AirDefense Enterprise 7.3

By Andrew Garcia  |  Posted 2008-04-14

WLAN Branches Out

Eager to catch the wave of 802.11n wireless network upgrades and rollouts presumably on the way, wireless LAN tools vendors are tuning up their products and platforms with an eye toward making high-end wireless planning technologies such as spectrum analysis available to a wider range of customers.

To this end, AirDefense recently added SA (spectrum analysis) capabilities to its AirDefense Enterprise 7.3 solution, and MetaGeek significantly improved its low-cost, laptop-based spectrum analyzer Chanalyzer.

SA helps administrators find non-Wi-Fi sources of interference in the unlicensed 2.4GHz and 5GHz spectra.

Many non-Wi-Fi devices, such as cordless phones and Bluetooth devices, operate in those frequencies, often using different modulation schemes. Too many transmitters in the same airspace can lead to interference, resulting in service interruptions or signal degradation for the Wi-Fi network.

eWEEK Labs evaluates the coming WLAN tools wave. Click here to see what they found. 

Spectrum analyzers provide the insight into the physical layer of wireless networking needed to help identify and eradicate those sources of interference.

During my tests of the two wireless analysis tools, I was impressed to see the steps that AirDefense and MetaGeek have taken to put their utilities within reach of a wider array of organizations.

I recommend that administrators evaluate these offerings as they prepare to take on 802.11n.

AirDefense Enterprise 7.3


AirDefense Enterprise 7.3

AirDefense Enterprise 7.3 breaks new ground with its new SA feature because it is the first enterprise product that does not require specialized hardware to detect and analyze non-802.11 sources of interference. Instead, the AirDefense SA add-on works with the standard Wi-Fi sensors that the system uses for all its other security and analysis functions. As a result, current Air-Defense customers can access this functionality on existing equipment with a software update alone.

AirDefense sells an Enterprise starter kit with pricing beginning at $7.995, which includes one appliance (for centralized data collection, sensor management, policy management and reporting) and five sensors (both the M510 sensor with two integrated antennas and the M520 sensor with a pair of external antennas can do spectrum analysis). Each additional sensor is $995, while the SA module costs $195 per sensor.

Both the M510 and M520 sensors have dual radios, each of which is typically in use for the AirDefense product's other analysis and intrusion detection functions. Triggering an SA collection will automatically disengage the sensor's intrusion detection capabilities for the duration of the session to scan both the 2.4GHz and 5GHz bands. By default, an SA session will last only 10 minutes before the sensor is returned to its regular duties, but the administrator can configure an SA session for as little as 5 minutes or to run in SA mode continuously.

While AirDefense's knack for hardware reuse can save money, using nonspecialized hardware has its drawbacks. For one thing, the SA detection and analysis capabilities of Enterprise 7.3 lack the granularity and specificity I've seen with competitive products that rely on dedicated hardware.

For instance, Enterprise 7.3 identifies only four types of device signatures: microwave ovens, Bluetooth radios, continuous wave devices (such as wireless cameras) and frequency-hopping phones. In many environments, these signatures will likely resolve the lion's share of interference problems a wireless administrator is likely to encounter, but those in harsh or troublesome environments may require greater specificity to help isolate specific interference sources.

What's more, the SA management screens in Enterprise 7.3 do not clearly delineate which Wi-Fi channels are being interfered with-the screens display the actual frequencies detected but not the corresponding Wi-Fi channels.

Enterprise 7.3 also makes it difficult to isolate the specific time and general location of interference. The product displays SA data in segments of eight blocks per minute, whereas MetaGeek's product has a sweep time of only 165 milliseconds.

Check out the cool wireless gadgets that came out of the CTIA show. 

However, Enterprise 7.3 offers significant improvements in its forensic capabilities when compared with previous versions. With Version 7.3, AirDefense introduced an optional new Forensics module (at $195 per sensor) that provides historical trending analysis and tracking for Wi-Fi access points or clients over a period of months or years (rather than a 24-hour period, as with the standard forensics capability).

According to AirDefense officials, the company plans to integrate SA detection into its Forensic Analysis module. As it stands now, administrators must individually spot check all relevant sensors to determine how widespread interference may be, rather than being able to consult a single screen for multiple sensors' views of an interfering event.

In addition, because the SA detections are not yet integrated into Air-Defense's Forensic Analysis module, administrators must individually spot-check all relevant sensors to determine how widespread interference may be, rather than being able to consult a single screen for multiple sensors' views of an interfering event.

For instance, I was able to track one client's behavior over the three weeks that the AirDefense product protected my test WLAN (wireless LAN). During that period, the software identified every time my test client joined my network, logged the data rates and encryption types that my clients employed, recorded the amount and nature of transmitted and received data, and tracked the floor-plan locations where I had used my test device.

With Version 7.3, AirDefense also released an optional management console through which I could simultaneously contact and query multiple AirDefense server appliances-a capability that would allow very large enterprises to centrally monitor large, multisite deployments from a single interface.

MetaGeek Chanalyzer 3.0 for Wi-Spy 2.4x


MetaGeek Chanalyzer 3.0 for Wi-Spy 2.4x

Wireless administrators looking to get their feet wet with SA in the 2.4GHz band-either to perform simple or sporadic spot checks or as a technology pilot before investing in larger-scale solutions such as AirDefense Enterprise-should check out MetaGeek's affordable Chanalyzer and Wi-Spy 2.4x combination pack.

For just $399-a significant cost savings over AirMagnet's laptop-based Spectrum Analyzer-MetaGeek provides the latest version (3.0) of its Chanalyzer software plus the USB-connected Wi-Spy 2.4x adapter needed to analyze spectrum.

During my tests of the product, installation was a snap-the only prerequisite was a machine running Windows (2000, XP or Vista) with .Net Framework 2.0. What's more, since MetaGeek has opened its adapter to third-party extension, additional applications are available (VisiWave, EaKiu and Spectrum-Tools) that bring Wi-Spy's detection features to Mac- or Linux-based hosts as well.

Chanalyzer offers three different views of the spectrum. The Spectral View shows noise over time in a waterfall view-with a view of the present at the bottom of the product's interface, the beginning of the analysis session at the top and an adjustable time slice in between. Chanalyzer also serves up a Topographic View, which aggregates the whole of the interference detected during the analysis session into a single display that shows overall use of the spectrum. The Planar View shows the current, average and maximum amplitudes against their frequency.

All these views can be segregated by frequency, so you can easily decipher which channels (either Wi-Fi or Zigbee) would be affected by the interference the product detects. The software's time slider bar allowed me to look at the different views at specific times throughout the recording session. The product's Channel Report then takes all the collected information and assigns a performance grade to each channel in the 2.4GHz band, based on the detected duty cycle and average floor and peak (measured in dBm). This score gave me a clearer understanding of the impact that detected radio- frequency interference would have on my wireless network.

Chanalyzer 3.0 offers device signatures for a handful of technologies and specific devices. I could drag one of these signatures onto the product's Topographic View and identify the source of the spectral interference by the shape of its curve. For instance, the spectral signature of an 802.11b Wi-Fi network differs significantly from a 802.11n network (or a Kenmore microwave oven, for that matter).

The combination of the Chanalyzer software and Wi-Spy hardware is not as robust or extensible as their more expensive brethren are. For instance, the pair lacks 5GHz analysis capabilities and does not offer an option for correlating the spectral information with additional Wi-Fi-specific analysis from another tool. However, the price-and the open development architecture-may make this the right answer for small companies looking for an additional tool in the belt or large companies looking to develop a specific platform that requires spectrum analytics. 

Rocket Fuel