A Timely Update on Wireless Security
Wireless Security Components
Traditionally, microwave networks have been unsecure—unsecure as far as any purpose-built payload encryption or secure management is concerned. Until recently, it was deemed essential only for the most confidential microwave communications of financial firms, defense agencies and government, where the law can require them. But now billions of people around the world rely on the Internet to deliver varies types of data traffic ranging from personal messages to financial transactions. This value and volume of traffic makes it an irresistible target for cyber criminals. As security measures are implemented in other parts of the network (core, access) it is fundamental to implement strong security measures in microwave networks.
Aviat Networks Strong Security suite for the Eclipse Packet Node microwave radio platform prevents the following attacks on the network:
Front door attack: Traditionally microwave networks have not encrypted their payloads. With many networks transitioning from TDM to IP not encrypting payload traffic is the equivalent “of leaving the front door unlocked.” Hackers, cyber criminals and even foreign governments could try to access the air link using methods such as the “man in the middle” to read unencrypted data streams. Aviat Networks’ solution is to implement Payload Encryption that protects all traffic over the air link including user data and Eclipse management data in the payload.
Backdoor attack: Unsecured NMS can be used to change the radio configuration, sabotage or divert traffic using network management. With Aviat Networks’ Secure Management all Eclipse Packet Node management and control commands are secured over unsecure networks.
Insider attack: Disgruntled employees or cyber criminals that have obtained inside access to the network can use this access to divert traffic or upload malware to the network. Aviat Networks implements complete AAA (Authentication, Authorization and Accounting) capability through a RADIUS server that can be used to prevent, or if happens, track and identify an inside security breach.
Covering all vulnerable areas of a microwave network, Aviat Networks’ Strong Security provides the toughest standards-compliant security protection in the market.
Eduardo Sanchez
Marketing Engineering Specialist
Aviat NetworksRelated articles
- What is Mission Critical Microwave? (aviatnetworks.com)
- Cyber security report: All countries lag behind the bad guys (infoworld.com)
Managing Wireless Networks with Element Management Systems
An EMS can be thought of as managing all the elements in a complex network, keeping them all in balance. Image by michael.heiss via Flickr
Managing a wireless network is essential. Radios, routers and third-party add-ons control vast amounts of valuable user data. Any wireless network downtime damages the user’s business and the operator’s long-term reputation. Thus, operators need a powerful but easy-to-use element management system (EMS) to monitor and administer all the disparate elements in their wireless communication networks.
Also, operators should be able to manage complete networks from a user-friendly interface, which must provide all the necessary information for fast network management system decision-making. And this system must be capable of complete standalone operation or being integrated into an operational support system using NorthBound Interfaces (NBIs).
Other additional functionality in the form of event management and notifications capability is also necessary in an EMS for wireless networks. An EMS should inform wireless operators about network events and device failures and let them to diagnose problems and apply network updates remotely. This reduces the time between a fault occurring and the fault being repaired. It may even allow a repair to be completed before a wireless link fails completely. For day-to-day management, operators need an EMS that can:
- Deploy, manage and auto-discover wireless equipment—including all Aviat Networks devices, partner products and third-party devices
- Display an entire network at once, via one of several map views
- Provide an overview of network events
- Deliver notifications of important network events
- Enable analysis of network events, device events and performance data
- Generate detailed reports on all aspects of a network
The ProVision EMS solution can manage all Aviat Networks wireless solutions, partner wireless equipment and third-party devices from a user-friendly GUI.
Fortunately, such a carrier-class EMS solution does exist. Aviat Networks develops its ProVision EMS based on customer demand and continues to upgrade it as per user requests and requirements. For customers, implementing ProVision is vastly more efficient than developing an in-house EMS, saving time, resources and money. Aviat Networks EMS solutions are the most cost-effective way to manage wireless solutions. Aviat Networks works closely with customers to make sure that ProVision is user-friendly. The goal is that ProVision EMS allows operators to manage their networks proactively—rather than reactively—and with reduced network operating costs.
Look for future blog posts on must-have EMS data features and stats on operators using carrier-class EMS.
Mick Morrow
Sr. Product Marketing Manager, Aviat NetworksRelated articles
- Ten of the world’s most disastrous IT mistakes (pcauthority.com.au)
- The Truth about the Wireless Bandwidth “Crisis” (mobileopportunity.blogspot.com)
- FabLab helps the developing world set up long-distance wireless Ethernet (hackaday.com)
- Network Services from Aviat Networks’ Network Operations Center (aviatnetworks.com)
- Aviat Networks Interoperability Lab for Wireless & Network Testing (aviatnetworks.com)
Would You Like Breakfast? User Interface Design Choices for Wireless
Image via Wikipedia
If you are not from the U.S., the number of choices you need to make simply to order breakfast may overwhelm you. Contrast that to my experience staying at a bed and breakfast on a trip to England: I was asked only two questions—both with a choice of “yes” or “no.” Breakfast and Tea. If you are in a foreign country, jet-lagged, hungry and a little parched (thirsty) there is some comfort in being able to simply say “yes” and “yes.”
Having a choice is good but only if you know what you are choosing. If you are in unfamiliar territory, it can be overwhelming to have to choose whether you want Ranch, French or Vinaigrette. Particularly, if you thought that French and Vinaigrette were the same thing. Conversely, it is very disappointing if you want your bacon extra crispy, but you are not given that option.
Challenge of New and Experienced Users
In the world of user interface (UI) design, the challenge is to cater to new users who do not yet understand the choices they can make and at the same time make sure experienced users—who know exactly what they want—have the control they need. For example, the Eclipse DAC GE3 has been a huge challenge to provide a simple and consistent user interface and at the same time provide control over the advanced Ethernet Switch features.
Rolling up groups of settings into default, canned and custom configurations has allowed us to seamlessly provide simple and advanced views. For VLAN configuration, we provide familiar DAC GE “mode of operation” settings for Transparent, Mixed and VLAN (GE and ES compatible) along with a new 1-to-1 mapping of ports to channels. Clicking on them allows you to create and name custom port groupings and selecting Advanced allows full control of the switch behavior.
We also use many diagrams to make it easier to see at a glance how the switch is configured and to help visualize what the settings mean. The VLAN settings are rendered into a small diagram that shows canned, custom or advanced VLAN configuration in a consistent manner.
The challenge of making our user interface universally accessible is ongoing, and we will continue to improve our user interface over time. And I will continue to enjoy my full English breakfast with a hot cup of tea.
Tony Jones
Read More
Senior Software Engineer, Aviat Networks
