When deploying a new wireless network, sometimes network administrators will run into situations when they don’t want to broadcast a certain SSID in specific areas of their campus. Or vice versa, sometimes it is desirable to only broadcast a particular SSID in a restricted area. A great example would be when they want to provide open, unrestricted guest access in a corporate lobby for visitors but they don’t want to broadcast this SSID in other areas because they don’t want to employees accessing social networking sites during business hours. Or perhaps an administrator doesn’t want to broadcast an SSID on the APs around the perimeter of a facility to provide geo-fencing.
We have now added an easy way to accomplish this through Dashboard using AP tags. AP tags are a way of grouping APs together by applying an identifying tag, such as “Building_4”, to create an easily-searchable group of all the APs located in a certain building. So how do you apply a tag to an AP? There are two simple ways, either for an individual AP or for a large group of APs. To just tag a single AP, go to the AP details page:
Go to the Edit Configuration link, and add Tag names, such as “Lobby”:
Then go to the SSID Availability page and select “This SSID is enabled on some APs…” from the AP selection control. Enter the name of the tag of the APs that you want to broadcast the SSID from, and you’re done! This specific SSID will only be broadcast from the APs belonging to this tagged group.
In some situations, there may be a large number of APs that you want to tag into a certain group, perhaps all the APs in a single building on a college campus. In this case, you can tag en masse from the Access Points page under the Monitor tab. Simply check the APs you want to tag, select “Add tags” from the Actions drop-down menu and enter the name of the tag to use:
AP grouping with tags gives you a simple way to segment SSID broadcasts within a single network by building, floor or room, providing you with a new level of control over your network. AP broadcast by tagging is available now for all Enterprise customers. Try it out and let us know what you think!
Certain Dashboard administrators will now notice a new tab in Dashboard, Organization, that has appeared between the Configure and Help tabs.
All networks in Dashboard actually reside in an “organization”, or collection of networks. Typically our customers create a network for each unique physical site or building, depending on how they have structured their wired network. There is now a new level of administrative privilege: the organization administrator. So what is important about organizations and organization administrators to Meraki customers? There are a few important points:
1. Licenses are applied across organizations.
When adding APs to a network, a license is purchased with each AP. An organization must contain valid licenses covering all of the devices in the entire organization. For example, if an organization contains a network with a license that is valid for ten devices but only five APs have been added, and a second network is created to which five additional APs are added, no other license would be required, since a license covering all ten APs already exists in the organization.
2. Organization administrators have visibility into all networks within the organization.
Organization administrators can “see” all the networks in an organization. There are two levels of organization admin: read/write, or full, and read-only. Read/write admins can add other organization admins, and have read/write access to all networks in the organization.
The administrator that creates the first network in an organization will automatically be designated as an organization admin, and can then add others if necessary. For a typical distributed organization with a central IT group at HQ and local IT presence at each remote office, a typical configuration would be for the IT managers at HQ to have organization administrative privileges, and for the IT folks at the remote sites to be designated as network administrators for their individual site networks. For administrators that only have network-level privileges, the Organization tab will not be visible.
Organization administrators provide the ability to customize the administrative accounts to match the organizational structure of the IT team, with just the right level of control and visibility for each administrator. We will continue to add more functionality to the Organization tab in the future!
Easy Internet access for guests makes WiFi a very attractive amenity for many retailers and restaurants, where it can be a differentiator in a crowded market of competitors. Libraries and schools are now expected to offer ubiquitous wireless access across their campuses and often want to offer free WiFi to the local community. The ease of deployment and trouble-free management of Meraki WiFi networks make it simple to deploy guest access across all of these types of organizations and more.
However, sometimes administrators don’t want to offer free wireless access around the clock. An open WiFi network can mean that folks hang around in the parking lot long after business hours, causing complaints from residential or business neighbors. With Meraki’s new Scheduled SSID feature for Enterprise networks, administrators can automatically turn an SSID off outside of a set schedule without the need to even log into Dashboard. Standard templates are available for typical business hours, or a custom schedule can be created for each individual day.
This feature can be found on the new SSID Availability page. We’ve also moved the controls for hiding an SSID to this page as well from the Access Control page to make it easy to find all SSID broadcast-related controls.
Give us feedback via the Make a Wish box in Dashboard! Enjoy!
Everyone at Meraki is extremely excited about the newest member of our enterprise 802.11n access points: the top-of-the-line Meraki MR24, available now. The MR24 is our fastest and most powerful AP yet, bringing unmatched throughput and capacity with its triple-stream 802.11n MIMO in dual-concurrent radios, and still keeping the incredibly sleek profile Meraki’s access points are known for, all without breaking the bank.
The jump from 802.11a/b/g to 802.11n has been instrumental in increasing Wi-Fi throughput for users. A large chunk of the throughput gains comes from implementing MIMO. The 802.11n standard allows for two-, three-, and four-stream MIMO, but so far only two-stream MIMO access points and clients have been available, leaving a lot of capacity on the table, and leaving networks strained as they attempt to serve a higher density of clients. We’re changing that with the new Meraki MR24 access point.
A look at today’s access points
802.11n MIMO is most commonly offered today as a dual-stream implementation, usually in 2×2 mode. As discussed in a previous blog post on MIMO, this means the system has two transmit antennas and two receive antennas. Nearly every major wireless enterprise and consumer-grade access point vendor offers 802.11n products with 2×2 MIMO. This allows manufacturers to specify maximum throughput rates of up to 300 Mbps (per radio).
Wait – aren’t there some 3×3 access points already available?
A few vendors offer enterprise-class access points labeled as having 3×3 MIMO radios. This is technically correct, but often misleading. While yes, those access points do have a 3×3 configuration with three transmit antennas and three receive antennas, nearly all 3×3 access points only support two streams even with three transmit antennas. A quick peek at the data sheet almost always reveals that, in fact, only two streams are supported. The reason to have a third antenna, even when having only two streams, is to increase the diversity of the signal. This means the reliability and range can be moderately improved. But the third antenna does not add an additional, parallel, full-rate spatial multiplexing data stream. So it’s important to check the maximum supported data rate of the access point.
Check the speedometer
A triple-stream 3×3 MIMO radio will support up to 450 Mbps. If the maximum data rate listed is only 300 Mbps, this almost certainly means that only two MIMO spatial streams are implemented. Note: this is the per radio data rate. Many access points have two radios. If each has a maximum capacity of 300 Mbps, the aggregate access point capacity is 600 Mbps – but this does not mean it is superior to a triple-stream implementation. Any single client, even a 3×3 client, will only ever experience the maximum data rate of the single radio, since it cannot tune to and receive two channels simultaneously. There are several advantages of having dual- and triple-radio access points, but increased single-client data rates is not one of them.
Table 1 shows the maximum supported data rates of 802.11n MIMO and the aggregate rates possible with dual radio access points.
Table 1: 802.11n MIMO data rates
Meraki MR24: clocking in at a total of 900 Mbps
The Meraki MR24 marks another milestone in the evolution of Wi-Fi – the arrival of triple-stream 802.11n MIMO access points. The 300 Mbps supported by 2×2 MIMO may sound pretty speedy, but many networks and users are still hungry for even more. The Meraki MR24 supports triple-stream 3×3 MIMO and has a maximum data rate of 450 Mbps per radio. It has two of these radios inside, which means the aggregate throughput of the access point is 900 Mbps. That’s right – approaching Gigabit rates over the air. This also means a higher number of clients, up to 50% more compared to 2×2 MIMO, can be simultaneously supported by the access point, thus alleviating the strain of access points struggling to support dozens and hundreds of clients in a wireless network.
What’s in the secret sauce?
It’s no secret our engineering teams are incredibly sharp. It’s not enough to take a radio chipset and solder it onto a board. The radio has to be optimized, the antennas must be designed to have the right electrical characteristics to support three Tx and three Rx chains simultaneously and fit into the hardware enclosure, and the entire access point has to be beefed up to support the higher data rate of 450 Mbps. The Meraki MR24 is a dual-radio access point, so this all has to be done to support two radios and the 900 Mbps aggregate data rate.
Figure 3: Meraki MR24
All of this still fits into the tight power budget of 802.3af, even when running the dual-concurrent radios with triple-stream MIMO. And though there are six antennas inside (yep – that’s the antenna in the cut-away image), the AP still has an incredibly sleek profile – only 1.5 inches (38 mm) thick.
And that’s not all. The MR24 supports Meraki’s complete feature set and award winning cloud-based management. The MR24 provides:
Advanced wireless security with an integrated policy firewall, NAC, Teleworker VPN, and guest access
Layer 7 application traffic shaping and analysis
AutoRF cloud-based optimization with spectrum analysis
Built-in client location services
High-performance, self-optimizing mesh networking
Automatic provisioning, management, and monitoring from the cloud
Wireless networks have never been as fast as they are now with the new Meraki MR24. Triple-stream 802.11n MIMO and dual-concurrent radios now let wireless networks approach Gigabit speeds. At a price of $1199, it doesn’t have to cost a gigabuck, either. You can find more details about the Meraki MR24 on our website. If you’d like to try out a few MR24 APs, we’d love for you to give us a call.
Back in the summer of 2001 I turned on my first Wi-Fi device – an 802.11b PCMCIA that I received as a gift. The promise of getting 11 Mbps was incredible, and I couldn’t wait to roam freely with my laptop and connect from anywhere, as long as I lugged around my 7.5 pound laptop and found a hotspot, of course.
Today, nearly ten years later, this seems almost like talking about a long-forgotten technology. We expect our Wi-Fi to be fast, integrated, and available nearly everywhere. And so last year while attending an event in San Francisco, Startup Weekend (http://startupweekend.org/), I came across Meraki. It was mostly by accident, as I watched someone investigate the Wi-Fi network to make sure everyone had a strong, reliable connection. Navigating around the Meraki dashboard seemed a breeze, and even more compelling was the ability to quickly drill into certain clients and access points and assess their performance and connection. Later I learned more about the analytics and tools available, and things like the mapping tools and interference analysis (shown below) appealed to my data loving and engineering brain cells.
I’m Pablo and I’m thrilled to join Meraki as solution architect. My background is in electrical engineering, specifically in wireless, networking, HF and RF, and test and measurement. Most recently I was with Agilent Technologies, where I focused on signal analysis and signal generation test tools. At Meraki, I’ll be focused on technical needs of our customers and how our products address those needs. I’ll be posting material on this blog and I look forward to engaging with all of you.
Many of you have expressed interest in our new Location Services, which allow enterprise customers to determine the location of WiFi clients without additional hardware. We’re therefore holding a quick, informal webinar on Friday, during which we’ll talk a bit about how this feature works under the covers, do a live demo, and hold Q&A. The webinar runs just 15 minutes, so it’s a great quick way to learn about this new feature. You can register (for free, of course) here.
We are very excited to announce two new enterprise 802.11n access points: the Meraki MR12 and MR16. These new APs offer across the board upgrades over their predecessors, the venerable MR11 and MR14: improved performance, sleeker design, and even a lower price!
Meraki MR16 ($649)
Dual Concurrent 802.11n for Enterprise/Campus
Single Radio 802.11n for Small Branch/Teleworker
These are the slimmest enterprise 802.11n APs. Measuring in at under 1? thin, they blend seamlessly into their environment.
We built these APs with the network administrator in mind, making them as fast and easy as possible to deploy. The industrial design makes for easy, 1-handed mounting. Each box contains a complete accessory kit, with gear for wall, drop ceiling, and desktop mounting. No pre-configuration is required – just plug the AP in, and it automatically assumes gateway or mesh mode, and downloads its configuration from the cloud.
Despite its slim profile and lower price, the MR12 and MR16 are actually more powerful than their predecessors, featuring both increased transmit power and receive sensitivity. Highlights include:
Layer 7 Traffic Shaping
Line rate deep packet inspection engine for application QoS
High Capacity Design Memory capacity for 100+ simultaneous users
Built-in Policy Firewall Guest, User and Group Acces Control
4th Generation Chipset Top of the line 2×2 MIMO with spectrum analyzer and transmit power control
Client Enhancements Beamforming, Voice/Video QoS, Band steering
To top it all off, these are green little APs, with 100% recyclable packaging, 90% recyclable components, and a multi-tenant cloud hosted controller that is far more energy efficient than traditional hardware controllers.
We’re incredibly excited about these APs, and the response we’ve received from our beta testers has been very encouraging. We hope that you like them too!
Meraki’s AutoRF technology performs automatic cloud-based, system-wide network optimization to ensure peak network performance in any environment. Each AP on a Meraki network continually monitors its environment for interference from other APs and feeds this information back to the Cloud Controller. Last month we added Spectrum Analysis, mitigating interference from non-WiFi devices like microwave ovens and Bluetooth headsets.
AutoRF has always run quietly in the background. But now, our new Radio Settings page gives you more visibility into what’s happening behind the scenes, and exposes new controls for advanced configuration.
The new Radio Power selector either allows the Cloud Controller to automatically dial back transmit power if it detects adjacent access points stepping on each others’ toes, or allows you to maintain full power for all APs.
The Channel Planning Report sheds light on how AutoRF is tuning your network, providing visibility into the current channel and transmit power settings for each AP, as well as the interference sources that were avoided. If you click on the “Details” link next to each row in the table, you will find a detailed report for all of the APs in your network on a particular channel.
Regular users of the Cloud Controller will notice that some settings previously found under Network Wide Settings have moved to this page, where they fit naturally.
We hope that you find this Radio Settings page helps you better understand how the Cloud Controller is optimizing your network, and helps you to make more informed decisions about how to use the Cloud Controller’s RF controls. Please let us know what you like, what you don’t, and what you’d like to see next!
Last month we announced our new Traffic Shaper feature and gave administrators unprecedented visibility into the wireless traffic on their network, providing the ability to see what might be bogging down their network, be it YouTube, BitTorrent or too many users uploading pictures to Facebook. Now, with the new Traffic Shaper page in Dashboard, administrators finally have the tools to not only see what kinds of recreational applications are taking over their network but to do something about it!
Administrators can now create application-specific shaping policies for total control over their wireless bandwidth. Let’s say your Sales team needs snappy access to Salesforce.com at all times, but most of Engineering is streaming World Series games and consuming all of your bandwidth. With Traffic Shaper, shaping policies can be created that apply per user bandwidth limits for specific applications such as video streaming sites, as well as apply QoS priority levels at both Layer 2 and 3 to make sure your Salesforce traffic gets prioritized across the network.
To make setting up new shaping policies fast and simple, we have created pre-defined groups of applications that administrators most commonly want to shape:
Administrators can also create more specific policies for particular applications using HTTP hostnames (eg. salesforce.com), IP and port numbers. Here is an example of a typical shaping policy that you would see in an office setting:
In this example, a rule has been created to apply a 1 Mbps bandwidth limit to all users on the Meraki-Corp SSID for Peer-to-Peer and streaming video and music applications. A second rule has also been created to provide Layer 3 QoS prioritization to applications that are critical to this business, Salesforce.com and Dropbox.com, as well as to provide unlimited bandwidth to these applications.
Since Traffic Shaper can leverage the intelligence of over 16,000 customer networks through the Meraki Cloud Controller, Traffic Shaper’s database of application signatures is always updated. As new P2P and social media applications appear on the scene, they will be quickly fingerprinted and added to the Cloud Controller database for our customer networks so that administrators are never caught unaware by the next BitTorrent.
Traffic Shaper can now be found under the Configure tab in Dashboard. If you are interested in learning more about how Traffic Shaper works, we invite you to join us for a webinar that we’ll be conducting about Traffic Shaper on November 2nd. Details can be found here:
We are excited to announce that network administrators now have enhanced alerting capabilities in Dashboard to help them stay up to date with their wireless network. Under Configure->Network-wide settings in the Network Alerts section you’ll see these expanded options:
Now you can select to receive prompt email alerts when an AP goes offline or switches from gateway to repeater mode, a new rogue AP is detected or configuration changes are made to your network settings in Dashboard. You can also customize the time delay before you are notified as well as qualify the type of rogue APs for which you are alerted to so you’re not bombarded with low priority updates. These alerts can be sent to multiple administrators via email. The email alerts contain detailed information to help you determine the urgency of the situation, such as the AP that went offline or what configuration setting was changed.
In addition to the unprecedented visibility that is provided about your network through the Cloud via Dashboard’s reporting capabilities, these new alerts will now allow you to stay on top of your network even when not logged into Dashboard. These alerts are one more tool in the administrator’s toolkit to make managing Meraki networks remotely even simpler and to enable you to be more responsive to your end users’ needs. New alerts are now available to all Meraki customers.