NetEqualizer News: November 2016


We hope you enjoy this month’s NetEqualizer Newsletter. Highlights include a 8.5 Release feature preview, customer testimonials, and more!

 

  November 2016

 

8.5 Release Planning is Underway!
Greetings! Enjoy another issue of NetEqualizer News.

As we start into the holiday season here in the U.S., I am thankful for many things. First, I want to THANK YOU, our customers, for making this all worthwhile.

fancy thank-you

In my conversations with customers & prospects, I hear over & over how much our behavior-based shaping (aka equalizing) saves you time, money, and headaches. Thank you for validating all our efforts here at APconnections!

I am also thankful that the Presidential Election is over in the U.S., as I am tired of seeing political TV advertisements, which seem to be on every 10 minutes.

We continue to work with you to solve some of your most pressing network problems – so if you have one that you would like to discuss with us, please call or email me anytime at 303.997.1300 x103 or art@apconnections.net.

And remember we are now on Twitter. You can follow us @NetEqualizer.

– Art Reisman (CTO)

In this Issue:

:: 8.5 Release Features Preview

:: We Want Your Suggestions for the 8.5 Release!

:: Is Anyone Out There Still Suffering From DDoS Attacks?

:: Featured Customer Testimonials

:: Best of Blog: Using NetEqualizer to Ensure Clean, Clear QoS for VOIP Calls

8.5 Release Features Preview

We are staring to plan our 8.5 Release!

We have started putting together initial plans for our late spring software update – 8.5 Release. We have some exciting features in mind! Here is a preview of several features that will be included:

Cloud Reporting

Have you ever wanted to access reporting data for longer than 4 weeks? The reason for the current NetEqualizer limit is that we can only store so much data on the device itself.unnamed-2

Our new Cloud Reporting offering will allow you to store historical NetEqualizer data for an extended period of time. You’ll be able to seamlessly pull this data from the Cloud and display the results on your NetEqualizer, or use it for other reporting and archiving purposes.

Read-only Login Account (customer feature request)

The NetEqualizer has always used basic HTTP authentication for it’s one account, but that is about to change! The next release will have a more standard login page with two roles – the current administrator role as well as a NEW read-only account role. The read-only account will let non-technical staff log in and view reports as well as a few other features.fsdf

NetEqualizer Logout (customer feature request)

We will support web application sessions with both log in & log out. Today we offer login but in 8.5 users will also be able to securely log their session out once they are finished using the GUI.

We are very excited about enhancing our recent 8.4 Release user interface with these changes. Stay tuned to the newsletter for updates on 8.5 features, release dates, and more!

We Want Your Suggestions for the 8.5 Release!

 We want your help! Last call for suggestions for our 8.5 Release.

Now is your last chance for 8.5 Release feature requests!

Many of our best features come from customer requests. For example, for all of you that wanted to have a read-only account for NetEqualizer administration, you’ll be happy to know that we have included it in our upcoming 8.5 Release. Our NetEqualizer Logout is also based on a customer suggestion.

For those suggested features that don’t make the cut, it is not because we did not like them (we like all the suggestions), but we have to filter on features that apply to a large set of our customers. We also keep track of all feature requests, so if yours does not make it into 8.5, it may be scheduled in a future release.

We only know what features you are interested in if you speak up! We have no way of knowing if a feature is popular or not unless we hear from you. So please, think deep and tell us what features would make the NetEqualizer tool more valuable to you!

Here are some questions you can ask yourself or your IT team to come up with ideas:

  1. What feature could I use to help us troubleshoot network problems, perhaps something you need to see in our reports?
  2. What feature would further help optimize our bandwidth resource, perhaps your wireless network has unique challenges?
  3. What security concerns do you have? Anything in the DDoS arena?
  4. What feature could be added to make setup and maintenance more efficient?

unnamed-3

Is Anyone Out There Still Suffering from DDoS Attacks?

What have your experiences been?

Perhaps the Russians have given up on hacking? We are not sure, but we certainly have seen a big drop off in DDoS help requests to our support team – so much so that we have put our DDoS firewall enhancement plans on hold.

We were working on a feature request to block foreign IP’s by connection count as one of our DDoS triggers. It would work something like this:

A NetEqualizer customer sets a white list for public IP’s to let through (not blocked). Any other public IP hitting the network with more than X active connections would trigger an alert or possibly a block based on your preference.

We need to know if such a feature, or another DDoS approach would be better, based on your experience.

Let us know what you have been seeing as far as DDoS attacks on your network!

unnamed-4

Featured Testimonials

What our customers are saying…

We take great pride in ensuring our customers are happy with their NetEqualizer! You can find all of our customer testimonials on our website under the “Customers” menu.

Here are just a few testimonials that we’ve received in 2016:

Reed Collegeunnamed-6

“We’ve had NetEqualizers on campus at Reed for several years and continue to be very happy with the product. We have a very small staff and don’t have time to “tune” a device like a Packetshaper. Instead the NetEqualizer is protocol agnostic in the way it shapes traffic for most users but also allows us to quickly prioritize some traffic if necessary.

Over the years the NetEqualizer has saved us countless hours of staff time. We did lose some visibility into what is happening on our border network but our IDS/IPS replaced that functionality. NetEqualizer is an excellent product.”Gary Schlickeiser – Director of Technology Infrastructure Services

Thanks Gary for your kind words!

Edmonton Regional Airport Authorityunnamed-7

“We presently use two NE3000 units for Internet traffic control and monitoring in a redundant setup. At present we have a maximum of 600 Mbps Internet throughput, with over 300 IP addresses in use in some 120+ address Pools.

The NetEqualizer is a very useful tool for us for monitoring and setting speeds for our many users. Most of the feeds come straight off our Campus network, which is spread over a seven kilometer distance from one end of the airdrome to the other. We also feed a number of circuits to customers using ADSL equipment in the older areas where fiber is not yet available. Everything runs though the “live” NE3000!

Controllability and monitoring is key for our customers, as they pay for the speed they are asking for. With the RTR Dashboard, we continually monitor overall usage peaks to make sure we provide enough bandwidth but, more importantly, to our individual customers. Many customers are not sure of how much bandwidth they need, so using the Neteq we can simply change their speed and watch the individual IP and/or Pool usage to monitor. This becomes especially useful now as many customers, including ourselves, use IP telephony to remote sites; so we need to maintain critical bandwidth availability for this purpose. That way when they or we have conference calls for example, no one is getting choppy conversations. All easily monitored and adjusted with the Dashboard and Traffic Management features.

We also have used the Neteq firewall feature to stop certain attack threats and customer infected pcs or servers from spewing email or other reported outbound attacks, not a fun thing but it happens.

Overall a very critical tool for our success in providing internet to users and it has worked very well for the past 8 or more years!”Willy Damgaard – Network and Telecom Analyst

Thanks Willy! We are happy to help.

Cooperative Light & Powerunnamed-8

“Our company is an electric utility and we have a subsidiary WISP with about 1,000 unlicensed fixed wireless customers. We purchased our first NetEqualizer about a year ago to replace our fair access policy server from another company. The server we replaced allowed burst then sustained bandwidth so we weren’t sure if “equalizing” would work, but it works extremely well as advertised.

The NetEqualizer is stable and actually requires very little maintenance after initial configuration. In our case, we wanted to limit the upper end of what a customer could use (max burst). We were able to set that parameter in our wireless CPE’s. Then we set the equalizing pools for the size of our APs. The NetEqualizer can do a burst then sustained then burst at equal intervals, but to our surprise we actually didn’t need to use it.

We also purchased the DDoS Firewall and that is working nicely as well for quick identification of attacks. Perhaps the most important thing to note is the support is excellent. From sales to engineering the team is very responsive and knowledgeable. We were so impressed that we actually purchased a second NetEqualizer to handle the rest of our network. This company is A+.”Kevin Olson – Communication Manager

Thanks Kevin!

It is wonderful to hear such glowing feedback from one of our newer customers! If you would like to share your feedback on the NetEqualizer, to be highlighted in a future NetEqualizer News, click here to send us an email.

unnamed-5

Best Of Blog

Using NetEqualizer to Ensure Clean, Clear QoS for VoIP Calls

By Art Reisman
 
Last week I talked to several ISP’s (Note: these were blind calls, not from our customers) that were having issues with end customers calling and complaining that their web browsing and VOIP calls were suffering. The funny thing is that the congestion was not the fault of the ISP, but the fault of the local connection being saturated with video. For example, if the ISP delivers a 10 meg circuit, and the customer starts two Netflix sessions, they would clog their own circuit.
Those conversations reminded me of an article I wrote back in 2010 that explains how the NetEqualizer can alleviate this type of congestion for VoIP. Here it is…

Photo of the Month
img_2686
Hiking Near Caribou Ranch
It’s been unseasonably warm in Colorado this fall. We’ve been taking advantage of this by hiking in the mountains amidst the changing leaf colors. 
APconnections, home of the NetEqualizer | (303) 997-1300 | Email | Website 

Crossing a Chasm, Transitioning From Packet Shaping to the Next Generation Bandwidth Shaping Technology


Screen Shot 2016-04-05 at 10.07.59 AM.png

By Art Reisman

CTO, APconnections

Even though I would self identify as an early adopter of new technology, when I look at my real life behavior, I tend to resist change and hang on to   technology that I am comfortable with.   Suffice it to say, I  usually need an event or a gentle push to get over my resistance.

Given that technology change is uncomfortable,  what follows is a gentle push, or perhaps a mild shove, to help anybody who is looking to pull the trigger on moving away from Packet Shaping into a more sustainable, cost-effective alternative.

First off, lets look at why packet shaping (layer 7 deep packet inspection) technologies are popular.

“A good layer 7 based tool creates the perception of complete control over your network. You can see what applications are running, how much bandwidth they are using, and make adjustments to flows to meet your business objectives.”

Although the above statement appears idyllic, the reality of implementing packet shaping, even at its prime, was at best only 60 percent accurate.  The remaining 40 percent of traffic could never be classified, and thus had to shaped based on guess work or faith.

Today, the accuracy of packet classification continues to slip. Security concerns are forcing most content providers to adopt encryption. Encrypted traffic cannot be classified.

In an effort to stay relevant, companies have moved away from deep packet inspection to classifying traffic by the source and destination (source IP’s are never encrypted and thus always visible).

If your packet shaping device knows the address range of a content provider, it can safely assume a traffic type by examining the source IP address.  For example, Youtube traffic emanates from a source address owned by Google.  The draw-back with this method is that savvy users can easily hide their sources by using any one of the publicly available VPN utilities out there.  The personal VPN world is exploding as individual users are moving to VPN tunneling services for all their home browsing.

The combination of VPN tunnels and encrypted content is slowly transforming the best application classifiers into paper weights.

So, what are the alternatives?   Is  there something better?

Yes, if you can let go of concept of controlling specific traffic by type,  you can find viable alternatives.  As per our title, you must “cross the chasm”, and surrender to a new way of bandwidth shaping, where decisions are based on usage heuristics, and not absolute identification.

What is a heuristic-based shaper ? 

Our heuristic-based bandwidth shapers borrow from the world of computer science and a CPU scheduling technique called shortest job first (SJF).  In today’s world,  a “job” is synonymous with an application.  You have likely unknowingly experienced the benefits of a shortest job first scheduler when you use a linux-based laptop, such as a MAC or Ubuntu.  Unlike the older Windows operating systems where one application can lock up your computer, such lock ups are rare on Linux .  Linux uses a scheduler that allows preemption to let other applications in during peak times, so they are not starved for service.     Simply put,  a computer with many applications using SJF will pick the application it thinks is going to use the least amount of time and run it first. Or preempt a hog to let another application in.

In the world of bandwidth shaping we do not have the issue of contended CPU resources, but we do have an overload of Internet applications that vie for bandwidth resources on a shared link.   The NetEqualizer uses SJF-type techniques to preempt users who are dominating a bandwidth link with large downloads and other hogs. Although the NetEqualizer does not specifically classify these hogging applications by type , it does not matter. The hogging applications, such as large downloads and high resolution video, by their large foot print alone, are given lower priority.  Thus the business critical interactive applications with smaller bandwidth resource consumption get serviced first.

Summary

The issue we often see with switching to heuristic-shaping technology is that it goes against the absolute control-oriented solution offered by Packet Shaping.  The alternative of sticking with deep packet inspection and expecting to get control over your network is becoming impossible, hence something must change.

The new heuristic model of bandwidth shaping accomplishes priority for interactive cloud applications, and the implementation is simple and clean.

Bandwidth Shaping Shake Up, Your Packet Shaper May be Obsolete?


If you went to sleep in 2005 and woke up 10 years later you would likely be surprised by some dramatic changes in technology.

  • Smart cars that drive themselves are almost a reality
  • The desktop PC is no longer a consumer product
  • Wind farms  now line the highways of rural America
  • Layer 7 shaping technology is now clinging to life, crashing the financials of a several  companies that bet the house on it.

What happened to layer 7 and Packet Shaping?

In the early 2000’s all the rave in traffic classification was the ability to put different types of bandwidth traffic into labeled buckets and assign a priority to them. Akin to rating your food choices  on a tapas menu ,network administrators  enjoyed an extensive  list of various traffic. Youtube, Citrix,  news feeds, the list was only limited by the price and quality of the bandwidth shaper. The more expensive the traffic shaper , the more choices you had.

Starting in 2005 and continuing to this day,  several forces started to work against the layer 7 paradigm.

  • The price of bulk bandwidth went into a free fall, much faster than the relatively fixed cost of a bandwidth shaper.  The business proposition of buying a bandwidth shaper to conserve bandwidth utilization became much tighter. Some companies that were riding high saw their stock prices collapse.
  • Internet traffic became invisible and impossible to identify with the advent of encryption techniques. A traffic classifier using Layer 7,  cannot see inside HTTPS or a VPN tunnel, and thus it is essentially becomes a big expensive albatross with little value as the rate of encrypted traffic increases.
  • The FCC ruling toward Net Neutrality further put a damper on a portion of the Layer 7 market. For years ISPs had been using Layer 7 technology to give preferential treatment to different types of traffic.
  • Cloud based services are using less complex  architectures. Companies  can consolidate on one simplified central bandwidth shaper, where as before they might have had several on all their various WAN links and Network segments

So where does this leave the bandwidth shaping market?

There is still some demand for layer 7 type shapers, particular in countries like China, where they attempt to control   everything.  However in Europe and in the US , the trend is to more basic controls that do not violate the FCC rule, cost less, and use some form intelligent based fairness rules such as:

  • Quota’s ,  your cell phone data plan.
  • Fairness based heuristics is gaining momentum, lower price point, prevents congestion without violating FCC ruling  (  Equalizing).
  • Basic Rate limits,  your wired ISP 20 megabit plan, often implemented on a basic router and not a specialized shaping device.
  • No Shaping at all,  pipes are so large there is no need to ration bandwidth.

Will Shaping be around in 10 years?

Yes, consumers and businesses will always find ways to use all their bandwidth and more.

Will price points for bandwidth continue to drop ?

I am going to go against the grain here, and say bandwidth prices will flatten out in the near future.  Prices  over the last decade slid for several reasons which are no longer in play.

The biggest driver in price drops was the wide acceptance of wave division muliplexing on carrier lines in the 2005- present time frame. There was already a good bit of fiber in the ground but the WDM innovation caused a huge jump in capacity, with very little additional cost to providers.

The other factor was a major world-wide recession, where businesses where demand was slack.

Lastly there are no new large carriers coming on line. Competition and price wars will ease up as suppliers try to increase profits.

 

 

Top Ten Article Teasers for May 2016


Screen Shot 2016-04-05 at 10.07.59 AM

By Art Reisman
CTO http://www.netequalizer.com

I was wound up and ready to write an interesting blog article today.  Problem was , I had a serious issue getting started.  I spent an hour or so with so many angles and things on my mind, that I just could not narrow it down and get started.  Then I had an out of the box idea.   I decided  to use my freedom as one of the Editors of this blog to make my article the list of headlines and associated teasers of all the article ideas in my head.  Who does that ?

Sorry if any of these leave you hanging.

Why do so many companies take technology advice from Gartner ? If their information was really that good, they would not need to be selling it.

The TSA is now talking about 3 hour lines at airports this summer. My instinct tells me this organization has realized a new-found political power. They control the airports and you must pay up if you want to fly.

Deep packet inspection. Is it dead ? A simple VPN tunnel renders it useless.

A competitor of ours, ETINC, has a really great explanation on why DPI does not work when trying to eliminate P2P . The case against Deep Packet Inspection.

Umpires and IT people nobody really likes them.

Do you hire two plumbers when one is sufficient to fix your sink ? No of course not . Your employer is no different they don’t want you on their pay-roll.

Mega Mansions and Bandwidth how much do we really need? I am expecting a tiny bandwidth movement where millennials compete on how small their bandwidth foot print is.

Does anybody pay for good content anymore ? I stopped reading Back Packer Magazine when their content every month became a list of product reviews .

How many people are moving to Colorado because weed is legal ?

The Home PC will be completely dead in 10 years.  Replaced by the PC in  Virtual Cloud.

 

 

Let us know if you want any of these expanded on for next week.

 

 

 

NetEqualizer News: March 2016


We hope you enjoy this month’s NetEqualizer Newsletter. Highlights include features from Release 8.4, our 2016 Leasing Program, and a presentation highlighting the NetEqualizer at the 2016 ASCUE Conference.

March 2016
Release 8.4 is almost here!
Greetings! Enjoy another issue of NetEqualizer News.

I write this today in the midst of a spring blizzard in Colorado. So far it appears that I have at least 15 inches of snow and drifts up to three feet outside my house, while it continues to blow more snow in at 35 miles an hour. Just another typical March day in Colorado! I was hoping to talk about spring in this newsletter, but now it seems far away.0fad184f-5ea1-44c3-ad71-1093fd99f808

This month we are talking about our upcoming release, slated for May, which features a lot of cool Usability Enhancements. Read below to learn more. We also continue our discussion on how the NetEqualizer is Cloud-Ready, as all things Cloud continues to be top-of-mind for all of us.

We are excited to announce that we will be represented at the ASCUE Conference in June. Join Young Harris College at their talk featuring the NetEqualizer.

And finally, we share more news about our 2016 Leasing Program, and how we are keeping bandwidth shaping affordable.
twitter

And remember we are now on Twitter! You can now follow us @NetEqualizer.

We love it when we hear back from you – so if you have a story you would like to share with us of how we have helped you, let us know. Email me directly at art@apconnections.net. I would love to hear from you!

– Art Reisman (CTO)

In this issue:

:: NetEqualizer Release 8.4 – Enhanced Usability – Is Almost Ready!
:: Keeping Bandwidth Shaping Affordable
:: Join a Presentation on NetEqualizer at ASCUE in June 2016
:: Six Ways to Save with Cloud Computing

NetEqualizer Release 8.4 – Enhanced Usability – Is Almost Ready!
A Complete GUI Redesign!

We recently had the chance to kick the tires on our new 8.4 Release interface. It really has some significant wow factor type features. In hindsight, perhaps we should have called this NetEqualizer 9.0 and not just lowly 8.4. We have been talking about this release as a GUI Redesign & Pool Enhancements, but I really think 8.4 is a release full of Usability Enhancements, that will make it easier to manage and configure your NetEqualizer.
The biggest changes center on the the regular NetEqualizer GUI. We have transitioned everything to share the same look and feel as RTR. Here are some of the pages and features we are most excited about!1) Edit traffic limits on the fly without having to add/remove them one at a time! The screenshot below shows the Pool/VLAN shared limit interface. You can see the Pools, their names, and their associated members.mpxGG3D2) We added a cool new dashboard that serves as the homepage for NetEqualizer management (license key information blocked out in grey):dash3) The new GUI also has an easy way to set the time and pick a timezone – no more logging in to the NetEqualizer terminal!date4) You can now choose your units for the entire interface! This includes units for the configuration and RTR.unitesCheck back next month for an update on more exciting changes planned for 8.4!Our time frame for General Acceptance of this release is May of 2016.As with all software releases, the 8.4 Release will be free to all customers with valid NetEqualizer Software and Support (NSS).
contact_us_box-1
Keeping Bandwidth Shaping Affordable
NetEqualizer Leasing Program

At APconnections, we are proud of our reputation for offering affordable bandwidth shaping solutions. In the summer of 2013, we decided that we could help our customers that need to better align costs with recurring revenue, by offering a Leasing Program.lease

We are happy to announce that we have enhanced our lease offerings in 2016. Our “Standard” lease now comes with a 1Gbps license, and leases for $500 per month. Adding 1Gbps fiber at any of our lease levels just bumps up the price by $100 per month. And for those needing maximum performance, we now also give you access to an Enterprise-class NE4000 with our 5Gbps license and 10Gbps fiber.

If leasing is of interest to you, and you would like to learn more, you can view our Leasing Program agreement here.

Please note that the NetEqualizer Leasing Program is generally available to customers in the United States and Canada. If you are outside of these countries, contact us to see if leasing is available in your area.

contact_us_box-1

Join a Presentation on NetEqualizer at ASCUE in June 2016
Association Supporting Computer Users in Education

We are excited to announce that one of our long-time customers, Hollis Townsend, Director of Technology Support and Operations at Young Harris College, will be talking about his experience with the NetEqualizer in his talk at ASCUE, June 12-16, 2016 in Myrtle Beach, South Carolina.yhc

Young Harris has been using NetEqualizer to solve their network congestion issues since July, 2007. They have upgraded their NetEQ as their network has grown over the years, and currently run an NE3000 with a 1Gbps license.

We are also happy to announce that APconnections, home of the NetEqualizer, will be a Silver Sponsor at the ASCUE Conference. We will be giving away a great door prize – a Fitbit fitness watch!ascue

If you use technology in higher education, you may want to consider attending ASCUE this June. And if you have ever wanted to talk to a colleague about their experience with the NetEqualizer, please join Hollis’ presentation. His presentation is tentatively titled “Shaping Bandwidth – Learning to Love Netflix on Campus”.

ASCUE is the Association Supporting Computer Users in Education and they have been around since 1968. Members hail from all over North America. ASCUE’s mission is to provide opportunities for resource-sharing, networking, and collaboration within an environment that fosters creativity and innovation in the use of technology within higher education.

Click here to learn more about ASCUE or register for the June conference.

contact_us_box-1

Six Ways to Save with Cloud Computing
NetEqualizer Looks to the Clouds

We are continuing our focus on the cloud for NetEqualizer. The NetEqualizer is now cloud ready – as we’ve written about in previous newsletters. There are a lot of benefits to using the cloud in general. Here are just a few:

1) Fully utilized hardware
2) Lower power costs
3) Lower people costs
4) Zero capital costs
5) Resilience without redundancy
6) Lower network costs

The last one, lower network costs, is interesting. Since your business services are in the cloud, you can ditch all of those expensive MPLS links that you use to privately tie your offices to your back-end systems, and replace them with lower-cost commercial Internet links. You do not really need more bandwidth, just better bandwidth performance. The commodity Internet links are likely good enough, but when you move to the Cloud, you will need a smart bandwidth shaper.

Your link to the Internet becomes even more critical when you go the Cloud. But that does not mean bigger and more expensive pipes. Cloud applications are very lean and you do not need a big pipe to support them. You just need to make sure recreational traffic does not cut into your business application traffic.

The NetEqualizer fits perfectly as the bandwidth shaping product in the above infrastructure. Let us know if you have any questions about the cloud-ready NetEqualizer!

contact_us_box-1

Best Of Blog
How to Build Your Own Speed Test Tool

By Art Reisman – CTO – APconnections

Editor’s Note: We often get asked to “prove” the NetEqualizer is making a difference regarding end user experience. The tool description and method outlined in our blog post, can be used to objectively justify the NetEqualizer value. Let us know if you need any help setting it up.

Most speed test sites measure the download speed of a large file from a server to your computer. There are two potential problems with using this metric.

1) ISPs can design their networks so these tests show best case results.
2) Humans are much more sensitive to the load time of interactive sites.

A better test of your perceived speed is how long it takes to load up a new web page…

Photo Of The Month
IMG_1966
Balloon
Have you ever wondered what happens to balloons when they are released into the sky? The remnants of this balloon landed right in front of a staff member on a clear day while hiking Black Star Canyon in Orange County, CA. Balloons like this are actually an environmental disaster as they often end up in oceans and are eaten by sea and wildlife.

Seven Must Know Network Troubleshooting Tips


Screen Shot 2016-04-05 at 10.07.59 AM.png

By Art Reisman

CTO, APconnections
www.netequalizer.com

To get started you’ll need to get ahold of two key software tools: 1) Ping Tool and 2) a Network Scan Tool, both which I describe in more detail below.  And for advanced analysis (experts only), I will then show you how you can use a bandwidth shaper/sniffer if needed.

Ping Tool

Ping is a great tool to determine what your network responsiveness is (in milliseconds), identified by trying to get a response from a typical website. If you do not already know how to use Ping on your device there are hundreds of references to Ping and how to use it.  Simply google “how to use ping ” on  your favorite device or computer to learn how to use it.

For example, I found these instructions for my MAC; and there are similar instructions for Windows, iPhone, Linux, Android, etc.

  1. Open Network Utility (located inside Applications > Utilities).
  2. Click Ping.
  3. Fill out the “Enter the network that you want to ping” field. You can enter the IP address or a web URL. For example, enter http://www.bbc.co.uk/iplayer to test the ping with that website.
  4. Click Ping.

Network Scan Tool

There are a variety of network SCAN tools/apps available for just about any consumer device or computer.  The decent ones will cost a few dollars, but I have never regretted purchasing one.  I use mine often for very common home and business network issues as I will detail in the tips below. Be sure and use the term “network scan tool” when searching, so you do not get confusing results about unrelated document scanning tools.

Once you get your scan tool installed, test it out by selecting Network Scan. Here is the output from my MAC scan tool.  I will be referencing this output later in the article.

Network Scan Output
Screen Shot 2016-04-05 at 5.33.19 AM

 

Tip #1: Using Ping to see if you are really connected to your Network

I like to open a window on my laptop and keep Ping going all day, it looks like this:

yahoo.com Ping  Output

Screen Shot 2016-04-05 at 8.25.10 AM

Amazingly, seemingly on cue, I lost connectivity to my Internet while I was running the tool for the screen capture above, and no, it was not planned or contrived.  I kicked off my ping by contacting http://www.yahoo.com (type in “ping http://www.yahoo.com”), a public website. And you can see that my round-trip time was around 40 milliseconds before it went dead. Any ping results under 100 milliseconds are normal.

 

Tip #2: How to Deal with Slow Ping Times

In the case above, my Internet Connection just went dead; it came back a minute or so later, and was most likely not related to anything local on my network.

If you start to see missed pings or slow Ping Times above 100 milliseconds, it is most likely due to congestion on your network.  To improve your response times, try turning off other devices/applications and see if that helps.  Even your TV video can suck down a good chunk of bandwidth.

Note: Always test two public websites with a ping before jumping to any conclusions. It is not likely but occasionally a big site like Yahoo will have sporadic response times.

Note: If you have a satellite link, slow and missed pings are normal just a fact-of-life.

 

Tip #3: If you can’t ping a public site, try pinging your local Wireless Router

To ping your local router all you need to find is the IP address of your router. And on almost all networks you can guess it quite easily by looking up the IP address of your computer, and then replacing the last number with a 1.

For example, on my computer I click on my little apple icon, then System Preferences, and then Networking, and I get this screen.  You can see in the Status are it tells me that my IP address is 192.168.1.131.

Finding my IP address output

Screen Shot 2016-04-05 at 10.52.14 AM

The trick to finding your router’s IP address is to replace the last number of any IP address on your network with a 1.  So in my case, I start with my IP address of 192.168.1.131, and I swap the 131 with 1.  I then ping using 192.168.1.1 as my argument, by typing in “ping 192.168.1.1”. A  ping to my router looks like this:

Router Ping  Output

Screen Shot 2016-04-05 at 10.56.30 AM

In the case above I was able to ping my local router and get a response. So what does this tell me?  If I can ping my local wireless router but I can’t ping Yahoo or any other public site, most likely the problem is with my Internet Provider.  To rule out problems with your wireless router or cables, I recommend that you re-boot your wireless router and check the cables coming into it as a next step.

In one case of failure, I actually saw a tree limb on the cable coming from the utility pole to the house. When I called my Internet Provider, I was able to relay this information, which saved a good bit of time in resolving issue.

 

Tip  #4: Look for IP loops

Last week I was getting an error message when I powered up my laptop, saying that some other device had my IP address, and I determined that I was unable to attach to the wireless router. WHAT a strange message!  Fortunately, with my scan tool I can see all the other devices on my network. And although I do not know exactly how I got into this situation, I was quickly able to find the device with the duplicate IP address and powercycle it. This resolved the problem in this case.

 

Tip #5: Look for Rogue Devices

If you never give out the security code to your wireless router, you should not have any unwanted visitors on your network.  To be certain, I again turn to the scan tool.  From my scan output, in the image above (titled “Network Scan Output” near the top of this post), you can see that there are about 15 devices attached to my network. I can account for all of them so for now I have no intruders.

 

Tip #6: Maybe it is just Mischief

There was a time when I left my wireless router wide open as I live in a fairly rural neighborhood and was just being complacent. I was surprised to see that one of my neighbors was on my access point, but which one?

I did some profiling.  Neighbor to my west is a judge with his own network, probably not him.  Across the street, a retired librarian, so probably not her.  That left the Neighbor to my Southwest, kitty corner, a house with all kinds of extended family coming and going, and no network router of their own, at least that I could detect. I had my suspect. And I could also assume they never suspected I was aware of them.

The proper thing to do would have been to block them and lock my wireless router. But since I wanted to have a little fun, I plugged in my bandwidth controller and set their bandwidth down to a fraction of a Megabit.  This had the effect of making their connection painfully dreadfully slow, almost unusable but with a ray of hope.  After a week, he went away and then I completely blocked him (just in case he decided to come back!).

 

Tip #7: Advanced Analysis with a Bandwidth Shaper/Sniffer

If the Ping tool and the Scan tool don’t shed any light on an issue, the next step is to use a more advanced Packet Sniffer. Usually this requires a separate piece of equipment that you insert into your network between your router and network users. I use my NetEqualizer because I have several of them laying around the house.

Often times the problem with your network is some rogue application consuming all of the resources. This can be in the form of consuming total bandwidth, or it could also be seen as overwhelming your wireless router with packets (there are many viruses designed to do just this).

The image below is from a live snapshot depicting bandwidth utilization on a business network. Screen Shot 2016-01-27 at 12.26.49 PM

That top number, circled in red, is a YouTube video, and it is consuming about 3 megabits of bandwidth. Directly underneath that are a couple of cloud service applications from Amazon, and they are consuming 1/10 of what the YouTube video demolishes. On some lower cost Internet links one YouTube can make the service unusable to other applications.

With my sniffer I can also see total packets consumed by a device, which can be a problem on many networks if somebody opens an email with a virus. Without a sniffer it is very hard to track down the culprit.

I hope these tips help you to troubleshoot your network.  Please let us know if you have any questions or tips that you would like to contribute.

NetEqualizer News: February 2016


We hope you enjoy this month’s NetEqualizer Newsletter. Highlights include discussions on Cloud Computing, the new VM release, and updates on Software Release 8.4.

February 2016
NetEqualizer-VM is Ready, QoS for your Cloud!
Greetings! Enjoy another issue of NetEqualizer News.

February is off to a snowy start in Colorado this year, with a major snowstorm on February 1st dumping 16+ inches of snow in Boulder! While we were snowed in, I had time to reflect and think about where bandwidth shaping is headed, and how we are well-positioned for the industry transition to Cloud Computing. In this month’s newsletter you can read how the NetEqualizer is “Cloud Ready”.0fad184f-5ea1-44c3-ad71-1093fd99f808

We are now ready with our first VM release (NetEqualizer-VM); you can read all about it below. And finally, we share more news about our 8.4 Release – Enhanced Pools & Other GUI Features.
twitter

And remember we are now on Twitter! You can now follow us @NetEqualizer.

We love it when we hear back from you – so if you have a story you would like to share with us of how we have helped you, let us know. Email me directly at art@apconnections.net. I would love to hear from you!

– Art Reisman (CTO)

NetEqualizer-VM is Ready!
NetEqualizer-VM Release Ready for Networks <= 100 Mbps
970ca704-540e-45c1-8c3e-78cb17114e61
We are excited to announce that our VM release is now ready! If you are already running virtual machines in your data center, this may be a good fit for you.

The first release is certified for VM systems for up to 100 megabits of throughput.

Base pricing will run at $3,500 USD per year. However, for a limited time, we are running a special pre-order price of $2,500 USD per year.

Please note: The first year is due prior to delivery of the software. We offer a 30 day trial with a $500 USD non-refundable support charge.

Your VM server will need to meet a minimum specification to run the NetEqualizer shaping solution. We have detailed specifications for any VM system – contact us for details!
contact_us_box-1

Release 8.4 Update
Enhanced Pools + GUI Redesign

In previous months’ newsletters we talked about changes coming to the regular NetEqualizer GUI. Over the next couple of months, we’ll highlight those changes here.

One of the changes we are very excited about is the ability to manage Pools on the fly, and also the ability to name them! See the screenshot below:

mpxGG3D

One of the best parts of this screen is that you can manage all Pools and all Pool Members at once. For example, see Pool 1 expanded to show the two Pool Members. You can also change the limits for the Pool, add new Pools, and delete Pools that you no longer need.

We are also enhancing the new user interface with four primary menu options:

406caab4-d245-4bda-bb82-4770594bf969

This will help guide first-time users through the process of using NetEqualizer, and will also help separate the functionality out into to main usage categories.

Check back next month for an update on more exciting changes planned for 8.4!

Our time frame for General Acceptance of this release is April/May of 2016.

As with all software releases, the 8.4 Release will be free to all customers with valid NetEqualizer Software and Support (NSS).

contact_us_box-1

Next Generation Bandwidth Control
NetEqualizer is Cloud Ready

We received a call today from one of the Largest Tier 1 providers in the world. The salesperson on the other end was lamenting about his inability to sell cloud services to his customers. His service offerings were hot, but the customers’ Internet connections were not. Until his customers resolve their congestion problems, they were in a holding pattern for new cloud services.

As a brief aside, here is a list of what a Next Generation Bandwidth Controller can do:
1. Next Generation Bandwidth Controllers must be able to mitigate traffic flows originating from the Internet such that important Cloud Applications get priority.
2. Next Generation Bandwidth Controllers must NOT rely on Layer 7 DPI technology to identify traffic (too much encryption and tunneling today for this to be viable).
3. Next Generation Bandwidth Controllers must hit a price range of $5k to $10k USD for medium to large businesses.
4. Next Generation Bandwidth Controllers must not require babysitting and adjustments from the IT staff to remain effective.
5. Next Generation Bandwidth Controller should adopt a Heuristics-based decision model (like the one used in the NetEqualizer).

As for those businesses mentioned by the sales representative, when they moved to the cloud, many of them had run into bottlenecks. The bottlenecks were due to their iOS updates and recreational “crap” killing the cloud application traffic on their shared Internet trunk.

Their original assumption was they could use the QoS on their routers to mitigate traffic. After all, that worked great when all they had between them and their remote business logic was a nailed-up MPLS network. Because it was a private corporate link, they had QoS devices on both ends of the link and no problems with recreational congestion.

Moving to the Cloud was a wake up call! Think about it, when you go to the cloud you only control one end of the link. This means that your router-based QoS is no longer effective, and incoming traffic will crush you if you do not do something different.BT_logo

The happy ending is that we were able to help our friend at BT telecom, by mitigating his customers’ bottlenecks. Contact us if you are interested in more details.

contact_us_box-1

Best Of Blog

Capacity Planning for Cloud Applications
By Art Reisman – CTO – APconnections

The main factors to consider when capacity planning your Internet Link for cloud applications are:

1) How much bandwidth do your cloud applications actually need?

Typical cloud applications require about 1/2 of a megabit or less. There are exceptions to this rule, but for the most part a good cloud application design does not involve large transfers of data. QuickBooks, Salesforce, Gmail, and just about any cloud-based data base will be under the 1/2 megabit guideline. The chart below really brings to light the difference between your typical, interactive Cloud Application and the types of applications that will really eat up your data link.

Photo Of The Month
grasshopper
Grasshopper
This closeup of a local grasshopper was taken by a staff member while in Kansas, a state in the central United States. We hope this picture doesn’t bug you.

Caching Your iOS Updates Made Easy


If you have talked to us about caching in recent months, you probably know that we are now lukewarm on open ended third party caching servers . The simple un-encrypted content of the Internet circa 2010 has been replaced by dynamically generated pages along with increased content encryption.  It’s not that the caching servers don’t work, it’s just that if they follow rules of good practice, the amount of data that a caching server can cache has diminished greatly over the last few years.

The good news is that Apple has realized the strain they are putting on Business and ISP networks when their updates come out. They have recently released an easy to implement low-cost caching solution specifically for Apple content.  In fact, one of our customers noted in a recent discussion group that they are using an old MAC mini to cache iOS updates for an entire College Campus.

Other notes on Caching Options

Akamai offers a cloud solution. Usually hosted at larger providers, but if you are buying bandwidth in bulk sometimes you can often piggyback on their savings and get a discount on cached traffic.

There is also a service offered by Netflix for larger providers.  However, last I checked you must be using 10 gigabits sustained Netflix traffic to qualify.

Why Are DDoS attacks so hard to block?


I started off this post thinking about whether or not moving your infrastructure to a cloud would give organizations better protection against DDoS attackers, and the short answer is: not really.

The issue with a coordinated DDoS attack is that it is usually orchestrated from a wide range of attacking computers, which are typically hijacked, and retrofitted with undetected scripts that can be turned on to send out a flood of data at target when directed by the hijacker.

When the attack is commenced all these disparate computers start sending data to your organization in unison. In order to stop  just one  of these attacking computers from flooding your network you have to cut it off upstream at the source.

Blocking the attackers incoming IP  at your local firewall doesn’t do any good because the  main pipe  coming from your upstream provider is still flooded with garbage, and most likely unusable.   So you have to follow the trail of attacking computer farther upstream. Your provider should be able to help if you can work with them, but that may or may not be effective, because the DDOS attack, if large enough can also torment your provider.   And even if you do manage to work upstream and block the IP’s where the attack is coming from , some DDOS attackers can just keep coming at you from new wave of  IP addresses.  One person acting alone can Hi-jack millions of computers from around the world and use them in waves of recurring attacks, with little effort.

How does a hijacker have the time to take over a million computers?

I’ll cover that in my next post.

As for the cloud offering protection, a cloud hosted IT infrastructure cannot provide any immunity, the cloud can be attacked; however the cloud providres might have the resources to detect and more easily block an attacker farther upstream  and a bit more quickly so there is some benefit.

 

See also

Regulate DDOS like pollution

DD4BC Group Targets Companies with Ransom-Driven DDoS Attacks

 

 

 

Do We Really Need a Home Security Network Device ?


A friend of mine sent me a note this morning, asking if our bandwidth shaping device could provide the same type of service as this new DoJo application. Their niche is basically that you cannot trust third-party devices in your home network from being hijacked. For example, the software engineers writing the code that allows you to remote control your dishwasher from your iPhone, are likely not security experts. It is a reasonable assertion that a hacker might exploit a security hole in their software.  The Dojo will detect any smart device breaches and take action, a good idea for sure.

I spent about 20 minutes reading  and thinking about their specification and what value that provides to the home user.  And then it hit me, there is a more obvious precaution to  secure your home network that you might be overlooking.

IN 2016 and going forward THERE SHOULD BE NO REASON TO STORE ANY PERSONAL DATA ON  YOUR HOME NETWORK.

  • Gmail in the cloud
  • Quick books in the cloud
  • Banking in the cloud
  • Facebook in the cloud
  • Google Docs in the cloud
  • Stock Trading in the Cloud

No, nothing is ever completely  secure, and certainly anything you put in the cloud can be hacked, but in my opinion, the level of security afforded by the cloud is far better than anything you can rig together on your home network.

Think about it…

Your bank spends hundreds of millions on staying ahead of hackers. You have secret pictures, secret questions that  challenge you about your second cousin’s favorite hobby.  They know when you coming from new or different IP address.

Gmail now tells you when there is a login from a non standard computer.

These modern cloud applications are about as secure as a consumer could hope for. For the same reason you should not keep wads of cash in a safe in your house, you should not keep any personal information on storage devices in your house. Let your dishwasher go hog wild, who cares. I catch hackers on my network all the time, they have hijacked a few servers to send spam and attack other consumers (my bad), but there is really nothing of interest laying around on any of my devices other than some geezer MP3 music, and my vacation photos on my iPad that nobody else wants to look at anyway.

But if you must secure important data in your home network yes go ahead and invest in a device like the Dojo, it can’t hurt, but before you do that change your habits and use the cloud whenever possible.

Art Reisman

CTO http://www.netequalizer.com

Dear Comcast, Please Stop Slowing my iOS Update


Last week I was forced to re-load my iPad from scratch. So I fired it up and went through the routine that wipes it clean and re-loads the entire OS from the Apple cloud.  As I watched the progress moniker it slowly climbed from 1 hour, then 2 hours, then all the way up to 23 hours –  and then it just stayed there. Now I know the iOS, or whatever they call it on the iPad, is big, but 23 hours big?  I double-checked the download throughput on my NetEqualizer status screen, and sure enough, it was only running at about 60 to 100kbs, no where near my advertised Business Class 20 megabits. So I did a little experiment. I turned on my VPN tunnel, unplugged my iPad for a minute, and then took some steps to hide my DNS (so Comcast had no way to see my DNS requests).  I then restarted my update and sure enough it sped up to about 10 megabits.

To make sure I was not imagining anything I repeated the test.

Without VPN  (slow)

With VPN (fast)

So what is going here, does the VPN make things go faster?   No not really, but it does prevent Comcast from recognizing my iOS update from Apple and singling it out for slower bandwidth.

Why does Comcast (allegedly) shape my download from Apple?

The long story behind this basically boils down to this: it is likely that Comcast really does not have a big enough switch going out to the Internet to support the deluge of bandwidth needed when a group of subscribers all try to update their devices at once.  Especially during peak hours!  Therefor, in order to keep basic services from becoming slow, they single out a few big hitters such as iOS updates.

NetEqualizer News: July 2015


July 2015

Greetings!

Enjoy another issue of NetEqualizer News! This month, we highlight exciting 8.3 Release features, talk about our experience at edAccess’s Vendor Day, encourage you to sign up for a Tech Refresh, spotlight our Hotel & Resorts offering, and update you on the NetEqualizer DDoS monitoring and prevention tool. As always, feel free to pass this along to others who might be interested in NetEqualizer News.

A message from Art…
Art Reisman, CTO – APconnections

Now that summer arthas officially arrived, we are ready for the heat in Colorado. It has been unusually rainy and cloudy here in July so far, and I would like more sunshine please!

Speaking of heat, this month we turn the heat up on several of our new features in 8.3, which are spotlighted below. 8.3 has been G/A since early June, in case you missed it. We also want you to take a Summer Course, no tests involved, and update you on Art’s latest visit back to school, namely the edAccess Conference. And finally, if you need relief from the heat of potential DDoS attacks, you have come to the right place. Our DDoS Monitor and Firewall can help! Read more below.

We love it when we hear back from you – so if you have a story you would like to share with us of how we have helped you, let us know. Email me directly at art@apconnections.net. I would love to hear from you!

Spotlight: 8.3 Release Hot New Features

8.3 has been G/A since early June, and we have been receiving a lot of positive feedback on the new RTR reports. If you have not yet requested 8.3, what are you waiting for? Click here to request an upgrade to 8.3 from our support team.

This month, we are highlighting two features available in 8.3 – Historical and Active Penalty Tracking. We also talk our activated Management Port, a feature available on all new NetEqualizers!

One of the best features in the 8.3 release is increased visibility into how your NetEqualizer is penalizing traffic. We’ve added interfaces to the 8.3 release that allow you to see both the number of penalties enforced on your network historically, as well as all of the current connections that are being penalized.

Historical Penalty Tracking

The General Penalty Reports page under the Traffic History menu shows the number of penalties enforced on your network at a given point in time. This allows you to see when connections on your network were being Equalized.

penalties

Active Penalty Tracking

The View Active Penalties page under the Active Connections menu shows which connections are currently being Equalized along with their current state (New, Increased, or Decreased). This allows you to diagnose any performance issues and also gives you a real time look at how the penalties are being enforced and who they are being enforced on.

activepenalties

Management Port Enabled by Default on all NEW NetEqualizers

We strive to make setting up the NetEqualizer as simple as possible. In this spirit, last year we moved all new NetEqualizers to a four port model, and started using colored port plugs to help our customers identify the ports. Two ports (eth0 and eth1) are used for network traffic, a 3rd port (eth2) is used as a management port, and the 4th port is a spare. We use four colors: 1) blue (WAN), 2) orange (LAN), 3) clear (Management Port) and 4) black (unused).

Prior to 8.3, only a subset of our customers used the Management Port, typically those on VLANs. As of 8.3, we standardized everything so that our NetEqualizer code automatically enables the Management Port, and ALL customers will use this to configure new NetEqualizers. While not a huge change, we think this will make setup just a little bit easier for everyone.

Please note that this feature is only available on new NetEqualizers.

You can read more about all of the features of the 8.3 Release here in the 8.3 Software Update. If you would like to upgrade to 8.3, just click on the button below to send a request to Support.

contact_us_box-1

These features are free to all customers with valid NetEqualizer Software and Support. If you are not current with NSS, contact us today!


We Had a Blast at edAccess!

Art recently joined the edAccess Conference in Mercersberg, PA on June 24th for Vendor Day. It was a great event and was well-attended by small schools and colleges (members come from schools with an FTE of under 1,000 students).edaccess

Art got to visit with quite a few current NetEqualizer customers, as you can see in the picture below:

SubstandardFullSizeRender

Art is on the left of the picture and is shown along with representatives from Williston Northampton School, Choate Rosemary Hall, Blair Academy, Mt. St. Mary Academy, Merceyhurst University, Peddie School, and Groton School.

Art would like to personally thank everyone for a great event…

I’d like to thank John Johnson from Williston Northampton School, Rainelle Dixon from Mercersberg Academy and the entire edAccess steering committee for being such wonderful hosts to the vendors. Mercersburg is such a lovely campus and my drive through central Pennsylvania was also relaxing and fun, I took some time on my return stopping at the various waysides, and even took in a game, featuring the Single A Crosscutters of Williamsport.

Thanks Again!

To learn more about NetEqualizer and how we help educational institutions of all sizes, click below.

contact_us_box-1


Take a Summer Course! Sign Up for a Tech Refresh

Remember those days? If you ever took a summer course, you know that the key was to keep it short, so that you could get back outside. Our NetEqualizer Technical Refresh is short! – only a 30 minute discussion with you and your fellow team members to help get caught up on new NetEqualizer functionality or answer any other questions you have.

The Tech Refresh is great for both new and longtime customers because we are constantly enhancing our product to give you the most value in managing and shaping bandwidth.

To schedule your Tech Refresh, contact us today!

contact_us_box-1

Tech Refreshes are free to all customers with valid NetEqualizer Software and Support. If you are not current with NSS, contact us today!


Spotlight: GX2 – NetEqualizer Hotel & Resort Industry Wi-Fi Partner

NetEqualizer’s Wi-Fi management partner for the hotel and resort industry, GX2 (formerly Global Gossip), recently attended the HITEC 2015 Conference in Austin, Texas, and brought along the NetEqualizer. According to their website, HITEC is the world’s largest hospitality conference.hmsio

Visitors to GX2’s booth and luncheon were able to review the NetEqualizer offering, and also walk away with some trade show bling (a foam NetEqualizer soccer ball!).

Here is a screenshot of the GX2 application used in the managed Wi-Fi service offering:

gx2_screen

As we have reported here in the past, GX2 utilizes the NetEqualizer as part of their Wi-Fi offering supporting our National Parks. So, if you have a summer vacation planned at Yellowstone, Mammoth, Mount Rushmore, Zion, Crater Lake, or the Grand Canyon, to name a few, chances are you are experiencing the benefits of NetEqualizer’s traffic shaping.

If you are already on our technology, you have part of the solution already in place. If you have ever wanted to learn more about a managed service Wi-Fi solution for the Hotel & Resort industry, you can read about our joint offering (HMSIO).

contact_us_box-1


NetEqualizer DDoS Tool Gaining Momentum

We keep getting reports of ongoing Distributed Denial of Service (DDoS) attacks from our customers, and are glad to hear the NetEqualizer is helping in many cases. If you are interested in chatting about using the NetEqualizer as a DDoS prevention tool please contact us to set up a time to chat.

Note: We do have a consulting charge for custom activation of firewall rules, but the initial consult is free.

The 8.3 Release includes our DDoS Monitor at no extra charge! In addition, our new DDoS Firewall tool (DFW) can be purchased as an add-on module for an additional fee.

ddos

The new DDoS Monitor shows you some basic metrics on the outside intrusion hit rate into your network. It can be used to spot anomalies which would indicate a likely DDoS attack in progress. The DDoS Firewall tools helps to actually thwart the attack.

contact_us_box-1


Best Of The Blog

Is Your Bandwidth Controller Obsolete Technology?

By Art Reisman – CTO – APconnections

Although not free yet, bandwidth contracts have been dropping in cost faster than a bad stock during a recession. With cheaper bandwidth costs, the question often arises on whether or not an enterprise can do without their trusty bandwidth controller.

Below, we have compiled a list of factors that will determine whether or not Bandwidth Controllers stick around for a while, or go the route of the analog modem, a relic of when people received their Internet from AOL and dial up…

Photo Of The Month
IMG_2407
Cinque Terre, Italy
This picture was taken by one of our staff while walking the trail that connects the five towns of the Cinque Terre on the coast of Italy. These towns are built into the sides of the tall hills that meet the sea. The trek between each town is a manageable 2 miles and provides picturesque views of the water and surrounding forests.

Behind The Scenes, How Many Users Can an Access Point Handle ?


Assume you are teaching a class with thirty students, and every one of them needs help with their homework, what would you do? You’d probably schedule a time slot for each student to come in and talk to you one on one (assuming they all had different problems and there was no overlap in your tutoring).

Fast forward to your wireless access point.  You have perhaps heard all the rhetoric about 3.5 gigaherts, or 5.3 megahertz ?

Unfortunately, the word frequency is tossed around in tech buzzword circles the same way car companies and their marketing arms talk about engine sizes. I have no idea what 2.5 Liter Engine is,  it might sound cool and it might be better than a 2 liter engine, but in reality I don’t know how to compare the two numbers. So to answer our original question, we first need a little background on frequencies to get beyond the marketing speak.

A good example of a frequency, that is also easy to visualize, are ripples on pond. When you drop a rock in the water, ripples propagate out in all directions. Now imagine if  you stood in the water, thigh deep across the pond,  and the ripples hit your leg once each second.  The frequency of the ripples in the water would be 1 hertz, or one peak per second. With access points, there are similar ripples that we call radio waves. Although you can’t see them, like the ripples on the water, they are essentially the same thing. Little peaks and values of electromagnetic waves going up and down and hitting the antenna of the wireless device in your computer or Iphone. So when a marketing person tells you their AP is 2.4 Gigahertz, that means those little ripples coming out of  it are hitting your head, and everything else around them, 2.4 billion times each second. That is quite a few ripples per second.

Now in order to transmit a bit of data, the AP actually stops and starts transmitting ripples. One moment it is sending out 2.4 billion ripples pdf second the next moment it is not.  Now this is where it gets a bit weird, at least for me. The 2.4 billion ripples a second really have no meaning as far as data transmission by themselves; what the AP does is set up a schedule of time slots, let’s say 10 million time slots a second, where it is either transmitting ripples, or it turns the ripple generator off. Everybody that is in communication with the AP is aware of the schedule and all the 10 million time slots.  Think of these time slots as dates on your Calendar, and if you have a sunny day, call that a one, while if you have a cloudy day call that a 0.  Cloudy days are a binary 1 and clear day a binary 0. After we string together 8 days we have a sequence of 1’s and 0’s and a full byte. Now 8 days is a long time to transmit a byte, that is why the AP does not use 24 hours for a time slot, but it could , if we were some laid back hippie society where time did not matter.

So let’s go back over what we have learned and plug in some realistic parameters.
Let’s start with a frequency of 2.4 gigahertz. The fastest an AP can realistically turn this ripple generator off and on is about 1/4 the frequency or about 600 time slots/bits per second. This assumes a perfect world and all the bits get out without any interference from other things generating ripples (like your microwave) or something. So in reality the effective rate might be more on the order of 100 million bits a second.
Now let’s say there are 20 users in the room, sharing the available bits equally. They would all be able to run 5 megabits each. But again, there is over head switching between these users (sometimes they talk at the same time and have to constantly back off and re-synch)  Realistically with 20 users all competing for talk time,  1 to 2 megabits per user is more likely.

Other factors that can affect the number of users.
As you can imagine the radio AP manufacturers do all sorts of things to get better numbers. The latest AP’s have multiple antennas and run in two frequencies (two ripple generators) for more bits.

There are also often interference problems with multiple AP’s in the area , all making ripples . The transmission of  ripples for one AP do not stop at a fixed boundary, and this complexity will cause the data rates to slow down while the AP’s sort themselves out.

For related readings on Users and Access Points:

How Many Users Can a Wireless Access Point Handle?

How to Build Your Own Linux Access Points

How to use Access Points to set up and In-Home Music System

Does Your School Have Enough Bandwidth for On-line Testing?


K-12 schools are all rapidly moving toward “one-for-one” programs, where every student has a computer, usually a laptop. Couple this with standardized, cloud-based testing services, and you have the potential for an Internet gridlock during the testing periods. Some of the common questions we hear are:

How will all of these students using the cloud affect our internet resource?

Will there be enough bandwidth for all of those students using on-line testing?

What type of QoS should we deploy, or should we buy more bandwidth?

The good news is that most cloud testing services are designed with a fairly modest bandwidth footprint.

For example, a student connection to a cloud testing application will average around 150kbs (kilo-bits per second).

In a perfect world, a 40 megabit link could handle about 400 students simultaneously doing on-line testing as long as there was no other major traffic.

On the other hand, a video stream may average 1500kbs or more.

A raw download, such as an iOS update, may take as much as 15,000kbs, that is 100 times more bandwidth than the student taking an on-line test.

A common belief when choosing a bandwidth controller to support on-line testing is to find a tool which will specifically identify the on-line testing service and the non-essential applications, thus allowing the IT staff at the school to make adjustments giving the testing a higher priority (QoS). Yes, this strategy seems logical but there are several drawbacks:

  • It does require a fairly sophisticated form of bandwidth control and can be fairly labor intensive and expensive.
  • Much of the public Internet traffic may be encrypted or tunneled, and hard to identify.
  • Another complication trying to give Internet traffic traditional priority is that a typical router cannot give priority to incoming traffic, and most of the test traffic is incoming (from the outside in). We detailed this phenomenon in our post about QoS and the Internet.

The key is not to make the problem more complicated than it needs to be. If you just look at the footprint of the streams coming into the testing facility, you can assume, from our observation, that all streams of 150kbs are of a higher priority than the larger streams, and simply throttle the larger streams. Doing so will insure there is enough bandwidth for the testing service connections to the students. The easiest way to do this is with a heuristic-based bandwidth controller, a class of bandwidth shapers that dynamically give priority to smaller streams by slowing down larger streams.

The other option is to purchase more bandwidth, or in some cases a combination of more bandwidth and a heuristic-based bandwidth controller, to be safe.

Please contact us for a more in-depth discussion of options.

For more information on cloud usage in K-12 schools, check out these posts:

Schools View Cloud Infrastructure as a Viable Option

K-12 Education is Moving to the Cloud

For more information on Bandwidth Usage by Cloud systems, check out this article:

Know Your Bandwidth Needs: Is Your Network Capacity Big Enough for Cloud Computing?

NetEqualizer News: June 2015


June 2015

Greetings!

Enjoy another issue of NetEqualizer News! This month, we announce the 8.3 Release – Expanded RTR, introduce our End of Spring Sale, update you on our DDoS monitoring and prevention technology, and preview our upcoming seminars and conferences. As always, feel free to pass this along to others who might be interested in NetEqualizer News.

A message from Art…
Art Reisman, CTO – APconnections

Spring has been interesting in Colorado this year – artif you like to set records for the most rain in 20 years, that is! Luckily, one of my favorite TV channels is The Weather Channel, so I have been enjoying all the storms… With spring coming to an end soon, I look forward to warmer summer weather.

We love it when we hear back from you – so if you have a story you would like to share with us of how we have helped you, let us know. Email me directly at art@apconnections.net. I would love to hear from you!

8.3 Release is G/A

We are very excited to announce that our 8.3 Release – Expanded RTR is now generally available!

The beta tests for the 8.3 Release have gone very well, and we are ready to release the new reporting features to everyone! Here is a comment from one of our beta customers:

“One of the things that really got my attention on the new 8.3 Release was the ability to see, in real-time, the traffic on all my subnets on one screen. I simply created a pool for all the subnets in my network, and I can instantly see the saturation in the dynamic bar charts that update once a second. I know instantly which segments are saturated by glancing at my monitor screen.”

This release expands our current reporting features to include even more useful information, graphs, and tables. Here are just a few of the new additions you’ll find in the 8.3 Release:

1) Top Talkers Report – this has been one of the most requested graphs and was a popular feature of our previous reporting tool, ntop. You can use this feature to see which IP addresses have used the most bandwidth over time.

toptalkers

2) General Penalty Report – we are bringing this one back from the first version of RTR! You can see both IPs that are currently being penalized, as well as a historical count of penalties that have occurred over time.

penalties

3) Connection Count Report – NetEqualizer controls P2P traffic by using connection count limits on IP addresses. However, figuring out what limit to set for your network depends on how it’s used. You can use the new Connection Count Report to see how many connections individual IP addresses have, and thus set your connection limit to the appropriate level.

connectioncounts

You can read more about all of the features of the 8.3 Release here in the 8.3 Software Update. If you would like to upgrade to 8.3, just click on the button below to send a request to Support.

contact_us_box-1

These features are free to all customers with valid NetEqualizer Software and Support. If you are not current with NSS, contact us today!


Spring for a Lease in our End of Spring Sale

Our Leasing Program continues to be a popular choice for customers that want to use a NetEqualizer with no long-term leasecommitment, and also want to spread out their costs over each month instead of incurring one upfront expense. If you have ever considered leasing a NetEqualizer, now is the time!

To celebrate two years of the NetEqualizer Leasing Program, all new NetEqualizer Leases started before August 31st, 2015 will get 50% off the 1st month fee.

This offer is subject to availability, and customers must qualify to participate in our Leasing Program.

We also are excited to announce that we have added fiber connectivity to our leasing program, in both the 1Gbps and 10Gbps levels. And, to provide more flexibility in financing for our larger customers, we are now offering an Enterprise-Level Lease, for customers with more than 10,000 end users.

If you are interested in learning more, you can read the details of our Leasing Program here, or contact us below.

contact_us_box-1


DDoS Update

The 8.3 Release also includes our recent Distributed Denial of Service (DDoS) Monitor at no extra charge! In addition, our new DDoS Firewall tool (DFW) can be purchased as an add-on module for an additional fee.

Here are some tips from our security experts for how to handle DDoS attacks, or stop them in the first place:
• Lock out unexpected geographies – Most businesses do not need global availability for their websites.
• If an attack occurs, look for fraud – Sometimes DDoS attacks can be smokescreens for other breaches.
• Route traffic through a system like CloudFlare – Their vast network can help thwart bandwidth overloads.
• Have a plan – Build DDoS into your Disaster Recovery Plan, and know who to call when an attack occurs.

The NetEqualizer can help you have a plan.

The new DDoS Monitor, which comes standard, shows you some basic metrics on the outside intrusion hit rate into your network. It can be used to spot anomalies which would indicate a likely DDoS attack in progress.

See our detailed blog article on the subject for how this technology works. Here is a screenshot of the DDoS Monitor dashboard:

ddos

If you decide you need something more proactive to mitigate a DDoS attack, we have a solution for you! For a one time charge of $3,500, which includes one hour of training and consulting, we install our DDoS Firewall (DFW) feature, which can be configured to block standard DDoS attacks.

contact_us_box-1


NetEqualizer Tech Seminars and Conferences

Our CTO, Art Reisman, will be on-site at Mercersburg Academy in Mercersburg, Pennsylvania during edACCESS Vendor Day, June 24th.edaccess

If you have ever been curious about the NetEqualizer, and want to learn more, stop by to talk to Art. We also look forward to visiting with customers as well, so please come by and say hello. You might even get some free NetEqualizer bling from Art!

If you cannot attend the edACCESS conference, but are in the area of South Central Pennsylvania, and would like to meet with Art, email him at:

art@apconnections.net

Art will be in the area for a few days after the conference as well.

How do you tell if edACCESS is right for you? Their mission is to provide support and networking for information technology staff at secondary schools and small colleges. Most edACCESS members come from schools with an FTE of under 1,000 students. So, if that sounds like you, consider attending the 2015 edACCESS Conference.

If you have never been to an edACCESS Conference, you might not know that they are purposely run small (100 attendees maximum) and that they use the peer conference mode.

Here is what they say on the edACCESS website:

“Each edACCESS conference is small, responsive, and participant-driven. Small, because edACCESS conferences are limited to one hundred attendees. Responsive, because half the conference is spent discussing topics chosen by attendees through a careful first-day process. Participant-driven, because we believe that, collectively, we are the experts.”

We hope to see you there!

contact_us_box-1


Best Of The Blog

The Facts and Myths of Network Latency

By Art Reisman – CTO – APconnections

There are many good references that explain how some applications such as VoIP are sensitive to network latency, but there is also some confusion as to what latency actually is as well as perhaps some misinformation about the causes.

In the article below, we’ll separate the facts from the myths and also provide some practical analogies to help paint a clear picture of latency and what may be behind it…

Photo Of The Month
IMG_0997
Brighton Beach, UK
This picture was taken by one of our staff on Brighton Beach, UK during our recent Tech Seminar. Brighton Beach features Brighton Pier, which is a pleasure pier that opened in 1899. Here, the ride operators are shown taking a break from work.
%d bloggers like this: