Manualsbrain.com
  1. Manuales
  2. Marcas
  3. Cisco
  4. Cisco Aironet 3500p Access Point
  5. Libro blanco

Cisco Cisco Aironet 3500p Access Point Libro blanco

Descargar
Página de 11
 
 
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. 
Page 3 of 11 
In addition to the threat of rogue devices, there is always the threat that someone malicious will try to disable your 
Wi-Fi network with an RF denial-of-service (DoS) attack. 
Although IDS/IPS systems monitor for many “protocol 
layer” DoS attacks, they do not detect RF layer DoS attacks that can be implemented through jammer devices or 
Wi-Fi devices that have been set in a diagnostic jamming mode. 
In addition to purposeful attacks, some simple devices like wireless video cameras or analog cordless phones can 
accidentally cause a total jamming of your network. Integrated spectrum intelligence and spectrum management is 
very effective for identifying these types of RF-level DoS security threats. 
How Is Integrated Spectrum Management Implemented? 
Limitations in Standard Wi-Fi Hardware 
At a fundamental level, a standard Wi-Fi chipset has limited ability to implement SI. The reason is that Wi-Fi 
chipsets are specifically designed to receive Wi-Fi signals only - they do not recognize other types of signals 
(with the exception of Dynamic Frequency Selection [DFS] radar). Standard chipsets are not even designed to 
pass up enough information for SI to occur at higher levels of software. 
To be specific, when a standard Wi-Fi chipset sees a transmission burst that cannot be understood, it is typically 
able to report only a few things: 1) that an incomprehensible burst has occurred; 2) the power level of the burst; 
and 3) the start and stop time of the burst. Note that the burst may actually have been from a Wi-Fi device on 
another channel or on the same channel, but too far away to be properly received. Or the burst may have been 
from a non-Wi-Fi device. Detailed information about the modulation type of the burst, where it occurred within the 
channel, and so on, is typically not available. And there is no ability for software to access the actual data received 
from the burst for further analysis. 
Despite these limitations, it is possible using a Wi-Fi chip to add up the unidentified bursts, and to calculate a total 
amount of interference, as well as the average strength of interference. 
Unfortunately, this approach doesn’t 
provide the necessary information to actually solve a problem. 
For example, the “total interference” approach can’t 
tell you the specific type of the interference (for example, is it just co-channel Wi-Fi interference or something 
else?), whether the interference is coming from one source or many, where the interference is located, and so on. 
As this list suggests, the level of SI that can be gathered with a standard Wi-Fi chipset is quite limited. 
Cisco CleanAir Technology: A Custom Hardware/Software Solution 
To overcome the visibility limitations inherent to standard Wi-Fi chipsets, Cisco has created an integrated solution 
with patented chips and software that has been specifically designed to analyze and classify all RF activity. 
(More than 25 patents have been issued for this technology to date). Essentially, Cisco has taken the technology 
behind the Cisco
®
 Spectrum Expert analysis tool, and integrated it directly into the infrastructure, including deep 
integration within the Wi-Fi chipset. This is a significant development, and demonstrates that as wireless has 
transitioned from nice-to-have to business-critical in the enterprise. Consumer-grade Wi-Fi silicon is no longer good 
enough. 
The custom solution starts with the Cisco Spectrum Analysis Engine (SAgE) hardware core, which has been 
integrated directly into the Wi-Fi chipset of the 1600/2600/3600/3700 Series of 802.11n/802.11ac capable Cisco 
Aironet
®
 Access Points. The SAgE core handles very compute-intensive operations, such as high-resolution Fast 
Fourier Transform (FFT) and pulse detection operations. (A pulse is a burst of RF energy in frequency and time.) 
The SAgE core has a highly granular spectral resolution of 78.125 kHz (4x better than the nearest competitive 
solution and 64x better than most chipsets) which helps enable a broad interference detection and analysis. 
Essentially, the SAgE core handles a base level of spectrum analysis operations that are so processing-intensive 
they can be prohibitive to handle in real-time software.