Meru Expands WLAN Service Assurance Portfolio

By Lisa Phifer

May 26, 2010

Spectrum analysis, security, and monitoring products increase reliability and cut TCO for Meru Virtual Cell WLANs.

Meru Networks' wants to build innovative products that empower the all-wireless enterprise. "We're seeing more customers wanting to use iPhones and BlackBerrys indoors, where 3G signal isn't strong enough," said Ram Appalaraju, senior vice president of marketing. "Our traffic-optimized single-channel architecture provides a foundation to deliver these kinds of services."

But, for mission-critical WLANs, a strong foundation is not enough. Enterprises need predictable, secure, manageable WLANs that are no harder to operate than Ethernet. Meru's Service Assurance (SA) platform aims to do so by supporting a suite of management applications, like last summer's E(z)RF Location and Network Managers. This week, Meru announced four new SA applications:

Enabling Expansion

These new offerings are designed to run on Meru's service assurance appliances, delivering the proactive measurement and service-level automation tools that operators need to efficiently ensure availability and quality.

"Offering wireless service assurance allows IT/network managers to get comfortable with the performance and reliability they have come to expect from their wired networks," said IDC enterprise communications infrastructure analyst Rohit Mehra. "Layering that with management, security, and compliance applications allows customers to understand and deploy appropriate services, thereby lowering operational costs for the enterprise."

For example, Meru's new Wired/Wireless Network Management application extends E(z)RF Network Manager by integrating it with SolarWinds' Orion Network Performance Monitor (NPM). Customers who purchase this bundle will run both applications together on a Meru SA appliance, using a single console to view wireless and wired alerts.

This bundle simplifies fault monitoring for new Meru/SolarWinds customers by creating one product to purchase, install, and maintain. At the NOC, operators can view overall network status through one auto-populated map of network elements, quickly drilling into E(z)RF status and statistics when Meru APs are involved. The goal: fewer escalations, less finger-pointing.

This resale partnership is an important first step toward integrated wired/wireless network management. However, it seems unlikely that either vendor would hitch its wagon to one partner. After all, SolarWinds needs to monitor other-vendor APs and Meru will have customers that use other enterprise fault monitoring systems.

Strengthening WLAN Security

Meru's APs, controllers, and SA applications already deliver many essential security features, from location, SSID, and user-based encryption/authentication to application-aware per-user firewalling and controller-based rogue detection. Meru even offers a unique RF Barrier to deter eavesdropping. But Meru did not have its own Wireless IDS/IPS (WIPS) – until now.

Meru's WIPS 1.0 closes a crucial gap, because its virtual cell architecture poses unique surveillance needs. The WIPS server (available Q310) runs on any Meru SA appliance, along side other SA applications. This server analyzes RF observations made by Meru APs and/or Meru's new PSM3x.

According to director of product management Sivaram Nayudu, Meru's WIPS will be tightly integrated with its APs and thus able to leverage them to do more than microcell APs. "By default, our APs do on-channel signature-based analysis of client traffic flowing through them," said Nayudu. "Optionally, our APs can do off-channel scanning, either during idle time or by dedicating an extra radio to scanning."

Because clients in a Meru WLAN spend are always tuned to a single channel, Meru's WIPS is less likely to miss traffic (such as when a microcell client roams to another AP/channel). This could make it easier for Meru's WIPS to dig deeper into payloads. Customers will be able to define their own WIPS signatures and threshold alerts.

However, those who want PCI reporting must also spring for Meru's Compliance Manager, a separately-priced product that runs on the same appliance. This application (available 4Q10) discovers and inventories all wireless devices in a card-holder data environment, compares WLAN changes to defined policies, and generates PCI DSS 2.1 compliance status reports.

Because customers subject to PCI DSS are required to monitor for intrusions, they will end up buying both applications (from about $100 per AP/application). Other customers can purchase just the WIPS, using Meru APs for integrated WIPS or PSM3x devices for overlay WIPS.

Sniffing RF Service Impacts

The fourth application included in this week's announcement is E(z)RF Spectrum Manager ($1,995). This RF spectrum analyzer runs on an SA appliance, listening to observations heard by PSM3x devices (available 4Q10, $1295).

"The PSM looks like an AP, but it's a dedicated device with custom Wi-Fi and non-Wi-Fi chipsets," explained senior directory of technology Joe Epstein. "This hardware approach lets us classify sources locally, which is important to avoid central visibility and scalability issues."

Although the PSM3x includes a Wi-Fi radio, that radio is not used for service delivery. "A spectrum analyzer must work equally well in lightly loaded and heavily loaded WLANs," said Epstein. "Not using the PSM for service delivery lets us avoid the blinding effect that can happen when using a radio in an AP that's also transmitting." As a result, the PSM can detect very low-level interferers, down to -80 dBm, which might otherwise be drowned out but impact clients.

As the name suggests, E(z)RF Spectrum Manager is integrated with other E(z)RF applications, helping it determine channel quality and utilization, visually depict WLAN service impact, and feed that intelligence into fault analysis algorithms. By enabling continuous RF interference detection, classification, locationing, and impact analysis, Meru hopes to give IT the ability to take proactive steps when appropriate, before help desk calls start.

IDC's Mehra said such capabilities are important to enable broader Wi-Fi/Ethernet replacement. "Automated interference detection, location tracking and mitigation are essential next steps in improved network reliability for wireless - especially if they are integrated into the infrastructure," said Mehra.


Lisa Phifer owns Core Competence, a consulting firm focused on business use of emerging network and security technologies. Lisa began her career by measuring proprietary wired network performance way back in 1981. She has been involved in the design, implementation, and testing of wireless network products and services since 1996.



Comment and Contribute
(Maximum characters: 1200). You have
characters left.