Can ransomware spread through WiFi?

Can ransomware spread through WiFi?

Can ransomware spread through WiFi? Yes, it’s possible.

Citing Wikipedia: “Ransomware is a type of malware that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid.
Ransomware attacks are typically carried out using a Trojan, entering a system through, for example, a malicious attachment, embedded link in a phishing email, or a vulnerability in a network service.”

This type of malware has become one of the first threats in the cybersecurity landscape of several industries.

Several reports have shown how MSPs, ISPs, and SPs remain prime targets for those attacks. The reason is simple: their business model serves many SMBs, medium and large enterprises, with multimillion assets attracting the interest of hackers. The most common ransomware that attack MSPs are CryptoLocker, WannaCry and CryptoWall. 

In its last report about network security, Cybersecurity Ventures has estimated that “every 2 seconds, a ransomware attack occurs. The expected global damage costs by 2031 will be around $265 billion”

It is easy to understand how the growth of damage occurs in parallel with the growth of downtime, caused by increasingly sophisticated ransomware.

A 2023 study by Statista confirms that “Although ransomware still ranks behind other more concerning malware types such as viruses and trojans, it has huge potential for damage – both for businesses and individuals alike. In fact, the annual share of ransomware attacks experienced by organizations worldwide has been on the rise since 2018, peaking at 68.5 percent in 2021.”

Statistic: Annual number of ransomware attacks worldwide from 2016 to first half 2022 (in millions) | Statista

Annual number of ransomware attacks worldwide from 2016 to first half 2022 (in millions)

The threat of ransomware is not always related to software download or email phishing. The increase of global network traffic and the economical interests of hacking groups during post-Covid19 and Russia / Ukraine war have multiplied the types and quantity of attacks against business networks. Wi-Fi networks can become a vector for traditional ransomware.

There are ransomware categories, such as Emotet, that operate as worms bypassing the weakest passwords and infecting multiple contiguous wireless networks. There are ransomware, such as Chameleon, that collect and report the credentials of all other WiFi users who connected to it. And then, they try to expand the infection other WiFi APs that they could connect to and infect.

Read more about the study of the University of Liverpool

It’s basically impossible to defend WiFi networks from every type of ransomware. The correct approach that MSPs, ISPs, and SPs should have in this complex scenario of malware threats is to adopt the best defense technologies against ransomware in relation to Wi-Fi.

What is a possible defense for business networks against Wi-Fi ransomware?

Tanaza suggests Configuring RADIUS Authentication + NAS ID with WPA-Enterprise. 

For instance, let’s analyze the behavior of the ransomware Chameleon to understand the approach used by Tanaza to fight ransomware attacks.

The goal of this ransomware is data theft, device malfunctions at the OSI layer 2, and the lock of lists of files or entire systems for ransom reasons when integrated with worms. 

The first malicious portion of the code of this ransomware executes a deep network scan to discover possible susceptibilities into the access points. Scanned vulnerabilities include weak passwords, outdated firmware, and unsafe encryption protocols of the Wi-Fi device (as WEP, WPA, WPA+TPKI, WPA + TKIP/AES, WPA + AES). When the ransomware finds access points with easy to crack passwords (appealing for dictionary attacks) or unsafe network protocols, the ransomware can bypass the security protocols and the administrative interface of the access point.

At that moment, Chameleon identifies and stores AP system settings, replacing the original firmware with a virus-loaded and reloading the new malicious AP settings. 

The activity of malware is unstoppable. The propagation of ransomware would continue despite upgrades to security methods, such as deep packet inspection or the change of security protocols in a second moment. The malware could infect other nodes. The propagation would continue near weak networks on an infinite loop.

Threat prevention against WiFi ransomware

The configuration of the RADIUS Authentication server + NAS ID with WPA-Enterprise represents a triple level of security for MSPs, ISPs, and SPs.

When a user tries to authenticate to the network, he fills the fields with a username and password to execute the login. The device creates an Access-Request message and sends it to the preconfigured RADIUS server. In this message, there are the encrypted credentials. The Radius server will confront the received login credentials with the data on an internal database to establish if the client is known. 

If the device is a client known to the RADIUS server and the shared secret is correct, the server looks at the authentication method requested in the Access-Request message. If not, the RADIUS sends an Access-Reject message that shows authentication failure. The RADIUS communication ends and the client is denied access. 

At this level, the MSPs, ISPs, and SPs network have solid protection standards because, during the network scan by malware to find AP susceptibilities, the ransomware should crack the WPA Enterprise AES-CCMP protocols (bypassing robust cryptography techniques: “counter mode” and “CBC-MAC”) and intercept the Access-Request message, falsing it with the list of credentials into the database.

What is WPA Enterprise?

WPA Enterprise is one of the safest WiFi security methods for network protection. The protocol was specifically designed for the network defense of business organizations. The encryption method used by this security protocol is AES-CCMP: it encrypts data transmitted over the air.

WPA Enterprise is used in MSPs, ISPs and SPs environments where design protection system againts Wi-Fi ransomware is critical. This security protocol uses the IEEE 802.1X standard for network access control, which provides an authentication framework for devices attempting to connect to the network.

In WPA Enterprise, when a client attempts to connect to the network, the access point requests authentication credentials from the user’s device. The device then sends the credentials to an authentication server for verification. If the credentials are valid, the authentication server sends a message back to the access point, allowing the user’s device to connect to the network.

WPA Enterprise also uses encryption to protect the data transmitted over the network. It supports multiple encryption methods, including the Advanced Encryption Standard (AES) and Temporal Key Integrity Protocol (TKIP).

 

What is RADIUS Authentication?

Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.

And if the authentication fails on the primary server?

Tanaza has enabled a secondary server feature. As for the first one, it’s possible to configure IP addresses or hostnames, ports, and shared secrets (password, passphrase, or a number).

How to configure radius server for wireless authentication?

For best performance and network security, Tanaza suggests having the RADIUS server and gateway access points located within the same layer-2 broadcast domain to avoid firewall, routing, or authentication delays. Another interesting feature that MSPs, ISPs, and SPs can use as a security method, it’s to set the NAS ID.

NAS ID – Network access server identifier

NAS ID is the further protection technology developed by Tanaza to protect networks from ransomware. NAS ID is textual code that enables the RADIUS server to choose the policy for that specific request. The NAS-ID is sent to the RADIUS server by the centralized platform through an authentication request to classify clients into different groups and subgroups. This enables the RADIUS server to send a customized authentication response.

Network segmentation security through SSH access of APs

Above, we have analyzed how Radius Server Authentication and WPA security protocol are solid protection against ransomware for SSIDs security.

Tanaza offers another level of protection at the AP level: SSH access.
SSH protection provides IT and information security professionals with a solid mechanism to manage clients remotely. Rather than requiring password authentication to initialize a connection between an SSH client and server, SSH authenticates the access point themselves.

Operators can enable SSH access on different granularities of the segmented network:
– for each single access point;
– for the entire network through the feature network-wide configuration.

Remember for a second the aforementioned ransomware Chameleon and its malicious action of network scanning to find APs susceptibilities in order to replace the original firmware. The SSH encryption protocol is a further robust shield to avoid AP intrusions and firmware modifications. When SSH is enabled, the access point is protected by the highest compliance requirements related to SSH keys.

Can ransomware spread through WiFi? Yes. But you can defend it with Tanaza

Try Tanaza and experience our security features to protect business networks from WiFi ransomware threats.

Get Started

✔︎ No credit card required

Mockup-tanaza-os

Enterprise WiFi solutions for wireless infrastructures by Meta Connectivity and Tanaza

Enterprise WiFi solutions for wireless infrastructures by Meta Connectivity and Tanaza

Try now the Tanaza
WiFi Management Platform

Get Started

✔︎ No credit card needed ✔︎​ Easy configuration

✔︎ Auto rollback when you desire

or continue to read more
about the enterprise WiFi solutions for
wireless infrastructures by Meta Connectivity.

Meta Connectivity worked on four revolutionary enterprise WiFi solutions for wireless infrastructures.

Tanaza has joined Facebook Connectivity’s Express Wi-Fi Technology Partner Program in 2020. The company has been proud to cooperate with the Facebook Express Wi-Fi project in order to help Service Providers and Operators to monetize WiFi networks and manage them from the cloud.

 

integration partners tanaza

Magma

Deploy easily mobile networks in hard-to-reach areas thanks to an intuitive open-source platform for network operators.

integration partners tanaza

Terragraph

Deliver cost-effective fiber-likes speeds using 60 GHz unlicensed spectrum.

integration-cloud4wi

Evenstar

Expanding the OpenRAN ecosystem to improve flexibility, drive innovation, increase supplier diversity, and reduce TCO costs for operators.

Express WiFi by Facebook and Tanaza

How did Express Wi-Fi by Facebook work?

Express WiFi was the SaaS cloud platform to build and grow WiFi businesses in a scalable way. Internet providers could take advantage of valuable network usage insights and business analytics metrics to develop and maintain sustainable Wi-Fi services with an excellent user experience.

Providers could monetize WiFi by selling connectivity and enabling local businesses to sell data packs to final users. Sold and consumed data were under control at any moment and from anywhere thanks to the intuitive and responsive centralized dashboard.

clinics-express-wifi

Medical clinics

hostel-express-wifi

Hostels

coffee-express-wifi

Coffee shops

restaurants-express-wifi

Restaurants

Shopping malls Express WiFi

Shopping malls

clinics-express-wifi

Medical clinics

coffee-express-wifi

Hostels

Shopping malls Express WiFi

Shopping malls

hostel-express-wifi

Coffee shops

restaurants-express-wifi

Restaurants

Was Express WiFi by Facebook free?

Customers could purchase data packs via digital vouchers. The price was variable and it depended on variable factors.

Where was Express Wi-Fi available?

pin

Africa
Burkina Faso, Ghana, Kenya, Malawi, Nigeria, Senegal, South Africa, Tanzania and Uganda

pin

South America
Argentina, Brazil, Chile, Ecuador, and Peru

pin

Asia
India, Nepal and Thailand

pin

South East Asia
Indonesia and Philippines

Tanaza & XWF Architecture

In order to broaden the understanding, in the following scheme service providers and network operators can graphically visualize the HW/SW architecture of the Express WiFi project integrated with the AP cloud management platform Tanaza.

tanaza-xwf-architecture

Magma

What is Magma by Facebook?

Magma is a software platform for network operators developed to provide network connectivity solutions for remote locations, factories, and enterprises. It enables Communication Service Providers (CSPs) to deliver fast and reliable internet connectivity with innovative features.

Magma is a valid opportunity for CSPs to save money, reducing CAPEX and OPEX costs.

Is Magma by Facebook open-source?

Yes. Magma is an open-source centralized cloud-based controller on a public or private cloud environment. The platform works with existing LTE base stations and can federate with traditional mobile cores to extend services to new areas.

Terragraph

What is Terragraph by Facebook?

Terragraph is the affordable wireless infrastructure solution designed to meet the growing demand for reliable, fiber-speed internet access in urban and suburban environments.

Over the next 5 years, the annual global IP traffic will reach 396 exabytes per month.
The number of devices connected to the internet is expected to double at the same time.

What are the use cases of Terragraph?

– Fixed Wireless Access;
– Mobile Backhaul;
– Outdoor WiFi;
– Smart City.

What are the benefits of Terragraph?

Time to Market reduction
Terragraph lets reduce Time to Market for network deployments thanks to mountable outdoor WiFi devices without costly right-of-way permissions.

Network scalability
Terragraph improves network scalability reducing the upfront investment needed.

The resilience of Wireless Mesh Networks
Terragraph deploys a multi-node mesh network, allowing for built-in signal re-rerouting to ensure high availability and reliability.

Evenstar

What is Evenstar by Facebook?

The primary goal of the Evenstar program is to create a secure, robust, and sustainable alternative to the existing OpenRAN wireless infrastructure solution ecosystem.
Evenstar intends to provide a comprehensive and intuitive platform for the product life cycle, from requirements to production, including testing, validation, and eventually procurement. With a consistent reduction of TCO costs for operators.

The Evenstar Program decouples the Radio Unit (RU), Distribution Unit (DU), and the Centralized Unit (CU) through standard intuitive interfaces between each element. Vendors can focus on their area of expertise and competitive advantage while MNOs can choose best-of-breed components that meet MNO requirements.

What are the benefits of Evenstar by Facebook?

– Improve network flexibility
– Drive innovation in the OpenRAN ecosystem
– Increase supplier diversity and hardware/software disaggregation
– Reduce Total Costs of Ownership for network operators (link to Valeria’s article)

Traditionally, the RRU hardware, DU hardware, and CU software are sold as a package. The goal of OpenRAN and the Evenstar program is to decouple these elements and provide alternative solutions supporting standard interfaces.

Facebook Express WiFi and Tanaza – It was the best-in-class enterprise WiFi solution for WiFi monetization

Where available, Facebook Express WiFi and Tanaza cloud platform combined together, represented the ultimate enterprise WiFi solutions to sell data packs for internet access when customers desire (daily, weekly, monthly).

SPs and Operators could enjoy a wide range of compatible WiFi devices with Tanaza to deploy performing and cost-effective WiFi networks while offering access to fast, affordable, and reliable internet thanks to the old WiFi monetization ecosystem of Express Wi-Fi.

Express Wi-Fi by Facebook is not available anymore since 31th December 2022

Discover more add-ons or integrations on the marketplace

Benefits of Cloud Managed Wireless Networks

Discovering the benefits of cloud managed wireless networks solutions

Transfer

Try now the Tanaza
WiFi Management Platform

Get Started

✔︎ No credit card needed ✔︎​ Easy configuration

✔︎ Auto rollback when you desire

or continue to read more
about the benefits of
cloud managed wireless networks.

The benefits of cloud-managed wireless networks over traditional network management solutions are multiple and consolidated in the industry. In Tanaza, we have defined the main advantages of a cloud-managed wireless network platform.
  1. Cost reduction of network infrastructures and network management;
  2. Productivity improvement for structured companies as MSPs, ISPs, and SPs;
  3. Safer security levels in enterprise network deployment
  4. Fast and efficient resolution of network problems thanks to a better network visualization;
  5. Superior network support thanks to outsourced dedicated technical assistance;
  6. Better business decision-making thanks to real-time and historical network analytics and reports.

Cost reduction of network infrastructures and network management

During post-pandemic times, cost reduction of network infrastructures and network management is the main priority for MSPs, ISPs, and SPs. The budget review represents an urgent voice in the development plans of many companies.
Embracing network disgregation and adopting a SaaS WiFi cloud-managed solution can help enterprises and SMBs achieve these goals. understood this need and redefined the concept of network infrastructure costs, developing an enterprise alternative to the more expensive single-vendor cloud controllers. Hardware disaggregation is the fundamental point that allows CAPEX and OPEX costs reduction.

When network professionals start their experience with Tanaza, they have to decide the type of hardware and access points for the next device deployment. Network professionals will be able to choose cheaper access points such as consumer/SMB devices with an average cost of around $100/device, unlike someone using a traditional network management solution who will have to spend $300/device (hardware + software).

The cost reduction impacts even network management.
By using cloud management TanazaOS, professionals enjoy the same set of features in an all-in-one centralized dashboard, instead of investing budget resources in multiple solutions that sometimes can entail CAPEX/OPEX costs. Features include remote monitoring, centralized configuration, multi-site management, and self-provisioning: click here for the complete list of Tanaza features.

Productivity improvement for structured companies as MSPs, ISPs, and SPs

One of the main benefits of cloud-managed wireless networks solutions is the productivity improvement for companies as MSPs, ISPs, SPs. Cloud-based platforms such as Tanaza allow users to save time avoiding repetitive network configuration operation and monitoring performance and troubleshooting parameters from a single centralized dashboard.

Imagine for a second having a time-consuming and repetitive activity as the configuration of hundreds of multi-vendor indoor and outdoor access points. During traditional one-by-one network management configurations, professionals have to study multiple model specifications, understand internal OS features of each device, verify access point compatibility with network IEEE standards, and, in some cases, solve typical network compatibility issues through updates and expensive network troubleshooting practices. Thanks to a cloud-managed wireless network solution such as Tanaza, instead, is enough to type the MAC address of the device and network professionals can manage all these inconveniences in a few clicks.

In structured companies, different technical departments have to co-work to guarantee the highest standards of service. Using a managed wireless network solution helps to improve productive cooperation between professionals. Once set specific roles and create different permission levels, internal and external collaborators can access the all-in-one cloud dashboard of Tanaza and check network traffic analytics and monitoring data as real-time bandwidth data, the number of concurrent clients for SSIDs, or access point status, remotely and at any time. Different departments indeed no longer need to waste time in the manual analysis of network data through multiple, disconnected tools and formatting them into reports, with possible misinterpretations, typical data inconsistency due to data integration, and useful status meetings. Network teams can spend their work time in more profitable work activities.

Safer security levels in enterprise network deployments

According to Gartner Report 2021 about Security Vulnerability, more than half of the companies faced security vulnerabilities during the pandemic. Attacks on enterprise devices continue to represent the main security weakness in the enterprise network deployment.
Cloud-managed wireless networks have different levels of security.

Solid password, IP address restriction, and firewalls

Most secure cloud-based management platforms have the strongest password protocols and solid security policies. Tanaza, for instance, requires its users to choose a password compliant with a strong password policy with the following criteria:

  • 8 characters minimum
  • At least one lowercase character
  • At least one uppercase character
  • At least one digit
  • At least one special character

Tanaza restricts any remote access using the IP address and verifies the login by public key (RSA).

The cloud dashboard is highly protected by dedicated firewalls, and 24×7 services login is operative for monitoring accesses and potential threats.

Disable WiFi configuration/login pages, managing APs settings safely from the cloud

Cloud-managed wireless networks solutions add a new level of security thanks to the possibility to exclude default WiFi configuration/login pages. Common network attacks happen in the pre-set login page of access points. Especially in low-medium cost device brands, minimum security standards are not always guaranteed.
Wireless cloud management solutions introduce a further level of security: network administrators can disable unsafe configuration/login pages and manage access points settings safely from a cloud dashboard. Only those who know the credentials of the cloud management dashboard or who have adequate permission levels can access device settings. The security of the cloud dashboard is guaranteed by the standard presented in the previous chapter.

Secure data storage and user data management

Data related to network configurations set up by users in the Tanaza dashboard is stored on a Database using Amazon Relational Database Service (Amazon RDS). Instead, data specific to network analytics, like devices’ statistics, is saved on No-SQL databases hosted on AWS servers.

Security is ensured through a split of data sent to/from the managed devices and any end-user data. Configuration and login sessions pass through the servers; however, all the data exchanged by customers with the Internet remains completely excluded from our systems. Besides, any sensitive data is secured with high control and restricted access.

Fast and efficient resolution of network problems thanks to an innovative network visualization system

Cloud wireless networks management allows easy troubleshooting of enterprise networks thanks to better network visualization. A centralized cloud dashboard is functional to map and manage all the network devices, metrics, and data, helping network administrators to identify fastly and efficiently what is the weakest node and organize the protective measures.

Tanaza, for instance, allows multi-vendor access points configuration and granular network visualization.
Network sections are subdivided into SSIDs and devices. The intuitive and easy-to-use centralized dashboard is composed of visual network design principles. The centralized dashboard allows the network administrator to identify immediately AP model and the device status by icons, without the need to type a single command line.
Read more about Device Status

WiFi Devices
Device Status AP Tanaza
For each network component, administrators can check real-time and historical data to identify what is the cause of an unexpected disconnection or suspicious threats.

When a device disconnection happens, users can configure an email alert system that warns them every time each access point goes down. This aspect disaggregates the old concept of network visualization because it’s no anymore necessary to visualize the AP status on the platform to start the network troubleshooting, but it’s the platform itself to notify the disconnection. This could happen meanwhile WiFi professionals are working on other tasks and allow a rapid response to possible network attacks.

Superior network support thanks to outsourced dedicated technical assistance

Among the main benefits of cloud-managed wireless networks, outsourcing of WiFi cloud management activities represents a great opportunity to decrease operational costs. Invest in a cloud-managed platform to allocate part of the budget for an all-in-one solution for multiple activities, saving money and avoiding increasing company labor costs. The prices of these solutions are generally very cheap and scalable. Tanaza, for instance, has convenient pricing plans based on the number of access points and the selected period of the license. Companies can pay only for what they exactly need, without any added cost.

Visit this page to discover the pricing plan.

Relying on the network management to an external cloud-managed solution, it’s important even because superior network support is guaranteed. The networking industry is constantly updating, and there is not always time and economic resources to invest in constant training for internal teams. Delegation to an external cloud-managed wireless network allows externalizing risks and management issues with the possibility to rely on superior support, in case of problems.

Tanaza guarantees superior network support, with taking charge of the customer requests in at least 24/48h. The support team can be contacted for commercial or technical reasons with the assurance of the resolution of any problems related to the platform. For ambitious projects, our developers are always available to take into consideration requests for new features or of new access point deployment.

 

Better business decision making thanks to real-time and historical network analytics and reports

Without data, you are another person with an opinion. This is a rule in data analysis. More and more in network analytics.
The best decisions related to new access points acquisition, security threats prevention and defending, or network parameters customization pass from appropriate and deep real-time and network analysis.

Cloud-managed wireless networks solutions as Tanaza allow customers to analyze remotely real-time and historical data as bandwidth, max concurrent clients, GHz channels, device maps for the previous 7 days, 24 hours, or 60 minutes.

Often, network administrators have hundreds of Wi-Fi devices deployed in multiple locations to monitor. It’s important to know the status of each single AP or Wi-Fi router at any moment, to be able to debug the network when needed.
It’s a huge amount of data and a mistake can cause problems for the whole network deployment.

The granular UX design of the Tanaza dashboard allows network administrators to study the network structure at every level, analyzing device by device load and memory parameters excesses. By monitoring the load value for each access point, it’s possible to understand if the access point is under strain due to the range of coverage or the amount of network data to be processed. This value offers a parameter to prevent overload on access points or possibly breaking down, improving service availability and helping prevent downtimes.
By monitoring memory value, instead, it’s possible to verify unusual AP memory usage. With constant, full memory usage, like in the case of a high number of concurrent connections, clients connected to these APs can experience intermittent connectivity drops. Monitoring this parameter allows to improve the quality of service and reduce network instability.

The average situation of those parameters reflects itself on the device status. Thanks to the historical data, network administrators can obtain relevant information about APs position and status.

Discover more about the device status 

This amount of data is really useful because it allows network administrators to collect precious information for network design and troubleshooting before, and business decisions after.

Imagine identifying several access points of the same model placed in different locations with repetitive cases of temporary disconnection caused by high levels of over memory. Without a cloud-managed wireless solution with a centralized dashboard, it will be really hard to obtain bulk real-time statistics that can help to understand what causes the network issue. In parallel, it could be difficult to conclude that a particular type of model does not cause a network failure in isolated situations, but in multiple nodes of the network with the same characteristics. Consequently, the decision to invest in other models will be more of an attempt than a data-based thoughtful choice.

The risk of re-invest in access points that cause a new outage of service is high. With Tanaza, instead, it is possible to reorganize the list of access points ascending and descending for load, traffic, clients, and status and name to have under control the entire network in the same dashboard from the device.

Try Tanaza and discover the benefits of cloud-managed wireless networks

Managing WiFi access points and networks in the cloud has multiple advantages.

Get Started
✔︎ No credit card needed
✔︎​ Easy configuration
Tanaza Desktop Mobile

Related articles:

Advantages of Cloud Managed WiFi SaaS for Wi-Fi business

Tanaza platform security to prevent data breach

https://www.tanaza.com/blog/reasons-to-invest-in-cloud-wifi-solutions/

WiFi Management Software Alternatives

15 reasons to choose Tanaza among WiFi Management Software Alternatives

Transfer

Try now the Tanaza
WiFi Management Platform

Get Started

✔︎ No credit card needed ✔︎​ Easy configuration

✔︎ Auto rollback when you desire

or continue to read more
about the WiFi Management Software Alternatives

There are several reasons to choose Tanaza Cloud Platform among the WiFi management software alternatives proposed by the WiFi cloud market in 2023.

Instead of creating a useless direct company-centric comparison with other solutions, we present in 15 points why Tanaza could be your next alternative for WiFi cloud management. With Tanaza you can:

1. Manage networks everywhere, at any time thanks to the infinite potential of WiFi cloud management.

2. Troubleshoot network issues in a unique all-in-one cloud solution thanks to an always-updated list of business network management, monitoring, and diagnostic tools.

3. Choose the best access points that work for your business needs. Don’t depend on mono-brand sellers: Tanaza is a vendor-agnostic solution.

4. Take advantage of zero-touch provisioning to configure networking devices efficiently and send them pre-configured to the customer’s premises for installation.

5. Integrate the Tanaza platform with third-party applications provided by official Tanaza Partners as Cloud4Wi, Classic Hotspot, and Social WiFi

 

 

Add-ons

Customize Tanaza with additional features

Fing Integration

Fing

Network monitoring

Accurate identification of client devices connected to your networks.

 

Fing Integration

Historical statistics

Network monitoring

Keep track of the status of devices and connected clients over time.

 

Fing Integration

Voucher login

Hotspot

Manage user access through the use of voucher codes that limit duration and quota.

 

Third-party integrations

Connect Tanaza to your favorite apps

Fing Integration

Classic Hotspot

Hotspot

An easy-to-use solution to manage and analyze free, paid, and advertisement-based hotspots from the cloud, developed by Tanaza.

Fing Integration

Cloud4Wi

Hotspot

A cloud Wi-Fi solution with a tailored marketplace enabling next generation Wi-Fi services.

Fing Integration

MyWiFi Networks

Hotspot

A guest Wi-Fi platform with social data capture, visitors metrics and marketing automation.

Fing Integration

Social WiFi

Hotspot

A Wi-Fi marketing platform to connect, capture and keep more customers.

Integration ADS4WiFi Logo

ADS4WiFi

Wi-Fi Advertising

A complete advertising management and campaign delivery platform to monetize guest Wi-Fi hotspots through targeted ADS.

6) Create WiFi splash pages without creative limitation. Explore splash page editor features. You can also configure external splash pages with multiple marketing services.

7) Obtain real-time and historical statistics about networks, clients, bandwidth, and APs. Experience 360° control of the most relevant networking parameters even if you are away from the office smart-working workstation. Tanaza cloud management is responsive and manageable from smartphones and tablets.

8) Save valuable time thanks to an innovative and easy access point configuration system. You need only to set up the MAC address of your devices and you have done: your network is ready to be managed. No code or hard technical skills are required.

9) Reduce CAPEX and OPEX costs by converting your networks into a high-performing ROI investment. Read more about how disaggregation can reduce CAPEX and OPEX costs.

10) Set up WiFi disconnection notification alerts when the network goes down or has some issues thanks to an efficient alert system that informs you every time an access point disconnects. Forget manual ping and VPN to check your network stat.

11) Fix patches, security vulnerabilities, and stability of your WiFi devices without external expensive interventions. You can update firmware remotely in a few seconds and at a network or organization level.

12) Forget unnecessary hardware controllers. Manage every aspect of the network directly in the cloud.

13) Easily migrate from other WiFi management software alternatives to Tanaza thanks to the auto-provisioning system and cloud configuration.

14) Count on formidable 360-degrees support. Our support team will answer you by 48/72 hrs.

15) Access a wide variety of educational materials and online troubleshooting support.

Forget dispersive WiFi management software alternatives. Try Tanaza All-in-one solution

Experience the power of managing WiFi access points from the cloud with Tanaza.

Get Started

✔︎ No credit card needed
✔︎​ Easy configuration

Tanaza Desktop Mobile

The Future of WiFi – WiFi Future Trends for MSPs, ISPs and SPs

The Future of WiFi – A guide for MSPs, ISPs, and SPs

At Tanaza we believe it’s time to present, data in hand, the latest news for MSPs, ISPs, and SPs about the future of WiFi and Cloud Management.
Today and tomorrow, more than ever, Wi-Fi will be one of the most widespread technologies in the world and represents a crucial point in the daily and business lives of billions of people.

The future of WiFi Technology

In a previous article, we discussed How soon Wi-Fi 6 will impact Business WiFi Networks.
Read more about:
Wi-Fi 6
Wi-Fi 6E
Wi-Fi 7
– Wi-Fi 8 (coming soon)

WiFi 6 and Wi-Fi 6E are starting to emerge in lots of enterprise wireless access points.

Here are some examples:

WiFi 6 Access Points for Business – Discover the right device to enter in the future of WiFi

Intelbras AP360

Edgecore EAP102-T

Indoor
Wall-Ceiling Mountable PoE

EAP102 is an enterprise-grade, concurrent dual-band Wi-Fi 6 indoor access point. EAP102 supports 4 x 4 : 4 uplink and down link MU-MIMO between the AP and multiple clients, with up to 2.9 Gbps aggregated data rate.

Comfast Quasar CF-E375AC V2

Edgecore ​EAP101

Indoor
Wall/Ceiling/T-bar mountable

​EAP101 is a dual-band Wi-Fi 6 indoor access point for enterprises. The device supports 2×2:2 uplink and downlink MU-MIMO between the AP and multiple clients, with up to 1.7Gbps aggregated data rate. EAP101 is equipped with Bluetooth Low Energy (BLE) radio enabling value-added applications such as iBeacon, presence.

Linksys LAPAC1200

Linksys LAPAC1200

Indoor
Wall-Ceiling Mountable PoE

Linksys LAPAC1200 is a Dual-Band WiFi6 Access Point with Power over Ethernet (POE) support. This enterprise access point features one Gigabit Ethernet and is backward-compatible with widely deployed 802.11a/b/g infrastructure.

Comfast Quasar CF-E375AC V2

TP-LINK EAP660

Indoor
Ceiling mountable

The EAP660 is the powerful and flexible high-performance Wi-Fi 6 wireless access point (AP) designed for businesses and other organizations that require reliable and high-speed wireless connectivity.It supports up to 2,500 client devices, 4×4 MU-MIMO technology, beamforming technology for more targeted and efficient wireless coverage. The EAP660 achieves of up to 3550 Mbps (AX3600).

 

Linksys EA8450

Linksys EA8450

Indoor
Table Mountable PoE

The EA8450 is a high-performance wireless access point that provides fast and reliable Internet connectivity for SMBs. It is designed to support demanding applications such as online gaming, streaming video, and file sharing.

It supports the latest Wi-Fi 6 (802.11ax) technology, which offers faster wireless speeds, improved coverage, and better network efficiency. It can deliver wireless speeds of up to 4.8 Gbps on the 5 GHz frequency band and up to 1.2 Gbps on the 2.4 GHz frequency band. The router also features four Gigabit Ethernet LAN ports and a Gigabit WAN port, which allow for high-speed wired connections. It also features 4×4 MU-MIMO technology and beamforming technology for more targeted and efficient wireless coverage.

Linksys EA7350

Linksys EA7350

Indoor
Table mountable

The EA7350 is the powerful and flexible high-performance dual-band Wi-Fi 6 wireless access point (AP) designed for house and small SMBs businesses and other organizations that require reliable and high-speed wireless connectivity to surf, stream, and game all at the same. It supports up to 20+ client devices, speed up to 1.8 Gbps and MU-MIMO technology,

 

What is Wi-Fi 6 and what are benefits for MSPs, ISPs and SPs?


“Wi-Fi 6 (802.11ax) is the next generation of IEEE standard for wireless local-area networks, faster and more powerful than the previous one Wi-Fi 5 (802.11ac). It is also known as High Efficiency Wi-Fi, for the overall improvements to Wi-Fi 6 clients under dense environments”.

Year by year, MSPs, ISPs, and SPs are facing the challenge to provide higher throughput and bandwidth for multiple connected devices in enterprise networks. Hardware is not enough to guarantee an adequate and democratic sharing of WiFi connection. A new standard was necessary to manage the huge quantity of devices in the networks (anchor link to the chapter dedicated to e-waste).

On April 23rd, 2021 the FCC voted and approved the allocation of the new 6GHz band for Wi-Fi. WiFi 6 represents a new revolution for enterprise and SMBs WiFi networks.
802.11n - Wi-Fi 4 802.11ac - Wi-Fi 5 802.11ax - Wi-Fi 6/6E
Frequency Range (GHz) 2.4 - 5 2.4 2.4 - 5 - 6
Channel Bandwidth (MHz) 20 - 40 20 - 40 - 80 - 80+80 - 160 20 - 40 - 80 - 80+80 - 160
Subcarrier Spacing (KHz) 312.5 312.5 78.125
Symbol time 3.2 3.2 12.8
MU-MIMO None Downlink Uplink and Downlink
Access Scheme OFDM OFDM OFDM, OFDMA
Data Subcarrier Modulation BPSK, QPSK, 16-64 QAM BPSK, QPSK, 16-64 QAM BPSK, QPSK, 16-64-256-1024 QAM
Coding BCC (mandatory) - LDPC (optional) BCC (mandatory) - LDPC (optional) BCC (mandatory) - LDPC (mandatory)
Let’s analyze the various improvements point by point, showing concrete benefits and changes for MPSs, ISPs and SPs business.

What is the difference between WiFi 6 and WiFi 6E?


“E as extended. E as efficiency”

WiFi 6E is the next generation of the WiFi 6 standard. It offers all the main features of the 802.11ax, giving also access to the 6GHz band. The new frequency band ranges from 5.925 GHz to 7.125 GHz, allowing up to 1,200 MHz of additional spectrum.
WiFi 6E reduces overlap and interference between multiple networks in high-congested areas as offices, apartments complexes, industrial districts.
WiFi 6 WiFi 6E
Max. Data Rate 1.5 Gbps per device 2.3 Gbps per device
DFS scanning Required ❌ Not required ✅
Capacity Lower Higher
Security Secure More Secure. WPA3 is mandatory.
6GHz Legacy Devices The 6 GHz band is not available on WiFi6. The 6 GHz band is exclusive to WiFi 6E devices. More bandwidth, spectrum, and speed improvements guaranteed.
Simultaneous transmissions 8K movies and large file download with possible short buffering. No AR/VR gaming. 8K movies, AR/VR gaming and large file download all without buffering.
Latency Reduced Extrimely reduced
Network performance Good Better in congestioned enviroments

Frequency Range 6GHz – More capacity, less latency in the future of WiFi

More connected devices mean higher levels of Wi-Fi congestion. The pandemic has shown how the amount of data on Wi-Fi networks has reached critical levels: wireless bandwidth and capacity have never been greater.

The first improvement of WiFi 6 technology is basically more capacity. Specifically, access points will be able to operate on the 6GHz spectrum, in addition to the 2.4GHz and 5GHz that currently exist. The possibility to use this new frequency range guarantees lower latency for applications in higher density environments. Moreover, 6GHz includes the orthogonal frequency-division multiple access (OFDMA) feature from cellular technologies, which takes advantage of servicing multiple users on sub-channels transmitted simultaneously.

There are also changes in regulations related to the 6GHz frequency range. WiFi access points have to be registered in databases and become ‘geolocation aware’. They must support the following standards:

  • Low Power Indoor (LPI)
  • Power Spectral Density (PSD)
  • Automated Frequency Coordination (AFC)

LPI and PSD are rules for restricting the power output of indoor 6 GHz devices, to limit interference with each other or with licensed outdoor use. AFC is for outdoor 6 GHz devices and consults with a database based on the FCC’s Universal Licensing System so that 6 GHz access points can avoid interfering with licensed applications.

 

Wi-Fi 6 has multiple Wi-Fi channels and these channels can be allocated more effectively to permit multiple transmissions to multiple users at the same time. Hence, when organisations power outdoor Wi-Fi 6 for users, it means more efficiency, less overheads and also support for a greater variety of applications.

20MHz vs 40MHz vs 80MHz vs 160MHz – What is the best Channel Bandwidth for Business?

Wi-Fi 6 supports channels widths of 20MHz, 40MHz, 80MHz, and 160 MHz.

20MHz – 40MHz – 80MHz channels are recommended for business, while 160MHz is best suited for environments with low channel utilization.

For a correct deployment, it is important to distinguish the correct channel bandwidth selection. The channel bandwidth can really affect the performance on networks.

20MHz is the most common Wi-Fi bandwidth as most users still opt to use 2.4GHz radios (almost never in 5GHz).
20MHz is the correct channel bandwidth for businesses that want to guarantee high levels of connection for remote workers or users with high expectations.
Today, WiFi customers prefer to use video streaming and video calls: this requires high levels of packets in download for buffering in streaming services (Netflix, Amazon Video, Youtube, for instance) and video-communications applications (Google Meet, Skype, and Slack Call, for instance). In 5GHz bandwidth, thanks to a large amount of non-overlapping channels, providers will not face any problem doing anything, and the internet speed will not have any significant interruptions.

40MHz is the best channel bandwidth for businesses requiring a medium-high level of data transfer rate and higher than 20MHz.
IT professionals can still get 12 non-overlapping channels if combined with a 5MHz frequency.
This channel bandwidth is used by both 2.4GHz and 5GHz. It has a higher speed but it’s not particularly suggested in crowded areas, especially with 2.4Ghz. MSPs, ISPs, and SPs should use it, only on 5GHz and for a restricted number of connected devices. It’s easy to understand how these few users will receive a perfect signal.

80MHz is the last suggested channel bandwidth for business use. This channel bandwidth has the highest data transfer rate for the commercial ranges. The absence of non-overlapping channels to operate within makes high levels of congestion with high levels of traffic. 80GHz is the best channel for IT professionals that think “quality over quantity”: this bandwidth guarantees the highest signal performances for a really limited number of users.

160MHz deserves a separate chapter. It is totally not recommended for IT professionals. And often neither for home use. 160MHz channel bandwidth is perfect for activities like Ultra-HD streaming and professional gaming. Activities that can create a high rate of congestion, especially with the next networks. It’s easy to understand how a single user with this channel bandwidth creates congestion for all the others. Totally unrecommended for business solutions.

Subcarrier spacing drastically reduced to improve WIFi efficiency

The future of WiFi includes a drastic reduction of 802.11ac spacing. It is an important technical change for MSPs, ISPs, and SPs. The reduction of subcarrier spacing improves signal efficiency and the quantity of multiple simultaneous packets for upload and download, rather than one at a time.

MU-MIMO and OFDMA – A perfect combination for uplink and downlink transmissions

Wi-Fi 6 leverages the multi-user version of OFDMA and MU-MIMO for better efficiency of both uplink and downlink transmissions. OFDMA allows the transmission of huge quantities of data over a single noisy channel. This technique works by splitting a single signal into multiple smaller signals that are transmitted. OFDMA is perfect for medium-far transmissions, while MU MIMO is more indicated for short-range. Then, the combination of OFDMA and MU-MIMO allows Wi-Fi 6 to cover the entire spectrum of possibilities of high-density environments. For a better technical understanding of OFDMA and MU-MIMO in 802.11ax panorama, we suggest reading Tanaza’s guide for MSPs.

WPA3 WIFI6 – Future of WiFi means higher levels of security

Wi-Fi 6 enables secure endpoint protection thanks to WPA3 certification. WPA3 is the next generation of Wi-Fi security and provides cutting-edge security protocols to the access point industry.
This next-generation security protocol enables more robust authentication, delivers increased cryptographic strength for highly sensitive data markets, and maintains resiliency of mission critical networks.
All WPA3 networks:
– Use the latest security methods;
– Disallow outdated legacy protocols;
– Require use of Protected Management Frames (PMF);

What is Wi-Fi 7 and what are the next key features for MSPs, ISPs and SPs?

Wi-Fi 7 (802.11be) is the next standard of Wi-Fi technology that operates in the 6 GHz frequency band, in addition to the 2.4 GHz and 5 GHz bands used by previous versions of Wi-Fi. Wi-Fi 7 was designed to provide faster speeds, lower latency, and improved performance in crowded or congested environments, such as dense urban areas or large events.

Some key features of Wi-Fi 7 include:

Higher speeds: Wi-Fi 7 can achieve speeds of up to 9.6 Gbps, which is significantly faster than the maximum speeds of Wi-Fi 6 (6.9 Gbps) and Wi-Fi 5 (3.5 Gbps).

Lower latency: Wi-Fi 7 has lower latency than previous versions of Wi-Fi, which means that it can transmit data more quickly and with less delay. This can be particularly beneficial for applications that require real-time communication, such as online gaming or video conferencing.

Improved performance in crowded environments: Wi-Fi 7 uses advanced techniques such as beamforming and multi-user MIMO (MU-MIMO) to improve performance in crowded or congested environments. This can help reduce interference and improve the overall user experience.

Enhanced security: Wi-Fi 7 includes improved security features such as enhanced WPA3 encryption and support for the Wi-Fi Certified Secure program, which ensures that devices are secure by default.

A first Wi-Fi 7 demo commercial device is now available.

The future of WiFi is for the environment protection

These are not easy moments for the environment. Global warming, climate change, extreme meteorological phenomena: wireless technology can do its own part to protect the environment through the energy-saving and the reuse of hardware components.

Tanaza also took up on the challenge.

WiFi cloud management to reduce CO2 caused by unnecessary onsite travel

For several years now, there has been an open debate about the extent to which working remotely can drastically reduce the pollution caused by traveling by transport. In the past, in order to understand the problems behind a misconfiguration of devices or a network failure, it was necessary for an IT professional to travel to the site. 

An activity that is now obsolete and in the long term causes increased pollution levels. Thanks to Tanaza, the cloud-based network management platform, IT teams can remotely configure and manage all network parameters from anywhere in the world without any unnecessary and environmentally harmful travel.

Network device upgrade to avoid planned obsolescence and reduce electronic waste

Tanaza has long understood that the true value of a network device is not so much in the hardware, but in the software included. In very general terms, MSPs, ISPs and SPs could potentially continue to use any WiFi access points even after it becomes legacy, thanks to the Tanaza firmware.

Several industry studies have shown that the average lifetime of WiFi devices is 3 to 4 years. Imagine for a second, the gas emissions and the amount of e-waste produced by manufacturing and replacing the current network infrastructure around the world.

Obviously, incumbent vendors have strong economic motivations to design devices that at some point break down or are not updated anymore and thus consequently are replaced. It’s called design with planned obsolescence. It happens in the world of home appliances, just as it happens in the networking industry. This is nothing new, but the situation has reached critical levels.

Here is a graph from the Global E-Waste Monitor 2020. We hope it will raise awareness of the problem of e-waste that planned obsolescence and the resulting waste generation creates:

Global E-Waste Monitor 2020

Access points fall under the Small IT and telecommunication equipment classification

By releasing dedicated software updates, Tanaza is able to span the life of WiFi access points by up to two years. At the same time, by using devices with TanazaOS as the operating system, the user is no longer forced to the planned obsolescence of mono vendors who at some point do not release the necessary software updates for a device to keep working thus forcing MSPs, ISPs, and SPs to replace it.

These two combined factors dramatically decrease the amount of e-waste produced, reducing network infrastructure costs for providers and contributing to environmental protection.

Tanaza is getting ready for the future of WiFi

Tanaza is working tirelessly to develop compatibility with the best access points in the market to offer users a complete list of devices that work with Tanaza. 

Visit the Support Portal to stay tuned on the latest Wi-Fi 6 access points

Future of WiFi is here. Unleash the power of network management

Deploy and manage business WiFi networks with Tanaza. Enter in the future of WiFi, now.

Get Started

✔︎ No credit card needed
✔︎​ Easy configuration