INTEL WIRELESS
Wired Stuff
WiFi Tablet Corner
My80211 White Papers (Coming Soon!)

Cisco Wireless Compatibility Matrix (Nov. 2011)

Podcasts / Videos

My80211 Videos

Cisco: 802 11 frames with Cisco VIP George Stefanick

Fluke Networks: Minimize Wi Fi Network Downtime

Aruba: Packets never lie: An in-depth overview of 802.11 frames

ATM15 Ten Talk “Wifi drivers and devices”

Houston Methodist Innovates with Wireless Technology

Bruce Frederick Antennas (1/2)

 

Bruce Frederick dB,dBi,dBd (2/2)

Cisco AP Group Nugget

Social Links
Revolution WiFi Capacity Planner

Anchor / Office Extends Ports

 

Peek Inside Cisco's Gear

See inside Cisco's latest wireless gear!

2.4 GHz Channel Overlap

EXAMPLE 1  

EXAMPLE 2

EXAMPLE 3  

CWSP RELEASE DATE 2/08/2010
  • CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    by David D. Coleman, David A. Westcott, Bryan E. Harkins, Shawn M. Jackman

    Shawn Jackman (Jack) CWNE#54 is a personal friend and has been a mentor to me for many years.  I've had the pleasure and opportunity to work with Jack for 4 years. Jack is a great teacher who takes complex 802.11 standards and breaks them down so almost anyone can understand the concept at hand. I'm excited for you brother. Great job and job well done! Put another notch in the belt!

IEEE 802.11a/g/n Reference Sheet

 

LWAPP QoS Packet Tagging

 

 

Interference Types

BLUETOOTH
 

Microwave Oven
 

Cordless Phone

JAMMER!
 

« cisco ISE 1.1.1 - Default Login Change | Main | BUG CSCuc32335: Local Mode Aps on 7.0.220.0 lose configs and get defaulted after power loss »
Friday
Oct192012

BUG CSCua29504: Upgrade that code if you want Windows 8 to work! #CISCO # WLC

This is from Cisco CSC 

Microsoft will launch Windows 8 in late October. Along with a slew of other features, it will be among the first to support the 802.11w standard to protect Management Frames for client devices on Wi-Fi networks.

Customers running old Cisco unified releases (between 4.2 to 7.2) in local, Flex or mesh mode will run into an interoperability bug (CSCua29504, to be exact) that prevents 802.11w enabled clients from connecting to a Cisco WLAN with Management Frame Protection (MFP) enabled. This bug does not affect customers running autonomous access point deployments or customers running Cisco unified releases older than 4.2.

What are the possible solutions for you?

1. Please upgrade your production environment to one of the following releases, which will interoperate with Windows 8.

  • 7.3.101.0
  • 7.2.111.3
  • 7.0.235.3

2. Roll back to pre-windows 8 drivers as identified in the Microsoft Knowledge Base article.
3. Fall back to TKIP
4. Sign up for a beta release for Cisco’s upcoming feature release 7.4 (beta available now!) that supports the 802.11w feature in local mode.

What is 802.11w ?

 802.11w is an IEEE standard based on Cisco’s Management Frame Protection(MFP), a feature that was first supported on autonomous access points in release 12.3(8)JA in 2006 and in the unified release 4.0.155.5 in 2008. 802.11w isn’t a new standard. IEEE ratified the 802.11w standard in 2009, however the adoption has been slow to date, but that is expected to change with Windows 8.

The WFA has announced that it will position the Protected Management Frame interoperability certification program as a feature update to its Wi-Fi Protected Access(WPA2) program.

Why do I care about 802.11w ?

I joined Cisco Wireless Networking Business Unit (WNBU) early 2006 as a Product Manager for Autonomous Access Points and the first software release that I managed was the 12.3(8)JA. One of the coolest features in that release was a Cisco innovation around protecting management frames. As many of you may know, 802.11 frames such as Authenticate, De-authenticate, Associate, Dis-associate are sent in the clear (a.k.a. in an unsecured manner). This could allow a potential attacker to spoof management frames from a valid device and run Denial of Service (DOS) attack by sending de-authenticate/disassociate frames.

When MFP is enabled, the sending device adds a cryptographic hash to create a message integrity check (MIC) and embeds that within the Information Element (IE) of every management frame. Thus when another device in the network receives the frame, it is able to verify that the authenticity of the source. In case a single invalid frame is received on the network, it will be dropped, as well as, an Intrusion Detection System alert will be received -this means zero day protection!

What about clients that don’t support 802.11w ?

There are two components to Management Frame Protection:

-         Infrastructure MFP: When the wireless Controller and Access point infrastructure support the 802.11w capability, any frames from a hacker masquerading as an infrastructure AP and attempting to communicate with other APs will be dropped.

-         Client MFP: When a client ALSO supports this feature; it is able to secure communications with the infrastructure. This means any frames from a hacker masquerading as an infrastructure AP and sending disconnect messages to the clients will be dropped.

So what’s the bottom-line?

To enable that your network is ready for 802.11w and Windows 8 ensure that you are running the latest Cisco Unified releases in your wireless controller network.

 

For more information, visit https://supportforums.cisco.com/docs/DOC-27213

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments (2)

Isn't it true that the bug prevents connections even if you disable MFP on the Cisco controllers? Just an extra note that I thought I read somewhere.

October 25, 2012 | Unregistered CommenterTom Carpenter

Hey Tom, actually I am getting a box with Windows 8 on it to test. Ill add this to my testing..

October 25, 2012 | Registered CommenterGeorge

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>