CWNP Enterprise Wi-Fi White Papers
Free PDF white papers about difficult to understand topics to help you learn more about how enterprise Wi-Fi networks function. Accessing these white papers is free, but requires a CWNP Account.
Revisiting WPA2 - Understanding Its Security Gaps and Evaluating the Move to WPA3
In this paper, we will discuss the evolution from WEP to WPA2, the advancements made over time, the vulnerabilities inherent in WPA2 modes of operation, and possible remediations.
The Future of Smart City Wi-Fi - How Wi-Fi 7 Enhances the Way of Living
In this CWNE candidate paper, Hossam Mohamed Kamel Abdelgawad discusses the forthcoming features of Wi-Fi 7 and how they can impact smart city implementations.
Wi-Fi 6E Network Discovery (Bilal ALBaytar)
In this paper, the author discusses the network discovery methods that have been introduced for the 6 GHz band in Wi-Fi (Wi-Fi 6E). The author includes both in-band and out-of-band methods. First, the author explores traditional methods used in 2.4 GHz and 5 GHz networks.
Wi-Fi 6E real test comparison against Wi-Fi 6 and Wi-Fi 5 (Mohamed Khaled Yazeji)
In this paper, Wi-Fi 6E is examined against Wi-Fi 6 and Wi-Fi 5. This test is based on using the Aruba access point AP-635 (Wi-Fi 6E supported) along with Samsung Tablet S8 Ultra that supports Wi-Fi 6E (client test). Three different SSIDs are created for each band/physical layer (6 GHz/ax, 5 GHz/ax, and 5 GHz/ac) and each access point broadcasted one Wi-Fi protocol. This is to make the protocol fully dedicated to each access point. Two test cases are introduced to check both the speed on the different protocols and the channels for 6 GHz.
Introductory overview of Wi-Fi, WLAN Architecture, Switch, Router, Gateway, Subnet, Firewall & DMZ, and their role in the world of Enterprise Wi-Fi (Suraj Rojanala)
This CWNE Candidate Series white paper introduces the components of a typical network and how they are used in Wi-Fi deployments. It is an excellent starting point for those beginning the networking and Wi-Fi journey.
BCC Coloring - How to Reduce CCI in Dense Environments (2022, Mohamed Noufal)
This paper introduces the BSS Coloring feature of 802.11ax and beyond. While introduced in an earlier 802.11 PHY (Sub-1 GHz), it is expected to be used and provide value in modern Wi-Fi access networks. This paper explains why.
What WPA3 Brings to Wi-Fi with Focus on SAE and OWE: A Review and Explanation of Basic Operations
In this paper I will review the new technology of WPA3-Personal only and focus on SAE (Simultaneous Authentication of Equals), which is part of WPA3, and OWE (Opportunistic Wireless Encryption), which is part of Wi-Fi Certified Enhanced Open.
The Real Bottleneck of the Future: Wired or Wireless (CWNE Candidate Series, Saed Malkawi)
This paper will focus on how some innovation progressions in Wi-Fi technology can’t be done without the support of other systems. We will explore the future of Wi-Fi, with Wi-Fi 7 as the next step, and how we may reach a point where wireless is not the bottleneck of our networks.
Wi-Fi 6E New Technology - Features and Enhancements
Mohamed Mahmoud Krezam, a CWNE candidate, presents the enhancements and requirements of Wi-Fi 6E technology.
Aruba IoT Gateway Solution
You’re about to read a whitepaper about the Aruba IoT gateway embedded in wireless access points; what it is, what it does, how it works, and what you can expect when using it.
Some capabilities will be highlighted with concrete examples you could easily reproduce in your lab. Intended goal: Providing an overview of Aruba’s proposal, that can be beneficial at all technical levels.
Multi-Platform Wireless Tool Assessment (Abdurrahman Hassan)
As an engineer, we are constantly looking for tools that will help us troubleshoot various issues in a timely manner. When it comes to troubleshooting complex wireless situations the best use case is performing a packet capture, evaluating that data and arriving at a resolution. However, many times you are either troubleshooting from an AP perspective or you just don’t have the means or resources to perform packet captures or gain site access to troubleshoot. Often-times we are at the mercy of the tools at our disposal and, depending on your place of employment, you will either have many tools to troubleshoot with or none at all.
Many wireless vendors have full-featured Web User Interfaces (WebUi) and we’re going to break a few down in terms of application visibility and how we can use the tools at our disposal to remotely troubleshoot a wireless problem. In this whitepaper, I’m going to discuss certain features within your vendor AP infrastructure such as, Application Visibility and Control, SDWAN Network integration with wireless and DNA Center.
Practical Warehouse Wireless Design: An Experience-Based Guide
This whitepaper, written by Karl Benedict, provide practical guidelines for warehouse wireless design and deployment. Warehouses are among the most challenging of environments and this guide addresses many of the common problems encountered in warehouse design.
The Role of Protocol Analysis in Cybersecurity - Closing the Gap on Undetected Data Breaches
Written By: James Garringer
Original Publish Date: December 2018
"200 Days! [That's the] average number of days that pass before an organization realizes it has been breached." - James Garringer
Abstract:
Organizations of all sizes are targets for a cyberattack. Undetected data breaches result in the catastrophic loss of personally identifiable information (PII) causing considerable financial and reputation harm to organizations, while also imposing a risk of identity fraud to consumers. The purpose of this study was to consider the impact that undetected data breaches have on organizations with an additional focus on shortening the gap between the time of data breach and the time of detection through manual protocol analysis and intrusion detection system (IDS) solutions. This research reviewed the available literature detailing the effects of undetected data breaches on organizations as well as the advanced exploitation of protocols and anomaly detection through manual protocol analysis and IDS.
Manual protocol analysis provides situational anomaly detection when compared to baseline network traffic, but implies privacy concerns and does not allow timely detection of most cyberattacks. Automated IDS stream-based flows allow quicker detection of cyberattacks. Network flow-based IDS misses hidden attacks due to lack of a data payload requiring manual analysis instead, while host-based IDS adversely affects the performance of the host computer, but successfully identifies anomalies based on known signatures. This study recommended a complementary defense-in-depth solution which employs manual protocol analysis and both host-based and network-based IDS solutions as a viable strategy for reducing the time between data breach and time of detection. This study additionally recommended that security operation center personnel and IT departments should receive protocol analysis training to support manual detection against a known network traffic baseline.
A Year of Wi-Fi 2018
"Wi-Fi has become king in the indoor world. Businesses and homes are relying on Wi-Fi more than ever to glue the array of technologies they are using in their digital transformation. Businesses are also realizing that Wi-Fi is the central platform to engage with customers and empower employees.
In the past few years, carrier Wi-Fi has become a natural part of both network and business strategies both for mobile network operators (MNOs) and wireline or converged operators such as cable providers. For cable operators, especially in the US and western Europe, Wi-Fi has taken center stage in wireless/mobility strategies with the proliferation of managed home-spots and public hotspots There are those that claim that with the emergence of 5G, Wi-Fi days are numbered. We strongly disagree and make the case that Wi-Fi will continue to dominate the indoor technology environment and leverage its formidable footprint and ecosystem. We believe it is uses cases that dictate technology use not the way around.
Wi-Fi is also not resting on its laurels as showcased by the introduction of the latest Wi-Fi 6 which promises to deliver greater spectrum efficiency and is optimized to serve high density environment and IoT. Wi-Fi is evolving quickly and will be part of the 5G vision."
- The Maravedis Team
802.11 Alternate PHYs
Today, we live in the IoT (Internet-of-things) world where everything needs to be connected in a fast, reliable and secure manner. Different devices and applications have different requirements of the network in terms of data rates, range, and power. For example, while some devices require connectivity with very high throughput for a short range (less than 10m), other devices might require low throughput over a long range. The common 2.4GHz and 5 GHz Wi-Fi protocols (802.11a/b/g/n/ac) do not always provide the optimum connectivity method for these requirements. For this reason, several new 802.11 standards have been developed in the last several years to provide better connectivity solutions catering to these unique requirements. In this paper, we will address the traditional 802.11 2.4/5GHz standards. Then, we will discuss briefly three newer Wi-Fi amendments which are 802.11ad, 802.11af and 802.11ah and explain how they can provide better solutions to meet the new requirements.
802.11s Mesh Networking
802.11s is an amendment to the 802.11 standard that defines mesh networking. This whitepaper by Jerome Henry (CWNE, CCIE-Wireless) and Marcus Burton explores the new features and protocol enhancements that enable mesh networking.
The Triple Blendy
This white paper will introduce the hardware, software, and techniques that make it possible to capture frames on multiple channels simultaneously, while the analyzer merges all frames into a single capture display window and performs real-time expert analysis.
Protection Ripple in 802.11 WLANs
A whitepaper detailing common problems with using protection mechanisms such as RTS/CTS and CTS-to-Self.
Robust Security Network (RSN) Fast BSS Transition (FT)
This white paper describes specific features found in the 802.11 standard and ratified amendments that are designed to aid clients in fast roaming while maintaining a secure operating environment.
802.11i Authentication and Key Management (AKM)
This whitepaper makes the process of 802.11i authentication and key management easier to understand, as it can play an important role for wireless security and analysis professionals. This is the now famous "chicken and egg" white paper.
802.11 Arbitration
802.11 arbitration is the combination of processes and mechanisms used by stations to access the shared wireless medium. Since the wireless medium is half-duplex - shared by everyone in a given area on the same frequency - only one station can usually transmit at a time without adverse effects. 802.11 arbitration is a foundation upon which functional Wi-Fi is built, so understanding these details can lend considerable credibility to consultants and administrators.