Archive for February, 2019

Meet NEXUS – Battery Powered & RF-Based Lockdown Technology

Thursday, February 28th, 2019

Net-Ctrl has expanded its building management portfolio with the Nexus Wireless Alert System. The new NEXUS Wireless Alert system is aimed at organisations, schools and colleges as a lockdown system in the event of an incident requiring rapid restrictions to a site.

It is quick and easy to install with no civil works or cabling required and is fully portable.

The solution at a glance:

  • Battery powered
  • Rapidly deployable and reusable
  • Wireless with up to 64 units on one site
  • Long range transmission of 1km between units  
  • Visual beacon and audible sounder/enunciator
  • Works on advanced wireless mesh protocol negating the need for repeaters
  • IP Masthead receiver available for remote monitoring
  • 3-year battery life with low battery alerts

NEXUS uses a secure wireless mesh protocol to provide a long-range, robust system, designed to alert occupants to a threat on or near their site requiring a lockdown procedure to be implemented.

There is a maximum of 64 units per site, and when one NEXUS unit is activated, it will trigger all units in range to sound an audible lockdown message, accompanied by a flashing beacon light. 

Intelligent power saving technology ensures a long battery life of up to three years, keeping service calls to a minimum and reducing the environmental impact. 

NEXUS is available in both internal and external options – external units are fully weatherproof to IP66 standard.

If you would like to book a meeting slot in advance email marketing@net-ctrl.com.

Stay On The Safe Side With Intelligent IP Video Systems From MOBOTIX

Tuesday, February 26th, 2019

MOBOTIX, the leading manufacturer of premium-quality secure IP video systems, is responding to the latest news about the use of non-secure hardware and software in IT or network infrastructures. Global players from the U.S. have already reacted and banned certain manufacturers from public contracts. Australia has also forbidden the use of products from certain manufacturers that are under suspicion of facilitating unauthorized access to data or not being able of warding off hacker attacks via cells on SoCs (System on a Chip).

Thomas Dieregsweiler, Head of Product Management at MOBOTIX, confirms that with certain Systems-on-Chips no reliable protection can be guaranteed when using them. Especially when the basic software is used by third-party SoC vendors, it is difficult to assess the risks for these vendors. SoCs are chips onto which functions of a programmable electronic system (such as an IP-based video surveillance system) are integrated.

MOBOTIX only uses high-performance industrial FPGAs (Field Programmable Gate Arrays) from well-known American manufacturers for its hardware and image generation chains, providing reliable protection for the user. An FPGA is used for the continuous processing of digital signals such as audio and video signals, neural networks and Deep Learning Algorithms / Artificial Intelligence and makes the system far more invulnerable to hacker attacks and espionage software.

“We use proprietary MOBOTIX software on these processors and retain full control over what the entire system does and is capable of,” Thomas Dieregsweiler explains. This approach is a core component of the MOBOTIX “Cactus Concept,” a company-wide overall strategy for cyber-secure products and solutions. Alongside numerous technical measures, such as the use of FPGAs, control over the entire value-adding chain is a key factor in implementing the MOBOTIX “Cactus Concept.”

“We haven’t detected any hacker attacks on our security systems to date,” Thomas Dieregsweiler emphasizes.
In order to prevent security gaps from arising in the first place, the MOBOTIX Security Team regularly checks hardware and software, also in cooperation with internationally recognized penetration test houses. In addition, MOBOTIX offers trainings and webinars to train partners and customers on the topic of security and to raise their awareness for IT security issues.

Thus, MOBOTIX provides end-to-end solutions that offer significantly more protection than the industry standard: A consistent security concept including encryption “Made in Germany”, which was successfully tested by SySS GmbH, the market leader in Germany in the field of penetration testing.

About MOBOTIX AG

MOBOTIX is a leading manufacturer of premium-quality, intelligent IP video systems and sets standards for innovative camera technologies and decentralized security solutions with the highest level of cybersecurity. MOBOTIX was founded in 1999 and is based in Langmeil, Germany. MOBOTIX has an in-house research and development department, an in-house production facility in Germany and operates distribution companies in New York, Dubai, Sydney, Paris and Madrid. Customers worldwide trust in the durability and reliability of MOBOTIX hardware and software. The flexibility, built-in intelligence and unparalleled data security of the company’s solutions are appreciated in many industries. MOBOTIX products and solutions help customers in industries such as industrial manufacturing, retail, logistics and healthcare. With strong and international technology partnerships, the company will continue to expand its universal platform and develop new applications in the future.

The Evolution of Wi-Fi 6: Part 4

Tuesday, February 26th, 2019

In part three of this series, we took an in-depth look at OFDMA, MU-MIMO and BSS Coloring. In this blog post, we’ll explore target wake time (TWT), 1024-QAM and Long OFDM Signal.

Target Wake Time (TWT) and Wi-Fi 6

Target wake time (TWT) is another mechanism introduced in the Wi-Fi 6 (802.11x) standard. Essentially, TWT allows devices to deterministically negotiate when and how often they wake up to send or receive data. TWT increases device sleep time and in turn, substantially improves battery life, a feature that is especially important for IoT devices. In addition to saving power on the client device side, TWT enables wireless access points (APs) and devices to negotiate and find specific times to access the medium. This helps optimize spectral efficiency by reducing contention and overlap between users.

1024-QAM & the Need for Speed

Although bolstering spectral efficiency is one of the defining features of Wi-Fi 6 (802.11ax), an additional speed boost facilitated by 1024-QAM is obviously a nice bonus. Quadrature amplitude modulation, or QAM, uses both phase and amplitude of an RF signal to represent data bits. As we mentioned above, Wi-Fi 6 (802.11ax) introduces 1024-QAM, along with new modulation and coding schemes (MCS). These define higher data rates that bolster throughput and enable 25% higher capacity with 10 bits per symbol versus 8 bits in 256-QAM, the latter of which is supported by Wi-Fi 5 (802.11ac). Put simply, more bits equal more data, making the (payload) delivery of data more efficient.

Wi-Fi 6 (802.11ax) also introduces two new modulation coding schemes: MCS 10 and MCS 11. Both will likely be optional. It should be noted that 1024-QAM can only be used with 242 subcarrier resource units (RUs) or larger. This means that at least a full 20 MHz channel will be required for 1024-QAM.

Long OFDM Signal & Outdoor APs

When indoor wireless devices transmit a signal, the RF signal reaches the destination receiver directly, or via rapid reflections of walls ceilings and other obstacles. This is referred to as multipath. The OFDM symbol was originally designed with indoor Wi-Fi in mind, with multipath reflected RF signals expected to reach the receiver very quickly. The original OFDM symbol was composed of guard intervals followed by a data portion, then another guard interval and then another data portion, area and so forth. The guard interval was either 0.4 or 0.8 microseconds – with the useful OFDM data portion set at 3.2 microseconds.

With outdoor Wi-Fi, the guard interval needs to be increased to compensate for extended or distant reflections. As such, Wi-Fi 6 introduces Long Signal OFDM, which allows up to a 3.2 microsecond guard interval with the data packet area being increased 4x, or up to 12.8 microseconds. This offers a much broader multipath tolerance, reduces overhead and bolsters throughput, thereby making outdoor Wi-Fi more reliable and dependable.

More GHz For the IoT

As we discussed in part one of this series, Wi-Fi 6 (802.11ax) will support both 2.4 GHz (for the IoT) and 5 GHz, as opposed to Wi-Fi 5 (802.11ac), which only supported the latter. Moreover, the FCC is slated to open the 6 GHz spectrum for Wi-Fi 6 in 2019, thereby creating more than one GHz of new unlicensed spectrum. This is an important development, as the amount of Wi-Fi spectrum in the United States has remained essentially unchanged for more than a decade. From our perspective, the combination of Wi-Fi 6 (802.11ax) and the newly opened 6 GHz spectrum has the potential to fuel a perfect storm of disruption for the wireless industry.

Click here to view the original post by The Ruckus Room.

5 Issues that impact Wi-Fi performance in dense environments

Thursday, February 21st, 2019

Worldwide data and video traffic are growing at double-digit rates. This increase is driven by connected devices and applications like 4K video streaming, VR/AR and eSports. Adding to the complexity of this environment impacting Wi-Fi performance are diversifying device categories and apps, such as headless IoT devices, video and voice-over-Wi-Fi.

Moreover, the congestion of people, devices and bandwidth-hungry apps makes for numerous real-world challenges that conventional wireless technology has difficulty overcoming, especially in dense environments. Let’s take a closer look at some of these challenges below.

Overloaded network

Wi-Fi antennas often radiate signals – like a lightbulb radiates light – in all directions. This can create misdirected and wasted radio energy.

The solution? Ruckus BeamFlex+ technology, which enables the antenna system within a Ruckus access point (AP) to dynamically sense and optimize for its environment. The antenna system also significantly bolsters range and Wi-Fi performance by mitigating radio interference, as well as noise and wireless performance issues.

Too many devices

All access points use ‘lanes’ (radio channels) to transmit and receive traffic. However, a specific lane can become congested, leaving an AP unable to determine if other lanes are free to accommodate wireless traffic.

The solution? Ruckus ChannelFly dynamic channel management, which helps our APs boost Wi-Fi performance by dynamically (automatically) switching a client from a crowded channel to a less congested one.

Wasted radio energy

Excessive management traffic typically saturates available Wi-Fi spectrum in dense Wi-Fi environments. This results in reduced connectivity and low per-client throughput.

The solution? Ruckus Airtime Decongestion, which enables APs to more selectively respond to clients. This dramatically increases overall network efficiency for higher airtime utilization and delivers a more optimized user experience.

Channel congestion

APs are frequently overloaded with an uneven client load in dense network environments. This inefficient utilization of network capacity results in a sub-optimal client-to-AP link quality and lower throughput for clients.

The solution? Ruckus Network Capacity Utilization, which employs real-time learning techniques to associate clients with APs that offer higher link quality and capacity. This mechanism facilitates higher overall network capacity and higher per-client throughput.

Unwanted management traffic

Thousands of non-connecting ‘transient’ devices – often in transport hubs – frequently create unwanted management traffic that negatively impacts Wi-Fi performance.

The solution? Ruckus Transient Client Management, which maintains throughput levels for priority clients in high transient-client environments by delaying AP association with low-priority transient clients.

TO speak to someone about your wireless projects, please get in touch by completing a Contact Form, emailing sales@net-ctrl.com or calling on 01473 281 211.

The evolution of Wi-Fi 6: part 3

Tuesday, February 19th, 2019

In part two of this series, we explored the basics of MU-MIMO, OFDMA, and 1024-QAM. In this blog post, we’ll take a closer look at Wi-Fi speeds, along with an in-depth look at OFDMA, MU-MIMO and BSS Coloring.

Theoretical peak speeds vs. network capacity and efficiency

As we’ve emphasized throughout this series, the 802.11 standard has rapidly and significantly evolved over the past two decades. For example, wireless LANs once focused on achieving theoretical peak speeds. With the advent of Wi-Fi 6 (802.11ax), the emphasis has shifted to overall network capacity and efficiency, in addition to throughput speeds. As the latest iteration of 802.11, Wi-Fi 6 (802.11ax) is expected to become prevalent in ultra-dense environments such as transport hubs, urban apartment complexes, college campuses, concert venues and sports stadiums. These are all locations where many clients routinely access the internet over Wi-Fi, as well as share UHD content and stream 4K video.

Currently, in advanced development, the IEEE 802.11ax standard is slated to be released in 2019. It is worth noting that the maximum theoretical speed of Wi-Fi 4 (802.11n) was 150 megabits per second, per stream. Wi-Fi 5 (802.11ac) increased this to a theoretical speed of 866 megabits per second, per stream, which is considered a six-fold jump. Wi-Fi 6 (802.11ax) supports maximum speeds of up to 1201 megabits per second. Although Wi-Fi 6 is certainly faster than its predecessor, it is not the six-fold increase seen with the release of Wi-Fi 5 (802.11ac).

Wi-Fi 6: 4x increase in throughput

More specifically, Wi-Fi 6 (802.11ax) is expected to boast a 4x increase in throughput for the average user. This is primarily due to more efficient spectrum utilization and various improvements for dense deployments. Clearly, speed is not the most important issue, as the maximum rates are notoriously inaccurate when it comes to real-world performance. These can vary widely based on a range of obstacles, other signals in the air, multipath reflections and the capabilities of both access points and client devices.

To address these issues, Wi-Fi 6 (802.11ax) aims to improve efficiency by delivering consistently higher real-world speeds than Wi-Fi 5 (802.11 ac). As we noted in part three of this series, W-Fi 6 introduces orthogonal frequency-division multiple access or OFDMA. The mechanism – which is (4G) LTE-proven – provides more efficient access for users. Essentially, OFDMA technology allows multiple users with varying bandwidth needs to be served simultaneously by dividing each wireless channel into multiple sub-channels. This allows multiple clients to talk to the AP – simultaneously – over a single-channel (depending on the channel size). More specifically: 9 clients over a 20 MHz channel, 18 over a 40 MHz channel, and 37 over an 80 MHz channel. With multiple smaller channels, the AP can offer flexible bandwidth allocation to each device based on specific data requirements, thereby increasing overall network performance. It should be noted that smaller sub-channels are known as Resource Units (RU) or RU tones. The minimum size of one RU is 26 tones or subcarriers, which equals approximately 2 MHz. In practical terms, this means a 20 MHz channel can serve up to 9 users.

Working in tandem: OFDMA & MU-MIMO

OFDMA works in tandem with MU-MIMO, the latter of which helps APs address multiple devices simultaneously, instead of one at a time. From a precise chronological perspective, MU-MIMO was introduced as part of Wi-Fi 5 (802.11n), but only supported the mechanism in downlink mode. In contrast, Wi-Fi 6 (802.11ax) supports up to 8×8 MU-MIMO in both downlink and uplink modes – allowing APs to serve up to 8 users simultaneously. It is important to understand that MU-MIMO also benefits the performance of legacy devices such as those designed to support Wi-Fi 5 (Wave 2) devices.

BSS Coloring

Another important Wi-Fi 6 (802.11ax) feature is Basic Service Set (BSS) Coloring, which can perhaps best be described as a six-bit identifier attached to each PHY header that indicates the origin of the wireless LAN. Since Wi-Fi is a half-duplex medium – meaning that only one radio can transmit on a frequency domain or channel at any given time – Wi-Fi 6 (802.11ax) will defer transmission if it ‘hears’ the PHY preamble transmission of any Wi-Fi 6 radio at a signal detect or SD threshold of four decibels or greater. This medium contention overhead is a major issue in high-density venues such as a stadium or large conference rooms due to the sheer number of APs and clients.

Unnecessary medium contention is referred to as overlapping basic service sets (OBSS), or co-channel interference (CCI). Wi-Fi 6 (802.11ax) addresses this challenge by improving spatial reuse, which is often referred to as BSS Coloring. This mechanism was initially introduced as part of 802.11ah to address medium contention overhead due to OBSS. It assigns a different colour, a number between 0 and 63, which is added to the PHY header of the Wi-Fi 6 (802.11ax) frame to each BSS in an environment. With BSS colouring, an AP can identify which frames are coming from other networks – and ignore them if they are below a certain threshold of weakness to prevent interference. This helps avoid unnecessary wireless slowdowns.

View the original blog post by The Ruckus Room.

Introducing PAN-OS 9.0: Stop Threats Hiding in DNS, Close Security Gaps

Tuesday, February 19th, 2019

We’re excited to announce PAN-OS 9.0, the latest version of the software that powers our next-generation firewalls. PAN-OS 9.0 delivers over 60 tightly integrated innovations that strengthen security. The new DNS Security service continues our tradition of expanding the platform and replacing disconnected point products. We have always set the standard for next-generation firewalls — keeping you on the cutting edge while simplifying security.

Here are a few highlights from PAN-OS 9.0.

Stop threats hiding in DNS traffic

DNS is essential to running your business, but according to the Unit 42 threat research team, almost 80 percent of malware uses DNS to establish command and control. Today, security teams lack the visibility, scale, and agility needed to stop threats that use DNS. Our new DNS Security service applies predictive analytics and infinite cloud scale to disrupt attacks that use DNS for command and control or data theft. Using shared threat intelligence and machine learning, DNS Security enables teams to quickly identify threats hidden in DNS traffic. Because the service is tightly integrated with our next-generation firewall, customers get automated protections and eliminate the need for independent tools or changes to DNS infrastructure.

Close dangerous policy gaps faster and more easily

The new Policy Optimizer strengthens security by closing dangerous policy gaps left by legacy firewall policies. Policy Optimizer’s simple workflows use intelligence gathered by PAN-OS to easily move from legacy rules to App-ID-based rules. Taking complexity out by removing scores of legacy rules reduces human error, which is a leading cause of data breaches. With PAN-OS 9.0, we continue to deliver the tools you need to implement best practices that reduce the risk of attack.

Reduce web-based threat exposure

We’ve taken URL Filtering to the next level with powerful new capabilities to protect your organization from web-based threats. Applied analytics powers granular web policy for more control and flexibility than ever. New risk ratings take the guesswork out of choosing which sites to block or allow. Based on policy, automated actions let you trigger additional inspection or containment, including turning on SSL decryption. Machine learning-based image recognition dramatically increases phishing detection, finding even the most evasive sites attempting to steal your credentials. And finally, your protection is always up to date with instant updates for newly discovered malicious sites.

Protect your network with the fastest next-generation firewall ever

Organizations with large data centers, high volumes of encrypted traffic, and a growing ecosystem of internet of things (IoT) devices must secure more network traffic than ever. Our PA-7000 Series, with new line cards, is the fastest next-generation firewall in the industry, delivering performance without compromising security. Our all-new Network Processing Cards (NPCs), Switch Management Cards (SMCs), and Log Forwarding Cards (LFCs) deliver 350 Gbps of protected throughput, measured with application identification, intrusion prevention, antivirus, anti-spyware, advanced malware analysis, and logging enabled. Palo Alto Networks customers can use the improved cards with their existing chassis and cards, ensuring their security investments are protected.

Consistently secure all of your clouds

Organizations want consistent security across multiple public clouds and virtualized data centers. The VM-Series now provides the broadest range of public cloud and virtualized data center environments by adding support for Oracle Cloud, Alibaba Cloud, Cisco ENCS, and Nutanix. Firewall throughput performance improvements for AWS and Azure of up to 2.5X combined with autoscaling and transitive architectures allow our customers to automate security for dynamic and large-scale public cloud deployments.

Secure large environments at scale

New innovations to Panorama make scaling network security easier. With PAN-OS 9.0, security teams can manage up to 5,000 firewalls with a single instance of Panorama. When required, customers can use Panorama Interconnect plugin to scale the single pane of glass to 30,000 firewalls. Panorama manages security for the entire network using a single security rule base for firewall, threat prevention, URL filtering, application awareness, user identification, advanced malware analysis, file blocking, and data filtering. Panorama helps administrators reduce operational workload and meet budget constraints, while improving overall security posture.

Strengthen network and security operations

New Transformation Services offerings will strengthen security with deep analysis of configuration and network traffic as well as enforcement of advanced security policies. These next-generation firewall, threat, and security operations services are designed to complement our Security Operating Platform by focusing on operational capabilities. This provides maximum protection to enable businesses for future growth.

To learn more, visit our PAN-OS 9.0 security page.

Watch Lee Klarich, chief product officer, dive into what’s new in PAN-OS 9.0.

View the original post by Palo Alto Networks.

Top 6 trends driving Trusted Digital Identities in 2019

Tuesday, February 12th, 2019

What are the market dynamics and trends that will shape the digital identity industry in 2019? Data breaches have become more common in recent years with organizations suffering at least two or three per year, costing them an average of $3.86 million. At the same time, consumers have become more demanding than ever, which means that service providers are under incredible pressure to deliver digital services that are not only secure, but also provide frictionless user experiences.


The existence of Trusted Digital Identities will be a major factor in meeting those demands and here are six reasons why

1. Ongoing pressure across industry for data privacy regulations

There has been a significant raise in complaints of social media user data misuse in 2018. Facebook in particular made headlines last year with numerous high-profile data breaches including the Cambridge Analytica scandal. Customer and regulator concern about how data can be used for monetization and how identities can easily be stolen, replicated, curated and morphed for fraud are at risk of creating a climate for increased regulation as well as different regulation alignments in different countries.

Consumers are reclaiming data ownership and having increased digital interactions make them more concerned than ever about data privacy and identity theft. We will experience continuing pressure across industries for having more data protection regulations such as GDPR across the globe.

2. AI and machine learning as a double-edge sword

According to the Breach Level Index, almost 15 billion data records have been exposed since 2013. In the first half of 2018, more than 25 million records were compromised every day – that’s 291 records every second. These include medical, credit card or financial data and other personally identifiable information. Although there are many AI and machine learning techniques in place working to prevent data breaches, they will still happen as fraudsters are leveraging the same technologies we use to prevent them.

For example, thanks to advances in AI and machine learning chatbots can now be easily exploited by hackers to discover new vulnerabilities in real time in order to deceive users into clicking dubious links and handing over sensitive information. Malicious chatbots look exactly like the regular ones, but instead of providing genuinely useful information, they will ask you for your personal information, which will be used by hackers for malicious purposes.

On the more positive side, big data and AI lead to vast opportunities to enable trust and collaboration across the ecosystem of technology enablers, service providers and end users to prevent attacks. We expect an increase in the use of AI and machine learning technologies in strengthening identity verification accuracy and offering an increase in trust.

3. Protecting sensitive data in mobile devices

As more than 52% of global web traffic comes from mobile devices, it is not a surprise that fraudsters are also migrating to this platform. Research shows that 48% of phishing attacks take place on mobile and users are three times more likely to get exposed from their mobile rather than from their desktop.

Sensitive data stored in our mobile devices can be compromised through applications, the mobile network and the device itself. To ensure good positioning in this mobile economy, service providers need to ensure customer trust and data protection. Having a trusted digital identity system in place proves essential for ensuring this.

4. Monetization of mobile identity

The monetization of mobile identity will also take a new focus in 2019, by combining several attributes capable of adapting to local regulations and service providers’ enrolment requirements.

Investments in mobile technologies that capture, verify and authenticate identities based on a combination of identifiable attributes, will be a strategic step for service providers to enable security, trust and seamless end-user experience.

Furthermore, the capacity and flexibility of ensuring remote document verification will present an advantage for service providers allowing them to capture and verify customer information. Plus, they will be able to maximize their reach via mobile devices at the same time.

5. Biometrics will continue to grow

The industry keeps exploring new forms of physical and behavioural biometrics to ensure secure authentication via mobile devices across all channels. The combination of technology innovation with convenience and security will bring us closer to a “plug and play” solution, while standards like the FIDO Alliance and Mobile Connect will provide us with more options to get there.

Biometrics will continue to go mainstream and the use of multiple biometrics such as voice, face or behavioural biometrics will enable not only multi-factor authentication, but also more security with less friction.

6. Passwords will become a thing of the past

According to the Verizon Data Breach Investigation Report, 81% of data breaches involve weak, default, or stolen passwords. Furthermore, many customers claim that they are getting frustrated when creating new user IDs and passwords for digital services and tend to select one of the 25 easy to remember passwords for their accounts. Consumers no longer trust password-based single-factor authentication and are willing to shift to password-free authentication methods. There is a big opportunity here, especially for those that can offer a biometric alternative.

Banks have already started providing new means for customer authentication when making payments with adopting EMV contactless payment cards with fingerprint authentication which could allow us to pay for anything without needing a PIN code or signature. Online, organizations are exploring the potential of behavioural biometrics, which can analyze the unique way in which you type on a keyboard or even how you move your mouse.

Trusted Digital Identity services are paramount for each step of the customer journey, from onboarding through to authentication to access new services. For more information, please call our team on 01473 281 211 or email sales@net-ctrl.com. Alternatively, you can submit a Contact Form.

View the original post by Gemalto.

The Evolution of Wi-Fi 6: Part 2

Tuesday, February 12th, 2019

In part one of this series, we explored the evolving 802.11 Wi-Fi standard and its support for various radio bands (2.4 GHz, 5 GHz, and 6 GHz), as well as peak PHY rates and spectrum utilization. In this blog post, we’ll be taking a closer look at MU-MIMO, OFDMA, and 1024-QAM.

Wireless User Streams

One important metric for the 802.11 Wi-Fi standard remains the maximum number of single user streams. The original standard offered only a single transmit chain and a single receive chain that supported one stream of data. In sharp contrast, the upgraded Wi-Fi 4 (802.11n) standard offered four radio chains, effectively bolstering throughput and efficiency by supporting the transmission of four parallel streams to the same device. Subsequently, Wi-Fi 5 (802.11ac) provided support for up to 8 streams.

Wi-Fi & MU-MIMO

Although both Wi-Fi 5 (802.11ac) and Wi-Fi 6 (802.11ax) support transmitting 8 streams, it should be noted that client devices will have to offer support for this mechanism. More specifically, wireless access points (APs) support 8 streams because they are relatively large and connect to a dedicated power source. However, consumer client devices are typically small and battery-operated. As such, Wi-Fi manufacturers don’t typically build 8 chain clients. In fact, clients usually have only one or two chains. So, even though an AP supports 8 streams, the average client device is likely only capable of transmitting and receiving two streams.

This is precisely why the IEEE introduced the Multi-User MIMO (MU-MIMO) mechanism, which divides 8 streams into four groups of two devices and transmits them to consumer devices such as smartphones. Indeed, Wi-Fi 5 (802.11ac) allows the AP to talk to four devices at the same time, while Wi-Fi 6 (802.11ax) extends this capability to 8 devices. Moreover, Wi-Fi 6 (802.11ax) supports MU-MIMO in both the upload and downlink directions, while the early Wi-Fi 5 (802.11ac) standard only supported MU-MIMO in the download direction.

OFDMA & 1024-QAM

Wi-Fi 6 (802.11ax) also introduces a new modulation scheme known as orthogonal frequency-division multiple access (OFDMA). Although this mechanism is new to Wi-Fi, it has been thoroughly vetted in LTE deployments, much like many other wireless technologies. In addition, Wi-Fi 6 (802.11ax) adds a modulation scheme of 1024-QAM which allows Wi-Fi to achieve higher data rates. More specifically, the maximum number of OFDM tones is increased from 64 in Wi-Fi 4 (802.11n) to 2,048 on the 160 MHz channel in Wi-Fi 6 (802.11ax). It should be noted that ‘tones’ and subcarriers are used interchangeably. For example, a 20 MHz OFDMA channel consists of a total of 256 subcarriers or ‘tones.’ Moreover, subcarrier spacing has been reduced by 4x from 312.5 kHz to 78.125 kHz. The narrower subcarrier spacing optimizes equalization and enhances channel robustness required for outdoor operation.

View the original post by The Ruckus Room.

The evolution of Wi-Fi 6: part 1

Thursday, February 7th, 2019

In this series, we’ll be taking an in-depth look at the evolution of the IEEE 802.11 standard and its latest iteration: Wi-Fi 6 (802.11ax). We’ll start with a high-level overview of various Wi-Fi 6 building blocks and then take a closer look at each. Specific topics include OFDMA, OFDM vs. OFDMA, OFDMA vs MU-MIMO, Long OFDM Signal, 1024-QAM, BSS Coloring and Target Wake Time (TWT). We’ll also explore IEEE and WFA commercial activities, along with multiple W-Fi 6 use cases.

2.4GHz & 5 GHz and Wi-Fi 6

Before getting into the nuts and bolts of Wi-Fi 6, let’s first take a brief trip down memory lane. 802.11 has steadily evolved over the past 20 years, with industry engineers working on the ever-changing standard since the early 1990s. The first iteration was published in 1997 and 20 years later, Wi-Fi 6 (802.11ax) is on the cusp of being ratified, while Wi-Fi 6 products are already being manufactured, sold and shipped. The first iteration of 802.11 supported only 2.4 GHz, although support for the 5 GHz band was subsequently added to Wi-Fi 4 (802.11n). Perhaps not surprisingly, Wi-Fi 5 (802.11ac) only supported the 5 GHz band. The thinking behind this decision was to encourage people to move towards 5 GHz because it was a much cleaner frequency.

However, Wi-Fi 6 (802.11ax) supports both 2.4 GHz and 5 GHz. This is primarily due to the proliferation of 2.4 GHz IoT devices that are hitting the market today. In addition, the FCC is slated to open the 6 GHz unlicensed spectrum for Wi-Fi 6 (802.11ax). Regarding channelization, the IEEE 802.11 standard began with 20 MHz and subsequently expanded to 40 MHz for Wi-Fi 4 (802.11n) and up to 160 MHz for Wi-Fi 5 (802.11ac) as well as (802.11ax). Today, we don’t see very many 160 MHz applications, although with 6 GHz, this might become a reality.

It should also be noted that Wi-fi 6 (802.11ax) supports 20 MHz-only clients, which is especially important for the IoT. Indeed, 11ax supports 20MHz-only clients because the Wi-Fi 6 (802.11ax) draft amendment was written with IoT devices in mind as they are low cost, consume little power and pack very small batteries. Using management frames, client stations will be able to inform a Wi-Fi 6 (802.11ax) AP that they are operating as 20 MHz-only clients. A 20 MHz-only device can transmit/receive in either the 2.4 or the 5 GHz band. Moreover, the Wi-Fi 6 standard implements a protocol in which the 20 MHz-only devices communicate only on the primary 20 MHz channels.

Essentially, this means a 40 MHz channel could potentially be extended to 80 and 160 MHz. All 20 MHz packet exchanges of these clients are in the primary 20 MHz. One can have a packet exchange of normal clients in the upper secondary – as well as additional mixing and matching. More specifically, ‘normal’ clients would be named as the primary, along with 20 MHz-only clients. It is important to understand that 20 MHz-only devices are only required to operate in the primary 20 MHz channels.

Peak PHY Rates & Spectrum Utilization

The peak 802.11 PHY rate supported 2 Mbps per second, which has increased to 10 Gbps per second for Wi-Fi 6 (802.11ax). Although there is a lot of industry chatter about high throughput, what really matters is how efficiently the wireless spectrum is utilized. Yes, high throughput sells products because it’s easy for everyone to understand, but again, what really matters is how well the standard exploits available spectrum. One way of quantifying this is with link spectral efficiency. For example, the first 802.11 Wi-Fi standard pushed 0.1 bps/Hz. In sharp contrast, Wi-Fi 6 pushes a staggering 62.5 bps/Hz.

It should be noted that overall spectrum performance is also indicated by the name of the standard. Wi-Fi 4 (802.11n) was known as HT or a high throughput, followed by Wi-Fi 5 (802.11ac) which was referred to as VHT, or very high throughput. Continuing this naming pattern, Wi-Fi 6 (802.11ax) is designated HE for high efficiency. As we’ll further discuss in this series, spectrum efficiency is one of the most important features of the new Wi-Fi 6 (802.11ax) standard.

View the original post at The Ruckus Room.

Internet of Things – A Reality?

Thursday, February 7th, 2019

The Internet of Things (IoT) has become a widely used buzz-word appearing not just in technical circles but in everyday language used by consumers and the media. Just like other technical terms which have entered common usage, such as Cloud Computing, IoT means different things to different people.

The current IoT ecosystem

Over the past decades we have seen a trend where devices that often start out aimed at the consumer market gain popularity and enhanced use-cases in business environments. Our current technological era, which started in 2008 with the widespread adoption of smart phones and tablets, is a great example of this.

The range of “Things” is staggering, some of which are incredibly useful, others questionably less so – Smart Toilet anyone?

I meet many technical industry peers who’ve turned home automation and the world of IoT into an all-consuming hobby. They spend long hours integrating disparate devices and systems together into various complex climate, security and infotainment systems. While I don’t count myself amongst their ranks, (outside of my professional work) the good news is that things are improving. There are more intuitive apps and systems that enabled smoother integration, across multiple manufacturers, all with greater ease. If This Then That (IFTTT) is a good example – and is freely available for anyone to experiment with.

IoT in the enterprise

How does this translate to the wider environment outside of our homes? From enterprises, to public entertainment venues and Smart Cities, IoT devices and their interaction with each other is gaining in popularity and sophistication.

The challenge is the number of IoT communication protocols which are battling it out for market dominance. They are also almost exclusively wireless in their medium of communication. If you’d like to learn more about the three key standards of interest, Bluetooth Low Energy (BLE), Zigbee and LoRa, which all service different types of IoT devices and scenarios, I’d recommend this great blog by my colleague Sascha Hirschoff: “Smart Building Radio Technologies” (original in German)

This presents the business owner with a challenge – how to support multiple wireless standards in a cost effective, reliable and manageable manner?

Salvation lies with the ubiquitous Wi-Fi Access point.

If we consider as I discussed in one of my previous blogs that Wi-Fi is synonymous with internet access, and therefore considered an essential service everywhere, Wi-Fi access points will always be nearby. Hence if a Wi-Fi access point can extend its capabilities to become a multi-standard radio device, we can architect a simplified, efficient and manageable solution.

In business, these solutions can become a reality when a key infrastructure provider is able to simplify the deployment of an IoT solution. They should be utilizing the existing Wi-Fi access points, to securely aggregate disparate IoT communications to a centralized platform. From this platform, open standards Application Programming Interface (API) coding must allow ease of integration to any standards compliant third- party application. Life gets much more interesting when a Rules Engine platform is introduced, allowing seemingly disparate IoT devices to interact and operate according to sets of logic.

The world is truly becoming a place where if you can find a way to code it, you can make almost any IoT device interact with another, only limited by your imagination and creativity.

View the original post by Neil Goddard.