Wednesday, May 29, 2013

The WhoIS Podcast: You Have a Bigger Impact Than You Realize

I just finished listening to the fourth edition of Josh O'Brien's WhoIS interview series. If you're not familiar with this podcast series, it was created as a way to get to know more about people in IT who you've probably interacted with online and might have met in person. Josh asks each person the same questions, and the answers are often very different.

This time he was interviewing Tom Hollingsworth. I think a few things Tom said bear repeating. The question was "Should every engineer blog or be active in social media communities?" Tom's answer was an emphatic yes! He says everyone has at least one good blog post in them. Tom goes on to describe how the encouragement of his mentors helped him to achieve things he never thought possible for himself.

As a side note, we can never be fully aware of the impact we have on other peoples' lives. The words of encouragement you give someone today can have a far bigger impact than you might ever realize.

The third edition of the podcast was Josh's interview with me. We barely scratched the surface of the issue of women in IT, but I did touch on the uphill battles I've faced in my career. I got my start into IT by taking night classes from Mr. Vanderpool at Winter Park Tech, but the catalyst that got me there was the IT guy who acted like the information he had was a priceless gem he couldn't share. I thought "What could he possibly know that I can't learn?"

Episode two in the series was with Stephen Foskett of Gestalt IT. Stephen describes how he got his start in IT via salvaging Convergent Miniframes from the dumpster at his college. They'd been damaged in a fire but cleaned up nicely and still worked, so he and his roommates built their own Unix powered BBS in their dorm room with the salvaged gear! That experience helped Stephen land his first job as a Unix administrator.

I'm looking forward to the next episode of the WhoIS series. It is interesting to hear people tell the story of how they got their start in IT and hear them talk about what motivates them today. 

Josh's WhoIs podcast can be streamed/downloaded from his website.

Monday, May 27, 2013

MetaGeek InSSIDer for Office with the Wi-Spy mini adapter

I had the good fortune to be gifted a copy of inSSIDer along with a Wi-Spy mini adapter from the crew at the MetaGeek booth at Interop recently.

I ran the application through its paces and made a quick demonstration video to show the information the application gathers about the nearby wireless networks.

The application runs on Windows Vista, 7 and 8 so I had to try it out on my trusty site survey laptop. That laptop has a b/g only wireless card built in, so I used my USB hub to connect the Linksys AE6000 a/b/g/n/ac adapter and the Wi-Spy mini. 

The Wi-Spy mini is a new form factor for the Wi-Spy tool. The mini adapter is one of those tiny little tools that if you don't put it right back where you got it from, you'll lose it. I can easily see the Wi-Spy mini ending up in the washing machine because you left it in the pocket of your work pants. So put it back where you found it!

That being said, it is much nicer to have a teeny-tiny tool sticking out of the side of your laptop than a big honking thing with an attached antenna (now if only I had a survey laptop with more than one USB port).

The inSSIDer for Office has all of the features that you would need in order to identify all the nearby wireless networks and sources of interference affecting the 2.4GHz frequency. There are series of menu tabs LEARN, NETWORKS, CHANNELS and ANALYZE at the top of the screen. The application is well laid out and easy to navigate without having read the manual.

Sam Clements has also written a blog post about his hands-on experience with inSSIDer. I decided making a quick YouTube video was easier than me making a bunch of screen grabs. Sam already wrote a great post full of screen grabs!

The specs from the MetaGeek website list the features of inSSIDer for Office as:
  • Display table of surrounding networks
  • Trace Co-Channel and Overlapping Network strengths
  • Powerful Filtering Engine
  • Number of networks to “star” for optimization
  • Link score reflects actual RF congestion
  • Detailed breakdown of measurements per-channel
  • Expert tips tailored to your environment
  • Includes Wi-Spy Mini (coin-sized USB 2.4 GHz Spectrum Analyzer)
Thank you to the team at MetaGeek for being so kind to gift me the Wi-Spy mini adapter and a copy of inSSIDer for Office!

Friday, May 24, 2013

Aruba Model 220 Access Point new with 802.11ac!

This week was the official launch of Aruba's new 802.11ac access point. Blake Krone, Chris Lyttle, Daniel Cybulskie, Keith Parsons, Ryan Adzima and I attended the product launch announcement as a members of the Tech Field Day Roundtable group. The day's agenda for the kickoff event was to announce the technical aspects of the new access point, perform a live demonstration of its capabilities and then we met with key people from Microsoft, Netflix and Exafort to learn more about how Aruba has strategically partnered with vendors and customers to fine tune Aruba's own products and provide advanced support for enterprise customers.

Aruba 802.11ac Announcement with Keerti Melkote, Aruba CTO and Founder

Keerti Melkote took us through the history of Aruba Networks, describing the product features released since the company founding. He spoke about the Meridian acquisition. The acquisition of Meridian provides location based information, the ability interacting with exhibits in museums through the Meridian application, and push notifications to client devices.

The future goals of wireless networks are to enable the all wireless office
  • Move to 802.11ac
    • Aruba 220 series AP with ClientMatch
  • Unplug the desk phone
    • AppRF with Microsoft Lync Visibility
  • See the apps and the air
    • ArubaOS 6.3 and AirWave 7.7
The new Aruba 220 802.11ac access point has a $1295 list price, and is available as a controller managed and controller-less. 
  • Lifetime warranty
  • 3x3:3 dual radio (turbo QAM)
  • 2X GE link aggregation
  • 1Gbps TCP throughput
  • High availability 
  • Operates with 802.3af, requires 802.3at for full functionality.
  • Purpose built instead of modular
  • Power draw is 15w vs 25w
The enclosure design of the access point now has an iso plane to separate the antennas from the board as well as no ventilation holes. This solves the problem of not being able to install other Aruba access points with ventilation holes in environments where the access point might be exposed to moisture and dust.

Peter Lane then demonstrated the performance of the Aruba AP 220 802.11ac access point through a live demonstration.

Aruba's test results achieved 830 Mbps on a dual stream laptop, and 240 Mbps on a single stream smart phone.

The fastest 802.11ac rates drop down to 802.11n speeds at 50 ft from the access point. Maintaining this desired distance from the access point is how you can deliver the capacity of 802.11ac to mobile client devices.

The advancements that Aruba has made in ClientMatch allows this technology to work at several different layers of the OSI protocol stack.
  • ClientMatch (L1) for link optimization moves clients to APs that have better signal strengths for them to connect to. Simply link optimization for client devices.
  • ClientMatch (L2-L3) for traffic optimization takes AP load into consideration when moving clients to other APs. Uses signal strength and load of the AP.
  • ClientMatch for App Optimization (L4-L7) is a version of SDN to optimize the WLAN to the client/app information.
The client testing Aruba has performed uncovered that the Android software version 2.3 roams notoriously badly.

ClientMatch has device type identification built into it and helps ClientMatch make moving decisions. ClientMatch will stop steering clients for 2 months at a time to stop causing problems with a client device that doesn't want to roam. Aruba is optimizing the bottom 20% of the network instead of the top performing devices that could be improved a small percentage more.

VisualRF now shows the health of the client by the colored circle shown around the client device. Visual RF now integrates with Lync API via a diagnostics API. The QoS for all Lync apps, call admission control and Wi-Fi call quality stats can be shown through Visual RF. Aruba Networks is the only Lync qualified wireless LAN.

The visibility into the diagnostics API of Lync is new. Soon Aruba will be able to tie in Lync diagnostic information into ClientMatch to make more intelligent decisions on client roaming based on Lync application data.

Future of wireless networks
  • 2013+
    • Mobile
    • Personal LANs
    • Software-centric
    • L4-7 based
    • Open architecture
Microsoft Lync over Wi-Fi with Pascal Menezes, Sr. Program Manager at Microsoft

Pascal presented the history of the partnership between Lync and Aruba Networks.

Lync is the enterprise version of Skype. Lync can be an instant messaging platform which can determine presence across Lync and Skype platforms.

Lync 2013 Mobile Client Features don't support viewing shared Lync content on anything other than an iPad or a Windows 8 or Windows RT OS. I found this interesting since it was the only features line without all the check boxes checked. 

Microsoft started a Lync Wi-Fi Partner Program and Aruba was the first partner to work with them. The qualification program means Microsoft has done all the testing required to ensure interoperability with vendors' wifi networks. The Lync Network Diagnostic API is the forward looking portion towards Software Defined Networking (SDN) in wireless networks.

Aruba OS and higher is the firmware version Lync tested.

The Lync/Aruba interoperability testing environment

  • Two buildings were upgraded to support real-time media.
  • Testing facility was B30 and B31 in Redmond. Each building has 600 Lync users.
  • There are a total of 182 Aruba APs (about every 60 feet apart). Based on the trial results, MSIT is upgrading the entire global Wi-Fi infrastructure to 802.11n.
  • Spent two years tweaking the wireless network.
    • Signals -45Bm to -65dbn and snr better than 30db
    • OKC enabled (no 802.11r) fast BSS transition support
    • Enabled ARM
    • WPA2 in enterprise mode
  • Adjusted the DTIM timer to 3 for mobile devices to save on battery life
  • The sticky clients they saw would hang at -90dbm and then roam to an AP with -60dbm.
    • Client devices would experience seconds of audio outages during these roam times.
The rate adaption algorithms and TX retries may take up too much airtime in retries for UC real-time media traffic. Existing STAs rate adaption algorithms not well suited for UC.

The Microsoft Lync team has proposed for a Mobile Multimedia Over Wi-Fi WFA WG
Support of 18 Wi-Fi vendors. The goal of the proposal is to develop a certification that improves the Wi-Fi roaming and application performance in enterprise and public venues in a manner that is impelling for vendors. The ability to verify performance for real-time voice and video over Wi-Fi is the ultimate goal of this proposal, as QoS is difficult to deploy and is expensive and complex to manage. In most enterprise networks, QoS is not widely implemented end to end (from the wireless to the wired networks).

After the presentation from Pascal, we had our roundtable discussion about the Aruba announcement and our opinions on 802.11ac. We discussed sticky clients, antenna design of the Aruba 220 access point, the Lync diagnostic API and our wish for a portable tool which would allow wireless engineers to view the Lync diagnostic data without requiring a login to the Lync server.

Designing Wi-Fi for Voice & Video with Mike Kail, Netflix VP of IT

Mike D. Kail VP of IT Operations at Netflix described how 802.11ac affects their all-wireless office environment.

Netflix uses Wi-Fi for Voice and Video throughout their offices. Netflix has a 100% mobile office. This increases productivity to be able to work anywhere within wifi range. Some graphic designers have iMacs that are hardwired, but everyone else is wireless. The docking station may be used for Accounting people, but it's rare to be wired into the network. Netflix employees still have desk phones but most people use their cell phones. They are desk phone optional (internal recruiting team and the legal team probably use wired phones).

The ultimate goal of the Netflix network design is to achieve a Zero Trust Network
  • Goal is no perimeter firewall 'gate' 
  • Identity is the new perimeter
  • Moving all devices to EAP-TLS
  • Evaluating ClearPass
  • They use Google+ hangouts for collaboration
  • Telepresence and Lifesize are used for video conferencing.
Netflix prioritizes multimedia on the same SSID as data and all Android and iOS devices are allowed, no exceptions. Netflix is beta testing Aruba's 802.11ac access points and evaluating Aruba RAPs for remote locations to extend corporate networks to home users.

Netflix Content Operations does the QC streaming testing of the UI across wifi networks. The Los Gatos campus is 5 buildings with 280 APs, and at any given time, there are 1300 - 1400 people accessing the Internet. Typical Netflix upload/download speeds are 199 Mbps down / 174 Mbps up.

Netflix employees can use any device, as they've implemented security to access to the data, not the access to the device.

Netflix had some original access point placement issues, some areas have multiple SSIDs and there are a few roaming problems that are problems on the client side. Overall, Netflix has one main SSID and a couple others that give them presence into other countries. The additional SSIDs are locked down to specific floors for testing.

Smart TVs and Apple TVs (due to the authentication method used [EAP-TLS]) are wired.
100% EAP-TLS, no captive portals, but there is an open guest network that uses ClearPass. Netflix is also looking to implement their own open source certificate framework. Netflix uses CACTI and MRTG to monitor their wireless network in conjunction with AirWave. Netflix is also active in Github and uses open source software whenever possible. Netflix is also working to implement NAC on the wired ports to form the Zero Trust Network.

Next-gen Access Network Design with Arun Kanchi, Exafort CEO
Arun Kanchi CEO of Exafort
Exafort is a Cloud and Mobile Systems Integrator

Mobility needs summarized in three words:
  • Security
    • the security of corporate data
  • Privacy
    •  the personal privacy of workspace apps
  • Experience
    •   ease of use, self registration, content based access
Exafort manages the wireless infrastructure for Arista for site surveys, design and deployment as well as IT help desk as a service. Arista's IT infrastructure is 90% cloud based - Wi-Fi, tools, corporate business applications. Exafort has planned an AP deployment ratio of 75 access points to 1000 people. Exafort has planned a 100% redundant wireless LAN design. They've planned the access point placements so that there was bleed over between floors and this bleed through coverage would support users on that floor.

Exafort is pulling two cables to the APs, the additional expense is the physical cabling. They're not having to pull a new run. The second run is half the cost of the first run. The ports on the AP will only have one live at a time, but each access point is occupying two full switch ports. The new Arista building is going live in the fall of 2013 and will be the first wireless network for Arista. Exafort has been managing Arista's IT infrastructure since 2009.

Exafort used AirWave to do a predictive survey for the new building deployment. Exafort didn't use SNR or RSSI metrics within AirWave to design the predictive deployment, the used the coverage model to design so that all areas of the building were covered in signal strength shown in green in AirWave. Exafort is using a 20 MHz channel plan for 2.4GHz and 40 MHz for the 5 GHz, and they're relying on RRM to auto adjust the channels/and keep the noise floor low.

To wrap up: I was very excited to be invited to attend this launch in person! There are so many things happening in the wireless space: product launches, acquisitions, changes in RF design due to high density clients and the continual advancements of consumer devices. It was an honor to be invited and contributed my two cents worth to the discussion. Thank you to Aruba Networks and Gestalt IT for inviting me!