The document discusses next-generation gigabit Wi-Fi technologies, emphasizing 802.11ac wave 2 performance and its applications in high-density environments, such as sports venues. It highlights the integration of wired and wireless networks, improved security analytics, and user experience optimization through advanced management and connectivity solutions. Additionally, it covers future trends like cloud-based management, multicast traffic handling, and enhanced roaming capabilities to support various devices and applications.

1. Mobility
Next Generation Gigabit WiFi - 802.1
Measurable Busine
802.11ac Wave 2

2. Wireless
Performance…
Hyper-dense WiFi
Why?Why?How? Elastic Control (Fit) CAPEX
or OPEX you choose.
Rapid troubleshooting
and time to resolution
Enhanced Performance
air-to-the-wire.
IP Multicasting Over-the-
air-performance
Green bay Packers
Everyday is Game day!

3. Industry Validation
0
 Unified Wired and
WLAN Access
 Security Analytics
 High-Density Venue

4. -
Creating Value
From Vertically
Integrated
CONVERGENCE Horizontally
Layered
Metro
NETWORK
MODERN
ENTERPRISE
Metro
NETWORK
ENTERPRISE
NETWORK
Video
Voice
T1ServicePSTN
Internet
PABX
DATA
Virtualized Applications
VoIP & Video Service
Switching & Routing
Enhanced Services
Differentiated Access
Optics, Copper & Wireless
Vertically
Services
Horizontally
Services
Metro
NETWORK
MODERN
ENTERPRISE
Wired Wireless
Video
Voice
T1ServicePSTN
Internet
PABX
DATA
Enhanced Services
Simplicity is the
killer app.
(Not Just Brand / Platform)
 Open Platform
 Better Value
 Higher
Performance
 More Features
 Simplicity
Extreme delivers
Disruptive approach
to the market!

5. The user experience challenge…
 Wifi in house
experience is great.
 No Security is
required.
 Full access to
internet resources
Internet
Firewall
Dedicated
Home-based internet
Connection
Dedicated
use
Even LTE is Fast or
Upto 1 Spatial Streams
Dedicated
Spectrum
Spatial Streams
Higher expectations for
peak network performance Upto 4
Spatial Streams

6. Official Wi-Fi Analytics
Provider of NFL
Who: 68,000 fans
What: WiFi connectivity to deliver
real-time video, game
stats and access to social
networks
When: All Patriots home games
including UMass Football,
New England Revolution
Soccer and concert events
Where: Gillette
Stadium, 4,000 wifi
clients per acre
How: Indoor/outdoor Aps,
Omni/directional
antennas, full Enterasys
backhaul LAN, unified
management

7. Wifi Performance

8. Devices & Apps
Traffic &
Usage
Device Creep
AP

9. Enabling The Workspace of
Tomorrow with Gigabit Wi-Fi As
Primary Access
 Mission Critical App.
Experience
Everywhere .
 Access Based on
Who, What, When,
Where and How?
 IoT device
performance
Internet
Firewall
Shared internet
Shared use
100s – to – 1000s
of devices
LTE might
not work
Shared
Spectrum
(Spatial Streams)
Increase productivity,
Foster collaboration and
innovation
Secured devices

10. Great Wireless is like…
a great Football  High Density (D-Line ) – High Density
Performance
 air-to-the-wire.
 IP Multicasting
 Over-the-air-performance
 Elastic Control (Line Backers)
choose to stop the run or pass, in the
box or out (CapEX or OpEX).
 Mobility (Corners) - Wireless
Infrastructure with Wired Equivalent
User Experience (no dropped call
while roaming).
Caution: Extreme Metaphor

11. CAP EX (Use Case)
ENDZone(OPEX)
ENDZone(CAPEX)
10 20 30 40 50 40 30 20 10
10 20 30 40 50 40 30 20 10
Run? (Use Case) Pass? (Use Case)
Why not a Balanced Attack?
(Run and Pass)
OP EX (Use Case)

12. Elastic Capacity V2110
Controlle
r
NAC
NetsightECP
Radius Server
RADIUS
IPSec Tunnel
Controlle
r
NAC
NetsightECP
Radius
Server
RADIUS
IPSec Tunnel
Configuration Small
(OVA)
Medium Large
Host Resources 2 CPU
1 GB RAM
25 GB HDD
4 CPU
2 GB RAM
25 GB HDD
8 CPU
4 GB HDD
25 GB HDD
Data NIC Interfaces 2 2 2
System Limits
AP Capacity 100 500 1050
Local AP
High Availability
50
50
250
250
525
525
User Capacity 1024 4096 8192
Standalone Users
High Availability
512
512
2048
2048
4096
4096
Site 1
Policy 1-64
AP1, 2, 3
Radius= Local 1
Site 2
Policy 65-128
AP 4, 5, 6
Radius = Local 2VNS1
(Policy)
VNS2
(Policy)
DNS

13. more with less…
High-density w no hidden costs:
 75,000 PPS air-to-the-wire.
 Dual-core CPU w Network co-
processor for offloading frame
processing.
 Over-the-air-performance at
1.75Gbps with
Elastic
Controller w
Full L3
No additional fees for high-availability,
access control, QoS , nor RF Management
providing predictable TCO.
 Full Layer 3 solution which enables fast
secure roaming, Manage & contain multicast
traffic to VLAN(s). Simultaneously bridge
traffic @ controller & AP on 1 SSID
 Single SSID and policy - Comprehensive Policy
Management requiring only one SSID.
 Contain peer to peer traffic between users,
Control noisy protocols (support for Bonjour
and other multicast devices).

14. Advanced Multicast Support
Focus on Bonjour, UPnP, and LLMNR -
Contain multicast at APs, but
forward unicast across VLANs
 Filter multicast traffic @
the AP (or Controller)
 Proxy ARP @ AP reduces
multicast transmissions.
 Optimized buffering and
prioritization for power save
clients
 Dynamic conversion of
mcast to unicast @ AP with
lower client counts
 Adaptable multicast
transmits at lowest
connected rate for high
client counts
Switch
AP1
AP2
AP3Controller
Multicast contained at
AP, no network congestion
Classroom 1
Classroom 2
Resource room
Summit
Summit

15. Control multicast proliferationAdvanced VLAN classifications rules (K/S-
like) Contain IPv4 TCP/UDP traffic to a pre-
defined VLAN. Primary use cases being
targeted.
Bridge @ Controller
 Unicast traffic is bridged @
controller and is tag/untagged @
controller
 Multicast traffic is bridged@
controller and is tag / egress @
controller
Bridge @ AP
 Unicast traffic is bridged @ AP and
is tag/untagged @ AP
 Multicast traffic is bridge @ AP and
is tagged / egress @ AP
Hybrid Bridging
 Unicast traffic is bridged @
Controller and is tag/untagged @
controller. Enables Mobility across
Campus with single IP address!
 Multicast traffic is bridge @ AP and
is tagged/egress @ AP. Enables
containment via VLAN islands
depending on physical location
Connected
240Mbps
Connected
54Mbps
~ 104Mbps
~ 24Mbps

16. Bonjour Service discovery
 Bonjour takes the service-
oriented approach. Queries
are made according to the
type of service needed, not
the hosts providing them.
 Applications store service
instance names, not
addresses, so if the IP
address, port number, or
even host name has
changed, the application
can still connect.
 User’s browsing experience is
made more useful and
trouble-free.

17. Elastic Architecture
Controller-Based
Cloud
Flow-Based Wireless
Advantages:
 On-Prem Management
 Seamless Roaming
 New VLANs exist only in
controller and
Core/Distribution
Challenge:
 CAPEX Model
 Encryption from client to
controller
Cloud Based Advantages:
Push towards moving network management to the
cloud
 Simplified management / Zero Touch deployment
 Pay as you grow model
 Wireless (+Wired in the future)
Management
Control
Data
Control
Management
Firewall
Controller
Data
Control
Data
Control

18. Subscription Target List Price/AP
1 year $125
3 year $250
5 year $375
The hand off?
Expected Term
 Customers buy the AP
Hardware. Customers plug the
AP into LAN infrastructure
 AP finds the cloud via
Internet and becomes
operational within minutes
 Customers pays for WLAN
cloud management as
subscription - Recurring
Revenue
Management on
End-User’s Premises Partner Cloud
Hybrid Model

19. Gs
Association
To connect, a computer needs the SSID
(network name)
1) Laptop send an association request
frame
2) AP responds with an association
response frame.
Aps normally send out beacon frames
announcing the SSID
Passive scanning - A wireless device
listens for a beacon frame
Separate voice and/or data VNS
 Up to 32 VNS segments per Controller
 Per SSID or WLAN domain (Controller,
AP) Centralized policy
 QoS, Security, Roaming, No VLAN
configuration required
SSID
I need to
connect to an SSID
You are authenticated
to an SSID
Captive
Portal
Customer
Guests

20. Single SSID
IAM
Controller
User A
 provisioned for access
with personal mobile
device
 provisioned for access
with company device
 connects with personal
mobile device
 connects with company
owned device
Single SSID for provisioning,
security, and RF operation
 Control devices on your network, protect
the infrastructure
 Who you are, Where you are, What
device you have
 Unique and granular assignment of
topology, QoS and security rules
User B
 connects with a company owned
 mobile device can access
corporate data with the
corporate mobile device
External Web
Authentication
LDAP

21. Location Based
Access Control
Visitor Outdoors:
Group: Public
Device: Any
State: Compliant
Auth: Any
Emc: Any
Location: Outdoors
Policy: Access Denied
Visitor Conf Rm#1:
Group: Public
Device: Any
State: Compliant
Auth: Any
Emc: Any
Location: Indoor
Policy: Access Granted
Employee Outdoor:
Group: Corp
Device: Any
State: Compliant
Auth: Any
Emc: Any
Location: Outdoors
Policy: Remote Access
Employee Indoor:
Group: Corp
Device: Any
State: Compliant
Auth: Any
Emc: Any
Location: Indoor
Policy: Intranet Access

22. Roaming - Service
Location Protocol
(SLP RFC2608)
 Subnet Mobility (Layer 2 and 3)
 VoIP Support
 Session Persistence
Scalability
IEEE 802.11 standard does not
address roaming, you may need to
purchase equipment from one vendor
if your users need to roam from one
access point to another.
 Users maintain a continuous
connection as they roam from one
physical area to another
 Mobile nodes automatically
register with the new access
point.
 Methods: DHCP, Mobile IP

23. The controller provides the
following functionality…
 Controls and configures
Wireless APs, providing
centralized management.
 Authenticates wireless
devices that contact a
Wireless AP. Routes traffic
from wireless devices, using
VNS, to the wired network.
 Applies filtering roles to the
wireless device session.
Provides session logging and
accounting capability
DHCP Radius
Controller
Captive
Portal
External Web
Authentication
VoIP Server
DNS Server
SLP Server
Directory
Proxy
Network
Control

24. Collision Avoidance (CSMA/CA) The process for sending frames is:
Create frame
 Listen before sending, if no signal
then
 Send RTS request to send to
Access Point
 Wait for CTS clear to send from
Access Point
 If CTS is received then
transmit data
 If CTS is not received wait
for random back-off time
 Return to listen before
sendingFlows
 Cell phones work by using
frequency pairs.
 Wi-fi uses Half-duplex.
 Ethernet uses (CSMA/CD)

25. Complete network
Flow-based (Quarterback Read)
 Flow-based – Seeing the complete field
and using rapid troubleshooting and time
to resolution, quick recognition of the
environment.
 Analytics – Game Management
understanding the complete game or in
this case the complete network.
 Policy – Calling an audible to effect
outcomes. Many NFL teams have a 3-
inch-thick playbook that includes at
least 50 running plays and as many as
200 passing plays.
Wireless is like a
great play with flow
and control…

26. Flow-based Technology
3
ways
Visibility to
the Edge Wifi
Spectrum
Control for context
driven mobility
Awareness with Zero
impact to Wifi
performance,
Delivering Great
user Experiences
Understands the complete network (game)
Not just one play at a time.
Data
Control
Data
Control

27. Game day is everyday
Tighter
signal quality to work

28. Modulation Fundamentals
OFDM subcarriers used in
 802.11a,
 802.11n
 802.11ac
Sub-carriers Guard Tones
56 subcarriers (52 usable)
for a 20 MHz HT
mode (802.11n) channel
52 subcarriers (48 usable) for a
20 MHz non-HT mode (legacy
802.11a/g) channel
114 subcarriers (108 usable) for a 40 MHz HT mode (802.11n) channel
-40MHz -30MHz -20MHz -10MHz fc +10MHz +20MHz +30MHz +40MHz
242 subcarriers (234 usable) for a 80 MHz
VHT mode (802.11ac) channel
An 80+80MHz or 16MHz channel is exactly two 80MHz channels, for 484
subcarriers (468 usable)
Raw Data Rates

29. WiGig 11ad and
what it means
 60GHz band, three channels in
most countries (each 2.16GHz
wide), each providing up to
6.8Gbps PHY datarates.
 No MIMO
 Challenges: Non-Line of Sight
(NLOS) connections, range,
penetrating obstacles (and
people)
 Targeted to clean up a
cluttered desk or TV cabinet
 Likely not appropriate for
traditional AP use. But can be
 interesting for related
applications like wireless docking,
 high-capacity WLAN hotspots, AP
backhaul/aggregation,
 etc.
802.11ad
Characteristic
Description
Operating frequency
range
60 GHz ISM band
Maximum data rate 7 Gbps
Typical distances 1 - 10 m
Antenna technology Uses beamforming
Modulation formats
Various: single carrier
and OFDM

30. Single-user MIMO
(all roads lead to more
bandwidth! Sometimes?)
{# Tx antennas} x {# Rx
antennas} : {# spatial streams}
20Mhz
20Mhz
40Mhz
40Mhz
The efficient use of the RF
spectrum still relies on a strong
client and requires tradeoffs
between competing needs:
 High performance
 Long battery life
 Low cost
10 feet or less with low ceilings for
3by3 performance of 450Mbits.
Spatial Stream / Antenna Design
Internet Video
Streaming
2.5 to 8 Mbps
HDTV 19.4 to 25 Mbps
Blu-Ray 40 Mbps
Uncompressed “good”
Video 8 bit, 1920x1080
796 Mbps
Uncompressed “Best”
Video 10 bit,
1920x1080
3730 Mbps
20Mhz = 150 Mbits
= 75Mbits per channel
= 150 Mbits
= 150 Mbits40Mhz
3by3 SSChannels Streams

31. 80 and 160 MHz
Channels
20 MHz
40 MHz
80 MHz
160 MHz
160 MHz
(80+80)
802.11a/b/g
802.11n
802.11ac
20Mhz
20Mhz
40Mhz
40Mhz
80Mhz
80Mhz
160Mhz
802.11ac defines up to 8 spatial streams
Spatial Streams
gone wild
 Sub-optimal spectral reuse in multi-
AP deployments. Max of 5 non-
overlapping 80 MHz channels
 Increases neighbor interference
and contention
 Likely decreases aggregate
capacity in enterprise

32. 2
1
3
4
5
2
1
3
4
5
2
1
3
4
5
Channelization
Smartphones from 210 Mbps*
Tablets from 460 Mbps*
Laptops from +680 Mbps*
4x4:4 Dual radio 802.11ac Wave2 AP
Wider Bandwidth)~
 80 MHz is 4.5x faster than 20 MHz
 80 MHz is contiguous
 Per packet dynamic channel width
decisions
20Mhz
20Mhz
40Mhz
40Mhz
80Mhz

33. Now the access point does
the heavy lifting!
Devices get on and off the network
quicker, allowing more devices to be
served. Speed of 802.11ac results in
less transmit/receive = Improved
battery life
It‘s Shake & Bake Time
Now, with multi-user MIMO, the limitation
of one lower-speed client won’t hold
back AP downlink throughput.
Wave 2 also has a perk called multi-
user MIMO (MU-MIMO), which can
handle communications from several
mobile devices at once.
A Laptop could handle
Multiple downlink Tx at same time

34. “Like going from
a hub to a switch”
Client1: Null
Client2: Peak
Client3: Null
Create signal peak
uniquely for each client
WiFi 802.11ac uses STBC (Alamouti Scheme).
 Alamouti’s Scheme for 2*1 - STBC is a
transmit diversity scheme that comes with
a robust performance achieved with low
cost.
 Alamouti’s Scheme for 4*2. - In 802.11ac,
four STBC modes were defined (2x1, 4x2,
6x3 or 8x4).

35. WHAT IS BEAMFORMING?
Where is the beef?
 That is the question that
beamforming answered. Once a
device makes a connection to an
access point (AP) that is capable
of beamforming, the AP will auto-
tune its antenna and transmitter
to more specifically target the
device when communication
occurs. This can reduce RFI and
increase throughput on the WLAN.
 While 802.11n allowed for
beamforming, it was not a
standardized option until the
implementation of 802.11ac.
 Beamforming is a signal processing
technique used to control the
directionality of the transmission
and reception of radio signals
Beamformer
Beamformee
Conventional MIMO Figure: TX beamforming
system equivalent channel.
(Beamformer) Here’s a
sounding frame
(Beamformee) Here’s how I
heard the sounding frame
Now I will pre-code to match how you heard me
Acknowledgement (maybe beamformed)
Communication system is a closed loop system.
Why broadcast a wide signal to a specific device when
it is possible to target that device specifically?
Transmit beamforming is used to enhance the reception
of signals.
(explicit
and
implicit)

36. 256-QAM
“Like a 300lb receiver”
 256-QAM improves
efficiency.
 Higher modulation adds
complexity, beneficial
near the AP.
 Efficiency gain from
modulation does not
increase linearly
(Requires 802.11ac AP
and client).
256-
QAM
16-QAM
64-QAM
128-QAM
100% gain (2x)
50% gain (1.5x)
33% gain (1.3x)
Constellation diagrams for QAM - Twice
the capacity of 80 MHz 802.11ac (not
recommended for multi-AP deployments)

37. Offload Wireless
Traffic Faster
Adaptive Rate Technology (FE, 1G, 2.5G, 5G, and 10G)
Future proofed for higher speeds >75% of WW installed
base is Cat 5e/6 up to 100 meters 10GBASE-T cannot
work over vast majority of installed base
Cat5e cabling up to 5G
speeds 100M for Brownfield
Cat6a cabling for
Greenfield deployments for
higher speeds

38. Enterprise Voice
802.11k Introduction
802.11k objectives:
• Define Radio resource
measurements (RRM)
parameters for
automated network
management and
performance
enhancement
• Provide better
information to allow
clients to make better
roaming decisions.
(1) Prepare to Roam
(2) Request Site Report
(3) Deliver Site Report (4) Client associates
with best neighbor AP
(Switch Channel)
Operation
• Background Scan to collect the neighbor
AP information
• AP generates a site report (ordered list
of access points) -sorted by signal
strength. Provide site report to clients
exits.
Enhancement
• Implement 11K capable IEs to Beacon/Probe Rasp
• Implement selected Radio Management Action
frames
• Enable Background Scan if 11K capable WLAN
service

39. QoS Even over Mesh…
VLAN 1
15%
VLAN 2
25%
VLAN 3
10%
DSCP
802.1q
QoS
QoS Even over Mesh…
High-fidelity VoIP
2.4GHz
Client Access
2.4GHz Mesh Backhaul
5GHz Client Access
5GHz Mesh Backhaul Dual Band WIPS
Sensor
Radio 2

40. Apps Everywhere
The challenge
Typical Wi-Fi
Visibility
HTTP=Port 80
HTTPS=Port 443
How do I get true visibility?
Typical Visibility
of Carrier Network
Client IP Addresses
# of Wi-Fi Clients
Reports from Carrier

41. Apps Everywhere
The solution
Extreme Networks Wi-Fi
Visibility
Full Network Visibility
Bandwidth per App
# of Clients per App
Application Profile
App Response Time
Network Response Time

42. not just bolted-on
Appliances Flows
C5210 212,992
C35 24,576
V2110 (VMWare) Small 8,192
Medium 49152
Large 196,608
V2110-HyperV 49,152
Cloud
Access Points
Number of Flow
Supported
AP 38xx 8,192
Analytics Built-in
Summit

43. Mesh Networking (WDS)
Parent
Child
Child

44. Extreme Mesh Extending WLAN Service Outdoors
Wireless backhaul
Satellite AP
Root AP
(Connected to
Controller)
Also Extending LAN
connectivity to
Remote Sites
Wireless
bridging
Public Road
Repeater AP

45. Choose antennas wisely
Next Generation Antennas
 New stadium directional
antenna
 Over a year in development
 Extremely narrow focus
 Necessary to create channel
separation in the 2.4GHz band
 Both indoor and outdoor
available
Diversity with antenna options
 Omni
 Directional
 Internal and external
Flexible mounting
 Color, angle, and location
 Narrow focus with reach;
required to reduce channel
overlap in 2.4GHz band.
Wi-Fi Network
Congratulations you are being
connected to the Wi-Fi network.
Please enjoy you internet
experience while around the
stadium
User is directed to splash page then free to use
the internet and apps form there

46. Gigabit Wi-Fi
 High-end 4x4:4 11ac Wave 2
 2.5/5G Ethernet
 Pass Point / Hotspot 2.0
Summit 620
“Untethered" Applications –
Hubris Strikes Again
Cloud
Subscription
 Unparalleled adaptability and flexibility
 Same platform, runs on either on-premise
or cloud managed mode
 Unique flow-based technology
Cloud-Ready!
3900 Series - Mid-level

47. “like going from a hub
to a switch”
 11abgn, 4x4:4 MU-MIMO
 Cloud-Ready!
 Dual-radio
 2.5Gbps
 90K pps
 2 x E/N with active/active
and active/passive
3935 3965 (E&I)Dual-radio, ceiling and wall
mounted
 4x4:4SS 11ac/abgn
 2.33 Gbps capacity
 2.4G/5G Beamforming
 RF Spectrum Analysis
 8x integral antennae array
 8x external antennae
 Tool-less mounting
 Turbo QAM
 2-10/100/1000BASE-T uplink
 802.3at* Power
3865e
IP67/NEMA6
Adjustable Drop Ceiling
Bracket with AP3935

48. The Future is clear
 Entry-level 2x2:2 11ac
Wave 1
 Coverage Option
 Opex or CAPEX
Other Future Options
 Integrated Camera
 MU-MIMO (up to 4)
 160 MHz
 Indoor models
 4 MU-MIMO sessions
 2.5/5G Ethernet
 BLE/Zigbee support (IoT)
 Cloud-Ready!
AP + Camera (AP3916)
• 2x2:2 SS, Dual band & radio
• RF Spectrum Analysis
• 4x integral antennae array
Stadiums (3865e)
• 11ac (3x3:3 MIMO)
• Mesh, Policy, QoS
• IP67/NEMA6

49. Like a great Coach?
Legendary Disciplimarians
1) Vince Lombardi
2) Bill Walsh
3) Don Shula
4) George Halas
5) Chuck Noll
6) Paul Brown
7) Bill Belichick
8) Tom Landry
9) Joe Gibbs
10)Curly Lambeau "The problem with you, Shula," he said one day,
"is that you're uncoachable."

50. Wireless Dashboard
+ Radar Licenses
+ Spectrum WIDs/WIPs
+ Location
Built-in Access Control
+ Policy
+ACLs. CDPv2 & LLDP
+ Sampled Netflow
Layer 1- L3 Through Layer 4
!

51. Device Creep
Layer 1- L3
+ Visability
+ Automation
+ Resources
Netsite“SPOG”
OneView provides:
 Full alarm configuration
 Alarm editing
 Alarm visualization

52. Hot Spot 2.0
User and Application visibility
Device
onboarding/authentication
Reporting (User, devices,
bandwidth, application,
security, inventory, uptime,
etc.)

53. Visibility and control
 Spectrum analysis
 In-channel protection
 Truck roles
Frequency Coordinators plan for Wireless Clutter…
 Surface Tablets (coaches and players).
 Fans (1 or 2 Devices)
 Wireless Microphones (Broadcast)
 Wireless Camera’s (TV)
 Two-way Radios (security & police)
 80,000 Fans and 20,000 support staff (moving)
Interference
From Rouge AP
Threat
Dedicated sensor for
complete protection
Identify Wifi w
Greenbay Packers
Let your Extreme network
be your RF Coordinator with
Visibility built-in.

54. Wireless Security
Common wireless threats
Rogue Access Points
Mis-configured Access Points
Ad hoc connections
Client ms-associations
Unauthorized client associations
Malicious wireless threats
Honeypot AP’s
MAC Spoofing AP’s
Client > Malicious AP
Denial of Service
De-authentication flood
Packet storm
?
Ad Hoc
Denial of Service
Attack
AP MAC
Spoofing
Rogue AP
Mis-configured AP
Unauthorized
Association
Mis-association
Honeypot
Why you should care?
Wired Firewalls/IDP &
802.11 Security Do
Not Prevent These
Wi-Fi Threats

55. WID/WIPS Architecture
(free safety)
Authorized
User
Threat
Authorized
User
These threats exist even
without WLAN
Threat
Threat
Threat
Honeypot
Secured User
Dos Attack
Guest User
AP MAC Spoofing
Mis-configured AP
Rogue AP
 Detect
 Prevent
 Locate
Threats
Firewall
Summit

56. Location Engine
Deploying APs for location tracking
 No less than three APs should be
detecting and reporting the RSS
of any client station. Only RSS
reading stronger than -75 dBm
are used by the Location Engine.
 Use the same AP model for the
entire floor plan, so that the RSS
readings in that area will have
less variation.
 Design your floor plan with the
APs installed at the corners of
the floor plan, along the
perimeter of the location.

57. Custom Wifi Analytics
(defend the run)
 Coarse location reporting
based on NAC
 Enables external Captive
Portal authentication
without requiring a
customer to open a port in
the firewall
 Enables Extreme AP’s to
send RSSI readings for
each station every
minute
Location, Analytics, Onboarding
(Eight men in the box)

58. Tracking unassociated users
(Stuffing short yardage)
 Software support to track
unassociated wireless clients
 Integrates with 3rd party
location based services for
deeper insight
 Use cases: Analyze Foot
traffic/presence in public
places using Wi-Fi for
staffing/scheduling/promotio
ns etc.

59. Probe Suppression Weak
Client disconnect
Probe suppression
 RSS threshold (Adjustable “Cell Size”)
 Reduce the number of Probe Response.
 Prevent clients with RSS below the
threshold from associating
 Configured per radio (Enable/Disable
and Threshold)
Forced Disassociate
 Disassociate “Sticky Clients” Occurs
5dBm below the suppression threshold.
 Prevent them from re-associating to the
AP.
 Encourage/Force roam to better AP.
Configured per radio (Enable/Disable)
Can complement Minimum Basic Rate in
effectively controlling size of service cell
-80 dB
Probe Req (-65)
Probe Response
Probe Req (-90)
Radio 1 (5 GHz) Advanced
Radio 2 (2.4 GHz) Advanced

60. WiFi - Asset Visibility
Aero Scout Engine
UDP
Ekahau Positioning
Engine
UDP
Aero Scout Mobile View
Single view of GPS location,
real-time status, etc.
Wired sensor / telemetry link
oil pressure, fuel level, etc.
On-tag GPS
tracking
Comprehensive tag family for a
variety of solutions and industries
Exciters trigger tags at
defined areas for
immediate, accurate
detection

61. How is my investment protected in
the long term?
Power required for
promised
performance
Compatible with
Virtual Controller
2 wired ports for load
balancing and
redundancy
How is Bonjour
Managed
Architecture
Flexibility
Solution for granular
user experience
Packets Per Second
Wired-to-Wireless
Performance
 75 Thousand Packets/Second
Tested
 1.75 Gbps Tested Throughput
 Dual Ethernet ports support LAG,
enabling both load balancing
and resilient mission critical
availability

62. (MDM) SOLUTIONS
Can help keep track of all approved BYOD
devices
 Control access to enterprise networks
and systems
 Manage app installations and upgrades
 Offer enhanced security
TIP: Give employees a heads-up of what
organization will be able to access once MDM is
installed
Firewall
Web
Proxy
Network
Access
Management
(NAM)
MDM
Corp.
Apps
Access
SW
Internet
VDI
MDM
 Device Management
 Selective and Full Wipe
 Application Management
NAM
 Device and user profiling
 Authentication (802.1x, etc)
 Device Assessment
 Advanced Authorization – policy
enforcement
 Advanced visibility & reporting
 Bonjour Devices
 MDM and VDI integration

63. Gartner
Emerging alternative for
deploying wired and wireless
infrastructure in remote offices
 Solutions have been used by
small or midsize business
(SMB) organizations with
limited IT staff who need to
support WLAN in remote
locations, like schools and
retail stores.
 Functionality has expanded
to include wired connectivity
and security appliances.
 Initial investment per location
is small, and ongoing costs are
predictable, which makes it
appealing to small business
customers
Hype Cycle for Networking and
Communications, 2015 Published:
27 July 2015
Retail stores, coffee shops and restaurants, small hotels, waiting
rooms in healthcare facilities, schools, small businesses, and small
remote offices in general are the ideal target for cloud
managed networks.

64. ExtremeCloud
or On-Premise
 Limited IT
 Distributed sites
 Optimized OPEX & CAPEX
for small sites
Benefits:
 Ease of management
 Zero touch deployments
 Scalability on demand
 Single touch updates
 Focused on network edge
On-Premise
Off-Premise