Cisco Cisco Aironet 3500p Access Point 백서
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 2 of 11
While external or standalone SI tools have existed for some time, Cisco has taken the bold step of integrating SI
directly into the chipset of new
. Cisco CleanAir is a revolutionary technology and industry first that
provides IT managers with access to rich spectrum information that is automatically gathered on every non-802.11
interference source.
The spectrum intelligence provided by CleanAir technology enables a new level of spectrum management.
In contrast to previous spectrum management tools that could understand and adapt only to other Wi-Fi devices
and were usually separate from the
, the new integrated spectrum management is part of the
fabric of the wireless network. Second-generation spectrum management is fully aware of all the users of the
wireless spectrum, and is able to take action to optimize network performance by mitigating or avoiding
interference.
Performance and Reliability
Beyond understanding interference issues, IT wants the network to address interference issues automatically when
possible - both to save on operating expenses (OpEx) and to minimize network downtime. This type of automated
tuning is the domain of radio resource management (RRM), which is a layer of software in the infrastructure that
automatically adjusts network parameters to maintain RF performance. Older generations of RRM were largely
blind to interference issues, other than some crude awareness of “noise.” With integrated SI, a new generation of
blind to interference issues, other than some crude awareness of “noise.” With integrated SI, a new generation of
RRM is able to use detailed knowledge of interference sources to make truly intelligent decisions and achieve new
levels of reliability.
In addition to automated RRM, integrated spectrum intelligence can be used systemwide for a broader set of
spectrum management tasks. These may be new to Wi-Fi but are familiar to wired network managers:
●
Troubleshooting performance problems in real time
●
Performing forensic analysis on intermittent or past problems
●
Reporting on usage and interference trends
●
Correlating interference problems across multiple access points both to hone in on impact and to reduce
excessive alarms
Wireless Security
Ultimately, the challenge of Wi-
Fi is not just performance; it’s also security. There has been a good level of industry
focus on how rogue access points can open up security holes in an enterprise network. Wireless intrusion
detection systems and intrusion prevention systems (wIDS/wIPS) have been designed to address this issue.
But current IDS and IPS solutions have significant blind spots that cannot be addressed without the addition of
spectrum intelligence.
Current IDS/IPS systems cannot detect access points running with proprietary extensions such as Super G
(from Atheros). These readily available devices go
undetected. Additionally, it’s possible for a hacker to take
standard Wi-Fi equipment (for example, running Linux) and modify it to operate on nonstandard channels or with
other nonstandard modulation schemes. These extended or modified devices can be detected only if you analyze
the RF physical layer.
Beyond Wi-Fi devices, many other types of non-Wi-Fi equipment - including Bluetooth access points, access points
running older standards such as 802.11FH, and proprietary wireless bridges - can also be used to open up holes in
the network. In the case of bridges, these devices can send data to an attacker who is miles from your building.
Again, these types of devices can be detected only if you analyze all the devices that are present in your spectrum.