WiFi6 Ratification: Not So Fast My Friend

There has been a lot of publicity lately about WiFi6 obviously and even more visibility when the WiFi6 certification was announced September 16. So now we officially have WiFi6 and we can move on. NOT SO FAST.

Over the past few weeks I seem to be having the same conversation in-person with people as well as in Slack rooms, etc. around this announcement. There is a perception that once this announcement was made it is a done deal and we have 802.11ax as a ratified ammendment now. This is most certainly NOT the case. The announcement that was made in September was around the WiFi Alliance certification occurring not ratification. Well, those are the same thing, I can hear some of you saying. They are not, and this is where the marketing and big money companies come into play.

The WiFi Alliance is a group of companies that pay for the privilege, from USD$5,150/year to be a contributor up to USD$20,000/year to be a contributor according to the WiFi Alliance membership page (https://www.wi-fi.org/membership). According to the Who We Are page:

WFA Who

 

Basically the WiFi Alliance is a group of companies, including Apple, Cisco, Intel, Qualcomm, etc. that pay to work together on collaboration within the industry, testing equipment in labs to verify devices function ‘properly’ and advocate for spectrum usage, etc. In other words, a WiFi marketing company on how devices connect and function. But, this makes it a standard right?

Just as in wired networking and many other industries, the IEEE is the standards body that develops, writes and ultimately ratifies standards for wireless networking in working groups. The 802.11 working group within the IEEE are the ones responsible for publishing the standard, not the WiFi Alliance. This is where the confusion comes in for most people.

The working group puts together the draft of the new technology, then creates publishes this draft. For 802.11ax this draft was not fully completed and approved by the working group until February 25, 2019 according the IEEE website (http://www.ieee802.org/11/Reports/802.11_Timelines.htm). And from the working group timeline we still will not have ratification until at least September of 2020 with final approvals not coming until November of 2020.

Standard

So as we hear in the media and online that WiFi6 is here and certification is complete, let’s not lose site of what that actually means. Is WiFi6 here, yes it is. Devices are beginning to be released at a quicker pace, especially now that certification is complete. Wireless vendors have been out pushing these new APs for a time now and there is beginning to be an install base for them, but nothing too pervasive at this time. Within the wireless community the sentiment is that there are not going to be any large changes, if any at all, before ratification takes place. However, we just need to be careful about going around spreading the word that the WiFi6 standard is published and ratified. There is still another year of work for that to be reality.

Security is the New Standard

Everywhere we look today we hear about hacking of servers or email systems, credit card systems being compromised and public Wi-Fi as a ‘use at your own risk’ service. With all of the  big bad’s out there, security should be the new standard within wireless.

Security is more than a buzzword

There are so many buzzwords in the industry at this point with 5G, WiFi6, OFDMA, WPA3 and so on, security should not be considered one as well. For years wireless security was nothing more than a rotating passphrase, if someone remembered to change it. WEP finally got hacked which gave way to WPA and then WPA2. But for the most part all devices where still using a passphrase that was proudly displayed on a white board, sandwich board or the like. When wireless was a ‘nice to have’ commodity this was just fine. With wireless now becoming the primary medium for access, security is a must. Data moving back and forth from private and public clouds requires data have better security than a passphrase. Certificates, central authorization and accounting has become a must. Centralizing these needs into a single system makes securing and monitoring devices within these data sensitive networks.

How can this go further within the network?

Taking security to the next level

Basic monitoring of security within the network, user logins, MAC authentications, machine, authentications, failures, etc. is great to keep up with what is happening or to troubleshoot when a user is having an issue. But with the risks in today’s networks, both wired and wireless, a deeper-level of understanding and monitoring is needed.

This is where a User and Entity Behavioral Analytics (UEBA) system comes into play.

The basics of a UEBA seems simple, but it is a very complicated process. Multiple feeds being provided by items such as packet capture and analysis, SIEM input, NAC Devices, DNS flows, AD flows, etc. all come into the system and are correlated against rules that setup by the security administrators. As this traffic comes in and is analyzed by user a score is provided to that user based on where they are going on the Internet, traffic coming in and going out to ‘dangerous’ locations (i.e. Russia or China), infected emails that were opened, etc. This score is then updated or times. Once customized thresholds that are configured by the administrators are met or exceeded different actions can be taken on that device, disconnected from the network, quarantined on the network, or an alert sent to an administrator.

Total Package

Designing and deploying networks with complete 360º security visibility is no longer an option but a must. With data flowing in and out of private and public clouds, into and out of Internet-based applications, and the pervasiveness of wireless as a primary access medium there has never been a more important time to make security a standard and not an after thought.

WiFi 6 Why We Need It And What It Isn’t

Wireless networks have been around for a long time. We all know the history of the industry starting as a nice to have feature that we could work without a cable. Today wireless has become the primary medium for connectivity in most industries and most households. As the shift has occurred, wireless technology has had to try and keep up. The latest phase of this race is the 802.11ax, or WiFi6, amendment.

Why do we need WiFi6?

By now everyone has heard that 5G is coming and the crazy fast speeds that it will bring from a cellular-side. We will look at that more in another post. But WiFi is fighting the same issues as cellular in today’s world. We are oversubscribed on WiFi, speeds suffer because of older technology, wireless is the primary connection method of almost every device in the world and IoT is coming. Enter WiFi6.

To be upfront as we begin this, ratification of the 802.11ax standard looks to be at least a year away with most stating a date of September 2020 before this will happen. Even without full ratification manufacturers are starting to put out access points and a few clients are starting to trickle into the market.

So with ratification still a year away, why do we need to worry about WiFi6 now? WiFi6 is more about capacity than speed. As more and more devices are accessing the wireless network, bottlenecks begin appearing. The way WiFi6 will handle this is a trick taken from the cellular industry with OFDMA (Orthagonal Frequency Division Multiple Access. The easiest way to explain it is we are taking a highway that has 8 lanes today and then funnels to a one lane road. Huge bottleneck occurs and all traffic grinds to a halt like the 405 in California. Now with WiFi6 and OFDMA, those 8 lanes stay 8 lanes and traffic can flow freely. With having these extra ‘lanes’ capacity is now increased. This is the key part of WiFi6. There is a great white paper on the traffic lanes with well done diagrams and more information on here (https://www.arubanetworks.com/assets/so/SO_80211ax.pdf ).

We have all heard about the speeds and how fast we can now send and receive traffic on WiFi6, but capacity is the key to the system. More capacity equals more opportunities for devices to be serviced on the network, especially for time-senstive data like Voice and Video over WiFi. As we move to Mobility First workplaces and stop pulling cables to desks, wireless is more and more important. Design is ever more complex now for wireless and how we can use the spectrum smarter to allow more of these devices to function and function well.

As stated previously, the key to the new ammendment for 802.11ax is not all about speed. It is about capacity. We need to be looking at how we handle these time-sensitive data and not how we push them faster. With WiFi6, yes the speed is there if you have the right client, but how do we service that least-capable device and make that function as if it is a WiFi6 device? Capacity is the key and as we continue to add more devices, i.e. IoT, wireless first deployments, nurse call devices. WiFi6 is the key to solving this issue and granting that capacity we so badly need.