Tag: Wi-Fi EasyConnect

Wi-Fi EasyConnect and EasyMesh are now updated further

Articles

Linksys MR7350 Wi-Fi 6 Mesh Router press picture courtesy of Belkin

Wi-Fi EasyConnect to be upgraded to simplify Internet-of-things setup

Wi-Fi Alliance debuts improvements to Wi-Fi mesh and IoT device onboarding | Wi-Fi NOW

From the horse’s mouth

Wi-Fi Alliance

Wi-Fi Alliance® connects and expands home Wi-Fi® (Press Release)

My Comments

Improvements to EasyConnect

Most of us may think of Wi-Fi EasyConnect as simply scanning a QR code with your smartphone to get your smartphone on to a Wi-Fi network that you want to use. Or it could be about using a smartphine app to scan a QR code on a device you want to bring on board to your home network that your phone is connected to.

But this week the Wi-Fi Alliance have cemented in stone ways of using WI-Fi EasyConnect to bring devices on board to your network. You still have to use a “configurator” program which could be an app on your smartphone to bring devices, known as “enrollees” on board to that network or to join that network yourself.

A Wi-Fi EasyConnect setup can support multiple “configurator” programs which will cater to environments where different software has different capabilities. As well, the standard allows a “configurator” program to work with multiple networks, allowing for realities like an individual ESSID for each waveband or people who are responsible for multiple networks.

Telstra Smarty Modem Generation 2 modem router press picture courtesy of Telstra

.. and to even build out Wi-Fi EasyMesh distributed-wireless networks simply

Here, NFC “tap-and-go” pairing and Bluetooth LE pairing is part of the standard. As well, you can transcribe a PIN or passcode shown on the device or attached to a label on that device to enrol the device to your home network. For cloud-driven device platforms like Amazon Echo, the cloud platform downloads the device identifying details to your computing device to facilitate binding it to your Wi-Fi network.

Android users may be familiar with NFC-based device pairing when they set up some Bluetooth headsets with their phones or tablets. That is where you touch your Android smartphone or tablet to the headset to start the pairing and setup process.

But there currently isn’t support for showing a PIN or passcode on the configuration software for you to transcribe in to your device you are intending to bring on board your Wi-FI home network. Such a procedure could come in to its own with devices that have a keypad or keyboard as part of their control surface, examples being smart locks or TVs that have “many-button” remote controls.

For people who manage enterprise and building networks, Wi-FI EasyConnect is updated also to allow you to onboard devices to your WPA3-Enterprise Wi-Fi business network. Here the network would have to support EAP-TLS and implement X.509 digital certificates. It is to cater towards a reality where business owners and building managers want to bring “Internet-of-Everything” devices which don’t have a rich user interface on to these networks while keeping these networks secure.

For that matter, users of devices running Android 10 or newer versions stand to benefit from Wi-FI EasyConnect in some ways without the need for extra apps to be downloaded from the Google Play Store. Here, they can use their smartphone or tablet to scan a QR code that represents their target network’s Wi-Fi details to accede to that network. Or they can scan a QR code on a Wi-Fi-capable device they want to bring to the network they are using as long as this device supports Wi-Fi EasyConnect.

It is part of making sure that Wi-Fi EasyConnect works as part of the Wi-Fi WPA3 link-layer security specifications which will be required for a Wi-Fi 6 or Wi-Fi 6 wireless-network segment to operate to specification.

The support for Wi-Fi EasyConnect that needs to come about is to have other mobile and desktop operating systems support this standard in some capacity, preferably in a native form. This would have to include using Bluetooth as an alternative to QR codes as a method of sharing Wi-Fi network credentials from a mobile device to a laptop or tablet.

Improvements to EasyMesh

Wi-Fi EasyMesh distributed-wireless setups now support onboarding of new access points using Wi-Fi EasyConnect methods. This means that the same user interface that is needed to get a computer or IoT device on your home network applies to Wi-FI network-infrastructure devices compliant to this standard. It will also be part of making sure that a Wi-Fi EasyMesh network works to the current WPA3 security expectations.

This is in addition to each of the access points in an EasyMesh setup being able to share advanced metrics about how the network is performing as a whole. Here, it will come in to play with those Wi-Fi networks that are managed or supported by other entities like business Wi-Fi.

Conclusion

The revisions to the Wi-Fi EasyConnect and EasyMesh standards are more about simplifying the process to bring Internet-of-Things devices on board to your WPA3-compliant home or business network. It is also about simplifying the process to build out your EasyMesh-compliant distributed wireless network with multiple satellite repeater units.

But what needs to happen is for more software and hardware support for these standards in order that they become increasingly accepted within the marketplace.

Wi-Fi introduces a new way to onboard new wireless-network devices

Articles

Draytek Vigor 2860N VDSL2 business VPN-endpoint router press image courtesy of Draytek UK

A QR code and a configuration app could be the way to get your Wi-FI network going or add a device to that network

From the horse’s mouth

Wi-Fi Alliance

Wi-Fi Easy Connect (Product Page)

My Comments

The Wi-Fi Alliance has released as part of its WPA3 update for wireless-networks security the Wi-Fi Easy Connect protocol for onboarding new devices to a Wi-Fi network segment. It will work with extant WPA2 network segments as well as newer WPA3-compliant segments which offers the chance for existing Wi-FI devices to support this technology. That is alongside the ability for device manufacturers and software / operating-system developers to meld it in to their existing products using new code.

It is intended for onboarding devices that have a limited user interface including onboarding Internet-capable “white goods” and “backbone” devices like fridges or heating / cooling equipment to your Wi-Fi network. It is currently being seen as an alternative to the push-button-based WPS configuration process for devices that don’t have much in the way of a user interface. For Android smartphone users, much of this process will be similar to using a printed QR code to “onboard” your smartphone to an existing Wi-Fi wireless network.

What is it about?

QR Code used on a poster

QR codes like what’s used on this poster will be part of configuring your Wi-Fi wireless network

The main goal with the Wi-Fi EasyConnect standard is to permit a device with a rich user interface like a laptop, tablet or smartphone running suitable configuration software to pass configuration information to other devices that have a limited user interface. This can be facilitated with an independent configuration app or function that is part of the device’s operating system. Or it could be to allow configuration through the access point using its Web-based management user interface or a management app supplied by the access point’s manufacturer.

In all cases, the software that looks after the configuration aspect is described as a configurator. Access points or client devices that want to be part of the network are described as “enrollee” devices.

Android main interactive lock screen

Smartphones will become part of your Wi-Fi network’s setup or device-onboarding process

It can be feasible for one device to assume the role of a configurator or enrollee. An obvious example would be a computing device like a laptop, tablet or smartphone being able to come onboard an existing Wi-Fi network then you using that same computing device to bring another device like a network-capable fridge on board. Or you could bring a Smart TV or set-top box on-board to your Wi-Fi network using Wi-Fi Easy Connect but it then has the ability to be a “set-up point” for smartphones or tablets who want to join your Wi-FI network.

There are different ways of “associating” the enrollee device with the configurator device but it is primarily about making both devices know that they are trusted by each other.

The main method would be to use a QR code.that is on a sticker or card associated with the device or shown on the device’s display if this display is of the bitmapped graphical kind or can connect to a TV or monitor. Then the configuration device would scan this QR code if it is equipped with a camera.

Another option that is put forward is to use a text string written on a card or shown on a display and this would be used for configuration devices not equipped with a camera. This kind of situation may come in to its own if you are running a configuration program from a regular computer that isn’t equipped with a functioning Webcam.

.. as will laptops, Ultrabooks like this Dell XPS 13 and tablets

The Device Provisioning Protocol standard that is what the Wi-Fi EasyConnect feature is based on supports the use of NFC “touch-and-go” or Bluetooth Low Energy wireless link as another way to interlink a configuration device and an enrollee device during the setup phase. Both these technologies could work well with smartphone-centric applications, wireless speakers, connected building-management technology and the like. But these haven’t been placed as part of the certification testing that Wi-Fi Alliance has for the EasyConnect standard.

Once the initial information is exchanged between the devices, both devices will establish a separate secure Wi-Fi link with each other. Then the configuration software on one of the devices will use this link to pass through the parameters necessary to allow the enrollee device to connect with the extant Wi-Fi network. The whole configuration data-exchange is secured using asymmetrical public-key cryptography with the public key obtained during the initial setup process. Then that device hunts for, discovers and connects to the newly-programmed network.

There is the ability to use this same setup with an access point to set it up to work with an extant network or to create a new network. The latter situation would most likely be based around accepting a machine-generated ESSID and password or allowing the user to enter an ESSID and/or password. On the other hand, the previously-connected Wi-Fi networks list that an operating system maintains could be a data source for configuring a Wi-Fi device to a particular extant network using EasyConnect.

From the FAQs that I had read on the Wi-Fi Alliance Website, the Wi-Fi EasyConnect protocol allows for a single configuration program to configure multiple enrollee devices at once. Here, it is to facilitate situations where you are onboarding many IoT devices at once or are creating a new Wi-Fi network with new credentials.

But it doesn’t support the ability to onboard a single Wi-Fi client device to two Wi-Fi networks at once like your main network and a hotspot / guest network. Instead you have to repeat the Wi-Fi EasyConnect procedure including scanning the QR code for each network you want a device to associate with. This is so you can have greater control over what networks your devices are to associate with, but it can be of concern if you have a separate Wi-Fi network segment with distinct ESSID (network name) linking to the same logical network such as when dealing with a dual-band network with separate network names for each band.

What needs to be done

Personally, I would like to see Wi-Fi EasyConnect configuration functionality baked in to desktop and mobile operating systems including Apple’s operating systems rather than be separate programs. This avoids the need to find, download and install separate EasyConnect apps from your platform’s app store or loading a computer or smartphone with too many apps. But it could encourage other software developers to build improved Wi-Fi EasyConnect configuration apps that may, perhaps, suit particular user needs like asset control in the business-computing context.

I would also encourage the idea of maintaining WPS-PBC push-button pairing as an alternative method to Wi-Fi EasyConnect for onboarding Wi-Fi devices. This is more so for those devices that have a limited or no user interface and the goal is to quickly onboard a device without a rich user interface like a printer to a Wi-Fi router or access point.

Similarly, the use of NFC or Bluetooth as a legitimate certification option for onboarding Wi-Fi devices has to be encouraged and underscored through the life of this standard. Here, I would prefer that smartphones or tablets equipped with NFC and / or Bluetooth be tested to be compliant with the NFC and Bluetooth aspects of this standard.

There also has to be the ability with Wi-Fi EasyConnect to onboard a Wi-Fi network device with a limited user interface to an enterprise-grade Wi-Fi network that uses individual usernames and passwords. This is important for “Internet-Of-Things” devices that will increasingly be part of these networks.

Conclusion

Wi-Fi EasyConnect leads to another way of onboarding a Wi-Fi network device or access point using another device equipped with a rich user interface and can apply across all small-network setups.