Can you hear me now?

Voice over IP (VoIP) phones demand a ton from a wireless network.

They need Quality of Service (QoS) to make sure voice packets receive priority over other traffic. Roaming has to be lightning fast (sub 50ms) so that nothing gets dropped. They need low latency and jitter to maintain consistent quality so you don’t lose a single note of your favorite muzak songs when you're on hold.

One of the most common fallacies with voice over Wi-Fi (and really anything related to Wi-Fi) is that any coverage or connection problem can be fixed with more power. It can't. Just look at a Wi-Fi phone vs. a laptop.

Each has a radio transceiver, each has antennas and both speak 802.11. So why do my phones get crappy signal on the Wi-Fi network? Is it because they can’t hear the APs.  So I just need to give the APs more power? Right?

Wrong. It’s all about the battery.

APs typically don't come with batteries.  They have AC power or PoE. APs can transmit all day long and never have to worry about running out of power. An AP can easily afford to transmit at the maximum allowed power. In the states this would be an EIRP (Equivalent Isotropically  Radiated Power) of 4W or 36dBm. An AP transmitting at 1W (30dBm) with a 6dBi antenna, is at the maximum, 36dBm (30dBm + 6dBi).

But a laptop is built to run without AC power. With a battery, there is a definite limit on available power. That’s why most laptop wireless adapters max at about 20dBm (100mW).

Then there are very small, ultraportable devices such as a Wi-Fi phones, PDAs or RF scanners. They have very small batteries and are required to go an entire day without a recharge. They are extremely aggressive when it comes to saving power. The Wi-Fi radio is a big part of that. These babies might max out at just 16dBm or 40mW. That’s one hundredth of an AP’s available power. Again, most Wi-Fi phones transmit at just 1/100th the power of an AP.

It’s rare for a phone not to hear an AP. More likely, it’s that the AP can’t hear the phone. It’s like going to a baseball game and listening to the announcer in a press box on the other side of the stadium. He’s using a loudspeaker and I can hear him just fine. But the reverse is not true. If I start yelling at the top of my voice it’s very unlikely he would hear me. That’s exactly what happens with Wi-Fi phones – or any wireless device.

How to solve this?

First, some reality: poor Wi-Fi voice performance can and will happen if you don’t take preventative measures up front. Second, if you know you’ll have Wi-Fi voice, do a site survey. This is not optional.

Pay attention to the handset manufacturer’s minimum required signal strength from the AP and ensure you survey to that minimum everywhere a phone might go (by the way, phones imply 100% coverage, so you can’t expect them to roam from hot spot to hot spot).

Third, when doing a site survey, use one of the handsets to check coverage – many handsets include a “site survey” mode. Don’t rely on a higher powered device (like a laptop).

Finally, understand the signs of a Wi-Fi voice deployment in trouble: voice calls are dropped, start clicking or the phone simply can’t connect. If this happens and other clients (like laptops) are fine, it’s not the AP transmit power that’s a problem, it’s the phone received power.

Oh...one last thing: notice at no point did we even say "dynamic beamforming"  Of course, this solves pretty much all your voice problems.

Who the Hell is Using My Wi-Fi?

Despite our incessant spewage about smart antenna arrays, dynamic beamforming and maximal ratio combining, there's more to Wi-Fi and networking than RF (but don't ever say this to our founders).  There's security, user roles and access policy and a load of other fancy techniques usually associated with island vendors. 

We talk to a lot of hotels, schools, hospitals, warehouses and other types of enterprises who want sophisticated Wi-Fi/network management but want it radically simplified. User identify or so-called "identity management" is one of those things.

How can you know if  users are who they say they are on your network?  Here are some simple ways to manage user identity in a more simplified fashion (we're Wi-Fi simpletons):

• By WLAN
  in this case, you can put users into roles based on how they connect to the WLAN. For example, a Guest SSID is offered which is quite restricted and only guests connect. Since all guests are treated equally, there’s no need for further subdivision of guests into sub-groups. For internal use, a corp SSID is commonly offered for employee use only. Once again, in nearly every installation we've seen, the wireless LAN employee access follows the wired network security mechanism - meaning -once an employee connects, they get access to everything on the internal network. This is a necessary limitation since it can be extremely confusing to employees if they access something on one network but not the other. Consistency is key.
  
  Identity management by WLAN is very popular, because it’s easy to understand and straightforward to troubleshoot and manage. Different user groups are on different IP networks, so existing firewalls and infrastructure can continue without any changes. If reducing complexity or management overhead is what you’re looking for, this is probably the right approach for you.
• Network Access Control (NAC)
  NAC is becoming a very popular approach with offerings from companies such as Bradford Networks. NAC is a great tool that works on both wired and wireless networks and offers client scanning (for anti-virus software, patches, etc.) and automatic quarantine and remediation. This is in addition to identity management for controlling network access. NAC is a great choice for any organization, but in particular those that may have non-IT controlled devices connecting to the network or need to control access identically and seamlessly across wired and wireless LANs.

• Layer 2 Firewalling
  This is based around the concept of multiple types of users (employees and guests) accessing the same WLAN SSID. In this case, both groups connect to the wireless LAN the same way (Captive Portal, PSK, etc.) and share the same Layer 2 IP network/VLAN.
  
  The problem here is, by the time the wireless traffic gets to a firewall on the wired network, the firewall has no way of determining which user should get which type of network access. To get around this, you would need a firewall built into the WLAN that can validate users after authentication and do the firewalling itself. If the thought of multiple SSIDs is anathema and you must have a single SSID for everyone, guests and employees alike, this is the solution for you. It is also the most complex choice on this list.
  
  By requiring the wireless hardware to firewall traffic, IT gets stuck with two different firewall solutions (wireless vs. wired). Each must have their policies synchronized somehow so that users access is consistent – with different vendors the only real way to do this would be by hand, a tedious and time consuming process. Security also suffers since there is usually just one authentication type per SSID. That means all users (visitors and employees) use Captive Portal (with no encryption) or they all use a PSK (with all of the issues of giving this out to visitors) or 802.1X which is very complex to require of visitors. Troubleshooting can also suffer since, from a network management point of view, guests and employees look the same on the wireless network – they are in the same VLAN and therefore difficult to tell apart.

• Virtual Private Network (VPN)
  This was a common technique used in the early days of wireless (which lacked strong WPA2 security). In this case you can have a shared SSID for guests and employees – but require employees to launch a VPN from the wireless. This lets you get away with just one, simple, SSID but it has the disadvantage of placing users on the same VLAN and requiring employees to connect to the wireless differently than on the wired network. This can be a big negative for the IT helpdesk that must field these calls.

Of course there are some other, less common, techniques available but this is a reasonably representative list. Each method has its own advantages and disadvantages. So which one should you use?  Our motto: when it doubt, keep it simple.  You'll be happier.

A Technical Knock Out

Lots of people thought 802.11n would kill us. But it's done the opposite.

In our last two quarters, 802.11n "smart" APs have accounted for 52% of all APs we've shipped (and we shipped nearly 150,000 this quarter).

These same people have been surprised that our fancy-ass (that's what we call it) beamforming technology works extraordinarily well on top of 802.11n. 

Before the company even started, our two founding fathers (though one of them has yet to breed) got a lot of questions that hinted at the belief that "MIMO chipsets" and multi-radio techniques such as spatial multiplexing would eventually put a silicon dagger through the heart of our innovative, adaptive, state-of-the-art, revolutionary, breakthrough, one-of-kind (this is the paragraph our marketing people wrote) smart antenna array that we talk so much about. 

Bill and Victor (as they are known) simply smiled and tried to explain the big gains and interference rejection properties that smart antennas could provide on top of ANY wireless system - regardless of the number of radio chains. They (VC's usually) would smile too but still suspected in their semiconductor-schooled heads that we might go the way of the math-coprocessor. 

Fortunately, half of us came from the network school where we had learned to appreciate the immediate competitive advantage conferred by simply throwing bandwidth at a problem. The other half, RF-schooled, understood how precious and hard to come by were those extra antenna dB's. We knew that our technology had long legs, and quite sexy ones at that.

Fast forward five years later to 2008. The most trendsetting of our IPTV customers start making the upgrade from standard definition to high definition. For that they needed 802.11n. And for the first time we found ourselves with actual "competition" in the form of video dongles sporting off-the-shelf 802.11n silicon. 

But what a joke those turned out to be. If it had been a boxing match the referee would have declared a technical knockout (TKO...get it?). 

Here is an example of the performance disparity seen between Ruckus 802.11n systems and other 802.11n systems. In this case the "competition" is a Netgear 802.11n system with a really nice Atheros chipset similar to the one we use. This product actually has an internal antenna array designed apparently by Rayspan, so the comparison is particularly enlightening. 

This graph (click on it) shows the probability of getting a particular minimum throughput if the client is placed at a random location in a typical home. 

Yikes! These guys better hope the referee shows up soon - they are wobbling. 

Contrary to VC wisdom, 802.11n is driving our explosive growth. This is because signal path control and interference mitigation become even MORE important. We'll cover the reasons for all this some other time (hint: more radios means MORE ANTENNAS....go figure).  Until that time, don't believe everything you read...or hear.  Believe what people are paying money for and actually using.

Our CEO and Her Shoes...

If you ever have the chance to meet our CEO, Selina Lo, don't look her in the eyes, look her in the feet. 

She's the proud owner of hundreds of pairs of shoes that are quietly kept in their own living space. That's right.  People think it's just something we conjured up to make her sound eccentric.  It's not. 

So when I recently got access to her house, I thought I'd document it for all to see.  The video doesn't really do this justice but will give you some idea of the depth and breadth of this fetish.

She goes on shoe binges whenever she's in Milan, Hong Kong, or well, let's be honest, anywhere. I've had first-hand experience of one of these binges before - watching her drop thousands of dollars like a drunken sailor on two or three pairs of shoes in about 10 minutes.

She typically has two or three shoe salesmen running around Lane Crawford, Nordstrom's or Jimmy Choo's, getting her this and that  Her favorite shoes are the skull and crossbone boots pictured in the video.  What a surprise.

All her shoes are kept in a custom room with layers of  floor-to-ceiling shoes shelves on rollers. Behind the shelves are MORE shoes, handbags, scarves, etc.  It's a walk-in shoe closet essentially. Can you say ISSUES? (she had just bought a new pair of tennis shoes that day to play tennis in).

Aerohiving in Public

Ever heard one vendor praising a competitor in public?  Well, here it comes.

Not only did Aerohive recently give us a great a new CFO but they recently announced a very familiar (and well-loved) wireless security feature they called “Private PSK.”

It's almost identical (but not) to our own Dynamic PSK (so we were very flattered). But they've added some very cool knobs.

Like our Dynamic PSK technology, Private PSK fills a gap between WPA-PSK (pre shared key) technology and WPA enterprise mode (802.1X).

You’re probably familiar with WPA-PSK already, practically every consumer-grade wireless AP lets you setup WPA-PSK encryption where you define a key on the AP. Any wireless device that tries to connect to that network will need to type in the same key to connect. This technology has been widely implemented because it is easy to deploy and understand.

While WPA-PSK works fine in a small environment, when you have multiple people sharing the same key, in a company for example, you start to have problems keeping the key a secret. What's more, if the key is ever compromised, the only way to re-secure your network is to change the key on the AP (easy enough). But then you’ll have to update the key on every client device manually (major suckage).

WPA Enterprise (another way to really say 802.1X) solves this problem by requiring that clients authenticate against a RADIUS server first before they are allowed onto the network. Every user has a different username and password on the RADIUS server somewhere. So if a user needs to be revoked, the administrator can delete their entry. All of the other users would remain unaffected by the change.

In the real world, this can be exceedingly complex to deploy and manage. Many companies don’t have RADIUS servers, so one will have to be setup and maintained. Furthermore, the setup on the client side is very complex. Instead of typing in a single key like you would with a WPA-PSK secured network, multiple configuration adjustments need to be made (eg. the client computer must also have a certificate installed that is used to check against the certificate listed in the server).

In a typical 802.1X configuration this can easily add up to ten separate steps. This frustrates users and puts an increased burden on systems administrators who will need to assist each user in configuring their device. And devices that don't support WPA Enterprise remain unsecured with this approach.

Our Dynamic PSK (as well as Aerohive’s Private PSK) takes the "best of both worlds" approach to solve this security dilemma. See fairly fair comparison chart.

Administrators can choose to enable Dynamic PSK and have the system automatically generate a unique key for each user. Our approach actually downloads and installs the PSK automatically on the client along with the requisite SSID - and we bind the Dynamic PSK to the MAC address of a given device.

Aerohive's lets you manually generate keys or groups of keys that can be emailed and there's no need to login - but users still must install the key (also note that Aerohive's Private PSK requires the HiveManager appliance and the Guest Manager application to fully function which is kinda weird given their religious bent toward a "controller-less architecture"...but whatever we have our own problems).

Each user can then use their own unique key to connect to the wireless network, just like a traditional WPA-PSK network.This is especially convenient for devices without a WebUI. If a key is compromised, administrators can choose to selectively revoke that single key and generate a new one to replace it.

All other keys remain valid, so other users do not need to take any action in this case. Another advantage of this approach is on devices (such as mobile phones) where WPA Enterprise security is either very complex to setup or missing entirely. With AeroHive's implementation, a Private PSK can be used on multiple devices at the same time and each of these devices is shown as a different session when looking at their HiveManager management system.

With these new approaches users just need only enter their unique key into the device and they are ready to go.

But with Aerohive's Private PSK, administrators can choose to go a step further. They can assign user-based policies based on their key. In this way, different users, even if they are connecting to the same SSID, can have different VLAN, QoS or firewall settings depending on what key they use to login. That’s cool.  

So whether it’s theirs or ours, ultimately the simplicity that these technologies bring to wireless LAN security is truly game changing. Administrators will be able to maintain user-level control of encryption keys without the cost and complexity of deploying a full 802.1x RADIUS authentication system.

LDAP This!

When schools install Wi-Fi they often come across a nasty surprise: securely authenticating users isn't so easy (sorry in advance for the following book but it's worth the read... especially if you're a school).

It's pretty simple: schools want a wireless LAN that's easy to set up, works with any device and is supported natively by the client's operating system.They also want to implement an open SSID using a captive portal function for authentication but also want a secure SSID for faculty as well as students.

The problem is that many schools (K-12 and higher ed) use an LDAP (Lightweight Directory Access Protocol) directory server, such as Apple Open Directory, OpenLDAP, or MS-Active Directory to authenticate users. 

Today's "best practice" is to encrypt all over-the-air traffic and to authenticate each device and user. 802.11i (WPA2) with AES is the choice dejour for authenticating users against the existing directory server since that's where the information sits.

But WPA2 doesn't offer full support for LDAP. WPA2 includes 802.1x and EAP-PEAP (extensible authentication protocol) support for authenticating users with a backend server (such as RADIUS).  However, WPA2 with PEAP requires a RADIUS server and few schools have one (especially K-12) - or WANT one. 

Truth be told, RADIUS servers CAN talk to an LDAP domain server using PEAP but only if that LDAP server uses Microsoft's Active Directory (you see, PEAP only hashes passwords ina format that only MS AD understands). Well that just plain sucks.

Once impregnated with some (other vendor's) Wi-Fi system, schools figure out (cuz these vendors don't tell them) that they now must find and use some RADIUS server.

Luckily for schools, this problem has been solved with new technology called Dynamic PSK.  Dynamic PSK gives schools an ultra-easy way to encrypt traffic while requiring user authentication via Captive Portal talking to an LDAP server. Here's how it works:

First, the user connects to the network (wired or wireless) and points their browser to an activation or authentication Web page. The user is prompted to enter his/her credentials, which are checked against the LDAP directory server.

If successful, the user is sent to a new Web page that lists the wireless LANs they may connect to, the security type (e.g. WPA or WPA2) and a unique PSK (Pre-Shared Key) that is bound to the users specific device once they connect to the WLAN.

If the device is a Windows machine, they can choose to download a script that will automatically configure their wireless card for them (it installs the unique PSK and the requisite SSID). Or they can simply cut and paste the information.

This unique key is stored in a central database (the Ruckus ZoneDirector internal database). Each key will only work for the device it was issued to and can include an expiration date after which the key will no longer work. Keys are easily managed or revoked on an individual basis. This is quite different from a normal PSK network in which each device shares the same encryption key.

Schools dig this.

"V" is for Bitchin

With very few letters left in the 802.11 alphabet  (they've actually started doubling up letters now with things like 802.11aa, ac, ad, and mb), one letter actually stands out, "V."

And 802.11v really has the potential of making things much better.

With WI-Fi the problem has pretty much always been client related. Most of the complaints IT staff get from users is dropped connections, crappy performance or just the inability to connect.  And having to support hundreds or thousands of clients, it's next to impossible to troubleshoot all these problems and provide users with consistent services. 

Our stuff helps quite a bit from the network side by providing more reliable and longer range signals that are customized for each client and can be automatically controlled to give stations more stable connectivity and performance at range.  But wouldn't it be even better if the network could tell the client what to do!

That's effectively what 802.11v does.

Dumbed down (consider the writer here who barely has a college degree), 802.11v is a wireless Network management standard that allows the configuration of client devices while connected to 802.11 networks. 

The proposed standard, expected to be completed in mid-2010, takes advantage of the existing infrastructure and Wi-Fi standards to help companies understand what kind of devices are being connected to the network and where. Specifically it promises to support stuff like:

• Controlling client roaming to help ease congestion during peak usage times (this allows smooth client transitions between APs, which can minimize congestion during busy times and boost performance of applications such as wireless voice over IP)
• Giving network admins the ability to gather network performance data from clients to see how the WLAN is running
• Timing synchronization (useful for when you're streaming multimedia to things like Wi-Fi speakers)
• Improving the battery life of mobile devices and improving the power drain from access points by having clients dynamically reduce and increase their own transmission levels as needed
• Real Time Location Services (RTLS) technology that provides a high-level of wireless client tracking
• Minimizing interference between Wi-Fi stations and APs by arbitrating transmissions

Dynamically dealing with wireless interference is perhaps one of the biggest benefits. Essentially the V-guys are advocating the use of "interference request" and "interference response" frames. Stations wiill use wireless management protocols like these to allow the exchange of operational data so each client knows about the conditions and topology of the network.  It also provides a "means" for stations to be aware of co-located interference - letting clients automatically manage RF parameters based on network conditions.  In others words, THAT'S BITCHIN.

You must give Cisco credit here. Long ago they created CCX (Cisco Compatible Extensions Program) - a scheme designed to allow their infrastructure products to communicate and control client behavior (not to mention make money by licensing this stuff). Early on, they recognized the necessity of this sort of client control and understood, that because of their bigness, they could get this done outside of the standards process and much more quickly.

So watch this space, 802.11v represents a major step forward (if and when it comes).  In the meantime, use the hell out of antenna-based beamforming to solve the rest of your Wi-Fi problems. :)

A Watershed Moment for Wi-Fi?

Talk about causing a Ruckus!  It's been hard NOT to hear about SKYPE support on Apple's iPhone and (soon) RIM's Blackberry (May they say). 

The new SKYPE iPhone application ONLY allows calls over Wi-Fi and not AT&T's 3G or EDGE packet data network.This is most likely because of the undesirable load this traffic would place on the cellular network. 

Some of our ultra-geeks at Ruckus believe that the extra encapsulation might even make it more expensive to carry a SKYPE call over the 3G network (as data) than a normal native voice call.  iPhone users are required to have an unlimited data plan when they sign up. SKYPE calls are counted against that unlimited data usage and not against voice minutes.

Ironically (or not), at CTIA we recently spoke with a number of mammoth mobile carriers. One of them mentioned that "what scares us to death are these types of applications that can just bring our data network to its knees."  T-Mobile in Germany is even banning Skype for iPhone users altogether.

I just started using the SlingPlayer Mobile on my Blackberry Curve to watch TV. Over the EDGE network it's crap because it requires too much bandwidth. But over Wi-Fi it sings. Once I showed it to my spoiled kids, I couldn't get my phone back. They now use it incessantly, and I am unable to receive phone calls from some of my girlfriends like Scarlett Johansen. 

Last December, a survey by AdMob, the world's biggest mobile ad network, found that more than 40 percent of recent U.S. traffic between iPhones and the network's 6,000 ad partners passed over Wi-Fi connections, not over AT&T's cellular network.  And it's only going to get worse.

Meanwhile in not-so-nearby China where the government has recently granted 3G licenses and opened up competition among mobile and fixed line carriers, Wi-Fi is viewed as an essential tool to help:

1. offload data from 3G infrastructures and
2. to quickly and economically enable the delivery of high-speed data access while 3G base stations are being deployed.

Funny enough, after a long hate-hate affair with Wi-Fi, the technology is now being embraced by broadband carriers, MSO and mobile operates as a good way to help backhaul infrastructures cope with heavy demand from data users now and in the future.

AT&T is ramping up its network upgrades a third year in a row to accommodate the heavy data use for its 2009 iPhone launch. And according to other gossip mongers, Apple seems to be laying the groundwork to introduce high-capacity, low-power 802.11n Wi-Fi to the iPod touch, and presumably to its 3G-enabled companion, the iPhone.

The change would be a huge jump in performance for users of both devices, which now use a Wi-Fi chip that supports 802.11b/g, with a throughput of less than 25Mbps on the 2.4GHz band. But the change would almost certainly mean having to buy a new touch or iPhone with the 11n chip, and some observers say Apple also needs to upgrade the CPU to enable both handhelds to fully exploit 11n performance.
There's also seems to be other Wi-Fi-related iPhoney things in the works:

1. Using iPhones or iTouches as a remote controls for set top boxes (STB).
   They already have the capability to use the iPHone/iPod touch as a remote control for iTunes over Wi-Fi, so it makes sense to extend this to STB control
   .
2. Streaming from iPhone/iPod touch to an STB.
   This makes sense since folks have so much shareable content on the device but want to watch it on a real screen or hear it on real speakers.

The big takeaway here is that these types of applications are a huge win for Wi-Fi - validating its massive appeal as the preferred high-speed wireless connectivity option of choice. It also forces Wi-Fi to grow up.  Wi-Fi must now fundamentally change from a best effort technology of convenience into a more deterministic utility. A shared medium that uses the unlicensed spectrum, Wi-Fi has traditionally sucked for doing anything meaningful.  But that's changing and changing fast as Wi-Fi quickly become the defacto choice for client network access.

Star Struck: The Lonely Life of an SE

We're a pretty lonely bunch here at Ruckus Wireless. Each of us lives vicariously through each other in the hope that anything interesting will happen. So when it does, we get all "jiggy wit' it."

Our lives consist mostly of building stuff, installing stuff and troubleshooting stuff then having meetings to talk about how to build stuff, install stuff and troubleshoot stuff. Beyond that, none of us have real lives to speak of.

This is particularly true for our Systems Engineers (SEs) who effectively live on planes - flying from one place to the next installing gear and helping would-be customers on the finer points of RF signal propagation, dynamic beamforming, wireless LAN architecture and (now) celebrity gossip.

Recently, when one of our SEs, Eric Stresen-Reuter (Stress-N-Rooter), an ex-cop in Apopka, FLA married to his cuter-than-a-button cop wife (I kid you not), came in contact with two celebrities within 7 days of each other (and in the exact same location), we were all mesmerized. You see, we don't get out too much.

In the President's Club of Continental Airlines at Newark airport, Eric met Halle Berry and Martin Short. Situated near gate 120 in Terminal C of Newark Liberty International, Continental's President's Club at Newark was recently named "Priority Pass Lounge of the Year." Go figure.  The award-winning lounge covers almost 25,000 square feet and sports a premium wine bar, 57 private carrels, five shower suites, four conference rooms, and ceiling-to-floor windows offering panoramic views

Well, because Eric is an SE, he can't really form complete sentences without using acronyms or converse with normal people, let alone celebrities. He shared with me both conversations  (SE's don't really fabricate things as they pride themselves in being exact). Here's how the conversations went (simply unbelievable). Halle Berry first:

---------------------------------------------------------------------------------------------------------

Eric: Wow. You're Halle Berry!
Halle: Wow. You're right.
Eric. Wow.  What are you doing here?
Halle: Wow, traveling.
Eric: Do you know where the bathroom is?
Halle:  I know where MINE is.
Eric: I really liked you in that movie WANTED.
Halle: I wasn't in that movie, that was Angelina Jolie.
Eric: Oh right.  You guys look a lot alike.
Halle: Not really. I'm black. Are you OK?
Eric: I'm fine. You have cute kids.
Halle: I find you creepy.
Eric: That's OK. Listen, no one will believe that I met you...so would you take a picture with me?
Halle: I don't think I believe it.  Would that make you go away?
Eric: Yes.
Halle: OK but don't touch me.
Eric: Thanks Halle.
Halle: Call me Ms. Berry.
Eric: OK.  Hey one last thing.  Will you autograph my access point?

------------------------------------------------------------------------------------------------------------

Eric: Wow. You're Martin Short.
Martin: Yes and I can make you laugh until you can't control your bowels.
Eric. You won't believe this but I met Halle Berry in this exact same spot a week ago.
Martin: You're right.  I don't believe it.  You know Halle and I were an item once.
Eric: Really?
Martin: No.
Eric: Oh..
Martin: So what do you do?.
Eric: I'm an SE for Ruckus Wireless.
Martin: You're what for who?
Eric: Nevermind.
Marin: OK.  Let's take this picture so I can do anything else.
Eric: Great. Can you put your arm around me so it looks like we're good friends.
Martin: Sure but that's kinda creepy.
Eric:  That's ok.
Martin: You know, you're kinda cute.
Eric:  Really?
Martin: No.
Eric: Hey one last thing.  Will you autograph my access point?
Martin: No.

------------------------------------------------------------------------------------------------------------

OK.  So we some socially inept SE's. But boy are they dedicated and can they make your Wi-Fi network sing!  You'll like 'em then.

Cisco Validates Smarter Wi-Fi, Sort Of.

Informants have hinted that Cisco is planning to unveil a new line of 802.11n dual band access points next week.

What's more Cisco says these APs will use the "built-in" 802.11n beamforming functionality for the first time. 

Beamforming is an option in the 802.11n standard and has been integrated into the 802.11n chipsets provided by Atheros and Broadcom.

No surprise to most, Cisco seems to be following the path of least resistance by relying on chip suppliers for each and every morsel of RF technology advancement.

That said, Cisco's validation of beamforming is a big acknowledgment to the industry that more needs to be done to make Wi-Fi more reliable at the physical layer. Ruckus was conceived around this concept - making WI-Fi more reliable.

The problem is, the "beamforming" called out by the 802.11n standard does very little to solve this problem.  In other words, not all beamforming was created equal.

Beamforming can essentially be performed in two ways:

1. Mathematical beamforming
   This is achieved through digital signal processing in lower levels of the chipset (baseband and multiple radios). This gets all the academic attention and what most people mean when they mention beamforming.
    
2. Physical beamforming
   This is achieved through the use of adaptive directional antennas and best path selection algorithms that dictate that actual form and direction of radio signals through the RF domain using thousands of antennas and actual client feedback (click on figure below) to optimize things.

Mathematical beamforming at the chip level tells the system which antennas to use for a given client and has theoretical maximum limits (eg. 3dB of gain for two radio chains). But nearly every 802.11n access point on the planet uses omni-directional (rubber duck) antennas that constantly blast out and receive signals in all direction providing next to no way to combat environmental problems.

This type of beamforming can't optimize the actual form and direction of Wi-Fi signals and has no real-time adaptive capabilities. Therefore it can't determine the actual performance of a given path, change it if there's a problem or reject or avoid interference as it is experienced.

Testing has shown that the slightest change in the way 802.11n antennas are pointed or the AP is positioned results in wildly different performance levels.  We've seen fluctionation from 5 Mbps to 80 Mbps in performance by simply moving the AP 90 degrees or the client to a different locations.

Physical beamforming goes waaaaaay further. Physical beamforming adds a whole "subsystem"  on top of the standard chipset that allows complete control over Wi-Fi signals. The basic idea is to improve performance by creating several independent signal paths between the transmitter and the receiver.

What's important here is that physical beamforming is adaptive - constantly adjusting Wi-Fi performance based on real things happening in real time.  Here's how it works (for the most part):

A miniaturized antenna array provides thousands of antenna combinations that smart software algorithms use to form very concise and optimized signals. These same software algorithms use actual feedback from each client to select the best performing signal path at any given time.  We use the analogy of holding a flashlight in your hand in a dark room vs. turning a flood light on overhead.

This translates into three very important benefits for users:

1. better (read more consistent) performance over longer distances
2. more reliable connectivity (interference rejection helps avoid Wi-Fi "flakiness")
3. Non disruptive (no client support required to achieve these benefits)

While mathematical beamforming requires chip-level cooperation from both sides and hence requires standardization, physical beamforming gets that cooperation for FREE from the 802.11a/b/g/n protocol. And with physical beamforming there are effectively no theoretical maximum gains limitations. With our "smart antenna" system we've seen system gains of 9dB and interference rejection of 17dBi.

So now you know.