This content is for Patreon subscribers of the j2 blog. Please consider becoming a Patreon subscriber for as little as $1 a month. This helps to provide higher quality content, more podcasts, and other goodies on this blog.
Vyos 1.2.1 has been released. Check it out here.
The Catalyst 9600 enters the market as the last piece of the CAT9K series puzzle. It compliments the rest of the line up, the CAT 9200, 9300, 9400, and 9500 series switches. And this is ultimately an upgrade to the 6500 and 6800 series Catalyst platforms.
iPhone X while sitting in traffic on the west side of Indy.
Do you use a wifi finnder app on your Android device? If so, your username and password may have been compromised. The above article identifies the apps which “leak” passwords.
Our friend willie has a new video on a self-hosted speedtest server.
With the introduction of WIFI6, we now have the new WPA standard in WPA3. In an earlier article, I talk about WIFI6, and it’s the introduction of WPA3. As we are used to with the previous versions of WPA, WPA3 comes in two “flavors. We have WPA personal and WPA enterprise.
WPA personal is what most of us are familiar with in home environments. The most significant change isthe Simultaneous Authentication of Equals (SAE), which replaces Pre-shared Key (PSK). A preshared key or passphrase is what we are used to typing in when we associate to a new, secured network. Typically you type an 8 character or longer password you have to ask your friend for when you visit their house.
So what does SAE do exactly? At the core, SAE is a peer-to-peer handshake. If you are the kind who likes to read RFCs, then RFC 7664 – Dragonfly Key exchange is what SAE is based upon. With SAE an attacker can not sniff data, analyze it offline, and introduce an attack on a pre-shared key like they can with WPA2. When the client connects to the access point, they perform an SAE exchange. If successful, they will each create a cryptographically secure key, of which the session key is based. If one session key is cracked it will only affect one key, and not all of the key used, as with WPA-2. In SAE the four-way handshake is done away with.
Another critical benefit of WPA is Wi-Fi Device Provisioning Protocol (DPP) which replaces the flawed Wifi protected setup (WPS) currently supported by many consumer routers. With DPP, devices can be authenticated to join a network without a password through various means, including QR codes. So what does the Enterprise side of WPA3 give us? Most of the new features have to do with encryption and key exchange mechanisms. WPA3 enterprise supports 192-bit encryption.
So what does the Enterprise side of WPA3 give us? Most of the new features have to do with encryption and key exchange mechanisms. WPA3 enterprise supports 192-bit encryption.
Many of you may have been hearing about “Wifi6”. Well what is it exactly? Wifi6 is a standard based on the support of 802.11ax. So what is 802.11ax?
802.11ax is designed to operate from 1 to 7GHZ. This means it can be used in 3GHZ as well as the possible upcoming rule changes to the 6ghz space. 802.11ax supports 1024-QAM modulation, which means higher throughput is achievable. As with many new standards, other new protocols come along with this. WPA3’s biggest selling point is what is called forward secrecy. We will talk about that in an upcoming post.
Look for 2.4GHZ to make a small comeback. Over the past few years 2.4ghz has become congested and many router manufacturers have pushed 5GHZ as the primary access method on home routers. Devices like Apple iPhones will prefer 5GHZ over 2.4 due to the higher data rates with 802.11ac which operates in the 5GHZ band. With AX we will see the 2.4GHZ band being utilized in various ways. Chip makers such as Qualcomm have chips which can offer multiple streams across multiple bands at the same time.
Some other features which AX will be superior to AC in are:
–Spatial Frequency Reuse. A term called “coloring” is introduced. Coloring allows the network to identify internal vs external transmissions. This allows neighboring devices to decide if they can transmit and if they need to adjust power to reliably do it.
–Network Allocation Vector (NAV) – This is a WIMAX mechanism being applied to ax. It is a carrier sensing mechanism designed to avoid collisions with both external and internal networks.
–Target Wake Time – This allows better use of beaconing and allows the stations to utilize air time better.
These are just a few of the new things upcoming in wifi6. If you want to read a vendor-neutral paper on this here is a good link: http://www.ni.com/en-us/innovations/white-papers/16/introduction-to-802-11ax-high-efficiency-wireless.html
As we see more and more manufacturers introduce wifi6 devices we will see devices referred to in 3 categories
- Wi-Fi 6 to identify devices that support 802.11ax technology
- Wi-Fi 5 to identify devices that support 802.11ac technology
- Wi-Fi 4 to identify devices that support 802.11n technology
Look for some more upcoming posts on the new features of wifi6.