Recently, I came across Trapeze Networks and the name instantly rung a bell. Yes, that's the company Matthew Gast works for, author of THE book on Wifi. Trapeze does a lot beyond the MAC header with Wifi and has a couple of features in their equipment I was not aware one could do with Wifi these days. I was especially amazed by the location tracking features they have put into their equipment.
By triangulation with several access points and some other tricks, it's possible to detect the location of a client device within a few meters. This feature can be put into good use for a number of applications:
- Access Restrictions: It's possible to restrict network access for a set of users to specific parts of the coverage area, i.e. one can use the same Wifi infrastructure for both employees and guests. Besides restricting guests to pure Internet access it is also possible to limit their access to meeting rooms. This is not done on a per access point limitation but by triangulation, which means permission to use the network can be granted for a location that is much smaller than the coverage area of an access point. It's also possible to limit access to the network to the building, and stop anyone from accessing the network from the parking lot nearby.
- Equipment Tracking: The location of active and passive WLAN Tags (e.g. have a look at AeroScout) can be monitored to track the location of equipment or devices.
- Find rouge access points: One of the biggest threats to company security is employees bringing their own Wifi access points from home and connecting them to the network. If not properly secured they can be an open door into the company's intranet for anyone in range. With localization, the Trapeze access points can not only detect the presence of such access points and warn the network administrator but also include the approximate location of the equipment in the message.
- Find unwanted devices or attackers: In case outsiders try to penetrate your network, the system can not only warn the administrator of such attacks but again include the location of the attacker, which is an invaluable help in large campus wide networks. Trapeze says their access points and controllers can detect over 200 different types of Wifi attacks and warn the administrator. The system even offers the possibility to "shoot back". I am not quite sure what that means in practice but I am sure it would be fun to find out more about this feature.
Also quite amazing are their tools for site surveys, maintaining the network, their features for VoIP over Wifi for QoS on the air interface (WMM), optimized routing of VoIP calls through the network, their 802.11n implementation in their new MP-432 access points, which by the way look like smoke detectors, etc. If you want to check out their site, bring some time, there is tons of good information to be discovered there.