home networks, the Wi-Fi wireless technology and the HomePlug powerline technology are considered as established “no-new-wires” connection methods in this class of network. This is typified with most network-Internet “edge” devices being Wi-Fi wireless routers and nearly all laptops currently in use being equipped with some form of Wi-Fi technology. As well, most mobile-phone contracts that have been signed are for phones that are equipped with Wi-Fi technology alongside the cellular-phone technology.

Similarly, HomePlug AV has been considered as a data transfer medium for bringing IPTV to the main lounge area. This has become more so in Europe with the “triple-play” service providers who are using the home network to distribute TV. Here, they use a HomePlug AV connection to provide a network link from the network-Internet “edge” router to an IPTV set-top box in the lounge area to obviate the need for users to run Ethernet wiring to achieve the same purpose.

The main benefit of HomePlug is that it makes use of existing AC wiring including extension cords, which can become data+power cables. I have talked about this as a preferred solution with multi-building home networks where it is not worth the cost or effort to run Cat5 Ethernet cable to an existing outbuilding and Wi-Fi wireless wouldn’t work well with some buildings like “quick-assemble” garages or static caravans because of their metal construction.

Smart-grid applications

Both technologies would complement each other in the smart-grid space.

One main use for Wi-Fi would be smartphones and other programmable devices as consumer-facing energy monitors. Here, this application would capitalise on the installed base of laptops, netbooks, smartphones and tablet computers that have integrated Wi-Fi functionality as well as the Wi-Fi segment of the home network rather than having to reinvent the wheel.

As well, once manufacturers work on Wi-Fi chipsets that can work for a long time on two AA batteries or a regular “button-cell” watch battery, Wi-Fi could become a “sensor and control network” in its own right. Here, it could be feasible to use it as part of wireless movement sensors, thermostatic radiator valves, wireless room-temperature sensors and the like.

There is also a subset of the HomePlug technologies being developed to replace the role of the old X10 home-control system as data-transfer conduits for AC-wire-based home automation. This could lead to affordable home-automation systems that work hand-in-glove with the smart grid. Common application examples would include the ability to have appliances like washing machines, dishwashers, and pool-filter pumps come on when the off-peak tariffs apply or air-conditioners go in to “set-back” but with the fan running during a high-demand period where the utility wants to apply “load-shedding” measures.

Similarly, the management of electric-vehicle charging will be achieved through HomePlug technology as the primary data conduit for the command-and-control data. This will also be important for vehicles that are managed as part of a fleet and for countries that want to make sure that they tax the fuel that is used by road vehicles ostensible for maintaining the roads.

Conclusion

At least the new “smart-grid” applications are becoming another area where the dominant “no-new-wires” network technologies are able to have a foothold in and thus avoid reinventing the wheel with.

Send to Kindle

Devolo has raised the bar with a HomePlug AV WiFi-N access point by adding a 3-port Ethernet switch

Articles

German Language

Der Devolo dLan 200 AV Wireless N organisiert Ihr Heimnetzwerk – COMPUTER BILD

From the horse’s mouth

Web page for this product (Deutschesprachen, English language)

My Comments

Previously, Netgear had released an 802.11n wireless access point which can connect to an Ethernet network or a HomePlug AV powerline network. This is a product that I had commented on as being suitable for extending the coverage of an 802.11n wireless network or establishing the footprint of your home network in to an outbuilding or static caravan that you are using as part of the house.

Now, Devolo have answered Netgear’s effort by releasing a similar product in the European market which also has a 3-port Ethernet switch.  This unit, which sells in Germany for €109.90  has similar WiFi functionality to the Netgear unit, including WPA2 security with WPS push-button setup. As far as I know from the research I have done at Devolo’s Website, this unit doesn’t seem to support WPS-based quick setup for multiple-access-point wireless networks – the WPS function only works for setting up a wireless client to the access point. This function could be added to this unit through a firmware update.

The 3-port Ethernet switch would come in handy for a lounge area with an Internet-enabled TV, a Blu-Ray player and/or a games console; or an office set up in the garage or barn where there is a desktop computer and / or a network printer. It also can come in handy if you have to use this HomePlug AV access point with another HomePlug AV-Ethernet bridge to extend the coverage of your HomePlug AV powerline network to another building or caravan as I have explained here.

At least someone else has come up with another HomePlug AV wireless access point for the home network and have taken this concept further by adding a 3-port Ethernet switch rather than the typical Ethernet port found on this class of device.

Send to Kindle

A major update for inSSIDer

News article

MetaGeek releases updated inSSIDer | SmallNetBuilder

From the horse’s mouth

inSSIDer 2 Preview – Blog article on MetaGeek site

Download inSSIDer from here!

My Comments

InSSIDer is a free but highly-capable Wi-Fi site-survey tool for use with Windows-based computers that works with any Wi-Fi network adaptor including the integrated Wi-Fi network subsystems in most laptops. I have reviewed this program on this site and cited it as a preferred tool for small-business owners and householders to manage Wi-Fi networks and tune wireless routers. I have also mentioned it as a piece of software you can have in your arsenal for keeping your wireless hotspot secure and free from fake “evil twin” hotspots set up to catch your customers’ data.

This program has just been taken to the 2.00 version level and has had some key improvements added to it.

User-defined filters

An improvement that I am pleased with is the ability for the user to define filters that show up wireless networks that match or don’t match certain criteria. A good use of this would be to determine if any access points are using your SSID and not matching other criteria like security specification or BSSID (wireless MAC address) or RSSi (signal-strength index).

Other factors you can filter on include the access point’s vendor, whether it operates with 802.11n, whether it uses the 40Mhz “double-bandwidth” channels amongst other things.

Better views

There is the option to turn on a multi-colour legend view which will show up which SSIDs match particular coloured lines on the graphs. This is important in urban areas where there are many wireless networks in operation.

As well, there is the option to see a historical preview of various access point as a “sparkline” or mini-graph view when you select access points. This is useful when you determine filters based on relative signal strength or activity of particular APs.

Other functions

The same software can work with GPS devices like Bluetooth “pucks” or integrated GPS modules for mapping wireless networks. This can be useful for plotting out wireless coverage for an outdoor access point or hotzone or may be just useful for “wardrivers”.

Features I would like to see

One feature I would like to see is options to make it easier to identify and filter on a multi-access-point “extended service set” so you can identify the coverage of that wireless network or “smoke out” foreign access points. This could be catered for with security credentials that are held on the host computer, whether as part of Windows Zero Configuration for accessing the network, or as a separate local database and / or the visibility of a network’s Internet gateway as determined by IP address and MAC address from the access points.

This function could be augmented with the use of multiple Wi-Fi adaptors on one computer thus improving the monitoring of an “extended service set” or a multi-band Wireless-N network.

As well, it could be a good idea to port the program to Android and other smartphone platforms so that these phones can be used as a tool for managing the wireless networks. This could include support for data capture applications where the data can be uploaded to a PC for later analysis.

Conclusion

This program is an example of a free and easy-to-use network-management program that is being made more of a tool than a toy.

Send to Kindle

New NETGEAR products for the home network

 NETGEAR Rolls Out HD Media Players, UTM and Powerline Products – SmallNetBuilder

My Comments

I have read the attached article and found that most of the devices had impressed me as devices that would work well in a home or small-business network. This was because of particular abilities that had made the devices unique rather than run-off-the-mill devices.

NeoTV network media players

NETGEAR NeoTV 550 network media player

NeoTV 550 network media player

This group of NeoTV network media players may be very similar to the other network media players  like WDTV Live that are appearing on the market. This is that they are capable of playing audiovisual media held on a USB memory key, camera card reader or external hard drive; or from a DLNA/UPnP-AV-compliant media server that exists on your network. But one of the models in this lineup, the NeoTV 550,  has eSATA connectivity and the ability to be a Blu-Ray Disc player when connected to an optional eSATA-connected Blu-Ray drive. This can benefit people who want to consider running this unit alongside their DVD player as a network media player but may take the plunge for Blu-Ray when they are ready.

At the moment, I am not sure whether this unit can work as a substitute DVD player if it is connected to an eSATA or USB DVD drive or a DVD is loaded in to a connected Blu-Ray drive.

HomePlug AV 802.11n access point

NETGEAR XAVN2001 HomePlug AV 802.11n wireless access point

XAVN2001 HomePlug AV 802.11n wireless access point

One device I am pleased to see on the scene is the XAVN2001 HomePlug AV 802.11n wireless access point which work like some of the 802.11g wireless access points that can connect to a HomePlug 1.0 Turbo segment. It is also available as part of the XAVNB2001 kit which includes the Netgear XAV2001 HomePlug AV-Ethernet bridge as well as this access point. Like these other access points, this unit plugs in to the wall and works as a bridge between an Ethernet segment and a HomePlug AV powerline segment as well as being an access point for a 2.4GHz 802.11n wireless network.

This device can work as a way of extending the effective radio footprint of an 802.11n wireless network with the use of an Ethernet or HomePlug AV wired backbone. On the other hand, it could bring an 802.11n wireless network and Ethernet network point in to an outbuilding or static caravan (trailer) in the manner talked about in my feature article “Multi-Building Home Networks”.

Quick extension-access-point setup with WPS

I had done further research about this access point through Netgear’s Web site and found that this unit uses WPS as a way of simplifying the creation of a multiple-access-point wireless-network segment. This kind of segment, also known as an “extended service set” makes use of multiple access points with the same SSID, network operating mode and security parameters so a portable device can move between access points with minimal user intervention. I have written a bit about the concept of using WPS as a way of simplifying setup of a small multi-access-point wireless network in an article I had posted last year on this site at its old location and had moved to the current location.

The user just has to hold down the unit’s ON-OFF button for a few seconds then press the WPS button on the WPS-ready wireless “edge” router to start the configuration routine. A few moments later, they are then able to move the access point to the area where the Wi-Fi network is needed and proceed to connect this access point to the Ethernet or HomePlug AV backbone which the wireless router should be connected to.

Conclusion

If more manufacturers can look towards making affordable and easy-to-use network devices, they can end up with equipment that will appeal to most users and have equipment that is out of the ordinary.

Send to Kindle

Temporary “client-isolation” override for trusted network client groups on public networks – how about it?

Most Wi-Fi hotspots that are properly set up are configured to isolate client devices on the network that is available for use by the general public. This function, commonly known as AP-isolation or client-isolation is seen as a security measure to stop network users trespassing on to the computers owned by fellow network users.

But there are times when it is desirable for network users to interlink devices using the hotspot’s network infrastructure. For example, a person may want to transfer data between a laptop and another device such as a smartphone or digital camera. Another example would be for two trusted users who want to transfer data between each other or simply to play a network game over that local network.  This kind of client-isolation would make it harder to set up these kind of mutually-trusted network interactions in public networks.

You may think that the only solution would be to use Wi-Fi Direct or similar Wi-Fi-based “personal-area-network” technology. The main limitation with this technology is that it requires the device or trusted computer to be close to the laptop that is the “hub” of the “personal-area-network” rather than be anywhere in the scope of the hotspot network. This can limit activities like photographers and videographers downloading each shot or take to a laptop computer as they complete their shots or takes; or simply the fun of peer-to-peer network gaming.

One way of going about this could be to establish a so-called “trusted-group” protocol for devices in the same logical network and this protocol could be managed at the public-network’s gateway device. The devices could be registered by MAC address or use of a session-driven “trusted-group” key and, once set up this way, inter-client data transfer can proceed through the hotspot network. This could be set up through a management protocol that permits the creation of a trusted group and the addition of client devices to that group.

The creation of the “trusted group” could be integrated at the provisioning stage of one’s hotspot session such as when the disclaimer contract is agreed on or the username and password is validated in a docket-based system. The user would then be pointed to a session-management page where they can log out, buy extra time or add computers and devices to the trusted group.

The main limitation with this is that there isn’t a way to provide for hotspot provisioning to devices like smartphones, PMPs or handheld games consoles. These devices typically have a small screen and use either “pick-n-choose”, SMS-style  or an awkward-to-operate “virtual QWERTY” on-screen keyboard as their text-entry means. This may be of concern if one of these devices is being used to instantiate a hotspot session at a pay-to-use or membership-driven hotspot. This limitation would also make it more difficult to use one of these devices to set up or add devices to a trusted group and it would make it increasingly difficult to establish a local-network gaming session between a group of friends that are using handheld gaming consoles at a fast-food joint for example.

The IT industry could look towards answering this problem through use of UPnP or similar technologies for managing the provisioning of hotspot sessions to end-users and establishment and management of trusted device groups that override hotspot client-isolation setups amongst only the members of those groups.

Send to Kindle

Ozmo’s low-power Wi-Fi technology now with real silicon proof-of-concept

Articles

News articles

Ozmo’s WiFi PAN available Q4, is this the end of Bluetooth’s reign of terror? – Engadget

From the horse’s mouth

Ozmo Devices Announces Revolutionary Solution Powering World’s First Wi-Fi Mouse and Keyboard

Related Articles in this site

The Wi-Fi Personal Area Network is getting closer

Ultra-Low-Power Wireless Networking

My comments and questions

Previously I have covered the topic of WiFi technology being used as a “personal area network” for a computer, which comprises of peripheral devices like mice and keyboards communicating to a particular computer via the WiFi technology. rather than that technology being used to transfer data between computers and other devices in a local area network. What has happened is that Ozmo have come up with a real chipset for use in these devices that can use this medium as well as run for a  long time on batteries. At the same time, Ozmo had built reference designs of wireless mice and keyboards that use this technology to communicate with their host devices.

One main question that I have about Ozmo’s effort is whether the same technology can be applied to devices that link directly to a Wi-Fi local area network’s access point rather than a particular computer? One main application that I see here with this technology would be Wi-Fi as a sensor / control network medium with devices like those that Ekahau had made as part of their Wi-Fi-driven real-time location technology, such as the pager tag which I had talked about in this site previously. Another application would be Internet radios, Wi-Fi-connected speakers and similar multimedia terminals that would be able to work on batteries as well as digital cameras that can upload to network storage or Internet sites or present to DLNA terminals without a severe penalty on battery life.

Another issue would be for a dedicated-function device like a set-top box or games console to support this kind of technology, whether as part of integrated Wi-Fi LAN functionality or as a Wi-Fi PAN setup as an alternative to Bluetooth or infra-red as a way of connecting peripherals, especially control peripherals.

It would be very interesting to see what comes of this technology once the silicon becomes fully available.

Send to Kindle

Debunking the hysteria and paranoia about Google’s Street View Wi-Fi site surveys

Introduction

Over this last few weeks, there has been hysterical media and political activity in Europe and Australia concerning Google’s Street View activities. This activity has become focused on the collection of Wi-Fi network data by the Street Survey vehicles which grab the initial street images.

The hysteria focused on identifying details about Internet use and Wi-Fi devices that existed at individuals’ addresses and that this data could be used to spy on individuals.

The truth

Wi-Fi site surveys are a part of Wi-Fi networking life

The Wi-Fi site survey is associated with nefarious activities like wardriving but it is commonly practised as part of Wi-Fi network use.

When you want to connect to your Wi-Fi wireless network with a client device, you will come to a point in the device’s setup operation where you see a list of SSIDs, then you choose the SSID that you wish to connect to. This is an elementary form of a site survey.

This is extended to technology enthusiasts like myself who activate Wi-Fi network scanning functions on smartphones to see a list of wireless networks operating in the neighbourhood that they are in for curiosity’s sake. Here, we see the list of SSIDs and an icon beside each SSID that indicates whether the network is protected or not. The practice also extends to use of “Wi-Fi-finder” devices to look for open Wi-Fi networks.

Similarly, people who are optimising wireless networks will use software like inSSIDer (which I have reviewed) or HeatMapper for site surveys and wireless-network optimisation. This software can also yield information about the BSSID and operating channel for that particular SSID and more sophisticated versions can use spectrum analysers to determine interfering frequencies or determine the location using support for GPS modules.

This leads me to Navizon and Skyhook Wireless who have done these surveys in order to turn these beacons in to a location tool in a similar manner to GPS or mobile-phone-tower-based positioning. The most common application of this is the Apple iPhone platform which uses this information for locating the phone during setup, avoiding the need for users to determine their time zone or location.

What does my Wi-Fi network yield

A normally-setup wireless access point or router will send out a “beacon” with contains the following data:

  • SSID or ESSID which is the wireless network name
  • BSSID which is the MAC address for the access point’s radio transceiver. This MAC address does not have any relationship to the Ethernet MAC address or the broadband (WAN) interface’s MAC address on your wireless router.
  • Information required to determine security protocol to establish a successful conection

This data that is in this “beacon” is publicly available in a similar context to the information written on a vehicle’s registration label which would have the registration number (written on the number plates / license plates) and the VIN (vehicle identification number) for that vehicle.

It is also worth knowing that all access points and wireless routers have the option to turn off SSID broadcast. Here, you don’t have the SSID made available but have the network listed as a “hidden network” on some devices. This is something you can do in your router’s or access point’s Web-based management interface

When your network client devices are active in your wireless network and are “talking” to your wireless access point or router, they don’t broadcast an SSID or other beacon because they have “latched on” to that access point or router. This data will usually be encrypeted as part of the WPA security protocols that should be in place on your private wireless network.

Conclusion

Once you know how the Wi-Fi network works, you should then know that a site-survey operation should not gather the actual data that is moved across the network.

Send to Kindle