Net-Ctrl Blog

NetMotion Wireless User Named as Finalist for EHI Award

July 22nd, 2014

Net-Ctrl is proud to announce that one of our NetMotion Wireless customers, Norfolk Community Health and Care NHS Trust, is a finalist for an EHI Award for ‘Excellence in Mobile Healthcare’.

This award recognises the role that technology plays in facilitating mobile working for healthcare staff.

Norfolk Community Health and Care NHS Trust first contacted Net-Ctrl in November 2013 in need of a new remote working solution. The Trust had heard about the work Net-Ctrl and NetMotion Wireless had completed in healthcare through other organisations in their area that had witnessed the benefits of Mobility XE first-hand.

NetMotion Mobility® is a mobile VPN solution that gives enterprises a central control point for managing mission-critical mobile deployments. It keeps mobile workers using iPads, iPhones, Windows laptops, tablets and Android devices connected and productive.

Mobility shields them from connectivity issues as they move in and out of wireless coverage areas and roam between networks. It provides the ability to set policies to manage devices, applications access and bandwidth, and gives organisations the visibility they need to maximise their mobile investments.

The winners will be announced at a special awards evening on 09th October, we wish Norfolk Community Health and Care NHS Trust the best of luck.

If you would like more information on NetMotion Wireless and their Mobility XE solution, please email or call us on 01473 281 211.


New Application Usage and Threat Report from Palo Alto Networks

June 23rd, 2014

The Application Usage and Threat (AUT) Report (June 2014) from Palo Alto Networks provides a global view into enterprise application usage and the associated cyber threat landscape.

The  report provides an analysis of applications and their link to cyber threats within the enterprise. The report also summarises network traffic assessments performed worldwide in more than 5,500 organisations where 2,100 applications, 16,000 unique threats and billions of threat logs were observed.

Download the report to get the full analysis of the intertwined relationship between Cyberattacks and applications.

Watch the report video summary

Alternatively you can:



Ruckus Launches Industry’s Lightest, Smallest 11ac Outdoor Access Points – The ZoneFlex T300 Series

June 17th, 2014

Industry’s First Outdoor 802.11ac APs with Embedded Adaptive Antennas in Incredibly Lightweight, Small Form Factors that are Designed for High Density Venues.

SUNNYVALE, CA – June 17, 2014 – Ruckus Wireless, Inc. (NYSE: RKUS) announced today the launch of the first two models in a line of new Ruckus ZoneFlex™ T300 Series outdoor 802.11ac access points (APs), the ZoneFlex T300 omnidirectional and ZoneFlex T301n narrow band models. These are concurrent, dual-band APs featuring the industry’s smallest and lightest form factors. Both are designed specifically for high density user environments such as stadiums, railway station platforms, dense metro/urban hot zones, and other outdoor venues such as outdoor college campuses, business parks, and town squares.

The ZoneFlex T300 Series access points are the only outdoor 802.11ac APs on the market to integrate patented Ruckus BeamFlex+™ technology for optimal performance and interference mitigation in challenging RF environments as well as ChannelFly™ for predictive channel selection based on real-time capacity analysis of all RF channels.

The most ground breaking features of both the ZoneFlex T300 and ZoneFlex T301n are their lightweight and ultra-compact form factors. At just 2 and 2.1 pounds (0.9 kg and 1 kg) respectively including built-in BeamFlex antennas, the ZoneFlex T300 and T301n are significantly lighter than other outdoor 802.11ac APs. With total dimensions, including their internal antennas, of 7”w x 5.9”d x 3.4”h (18cm x 15cm x 8.6cm) for the ZoneFlex T300, and 7.6”w x 9.4”d x 4.3”h (19.5cm x 23.9cm x 11cm) for the ZoneFlex T301n, these are among the smallest outdoor 802.11ac APs in the market. Form factor is a critical requirement for many outdoor Wi-Fi applications where aesthetic considerations or minimal visual impact is required. The light-weight feature of the ZoneFlex T300 and T301n dramatically eases installation and reduces deployment time and labor costs.

“Our ZoneFlex T300 Series combines carrier-class, high-capacity, high-density outdoor Smart Wi-Fi radio technologies with incredibly lightweight and compact form factors,” said Greg Beach, vice president of Product Management, Ruckus Wireless. “Both are easy to install, and are ideal for service providers and venue owners looking to quickly deploy reliable outdoor Wi-Fi networks in environments such as stadiums, train stations, and parks. They’re 50 percent lighter, significantly smaller in overall size, and offer a much lower total cost of ownership, compared with other products on the market that aren’t nearly as feature-rich.”

Fitting Outdoor Environments to a T

The Ruckus ZoneFlex T300 is an entry-level outdoor 2×2:2 stream 802.11ac access point with an omnidirectional aggregate antenna coverage pattern, featuring a compact form factor and 802.3af Power over Ethernet (PoE). It can operate as a standalone AP, or be centrally managed by a Ruckus ZoneDirector™ controller, Ruckus SmartCell™ Gateway (SCG) 200, virtual SmartCell Gateway (vSCG), or FlexMaster software for maximum scalability. The ZoneFlex T300 is ideal for providing coverage over a wide outdoor area.

In addition to the features of the ZoneFlex T300, the Ruckus ZoneFlex T301n outdoor 2×2:2 stream 802.11ac access point also features internal narrow beam antennas (30 x 30 degree aggregate coverage pattern @ 2.4 GHz, 15 x 15 degrees @ 5 GHz) in order to provide narrow sector coverage for very high performance, directed coverage applications. The narrow beam antennas in the ZoneFlex T301n are ideal for very high density venues like stadiums, where RF energy must be very narrowly focused to maximize capacity. High density Wi-Fi network design typically calls for a large number of APs to get the needed capacity, but care must be taken to limit co-channel interference. The narrow beam, adaptive antennas in the ZoneFlex T301n are able to focus RF energy into a specific area while delivering flexible, directed coverage that adapts in real time to reduce interference and increase network performance. The ZoneFlex T301n is well suited for extremely high density deployments, delivering the best coverage and capacity, and is highly scalable, making it cost-effective for high density network deployments.

Both the ZoneFlex T300 and T301n are rugged outdoor APs purpose-built to withstand harsh environments. They feature IP-67 water and dust proof plastic enclosures, operating temperatures of from -4 up to 131 degrees Fahrenheit (from -20 up to 55 degrees Celsius), and wind survivability of up to 165 mph. Both models also offer flexible wall, pole or ceiling mounting options that ensure no distortion of Wi-Fi signals is introduced, delivering performance of up to 1,200 Mbps total WLAN RF capacity, with up to 300 Mbps at 2.4 GHz (802.11b/g/n), and up to 900 Mbps at 5 GHz (802.11ac). The ZoneFlex T300 and T301n also include/ship with mounting brackets, and the integrated antennas in the ZoneFlex T301n eliminate the need to buy external antennas, reducing cost and making installation easier.

Both models also support up to 500 concurrent users per AP and are easy to install using standard 802.3af PoE switches or PoE injectors. They also support co-location operation with distributed antenna systems (DAS) and small cell radios. The ZoneFlex T300 Series 802.11ac outdoor access points also meet stringent EN 61373:2010, EN 50121-1:2006, and EN 50121-4:2006 test requirements overseen by CENELEC, through its close collaboration with the International Electrotechnical Commission (IEC), for use by various U.S. railway systems in their commuter train and subway stations and platforms across the country.

Superior 802.11ac Performance with BeamFlex+

The ZoneFlex T300 Series APs feature Ruckus BeamFlex+ technology, which enables their antennas to adapt to a mobile device’s orientation and location. All antennas have a property called polarization, which refers to the physical orientation of the wireless signal that each antenna is configured to receive or transmit. For best performance, the antenna polarizations of the two sides of a wireless link (e.g. AP and client) should be aligned. In practice, the respective antenna polarizations of APs and clients are seldom aligned, especially for mobile device clients that users frequently rotate and hold in different orientations (i.e. smartphones and tablets).

BeamFlex+ adaptive antennas feature a mix of two distinct polarizations (vertical and horizontal) across antenna elements. The signals received on these antennas, across the two distinct polarizations of BeamFlex+, are combined by the AP in such a way as to maximize the received signal-to-noise ratio, allowing the best possible performance. This has the same effect as if the AP were physically aligning its antennas with the client device. The adaptive nature of BeamFlex+ means that the antennas adapt to client device orientation in real-time.

BeamFlex+ can enhance the user experience by ensuring a consistent wireless signal. Without it, changing client device orientation can cause up to 2.5x performance difference. BeamFlex+ eliminates this variability and ensures optimum performance for any client device orientation, making the ZoneFlex T300 Series perfectly suited for serving mobile devices.

Cloud-enabled Technology

Offering maximum deployment flexibility and management options, the Ruckus ZoneFlex T300 Series APs support Ruckus Smart Wireless Services. These Cloud-based Smart Wi-Fi technologies include: Ruckus Smart Positioning Technology (SPoT™) service, the industry’s first Cloud-based Smart positioning location-based service (LBS); the Ruckus Smart Access Management Service (SAMs) for better enabling public Wi-Fi hotspots; and the Ruckus virtual SmartCell Gateway (vSCG), the industry’s first carrier-grade Network Functions Virtualization (NFV) solution for mobile network operators (MNOs), multiple system operators (MSOs), managed service providers (MSPs) and enterprises designed to streamline the creation of highly scalable and resilient cloud-based wireless LAN (WLAN) services.

For more information on the T300 and T301n please contact your Net-Ctrl account manager, or email, alternatively you can call us direct on 01473 281211.

View the original post by Ruckus Wireless.

Be Prepared with Palo Alto Networks and Always Stay Ahead of the Game

June 5th, 2014

With the current media focus on CryptoLocker and GOZeus malware it would be worth considering how Palo Alto Networks Firewall can stop the likes of these from taking hold in the first place.

Below is a link about how Palo Alto Networks can stop CryptoLocker:

Palo Alto Networks Firewalls address all areas of what is generally referred to as the kill chain. The kill chain being the opportunity to spot and stop the attacks before they reach their end goal.

As seen from the article above the kill chain ‘opportunities to spot and stop’ are as follows:

Phase 1 – Recon/bait End-User
Phases 2 & 3 – Exploit and Download Backdoor
Phase 4 – Establish Command and Control
That’s four phases to deal with the problem before it becomes a problem.

Palo Alto Networks firewall has visibility and control through WildFire, their anti-virus, anti-spyware and URL filtering ‘pan-db’. These elements are all used all of the time to provide you with the ability to disrupt an imminent attack.

All of the above elements are Palo Alto Network’s own engines and signatures so if something is found by WildFire for example, the URLs found within the malware ‘potentially found by another Palo Alto Networks customer’s WildFire submission already’ can then be placed into Palo Alto Networks own URL filter’s malware category for immediate use by all subscribers.

The result being that ‘for one’ the URL filter you are using will benefit from something that may have only just been found elsewhere moments ago by another automated mechanism. This means that your firewall will already know about something no human even knows is going to deliver malware or allow it to phone home.

In summary Palo Alto Networks firewalls have unparalleled visibility of applications and threats, there are many components that make up the firewall all working together in real time to alert and disrupt imminent attacks.

By Robert Needs
Senior Engineer at Net-Ctrl

Beamforming Basics for the Wi-Fi Challenged

May 12th, 2014

With every new Wi-Fi technology or standard, industry fortune tellers are quick to cast adaptive antenna arrays into an early grave. This gets a little (a lot) technical, but it’s required.

Distinctly different from chip-based beamforming, for which every vendor now claims support, patented smart adaptive antennas are designed to dynamically and continuously create unique directional RF patterns (what we call BeamFlex) proven to deliver the highest throughput for each client device at longer ranges.

This innovation, yet to be duplicated in mass, has stood the test of time and remains hugely valuable in the world of Wi-Fi.

The first attempt at dumping of adaptive antenna arrays into a death spiral happened with 11a/g and its blazing fast 54 Mbps. Yet BeamFlex survived and, in fact, thrived as the RF environment became more noisy and complex.

It happened again with the introduction of the 802. 11n standard that came with the ultra-reliability of MIMO.

And, surprise, surprise, it’s happening again with the destruction (sorta) of the gigabit barrier brought by the new 802.11ac standard. The problem is, to which history now attests, BeamFlex has only proven to add more value, not less, to these technological changes.

At the core of current speculation (that adaptive antenna switching is doomed with 802.11ac) is the notion that transmit beamforming (TxBF) with 11ac replaces the need for Smart Wi-Fi. This is due to the common misconception that smart, adaptive antennas—as proprietary Ruckus BeamFlex technology—and transmit beamforming—as a standards-based technology—are one-in-the-same. This whitepaper details the differences.

Despite some similarities (such as the goal of enhancing signal quality and the use of the word “beam”), the two technologies are fundamentally different. Here’s why:

BeamFlex and TxBF are not Mutually Exclusive.

BeamFlex is truly adaptive antenna technology by which an access point (AP) selects an optimal transmit path out of many possible options. It is fundamentally an antenna technology, combining special hardware and sophisticated software, that sits on top of all radio foundations (in a protocol-agnostic way).


TxBF, on the other hand, is a digital signal processing technique that occurs within the transmitting radio, and is heavily protocol dependent). It attempts to send multiple copies of the same data so as to create constructive combinations at the receiving radio. The beauty of this is that BeamFlex (antenna technology) and TxBF (radio technology) can be perfectly wed; and a happy marriage it is. Ruckus can support both of these techniques at the same time to deliver a cumulative benefit to signal quality.

BeamFlex works for all clients.

Because it is an antenna technique—and not a radio technique—BeamFlex works equally well for all clients of all capabilities. This means 802.11a/b/g/n/ac clients all benefit, and there are no special requirements for support. Single-stream, two-, three- and four-stream clients all benefit, and there is no trade-off as the number of streams increases.

No transmit beamforming and Spatial Multiplexing at the Same Time.

Because it is a radio technique, effective TxBF DOES require client support (something a lot of people fail to understand). Consequently, 802.11a/b/g/n clients miss out on the perks. And some 11ac clients do not support TxBF. Looking at the pervasive adoption of 11n, we should not expect all (or even most) clients to support TxBF even by the end of 2016.

TxBF must also trade-off with spatial multiplexing. The same transmitters cannot be used for both. In order to be effective, TxBF systems should have double the number of transmit antennas as spatial streams.

1×1 clients (this means one transmit and one receive radio chain, in Wi-Fi parlance) will be happy with even a 2×2 AP; but for a 2×2 MIMO client to benefit (in any appreciable way) from an AP’s use of TxBF, a 4×4 AP is desired. This also means that a 3×3 client sees miniscule (if any) benefit from an AP that is anything less than 6×6 (yes this means 6 transmitters and 6 receivers, can you even imagine what that looks like?).

BeamFlex does not disrupt the neighbours.

As we use 5 GHz spectrum more heavily, and especially as we expand to support wider channels (80 MHz, not 160) in 11ac, we should expect to see more Wi-Fi protocol contention from APs operating on the same channel (because neighbouring APs are more likely to operate on the same channel since we have fewer non-overlapping channels). As a result, our precious 5 GHz spectrum will soon look more like the 2.4 GHz spectrum.

The value of BeamFlex directional transmissions is paramount to preserving capacity with co-channel neighbours. It does so by transmitting with directional patterns that both maximize data rates (allow clients to get on/off wireless airtime quicker) and also avoid sending RF energy where it is undesired (towards neighbouring APs). This reduces unnecessary contention with neighbouring APs, which drags down capacity.

TxBF is often visualized as a directional steering mechanism, but it works by creating signal peaks in point space (hopefully at the receiver’s antenna), which often creates signal peaks in unintended directions, causing interference where it is undesired.

Multi-User-MIMO is gold for BeamFlex

If you’re focused on 160 MHz channels in Wave2—or other Gigabit hype —you’re focused on a spec-bloated red herring. 160 MHz is for (some) consumer networks. The biggest bang from 802.11ac comes in the second wave of products (that hopefully come by Christmas of next year) and is what’s called multi-user MIMO (MU-MIMO). This is a technique by which the AP can send downlink frames to multiple clients at the same time. And this enhancement will require new hardware (yes, for everyone). It’s a lovely protocol enhancement for boosting capacity, given the plethora of very simple 1×1 mobile devices on networks. But it comes with a big catch: signal isolation.

To multiply the efficiency of spectrum with multi-user transmission, we need to ensure that each station receives its data without receiving other stations’ data at the same time (which would cause interference and make MU-MIMO not work as intended).

It’s this need for signal isolation that makes Wave2 MU-MIMO and BeamFlex a perfect complement.

BeamFlex adds directionality and signal separation (along with a boost to SNR), while the TxBF component of MU-MIMO provides additional separation at the radio level. Higher data rates per station, MU signal separation, maximum spectrum efficiency. Call it, well, the perfect storm.

Is Wi-Fi performance a commodity?

Now that we’ve further bludgeoned home the technical superiority of adaptive smart antenna arrays (BeamFlex), let’s get to the real issue.

People claim that all AP hardware is the same and 11ac commoditizes Wi-Fi performance. There are two key requirements needed for Wi-Fi performance to become a commodity:

  • There must be roughly equal—or at least “optimal”—range, capacity, throughput, optimization simplicity, reliability, and interference mitigation from all equipment suppliers, and
  • The ratio of cost-to-performance needs to be the same for all equipment suppliers.

The Ethernet Example.

If you look at Ethernet, performance commoditization is a given because both of these issues are true.

There is enough performance (Gig Ethernet has been sufficient for its application for many years), and the cost-to-performance of line-rate Gigabit switching is nearly identical across suppliers (hence, trends like NFV are occurring).

But, unequivocally, without the most diminutive doubt, the answer to the question is that Wi-Fi absolutely does not share these characteristics (and perhaps never will).

Is Wi-Fi sufficient as of 11ac, even 11ac with Wave2? Do we currently have sufficient spectrum (or spectrum efficiency) to meet all of our capacity, performance, reliability, app delivery, and network optimization needs? If the answers are no, then it stands to reason that a product supplier that enhances the Wi-Fi experience in light of these technical deficiencies could still differentiate on cost and performance alone (but no one, including Ruckus, is really doing that).

When customers start telling us that Wi-Fi performance is as reliable as it will ever need to be, there’s a surplus of radio spectrum, they have no issues connecting devices to the network and there is ample capacity to keep all users and devices happy, we will be happy to admit that adaptive smart antennas should be put to sleep.

Until then it’s simply better wireless for everyone who wants to cause a Ruckus.

To view the original article by Ruckus Wireless visit the Ruckus Room.

If you would like to speak to someone about the content of this article, please call Net-Ctrl direct on 01473 281 211, or email

Ruckus Wireless Release R300 High Capacity Access Point

April 29th, 2014

Ruckus Redefines the Wi-Fi Price/Performance Paradigm for the Small Business and Managed Service Markets

New ZoneFlex R300 Combines High Capacity and High Performance Smart Wi-Fi to Give Organizations the Ideal Entry Point into Enterprise Class Wi-Fi Services.

SUNNYVALE, CA – April 28, 2014 – Ruckus Wireless, Inc. (NYSE: RKUS) announced today the immediate availability of the new Ruckus ZoneFlex™ R300, one of the industry’s highest performing and lowest cost dual-band, two-stream 802.11n Smart Wi-Fi indoor access points (APs) capable of delivering an aggregate data rate of up to 600 Mbps. Aimed at the price-sensitive small business market, the R300 is also ideally suited for small venues and enterprises with many branch locations.

With Cloud computing and the proliferation of embedded Wi-Fi in all types of devices, Wi-Fi has become a mission-critical utility for small businesses. As a result, they are now replacing SOHO-class, standalone access points with more robust, enterprise-grade wireless LAN (WLAN) solutions that are simple to deploy and operate while meeting their budget requirements.

Developed to directly address these issues, the Ruckus R300 redefines Wi-Fi for the low end of the WLAN market by combining cost-effectiveness with a rich collection of enterprise functionality and enterprise-class service and support options.

“With the R300, we are enabling our channel partners and managed service providers to reach further into the ‘S’ part of the SMB market with a highly differentiated and compelling enterprise-grade solution at a disruptive price point,” said Selina Lo, President and CEO of Ruckus Wireless.

“Combined with SAMS, our Cloud controller service, the R300 provides a whole new economics model to customers and partners. They are the first in a comprehensive solution roadmap we’ve developed to expand our market reach,” Lo concluded.

U.S. Census data shows that there are more than 6 million businesses in operation today with less than 100 employees each in the U.S. alone, and according to the most recent report on the WLAN market from the Dell’Oro Group, WLAN revenues for the small business market in 2013 reached over $4.5 billion, with over 100 million APs shipped worldwide.

The Ideal Component for Cloud-Based Wi-Fi Access

The Ruckus ZoneFlex R300 is the only AP in its class to integrate patented adaptive antenna technology to extend the range, performance and reliability of Wi-Fi at one of the most attractive price points in the industry. Deployed as a standalone access point or part of a centrally managed Ruckus WLAN, the R300 is also an ideal access component for organizations looking to migrate to new Cloud-based Wi-Fi access services such as the recently announced Ruckus Smart Access Management Service (SAMS).

Supported across the entire range of Ruckus management platforms including the ZoneDirector™ and SmartCell™ Gateway (SCG), the ZoneFlex R300 gives organizations a wide range of flexible deployment options that best suit their specific requirements.

R300 Product Details

The ZoneFlex R300 is a dual-band, two-stream 802.11n access point capable of supporting up to 256 active connections. Each R300 uniquely integrates Ruckus-patented BeamFlex™, a software-controlled, high gain directional antenna array system that continually forms and directs each packet over the best performing signal path, automatically adapting Wi-Fi signals to constant environmental changes to ensure the highest levels of range, reliability and client performance.

Within a sleek, lightweight and low profile form factor that fits in the palm of your hand, the R300 is ideal for small business use. The R300 comes with a limited lifetime warranty and features a myriad of advanced capabilities not available in competitive alternatives, such as network address translation (NAT) and DHCP services, optimized video streaming, per-use rate limiting, band steering, client load balancing, standard Power over Ethernet (PoE) support and advanced quality of services support for automatic prioritization of delay sensitive traffic.

If you have any questions about the Ruckus R300 access point you can call our sales team on 01473 281 211, or email

View the original article by Ruckus Wireless.

Palo Alto Networks Positioned in Leader Quadrant Once Again

April 23rd, 2014

Palo Alto Networks has been positioned in the leader quadrant of the magic quadrant for enterprise network firewalls.

Santa Clara, Calif., April 17, 2014 – Palo Alto Networks® (NYSE: PANW), the leader in enterprise security, today announced it has been positioned by Gartner Inc. in the “leaders” quadrant of the April 15, 2014 “Magic Quadrant for Enterprise Network Firewalls.” This is the third year that Palo Alto Networks has been recognized as a leader in the Magic Quadrant for Enterprise Firewalls.

According to the report, “through 2018, more than 75% of enterprises will continue to seek network security from a different vendor than their network infrastructure vendor.” The report also states, “products must be able to support single-enterprise firewall deployments and large and/or complex deployments, including branch offices, multi-tiered demilitarized zones (DMZs) and, increasingly, the option to include virtual versions.”


“We’re thrilled to once again be named a leader in Gartner’s Magic Quadrant for enterprise firewalls report. We believe this echoes the momentum we’ve been experiencing as enterprise organizations see the value of a truly next-generation security platform – one that safely enables all applications and proactively prevents cyber threats for all users on any device across any network.”
- René Bonvanie, chief marketing officer at Palo Alto Networks

Leading the Way in Next-generation Enterprise Security

Nine years ago, Palo Alto Networks changed the network security industry with the introduction of the next-generation firewall. This breakthrough architecture brought unparalleled control through the safe enablement of applications, and exceptional levels of protection by blocking all known threats operating across a multitude of different vectors.

Two years ago, we again changed the industry with the introduction of WildFire and a next-generation threat cloud that focuses on detecting and defending against the most advanced, unknown threats. Most recently, through our acquisition of Cyvera, we added unique endpoint protection to the platform. The combination of our next-generation endpoint technology, our next-generation firewall and our next-generation threat cloud represents the most innovative, integrated, and automated enterprise security platform in the market.

With over 16,000 customers, our momentum is a testament to our innovative approach that protects organizations based on what matters most in today’s dynamic computing environments: applications, users and content – not just ports and protocols – and protecting them from the most advanced cyber threats.

If you have any questions about the Palo Alto Networks solution contact our sales team at, or call them direct on 01473 281 211.

To learn more about the Palo Alto Networks approach, visit:

To access the report, visit:

Ruckus SPoT™ Smart Positioning Technology

April 16th, 2014

Ruckus Wireless Release Industry’s first completely cloud-based Smart Wi-Fi positioning service

Ruckus SPoT™ — based on the company’s Smart Wi-Fi technology, is the industry’s first cloud-based location technology suite that enables carriers, service providers and enterprises to deliver a wide range of location-based services. These value-added services enable them to increase profitability and enhance users’ mobile, online experiences.

SPoT™ has a powerful combination of several unique features. It is completely cloud-based – so venues with Ruckus Smart Wi-Fi will not need any additional hardware to become “location intelligent”. It is based on Ruckus’ Smart Wi-Fi technology – giving it a high degree of accuracy and performance while remaining cost-effective. Businesses can also tap into a vast ecosystem of application developers and providers of third-party analytics to generate additional value from their investment in SPoT.

The Ruckus SPoT™ (Smart Positioning Technology) Location Suite comprises:

  • SPoT™ Positioning Engine – accurately pinpoints in real time, a user’s location in any indoor or dense urban environment
  • SPoT™ Location Analytics Dashboard – provides real-time tracking of user movement and historical analysis of footfall trends
  • SPoT™ API – a set of APIs that power a new generation of mobile apps, giving them “Location Intelligent” features such as the ability to locate users and engage or send them highly targeted messages in any venue with Ruckus Smart Wi-Fi installed and Ruckus SPoT™ enabled

How it works
Ruckus BeamFlex™ technology is combined with a variety of advanced location techniques such as RSSI trilateration, RF fingerprinting and techniques that take advantage of the constant travelling speed of radio waves and packets. As a result, Ruckus SPoT™ is capable of better pinpointing the location of users, depending on the number and density of access points used.

Analyse marketing and merchandising effectiveness, shopper trending, improve customer engagement, Q buster features such as real-time heat-map views for floor managers

Improve loyal customers’ satisfaction with on-device features such as auto check-in, way-finding, and instant coupons for amenities

Transportation Hub
Enhance traveller experience with intuitive on-mobile engagements; improve efficiency of the entire venue or sub-zones with real-time heat maps, statistical footfall and dwell-time data.

Shopping Malls
Identify areas of heavy usage, improve traffic flow and engage customers with way-finding and contextual coupon serving.

Accurate location data provides asset tracking, indoor navigation, and personnel locations.

Tracks assets such as tables, navigate guests and students around campus.

A “Location Intelligent” SPoT™Location Ecosystem

The SPoT™ Location Ecosystem is a Ruckus program for third-party mobile and analytics application developers. These developers create business and consumer applications for carriers, service providers, enterprises, schools and other businesses and organisations. Through the program, Ruckus provides an open API set for the delivery of comprehensive, accurate and near-real-time location information — powering services such as Location Analytics for better customer insights, and enhanced user engagement and experiences on mobile apps.

The first Ruckus SPoT™ Location Ecosystem partners include location analytic companies like Euclid and SkyRove, and mobile application development partners including FrontPorch, Sanginfo, PurpleWi-Fi, TechStudio and ITC Infotech.

To review the full feature and technical specification download the Ruckus Wireless SPoT datasheet.

If you have any questions about the solution, or would like to find out more about how it will benefit you and your company get in touch with Net-Ctrl on 01473 281 211, or email

Ruckus Unveils Smart Access Management Public Cloud Service

April 16th, 2014

Ruckus Wireless Brings Together Best-in-Class Wi-Fi with Cloud Computing to Simplify the Provisioning, Management and Monetisation of Public Wi-Fi Access

SUNNYVALE, CA — April 15, 2014 — Ruckus Wireless, Inc. (NYSE: RKUS) today unveiled the first Cloud-based Smart Wi-Fi Access Management Service (SAMS) that combines the scale, efficiencies and cost-effectiveness of Cloud-based services with best-in-class Smart Wi-Fi products and technology to give organisations the power to now easily design, manage and monetise Wi-Fi services from an intuitive ‘point-and-click’ Cloud-based portal.

The first of a new breed of Ruckus Smart Wireless Services (SWS), SAMS enhances the guest experience by letting businesses quickly create and customise wireless hotspots for single or multiple sites without building extensive data centers, or deploying expensive and cumbersome infrastructure typically required for offering managed Wi-Fi access services. SWS is a flexible framework for layering value-added software services such as Cloud-based wireless access (SAMS) and Ruckus SPoT™ location services, as well as virtualised management software over carrier-class Smart Wi-Fi infrastructure products and platforms to give organisations unprecedented flexibility to build reliable, scalable and robust Smart Wi-Fi solutions based on their specific requirements, and to enable channel partners to easily migrate to recurring revenue-based service models.

Unlike other public wireless access alternatives, SAMS combines all the necessary infrastructure components and service elements into a single solution. Ideal for any organisation or venue offering managed public wireless access, such as shopping malls, stadiums, convention centers, airports and retail outlets, SAMS transforms the traditional model for offering managed Wi-Fi services by moving local network infrastructure, such as WLAN controllers, authentication servers, captive portals, advertising engines and content filtering into the Cloud as a service.

“The benefits the Cloud brings to the wireless access market is undeniable,” said Selina Lo, president and CEO of Ruckus Wireless. “Beyond delivering world-class Wi-Fi infrastructure solutions, with SAMS, Ruckus continues to give its partners and customers the ability to realise greater value from Wi-Fi through innovative new services such as Cloud-based access, location services, rich analytics and the ability to begin monetising their networks.”

In a new report(1), IDC estimates that the worldwide enterprise market for Cloud-managed WLAN infrastructure and managed services is expected to reach $2.5 billion by 2018. The report states that “Cloud computing has shifted the paradigm of enterprise IT from being hardware driven to service driven. As more enterprises seek new ways to optimise existing resources and build capacity at the network edge, expect to see the rise in Cloud-managed Wi-Fi adoption continue for years to come.”

According to the report, Enterprises are searching for increasingly sophisticated network functionalities despite continually tight budgets and limitations around infrastructure, space, and staffing. Moreover, many Enterprises need a singular, centrally managed and controlled network for branch locations that are geographically dispersed.

As WLAN management shifts to the Cloud, venue owners now have access to cost-effective, easy to manage enterprise grade wireless at a lower total cost ownership (TCO). SAMS delivers flexible deployment and management options through a simple, Web-based portal that allows highly customised Wi-Fi access services to be defined and created in a matter of minutes, and provided at a low TCO.

Customers simply define the attributes of the wireless access service required at a given venue, and then have an authorised Ruckus Big Dog channel partner turn on the services for them, either for existing Ruckus Smart Wi-Fi customers and/or those who desire to keep a traditional wireless LAN (WLAN) configuration (onsite subscription) or after just installing the requisite number of Ruckus ZoneFlex™ access points (APs) onsite (hosted subscription). SAMS does the rest. In turn, the venue benefits from best-in-class wireless connectivity at each site, supported by an easy-to-use Cloud-based platform that scales on demand within a ‘pay as you grow,’ fully managed Cloud service.

Unmatched Deployment Flexibility and Remote Control Over Wireless Access Services

SAMS works transparently with Ruckus ZoneFlex Smart Wi-Fi access points and/or on-premises Ruckus ZoneDirector™ WLAN controllers for unmatched deployment flexibility, compared with existing hotspot services. All requisite authentication services, WLAN administration and service management tools are integrated directly within SAMS.

When configuring SAMS, customers have complete control over service branding and functionality, such as the ability to enable authentication with popular social media sites like Facebook and Twitter. Service enforcement controls can be used to limit the length and number of sessions, restrict bandwidth consumption or filter access to specific content.

To further customise access services and enrich the user experience, SAMS provides a rich set of user analytics that can be collected over periods of time. Each venue is provided with a view into their wireless access service from a single Web-based dashboard. From this dashboard, customers have at-a-glance information such as popular registration methods, total user sessions and visits, new and returning users visits, registration by device type, age group and gender, and the most popular devices being used on the network, as well as the average duration of user sessions.

Managed Wireless Access Simplified

The process to enable managed wireless access with SAMS is simple. Once logged into the service portal, customers simply create a new site, configure access settings, customise the registration page and user journey and upload any ads or message to be displayed.

Read the official release from Ruckus Wireless or if you’re interested in finding out more about the new service offering from Ruckus Wireless contact Net-Ctrl on 01473 281 211, or email

(1)Source: IDC, Cloud-Managed WiFi Set to Grow to $2.5 Billion by 2018, Doc #247738, Mar 2014

Strong Authentication Best Practices

April 15th, 2014

A strong authentication solution that validates the identities of users and computing devices that access the non-public areas of an organisation’s network is the first step in building a secure and robust information protection system.

1. Match Your Authentication Solution to Your Business, Users, and Risk
A flexible approach that enables an organisation to implement different authentication methods based on different risk levels may ensure a robust system that can be efficiently and cost-effectively deployed.
Technologies for multi-factor authentication include:

One-Time Passwords (OTP): OTP technology is based on a shared secret or seed that is stored on the authentication device and the authentication backend. This method ensures authentication by generating a one-time passcode based on the token’s secret.

Certificate-based Authentication (CBA): This method ensures authentication using a public and private encryption key that is unique to the authentication device and the person who possesses it. CBA tokens can also be used to digitally sign transactions and to ensure non-repudiation. SafeNet for example delivers certificate-based authentication via USB tokens and smart cards.

Context-based Authentication: Context-based authentication uses contextual information to ascertain whether a user’s identity is authentic or not, and is recommended as a complement to other strong authentication technologies. In order to develop a robust authentication solution, organisations should consider their business, users, and risk, and select a solution that provides them with the flexibility to adapt as needed. For example, if organisations are interested in implementing additional security solutions that rely on PKI technology, such as full-disk encryption, network logon, and digital signatures, or are thinking about adding such solutions in the future, they should consider CBA, as it enables these applications.

2. Prefer Solutions That Adhere to Standards-Based Security and Certifications
Products that are built upon standards-based crypto-algorithms and authentication protocols are preferred. Unlike proprietary algorithms, standards-based algorithms have gone through public scrutiny by industry and security experts that reduces the chance of any inherent weaknesses or vulnerabilities. Moreover, they enjoy broad industry support.

3. Consider All Access Points
Organisations need to ensure that access to all sensitive information is authenticated, whether the information resides on premise or in the cloud. Organisations should implement the same security mechanisms for cloud resources as they would for remote access to the corporate network. In addition, organisations should deploy security mechanisms to ensure that users accessing network resources from their mobile consumer devices (e.g., tablets, smart phones) are securely authenticated.

4. Ensure the Solution Reduces IT Administrative and Management Overhead
Authentication environments have to offer convenience and transparency for end users and administrators alike. Following are several guidelines that can help organisations achieve these goals:

Administrative Controls: Administrators need to be able to manage all users across all devices and resources. To meet this charter, they need automation, central management, and visibility into user access across multiple resources. To ensure users have an optimal experience, administrators need to be equipped with granular controls and comprehensive reporting capabilities.

End-User Convenience: To ensure security controls are enforced, while streamlining user access, organisations should have the ability to offer users the type of authentication device that most suits their role and security profile. Organisations can offer their users several authentication methods, ranging from context-based authentication, through SMS, phone tokens or hardware tokens – ensuring user acceptance and compliance with corporate security policies

If you’re unsure of the best multi-factor authentication solution for your company contact Net-Ctrl on 01473 281 211, or email

View the original best practices guide from SafeNet.