Setup was straightforward. After connecting to the switch's robust, IOS-like CLI (command-line interface), we set its IP network information and configured the internal DHCP server. Through Aruba's new, easily navigable Web-based configuration pages, we created a WLAN profile and mapped out a floor plan to let the switch determine the ratio of access points to AirMonitors based on number of users and desired throughput levels for both 802.11b/g and 802.11a. Aruba's access points, like Airespace's and Cisco's, are 802.3af PoE (Power over Ethernet)-compliant, making installation a snap.
With the WLAN up and running, we launched a slew of common attacks to test the Aruba WLAN's resiliency and its ability to identify various types of malicious WLAN traffic.
The 800 was quick to detect nontrusted access points and could distinguish between what Aruba calls "interfering access points," which are those that are not connected to your wired network, and rogue access points, which are. But it had problems with our test dual-radio access points, which used common BSSIDs for both spectrums; it kept rotating the rogue alarm from 11b to 11a and back again as it tried to determine which frequency and channel the access points were using. The 800 also had difficulty determining one access point's 11a channel, kept another rogue in the active list for weeks after it was powered down, and displayed quirkiness by showing some access points' 5-GHz channels as 11b/g and 2.4-GHz channels as 11a. The switch supported ad hoc network detection, though two alarms providing the same information were generated for each offense.
The 800 automatically prevented our hypothetical users' clients from associating with rogue access points by bombarding the clients with deauthentication packets made to look as if they came from the rogues. The switch also identified clients not associated with Aruba WLANs and let us preclude those clients from associating with any access point, Aruba or otherwise.
The 800 not only contained unauthorized APs and clients, it also detected malicious attacks that relied on similar containment methods to bring down WLANs. Unfortunately, the switch triggered alarms regardless of whether containment deauthentication and disassociation packets were generated by Aruba access points or by interlopers. False positives also resulted when we configured the 800 to catch wireless bridges in the building--we got alarms back saying Aruba's own access points were in violation of this policy.
Pending 6GHz spectrum availability, faster speeds, and private wireless access use drive FWA forward.
The new HPE Aruba 730 series Wi-Fi 7 access points tout high performance, enhanced security, location tracking capabilities, and more.
Verizon is demoing crowd analytics technology that uses 5G along with AI and mobile edge computing to give stadium operators insights into the flow of fans throughout a venue.
