Sneak Preview: Airwave Management Platform 4.0 Completes Your Wireless LAN

Enterprise wireless LAN access points have improved dramatically in the past few years, but managing a large installation, particularly one that has evolved through more than one generation of network hardware, or even multiple vendors, can be a challenge.

AirWave Management Platform (AMP) can help. An appliance running under Linux, AMP addresses configuration management, policy enforcement, auditing, monitoring and reporting. Although AMP offers its greatest value to organizations with multivendor WLANs, half of AirWave's customers have solely Cisco WLANs, where AMP is used as an alternative or a supplement to Cisco's Wireless LAN Solution Engine (WLSE).

Let's Get Started

I installed a late beta version of AMP 4.0 on a 3-GHz black-box server with 1 GB of RAM in our Syracuse University Real-World Labs®. The test bed includes a range of APs, including offerings from Cisco (Aironet and Airespace), Hewlett-Packard, Symbol Technologies and Proxim. AMP also supports WLAN systems from Avaya, Colubris Networks, Enterasys Networks, Juniper Networks, LANcom Systems and Nomadix. The system installation was painless, though it would likely have been more complex on a production WLAN with hundreds of APs. AMP includes good AP discovery capabilities, and I also found it easy to define policies to ensure consistent firmware versions across all APs.

Because the APs in our multivendor test bed don't share a common set of configuration parameters, I worked with standard parameters, like SSIDs, and with functions specific to each vendor's AP. In some cases this proved tricky. Cisco lets you define radio output power in a range of discrete milliwatt values, for example, but other vendors offer less granular control.

The Scoop on Monitoring

Our test bed didn't have a ton of traffic, so I had to access other systems to get a full demonstration of this system's monitoring functions. I connected to a production system on AirWave's wireless network to better appreciate the power. I also spoke to two network managers whom I solicited using a university WLAN mailing list (not vendor-provided customers), who use AMP on two large Cisco wireless networks. Both said the monitoring functions delivered excellent value in depicting overall network health, providing management reports, and troubleshooting problems at building, AP and user levels.

Like other management platforms, AMP provides a variety of management and monitoring functions targeted at network engineers responsible for policy definition and enforcement. AMP let me define management groups that could be provided with more limited monitoring and troubleshooting functions. I defined a helpdesk group, for example, that had access to basic operational information, including overall network traffic level and device connectivity statistics, features that could relieve some of the day-to-day support burden from network engineering staff. AirWave uses SNMP where possible but also can take advantage of vendor-specific management functionality.

New to version 4.0 is a module that lets network managers visually assess AP coverage and identify the approximate location of wireless devices. Although AMP doesn't provide automated power output and load balancing, it does let admins optimize channel allocations by factoring in each AP's coverage range.

Easy Management

AMP provides rich configuration management capabilities, including management and auditing of security parameters. The system let us easily define security policies that were pushed out to APs automatically and monitored to ensure that devices remained in compliance. In addition AMP's RAPIDS (Rogue Access Point Intrusion Detection System) can identify rogue devices using a combination of wireline and wireless scanning algorithms.

AMP classifies rogues on a five-point scale to minimize the number of false positives. AMP's scanning capabilities aren't as robust as full-function distributed wireless IDS systems from AirDefense, AirMagnet, Network Chemistry and AirTight, but the system is much easier and less expensive to deploy than these competing systems, which require dedicated scanners. I took actions a hacker might to defeat detection, including suppressing broadcast of SSIDs and spoofing of MAC addresses on SOHO routers, but the system was still able to detect rogues by scanning wireless traffic. However, I discovered that wireless scanning is not supported on some brands of APs, including Cisco Aironet models.

Deploying an AMP system in a large environment is costly. The company offers a basic version capable of managing up to 25 APs at a list price of around $3,500, but that does not include the Visual RF module. A fully-loaded version that will manage an unlimited number of APs lists for $37,000. That's a lot for a management overlay. However, the customers we surveyed say the product is worth the money.

Dave Molta is Network Computing's senior technology editor. Write to him at [email protected]