+39 02 94750217 sales@tanaza.com

Juniper Networks acquires Mist Systems for $405 million

Juniper Networks has entered into a definitive agreement to acquire Mist Systems, a wireless LAN vendor pioneering AI-driven WLAN, for $405 million.

With this acquisition, announced on March 4th, 2019, Juniper will combine Mist’s WLAN platform with its existing wired LAN, SD-Wan and security systems to provide enterprise customers with a complete solution.

Mist Systems manages its operations via a modern cloud microservices architecture, and its technology includes machine learning and Artificial Intelligence (AI) capabilities. In early 2018 Mist developed an AI-driven Virtual Network Assistant, Marvis, to simplify wireless operations, and provide insight into client and network behaviour. Mist has also leveraged patented virtual Bluetooth LE technology together with WiFi to deliver location-based wireless services to customers, such as proximity notifications and traffic analytics.

Mist’s acquisition will expand Juniper’s presence in the cloud-managed segment of the wireless networking market and will allow the company to offer a software-defined solution that simplifies operations, lowers operational costs and improves the user experience. Moreover, Juniper plans to leverage Mist’s AI capabilities by extending them across Juniper’s networking portfolio for software-defined architectures.

“With our planned acquisition of Mist Systems, we are not only expanding our enterprise portfolio into the wireless arena but also staking claim to AI-driven operations in the era of multi-cloud,” Juniper CEO Rami Rahim stated in a blog post. “Wireless is the most strategic place to start as we adopt AI for IT. It’s also more than just wireless. AI-driven operations must extend across the whole IT stack if it is to reach its full potential.”

The acquisition of Mist is expected to close during Juniper Networks’ second fiscal quarter, subject to regulatory approvals and customary closing conditions.

Over 485,000 Ubiquiti devices exposed to DDoS attack

Ubiquiti Devices Exposed to DDOS Attack

Ubiquiti Networks is currently working on a fix for a recently discovered security issue affecting its devices. This security issue has been exploited by attackers since July 2018.

According to an internet scan conducted by US cyber-security firm Rapid7, this vulnerability affects over 485,000 devices around the world. Most of the exposed devices are located in Brazil, followed by the US, Spain and Poland.

The vulnerability is not specific to one Ubiquiti device, and is found on a wide variety of the vendor’s high-grade WISP equipment. The majority of the exposed Ubiquiti devices are NanoStation, AirGrid, LiteBeam, PowerBeam and NanoBeam products, and 17,000 of these devices have already been defaced.

Jon Hart, senior security researcher for Rapid7, states in a security alert that attackers are exploiting a “discovery service” running on port 10,001. Ubiquiti included it on its devices so that the company and internet service providers (ISPs) can use it to find them on the internet and in closed networks. This service has been exploited by attackers to carry out DDoS amplification attacks.

These attacks were first spotted by Jim Troutman, co-founder of NNENIX (Northern New England Neutral Internet Exchange). According to Troutman, attackers are sending small packets of 56 bytes to port 10,001 on Ubiquiti devices, that are reflecting and relaying the packets to a target IP address amplified to a size of 206 bytes.

The exploitation attempts are still in an initial stage but, according to Rapid7, the amplification factor – that is currently 3.67 – can go up to 30-35. Attackers could find a way to carry out DDoS attacks in excess of 1Tbps, which is described by Rapid7 as “a crippling amount of traffic to all but the most fortified infrastructure”.

At the moment this discovery protocol “does not appear to suffer from multi-packet responses”, as we read in Rapid7’s security alert. This makes exploitation extremely hard as attackers can only “reflect” small amounts of DDoS traffic.

Ubiquiti already announced that it was preparing a security patch even if, in its current form, the protocol does not seem to be particularly harmful.

“To our current knowledge, this issue cannot be used to gain control of network devices or to create a DDoS attack,” Ubiquiti Networks said. “As a temporary workaround for this issue while it is being investigated and resolved by the development team, network operators can block port 10,001 at the network perimeter,” the hardware maker added.

Even though the biggest exploitation attempts have only been discovered recently, Rapid7 said that the first attacks attempting to exploit Ubiquiti’s discovery service were detected last July, when several Ubiquiti users reported problems related to the access of SSH services on their Ubiquiti equipment.

Wi-Fi Alliance announces Wi-Fi CERTIFIED 6

WiFi 6 Certified - WiFi 6 Certification program

Wi-Fi Alliance announced WIFi CERTIFIED 6 as part of their WiFi certification program. This latest industry certification program is based on the IEEE 802.11ax standard and will be coming online in Q3 2019.

 

The goal of WiFi CERTIFIED 6

According to the Wi-Fi Alliance, WiFi CERTIFIED 6 will ensure that devices based on IEEE 802.11ax technology meet industry agreed standards for interoperability and security. This certification program supporting next generation WiFi is aimed at guaranteeing optimal capacity, coverage and performance required by users for activities such as streaming ultra-HD movies and mission-critical business applications.

“WiFi continues to be a predominant technology for accessing the internet, with a strong history of success” states Andrew Zignani, senior research analyst at ABI research. “WiFi CERTIFIED 6 will further escalate WiFi’s role, with more than one billion WiFi 6 chipsets expected to be shipped annually in 2022”.

 

The main benefits of WiFi 6

WiFi 6 delivers improvements and new features that enable wireless devices to operate efficiently, bringing enhanced performance to users in demanding environments that involve a large variety of device types, from IoT and smart home appliances to business running large-scale deployments.

By virtue of WiFi 6, virtual and augmented reality applications, such as healthcare monitoring systems, e-learning and telepresence will become more attainable. WiFi 6 will also provide carriers and WiFi operators with more capabilities to support next-generation connectivity services, such as location-based and bandwidth-intensive applications in public settings, such as retailers, stadiums and transportation hubs.

The main benefits of WiFi 6 include higher data rates, increased performance in congested environments, improved power efficiency and battery life for the devices and increased network capacity with lower latency.

 

WiFi 6 certification requirements

The latest certification program will ensure that devices are WiFi 6 compatible and support specific features. Wi-Fi Alliance expects manufacturers who already released routers and other wireless devices with WiFi 6 compatibility to certify those devices once the program launches. WiFi 6 certified devices are required to deliver good performance even in dense environments with many devices connected simultaneously.

WiFi 6 includes a variety of technologies, and the support of some of them is mandatory for WiFi 6 devices to be certified: for example, devices must support WPA3 encryption, as well as specific features, such as OFDMA, MU-MIMO and Target Wake Time (TWT).

We expect to see a great number of WiFi CERTIFIED 6 devices being released starting mid-2019. During the CES 2019 event, many manufacturers showcased various WiFi 6 devices, including wireless routers, mesh networking solutions and computers.

Open Mesh acquired by Datto: what’s next for Open Mesh customers?

Open Mesh acquired by Datto

At the beginning of 2017, Datto announced its acquisition of Open Mesh. In this article, we will find out what is going to change for Open Mesh customers after this acquisition from Datto.

About Open Mesh and Datto

Open Mesh Inc., one of the most popular makers of wireless networking devices in the SMB segment, has been acquired by Datto, a data protection vendor that sells its products exclusively through managed service providers. With this acquisition, Datto wants to broaden its offering in the networking sector with the launch of a new line of SMB-focused networking solutions.

The new Datto Networking line of products for small-to-medium sized businesses has incorporated both the Open Mesh wireless access points and Ethernet switching technologies and the existing Datto Networking Appliance and will be delivered exclusively through Datto’s global network of Managed Service Provider partners.

 

What will change for existing Open Mesh customers?

As of January 1st, 2019, customers can still purchase Open Mesh hardware through selected distributors and online resellers, with no recurring fees. However,  the availability of Open Mesh products is only limited to the remaining inventory.

All of the existing Open Mesh hardware has an end-of-life date of 3 years from the end-of-sale date. As for the most recent products, the end-of-life date is December 31, 2021. After that date, no more fixes and security updates will be released for Open Mesh products, and support will be no longer provided.

In the course of this acquisition, Datto Networking has adopted a pricing model which aligns to how MSPs sell their products and requires all new customers to pay a monthly recurring fee, unlike the one-time fee originally set by Open Mesh, which also included a free CloudTrax lifetime license.

Consequently, after the end-of-life date of their purchased products, all current Open Mesh customers are either being forced to upgrade to Datto Networking products and pay the related monthly fees or to switch to an alternative hardware solution. Both of these options represent significant additional costs that ultimately lead to a hardware CAPEX increase.

 

TanazaOS as the alternative to Datto Networking and CloudTrax

Tanaza wants to help Open Mesh customers to continue using their hardware by making its latest product, TanazaOS, fully compatible with Open Mesh devices. TanazaOS will support Open Mesh access points as well as other hardware vendors, freeing WiFi service providers from vendors’ lock-in.

TanazaOS is a Linux-based Operating System for centralized network management. It was developed based on the disaggregation concept which embraces the open-source approach, where WiFi solution providers have the possibility to decouple their hardware choice from their software choice.

Furthermore, TanazaOS is flexible and unlimitedly scalable, and helps in delivering wireless networking faster.

Enterprises and service provider customers reduce complexities and get complete interoperability at a fraction of the cost of other WiFi solutions.

Open Mesh customers switching to TanazaOS from CloudTrax or Datto Networking will leverage from competitive lifetime license pricing, allowing them to dramatically save on their deployment costs, while also benefiting from a secure, reliable and always up-to-date operating system for WiFi cloud management.

By switching to TanazaOS, Open Mesh customers will be able to:

  • Enjoy a full set of professional features for WiFi management and control
  • Avoid Datto’s monthly fees
  • Easily migrate from CloudTrax/Datto Networking to TanazaOS thanks to the self-provisioning system and the cloud configuration
  • Save money when upgrading their hardware infrastructure as TanazaOS runs on many hardware vendors
  • Have access to learning materials and online support for troubleshooting
  • Benefit from additional features, as TanazaOS is constantly evolving, adding new capabilities such a Hotspot System.

If you are an Open Mesh user and want to know more about TanazaOS and its features, you can try the interactive demo to experience our cloud-based operating system to manage your Open-Mesh access points.

Why public entities are becoming more supportive of the Open Source approach

Nowadays, public bodies such as international, federal and state entities are becoming more and more supportive of the open source movement and in general of “open” approaches.

In many countries, such as the US, the UK and France, governments have recommended adopting open-source software in their administrations. Indeed, benefits from open source are particularly well aligned with the objectives pursued by any government:

  • Keeping the IT budget under control: although open-source software is a commercial product and therefore not free of charge, it has a total cost of ownership that is generally lower than proprietary software;
  • Ensuring security and reliability, because the open code allows for complete audits to check for vulnerabilities;
  • Enhancing transparency and innovating to serve citizens better.

Government bodies such as FCC are also recognizing its value by actively contributing back to open source software: indeed, it became the first .gov to contribute to WordPress, the most used content management system.

 

Public entities are also encouraging wireless hardware vendors to allow interoperability with third-party systems based on open source in order to benefit end consumers: indeed, open source firmware can make wireless devices more powerful and more useful, allowing users to implement functions that have been disabled or omitted by manufacturers and ultimately giving them the freedom to customize their hardware. This concept empowers the idea of disaggregation, which means offering the option to select software from one vendor and run it on hardware from a different manufacturer.

In 2016, for example, the FCC required networking hardware vendor TP-Link to support open source firmware on its routers. In a settlement with the FCC, TP-Link agreed to pay a $200,000 fine to be compliant with the rules for the 5GHz band and to allow users to install open source firmware on its routers.

FCC’s rules for the 5GHz band, indeed, require router makers to prevent third-party firmware from changing radio frequency parameters in ways that could cause harmful interference with other devices and services. Router makers could be compliant with these FCC rules by placing limits on what third-party firmware are allowed to do or, alternatively, they could comply by entirely preventing the loading of open source firmware, and this is what TP-Link chose to do. Indeed, TP-Link’s software updates “precluded customer installation of third-party software, including open-source software,” to meet the new 5GHz requirements, the settlement said. In order to avoid further penalties, the settlement required TP-Link to “work with the open-source community and Wi-Fi chipset manufacturers to enable consumers to install third-party firmware on their Wi-Fi routers,” FCC stated.

“While manufacturers of Wi-Fi routers must ensure reasonable safeguards to protect radio parameters, users are otherwise free to customise their routers,” said Travis LeBlanc, chief of the FCC’s Enforcement Bureau. “We support TP-Link’s commitment to work with the open-source community and Wi-Fi chipset manufacturers to enable third-party firmware on TP-Link routers.”  

 

At Tanaza, we believe that disaggregation is imminent on the WiFi networking industry and that, considering the new market conditions, the unbundling of hardware and software is the future for WiFi professionals. For this reason, we developed full compatibility with many wireless devices from different vendors, allowing WiFi professionals to choose the hardware they want to work with and therefore to save on infrastructure costs and hardware while avoiding vendor lock-in. Tanaza’s firmware is based on OpenWRT, a Linux-based open-source firmware for embedded devices that enables the customization of wireless access points, as a result of its fully writable filesystem with package management. For more information about Tanaza and its wide range wide of supported access points, click here.

Related articles:

Update 2019: The list of supported OpenWRT Wireless Access Points Vendors

FCC proposes rules for unlicensed use of the 6GHz band

https://www.tanaza.com/blog/wifi-6-the-next-generation-of-wifi/

WiFi 6: the next generation of WiFi

WiFi 6: the next generation of WiFi

The next standard for wireless LANs, IEEE 802.11ax, has been conceived to transmit data faster, to better allocate bandwidth among several devices connected to a WiFi network and to more reliably deliver high-bandwidth applications (such as video streaming) than its predecessor, 802.11ac, also known as WiFi 5.

The new naming standard

The 802.11ax specification, also known as ‘high-efficiency wireless’, will be commonly referred to and marketed as WiFi 6.

This is a new naming standard set by the Wi-Fi Alliance®, with previous generations now being retroactively labelled as WiFi 5 (802.11ac) and WiFi 4 (802.11n). This new labelling convention will appear on devices as shown in the image below.

WiFi new naming convention by the Wi-Fi Alliance: WiFi 6, WiFi 5 and WiFi 4

This naming scheme is aimed at making it simpler for final consumers to recognize which of the IEEE 802.11 standards each WiFi device supports.

Faster data transfer speeds

WiFi 6 will have a single-user data rate that is about 40% faster than 802.11ac by virtue of a more efficient data encoding, resulting in a higher throughput: more data is packed into the same radio waves, and the chips that encode and decode the signals will increasingly get more powerful and will be able to handle the additional work.

The new standard also improves the performance on 2.4GHz networks that, despite the large investments of the industry on the 5GHz band to reduce interferences, is still better at penetrating physical obstacles.

WiFi 6’s predecessor, 802.11ac, only uses bands in the 5GHz spectrum; the new standard operates across both frequencies and will eventually expand this spectrum to include bands in 1GHz and 6GHz when they become available.

 

Better performance in dense environments

WiFi performance tends to get worse in crowded locations, such as stadiums, airports, malls and offices, where many WiFi enabled devices are connected to the network at the same time.

The new WiFi 6 incorporates many new technologies to overcome this issue, and according to Intel, it will improve each user’s average speed by at least four times in congested areas.

WiFi 6 can divide a wireless channel into a large number of subchannels, and each of these subchannels can carry data intended for a different device. This is achieved through the Orthogonal Frequency Division Multiple Access (OFDMA), a modulation scheme which allows for resource unit allocation and will boost capacity, reduce latency and improve efficiency by allowing as many as 30 users at once to share the same channel. This technology is not a part of WiFi 5, which has regular OFDM; OFDMA is compared as a multi-user version of OFDM.

The new wireless standard has also an improved version of multi-user or MU-MIMO. Wi-Fi 5 Wave 2 introduced Multi-User MIMO, but it only supports four simultaneous connections on downstream (one on upstream). Wi-Fi 6 will instead be able to handle eight streams of data in either uplink or downlink, offering four times the maximum theoretical throughput of Wi-Fi 5 and supporting more users at once.

Image Source: Qualcomm

Extended battery life for client devices

The new Target Wake Time (TWT) feature enables access points to tell to connected devices when and how frequently they have to “wake up” to send or receive data, reducing power consumption and improving spectral efficiency. This technology will be very useful for both mobile and IoT devices, allowing them to effectively increase their sleep time and consequently extend their battery life.

Target Wake Time, in addition to saving power on the client device side, also enables wireless access points and devices to define and negotiate specific times to access the medium, reducing contention and overlap between users.

Target Wake Time (TWT) Feature

Image source: Qualcomm

When will we get WiFi 6?

While some routers already advertise “802.11ax technology” and many products supporting WiFi 6 were presented during CES 2019, 802.11ax WiFi won’t be finalized until the end of 2019. There also aren’t any WiFi 6 client devices available yet, so so these routers won’t bring any benefits to consumers before the transition is done: indeed, both the sender and the receiver need to support the latest generation of WiFi to gain the advantages.