A

Ad-Hoc mode
An old term used to describe a device-to-device network.

AES (Advanced Encr yption Standard)
A data encryption scheme that uses three different key sizes (128-bit, 192-bit, and 256-bit). AES was adopted by the U.S. government in 2002 as the encryption standard for protecting sensitive but unclassified electronic data.

AP (Access Point)
A device that connects wireless devices to another network, that being a wireless LAN, Internet Modem or others.

Applet
A small application or utility program, usually written in the Java programming language that is designed to do a very specific and limited task. Applets are most commonly used in hand-held mobile devices.

Application
software A computer program that is designed to do a general operational task such as word processing or payroll. Internet browsers and graphic design programs are also considered applications. Application software runs on top of the operating system.

Array Controller
The controller that uses an enhanced 802.11-compliant, Multi-channel MAC to control and optimize the Integrated Access Points of a WLAN Array. The Array Controller also provides the same functions found in today’s WLAN switch or appliance and connects to the four Integrated Access Point Modules and provides RF and network control as well as embedded management features. The central components of the Array Controller such as the MAC and Encr yption Engines are all based on soft-core technology that allows them to be easily upgradeable with future features or enhancements. The Array Controller is suppor ted by 2Gbps of switching fabric capable of suppor ting today and tomorrow's bandwidth needs. Two Gigabit uplink ports provide the interface to the wired network.

Association
Describes the establishment and maintenance of the wireless link between devices. (If security is enabled, the devices cannot do anything but exchange security credentials with this link).

Authentication
The process that occurs after association to verify the identity of the wireless device or end user and allow access to the network.

B

Backbone
The central par t of a large network that links two or more sub-networks. The backbone is the primar y data transmission path on large networks such as those of enterprises and ser vice providers. A backbone can be wireless or wired.

Bandwidth
The maximum transmission capacity of a communications channel at any point in time. Bandwidth, usually measured in bits per second (bps), determines the speed at which information can be sent across a network. If you compare the communications channel to a pipe, bandwidth represents the pipe diameter and determines how much data can flow through the pipe at any one time. The greater the bandwidth, the faster data can flow.

Beacon Interval
When a device in a wireless network sends a beacon, it includes with it a beacon interval, which specifies the period of time before it will send the beacon again. The interval tells receiving devices on the network how long they can wait in low power mode before waking up to handle the beacon. Network administrators can adjust the beacon interval—usually measured in milliseconds (ms) or its equivalent, kilo-microseconds (Kmsec).

Bit Rate
The transmission rate of binar y symbols (‘0’ and ‘1’), equal to the total number of bits transmitted in one second. bps (Bits per second) A measure of data transmission speed across a network or communications channel; bps is the number of bits that can be sent or received per second. It measures the speed at which data is communicated and should not be—but often is—confused with bytes per second (Bps, in this reference the B is capitalized while in bps lower case is used). While “bits” is a measure of transmission speed, “bytes” is a measure of storage capacity.

Bridge
A wireless device that connects multiple networks together. Broadband A comparatively fast Internet connection possessing suf ficient bandwidth to accommodate multiple voice, data and video channels simultaneously. Cable, DSL and satellite are all considered to be broadband channels; they provide much greater speed than dial-up Internet access over telephone wires. BSS (Basic Ser vice Set) When a WLAN is operating in infrastructure mode, each access point and its connected devices are called the Basic Ser vice Set.

BSSID (Basic Ser vice Set Identifier)
A unique address that identifies the access point/router that creates the wireless network.

C

Cell
The basic geographical unit of a cellular communications system. Ser vice coverage of a given area is based on an interlocking network of cells, each with a radio base station (transmitter/receiver) at its center. The size of each cell is determined by the terrain and forecasted number of users.

Channel
A specific portion of the radio spectrum—the channels allotted to one of the wireless networking protocols. For example, 802.11b and 802.11g use 14 channels in the 2.4 GHz band, only 3 of which don't overlap (1, 6, and 11). In the 5 GHz band, 802.11a currently has 12 channels, none of which overlap.

Client
Any computer connected to a network that requests files and services (files, print capability) from the server or other devices on the network. The term also refers to end users. (See AP).

Client devices
Wi-Fi client devices include PC Cards that slide into laptop computers, mini-PCI modules embedded in laptop computers and mobile computing devices, as well as USB radios and PCI/ISA bus Wi-Fi radios. Client devices usually communicate with hub devices like access points and gateways. (See AP, client).

Collision Avoidance
A means of proactively detecting whether a node on an Ethernet network can transmit a signal without risk that it will collide with other traf fic on the network.

CoS (Class of Service)
A category based on the type of user, type of application, or some other criteria that QoS systems can use to provide differentiated classes of service.

CSMA/CA
Carrier Sense Multiple Access/Collision Avoidance. The principal media access control strategy used in 802.11 networks to avoid data collisions. It is a “listen before talk” method of minimizing collisions. The network node checks to see if the transmission channel is clear before a data packet is sent. (See collision avoidance, CSMA/CD).

CSMA/CD
Customer Sense Multiple Access/Collision Detection. The principal media access control strategy used to manage traf fic and reduce noise on wired Ethernet networks. It allows a network device to transmit data after detecting a channel is available. If two devices transmit data simultaneously, the sending device detects the collision of data packets and retransmits after a random time delay. (See collision avoidance, CSMA/CA).

D

DC Power Module
Modules that convert Alternate Current (AC) power to Direct Current (DC) for the operation of electronic and computer equipment. Depending on the manufacturer and product, these modules can range from typical “wall wart” transformers that plug into a wall socket to larger, enterprise-level Power-Over-Ethernet systems that inject DC power into the Ethernet cables to provide power to the access points.

Default Gateway
The gateway in a network that a computer will use to access another network if a gateway is not specified for use. In a network using subnets, a default gateway is the router that for wards traf fic to a destination outside of the subnet of the transmitting device.

Device-to-Device Network
Two or more devices that connect using wireless network devices without the use of a centralized wireless access point. Also known as adhoc or peer-to-peer network.

DHCP (Dynamic Host Configuration Protocol)
A protocol for dynamically assigning IP addresses from a predefined list to nodes on a network. When they log on, network nodes automatically receive an IP address from a pool of addresses ser ved by a DHCP. The DHCP ser ver provides (or leases) an IP address (to a client for a specific period of time. The client will automatically request a renewal of the lease when the lease is about to run out. If a lease renewal is not requested and it expires, the address is returned to the pool of available IP addresses. Using DHCP to manage IP addresses simplifies client configuration and ef ficiently utilizes IP addresses.

Dial-up
A connection to a remote network, or the Internet, using a standard modem and telephone connection, or Plain Old Telephone Ser vice (POTS). (See POTS).

Diversity Antenna
An antenna system that uses multiple antennas to reduce interference and maximize reception and transmission quality.

DNS (Domain Name Service)
An Internet service that translates alphanumeric domain names to assigned IP addresses and vice versa. The term is typically used to describe the server which makes the translation. Every website has its own specific IP address on the Internet. DNS typically refers to a database of Internet names and addresses which translates the alpha-numeric names to the official Internet Protocol numbers and vice versa. For instance, a DNS server conver ts a name like mywebsite.com to a series of numbers like 107.22.55.26. (See IP, IP address).

Domain
The main name/Internet address of a user's Internet site as registered with the InterNIC organization, which handles domain registration on the Internet. For example, the “domain” address for Xirrus is: http://www.xirrus.com, broken down as follows: • http:// represents the Hyper Text Teleprocessing Protocol used by all Web pages. • www is a reference to the World Wide Web. • xirrus refers to the company. • com specifies that the domain belongs to a commercial enterprise.

DTIM
Delivery Traffic Indication Message. A DTIM is a signal sent as par t of a beacon by an access point to a client device in sleep mode, alerting the device to a packet awaiting delivery.

Dual-band
A device that is capable of operating in two frequencies. On a wireless network, dual-band devices are capable of operating in both the 2.4GHz (802.11b/g) and 5GHz (802.11a) bands. In cellular phone technology, dual-band devices typically operate in both the GSM900 and GSM1800 frequencies, allowing a greater number of roaming options.

E

EAP (Extensible Authentication Protocol)
A protocol that provides an authentication framework for both wireless and wired Ethernet enterprise networks. It is typically used with a RADIUS ser ver to authenticate users on large networks. EAP protocol types are used in the 802.1X-based authentication in WPA-Enterprise and WPA2-Enterprise. (See 802.1X, EAP, LEAP, RADIUS, TLS, WPA-Enterprise, WPA2-Enterprise).

EAP-TLS
Extensible Authentication Protocol Transport Layer Security.

EAP-TTLS / MSCHAPv2 EAP-Tunneled TLS / Microsoft Challenge Authentication Handshake Protocol
Securely tunnels clients authentication within TLS records. EDCF (Enhanced Distributed Coordinator Function) A QoS extension which uses the same contention-based access mechanism as current devices but adds “of fset contention windows” that separate high priority packets from low priority packets (by assigning a larger random backof f window to lower priorities than to higher priorities). The result is “statistical priority,” where high-priority packets usually are transmitted before low-priority packets.

Encapsulation
A way of wrapping protocols such as TCP/IP, AppleTalk, and NetBEUI in Ethernet frames so they can traverse an Ethernet network and be unwrapped when they reach the destination computer.

Encryption
Any procedure used in cryptography to translate data into a form that can be decrypted and read only by its intended receiver. (See 802.11i, TKIP, WEP, WPA, WPA2).

Enterprise
Any large corporation, business or organization. The enterprise market can incorporate office buildings, manufacturing plants, warehouses and research and development facilities, as well as large colleges and universities.

ESSID
Extended Service Set Identifier. A name used to identify a wireless network.

Ethernet
The most popular international standard technology for wired Local Area Networks (LANs). It provides from 10 Mbps transmission speeds on basic 10BastT Ethernet networks to 100 Mbps transmission speeds on Fast Ethernet networks, 1000 Mbps on Gigabit Ethernet, and 10,000 Mbps on 10 Gigabit Ethernet.

F

Fast Ethernet
A legacy term for 100Mbps Ethernet.  At this writing, Gigabit and 10 Gigabit are Faster and Fastest.

FCC (Federal Communications Commission)
US wireless regulatory authority. The FCC was established by the Communications Act of 1934 and is charged with regulating Interstate and International communications by radio, television, wire, satellite and cable.

FIPS 140-2
The Federal Information Processing Standard that defines the requirements of security technologies used in the handling and processing of information within government agencies.

Firewall
A system of software and/or hardware that resides between two networks to prevent access by unauthorized users. The most common use of a firewall is to provide security between a local network and the Internet. Firewalls can make a network appear invisible to the Internet and can block unauthorized and unwanted users from accessing files and systems on the network. Hardware and software firewalls monitor and control the flow of data in and out of computers in both wired and wireless enterprise, business and home networks. They can be set to intercept, analyze and stop a wide range of Internet intruders and hackers.

Firmware
Software routines that are embedded as read-only memory (ROM) in a computer chip or hardware device to prevent modification of the routines. Unlike random access memory (RAM), read-only memory stays intact in the absence of electrical power. Startup routines and low-level input/output instructions are stored in firmware.

Frame
A packet encapsulated to travel on a physical medium, like Ethernet or Wi-Fi. If a packet is like a shipping container, a frame is the boat on which the shipping container is loaded.

G

Gateway
In the wireless world, a gateway is an access point with additional software capabilities such as providing NAT and DHCP. Gateways may also provide VPN support, roaming, firewalls, various levels of security, etc.

Gigabit 1

The primary Gigabit Ethernet interface.

Gigabit 2
The secondary Gigabit Ethernet interface.

Gigabit Ethernet
The newest version of Ethernet, with data transfer rates of 1 Gigabit per second (1,000 Mbps).

H

Host Name
The unique name that identifies a computer on a network. On the Internet, the host name is in the form comp.xyz.net. If there is only one Internet site the host name is the same as the domain name. One computer can have more than one host name if it hosts more than one Internet site (for example, home.xyz.net and comp.xyz.net. In this case, comp and home are the host names and xyz.net is the domain name.

Hotspot
A location where users can access the Internet using Wi-Fi laptops and other Wi-Fi enabled devices. Access may be provided free or for a fee. Hotspots are often found at coffee shops, hotels, airport lounges, train stations, convention centers, gas stations, truck stops and other public meeting areas. Corporations and campuses often offer it to visitors and guests. Hotspot service is sometimes available aboard planes, trains and boats.

Hub
A multi-port device used to connect client devices to a wired Ethernet network. Hubs can have numerous por ts and can transmit data at speeds ranging from 10 to 1000 Mbps per second to all the connected ports. A small wired hub may only connect 4 computers; a large hub can connect 48 or more.

Hz (Hertz)
The international unit for measuring frequency equivalent to the older unit of cycles per second. One megahertz (MHz) is one million hertz. One gigahertz (GHz) is one billion hertz. The standard U.S. electrical power frequency is 60 Hz; 802.11a devices operate in the 5 GHz band; 802.11b and g devices operate in the 2.4 GHz band.

I

I/O (Input/Output)
The term used to describe any operation that transfers data to or from a computer. (See MIMO).

IEEE Institute of Electrical and Electronics Engineers

A global technical professional society and standardssetting organization serving the public interest and its members in electrical, electronics, computer, information and other technologies.

IEEE 802.11
The family of specifications developed by the Institute of Electrical and Electronics Engineers (IEEE) 802.11 committee which establishes standards for wireless Ethernet networks. 802.11 standards define the over-the-air inter face between wireless clients and a base station, or access point that is physically connected to the wired network. (See 802.11, IEEE).

Infrastructure Mode
A legacy term used to describe a wireless network consisting of devices connected to a network using a centralized wireless access point. One of two types of wireless network modes; the other is a device-to-device network (also known as peer-to-peer or ad hoc mode). (See ad hoc mode, device-to-device network, peer-to-peer network).

IAP (Integrated Access Point)
A series of access points built into a single device and controlled by a single, Multi-channel MAC resident on an Array Controller. Since the Multi-channel MAC is shared across all the IAPs, only the baseband,RF and power amplifier components exist on the IAP module boards. Each IAP module board contains a maximum of four IAPs (three 802.11a + one 802.11a/b/g).

Internet Appliance
A computing device used primarily for Internet access. It can be Wi-Fi enabled or connected to a wired network and generally offers customized web browsing, touch-screen navigation, with built-in e-mail services, entertainment and personal information management applications. Applications cannot be installed independently.

Intrusion Detection

A security service that monitors and analyzes system events to identify security breaches to the network and provide real-time warnings when an unauthorized intrusion, or break-in, to the network is attempted.

IP (Internet Protocol)
The basic communications protocol of the Internet. (See IP address, TCP/IP). IP address Internet Protocol address. IP Version 4, the most widely used Internet protocol, provides 32-bit number that identifies the sender or receiver of information sent across the Internet. An IP address has two par ts: The identifier of the par ticular network on the Internet and the identifier of the particular device (which can be a ser ver or a workstation) within that network. The newer IP, Version 6, provides a 128-bit addressing scheme to support a much greater number of IP addresses. (See DHCP, DNS, IP).

IPsec
A Layer 3 authentication and encr yption protocol. Used to secure VPNs.

IP Telephony
Technology that supports voice, data and video transmission via IP-based LANs, WANs, and the Internet. This includes VoIP (Voice-over-IP).

ISO Network Model
A model developed by the International Standards Organization that defines seven levels, or layers, in a network. By standardizing these layers and the interfaces that connect them, different portions of a given protocol can be modified or changed as technologies advance or systems requirements are altered. The seven layers are, beginning at the lowest layer: • Layer 1 – Physical • Layer 2 – Data Link • Layer 3 – Network • Layer 4 – Transport • Layer 5 – Session • Layer 6 – Presentation • Layer 7 – Application

IEEE 802.11
The IEEE 802.11 Standard encompasses the physical layer (PHY) and the lower portion of the data link layer which is often referred to as the Media Access Control (MAC) sub-layer.

ISS
A special software application that allows all PCs on a network access to the Internet simultaneously through a single connection and Internet Ser vice Provider (ISP) account.

L

LAN
A system of connecting PCs and other devices within the same physical proximity for sharing resources such as an Internet connections, printers, files and drives. When Wi-Fi is used to connect the devices, the system is known as a wireless LAN or WLAN.

LEAP (Lightweight Extensible Authentication Protocol)
A proprietary Cisco protocol used for 802.1X authentication on wireless LANs (WLANs).

M

MAC (Media Access Control) Address
A unique hardware number that identifies each device on a network. A device can be a computer, printer, etc.

MAN (Metropolitan Area Network)
A data network, typically operated by a municipality or communications carrier that provides high-speed service within a geographical area such as a college campus, town or city. A MAN is larger than a Local Area Network (LAN) but smaller than a Wide Area Network (WAN).

Mapping

Assigning a PC to a shared drive or printer por t on a network.

Mbps (Megabits per second)

A measurement of data speed that is roughly equivalent to a million bits per second.

Mesh Network
A communications network with at least two pathways to each node, forming a net-like organization. When each node is connected to ever y other node, the network is said to be fully meshed. When only some of the nodes are linked, switching is required to make all the connections and the network is said to be par tially meshed, or partially connected.

MIC (Message Integrity Check)
A technology that is employed to prevent an attacker from capturing data packets, altering them and resending them. The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC. If it does not match, the data is assumed to have been tampered with and the packet is dropped.

MIMO (Multiple-Input-Multiple-Output)
A signal processing technology that uses multiple receivers and multiple transmitters in both the client and access point to achieve data throughput speeds of 100Mbps.

Mobile professional
Often called “road warrior.” Any employee or professional person who travels frequently and requires the ability to regularly access his or her corporate networks, via the Internet, to post and retrieve files and data and to send and receive e-mail from remote locations. (See hotspot, roaming).

MTU (Maximum Transmission Unit)
The largest physical packet size—measured in bytes that a network can transmit. Any messages larger than the MTU are divided into smaller packets before being sent. Ever y network has a different MTU, which is set by the network administrator. Ideally, you want the MTU to be the same as the smallest MTU of all the networks between your machine and a message's final destination. Otherwise, if your messages are larger than one of the intervening MTUs, they will get broken up (fragmented), which slows down transmission speeds.

Multi-channel MAC
The Multi-channel MAC of a WLAN Array provides unified management and coordination over wired and wireless packet flows, spectrum management and the Multi-sector Antenna System.

Multi-sector Antenna System
The RF inter face of a WLAN Array is delivered through the Multi-sector Antenna System. This high-gain (7dBi) antenna system carves the airspace up into equal sections or sectors; the increased directional transmit and receive gain allows the WLAN Array and its respective clients to hear each other in both directions producing an extended reach in all directions from the WLAN Array. The resulting coverage pattern resembles that of a typical omni-directional antenna but covers 4x the area because the range in all RF sectors is nearly double that of a typical antenna. The Array Controller assigns each RF sector a nonoverlapping channel and controls the coordination of all the IAPs through the antenna system. Additionally, the Multi-sector antenna system offers a switchable 360 degree omni-directional antenna that can be used with one of the IAPs as a dedicated RF monitor.

N

NAT (Network Address Translation)
A network capability that enables multiple of computers to dynamically share a single incoming IP address from a dial-up, cable or DSL connection. NAT takes a single incoming public IP address and translates it to a new private IP address for each client on the network. (See DHCP, IP address).

Network Name
A name used to identify a wireless network.

NIC (Network Interface Card)
A wireless or wired PC adapter card that allows the client computer to utilize network resources. Most office wired NICs operate at 100 Mbps. Wireless NICs operate at data rates defined by 802.11 standards.

NTP (Network Time Protocol)
An Internet standard protocol (built on top of TCP/IP) that ensures the accurate synchronization (to the millisecond) of computer clock times in a network of computers. Running as a continuous background client program on a computer, NTP sends periodic time requests to ser vers, obtaining server time stamps and using them to adjust the client’s clock.

P

Packet
Data sent over a network is broken down into many small pieces—packets—by the Transmission Control Protocol layer of TCP/IP. Each packet contains the address of its destination as well the data. Packets may be sent on any number of routes to their destination, where they are reassembled into the original data. This system is optimal for connectionless networks, such as the Internet, where there are no fixed connections between two locations.

Pass Phrase
A series of characters used to create a key which is used by Wi-Fi Protected Access (WPA). (See PSK, WPA).

PC Card
A removable, credit-card-sized memor y or I/O device that fits into an expansion slot on a notebook computer or a personal digital assistant (PDA). PC Cards are used primarily in notebook computers and PDAs. PC Card peripherals include Wi-Fi network cards, memory cards, modems, wired NICs, and hard drives.

PCI (Peripheral Component Interconnect)
A high-performance I/O (input/output) computer bus that allows expansion slots to be spaced closely for high-speed operation.

PCMCIA Expansion cards now referred to as “PC Cards” were originally called “PCMCIA Cards” because they met the standards created by the Personal Computer Memory Card International Association.

PEAP (Protected Extensible Authentication Protocol)
A protocol proposed by Microsoft, Cisco and RSA Security for 802.1X authentication on wireless LANs (WLANs).

PEAPv0/EAP-MSCHAPv2 (Protected Extensible Authentication Protocol)
A protocol developed jointly by Microsoft, RSA Security and Cisco for transmitting authentication data, including passwords, over 802.11 wireless networks. PEAP authenticates wireless LAN clients using only server-side digital certificates by creating an encrypted SSL/TLS tunnel between the client and the authentication.

PEAPv1/EAP-GTC (Protected Extensible Authentication Protocol)
A protocol developed jointly by Microsoft, RSA Security and Cisco for transmitting authentication data, including passwords, over 802.11 wireless networks. PEAP authenticates wireless LAN clients using only ser ver-side digital certificates by creating an encr ypted SSL/TLS tunnel between the client and the authentication.

Peer-to-Peer Network
A wireless or wired computer network that has no ser ver or central hub or router. All the networked PCs are equally able to act as a network ser ver or client, and each client computer can talk to all the other wireless computers without having to go through an access point or hub. However, since there is no central base station to monitor traf fic or provide Internet access, the various signals can collide with each other, reducing overall per formance.

PHY
The physical, or lowest layer of the OSI Network Model. In a wireless network, the PHY defines parameters such as data rates, modulation method, signaling parameters, transmitter/receiver synchronization, etc. Within an actual radio implementation, the PHY corresponds to the radio front end and baseband signal processing sections.

PLCP (Physical Layer Convergence Protocol)
Defined by IEEE 802.6, a protocol specified within the Transmission Convergence layer that defines exactly how cells are formatted within a data stream for a par ticular type of transmission facility.

Plug-and-play
Features that provide for automatic configuration of add-ons and peripheral devices such as wireless PC Cards, printers, scanners and multimedia devices.

Preamble
Sometimes called a header; a section of data at the head of a packet that contains information that the access point and client devices need when sending and receiving packets. PLCP has two structures, a long and a short preamble. All compliant 802.11b systems have to support the long preamble. The short preamble option is provided in the standard to improve the ef ficiency of a network's throughput when transmitting special data, such as voice, VoIP (Voice-over IP) and streaming video.

Private Key
In cryptography, one of a pair of keys (one public and one private) that are created with the same algorithm for encrypting and decrypting messages and digital signatures. The private key is provided only to the requestor and never shared. The requestor uses the private key to decrypt text that has been encrypted with the public key by someone else.

Proxy Server
A technique used in larger companies and organizations to improve network operations and security. The proxy ser ver receives requests intended for another ser ver to prevent direct communication between two or more networks. The proxy server forwards allowable data requests to remote servers and/or responds to data requests directly from stored remote server data.

PSK (Pre-Shared Key)
A TKIP passphrase used to protect your network traf fic in WPA. A mechanism in Wi-Fi Protected Access (WPA)—Personal that allows the use of manually entered keys or passwords to initiate WPA security. The PSK is entered on the access point or home wireless gateway and each PC that is on the Wi-Fi network. After entering the password, Wi-Fi Protected Access automatically takes over. It keeps out eavesdroppers and other unauthorized users by requiring all devices to have the matching password. The password also initiates the encr yption process which, in WPA is Temporal Key Integrity Protocol (TKIP) and in WPA2 is Advanced Encryption Standard (WPA2). (See TKIP, WPA- Personal, WPA2-Personal).

Public Key
In cryptography, one of a pair of keys (one public and one private) that are created with the same algorithm for encrypting and decrypting messages and digital signatures. The public key is made publicly available for encryption and decryption.

Q

QoS (Quality of Service)
Required to support wireless multimedia applications and advanced traf fic management. QoS enables Wi-Fi access points to prioritize traf fic and optimize the way shared network resources are allocated among dif ferent applications. Without QoS, all applications running on dif ferent devices have equal opportunity to transmit data frames. That works well for data traf fic from applications such as web browsers, file transfers, or e-mail but it is inadequate for multimedia applications. Voice over Internet Protocol (VoIP), video streaming, and interactive gaming are highly sensitive to latency increases and throughput reductions and require QoS. QoS extensions for 802.11 networks will be addressed in the upcoming IEEE 802.11e standard.

R

RADIUS (Remote Access Dial-Up User Service)
A standard technology used by many major corporations to protect access to wireless networks. RADIUS is a user name and password scheme that enables only approved users to access the network; it does not affect or encr ypt data. The first time a user wants access to the network, secure files or net locations, he or she must input his or her name and password and submit it over the network to the RADIUS ser ver. The ser ver then verifies that the individual has an account and, if so, ensures that the person uses the correct password before she or he can get on the network. RADIUS can be set up to provide different access levels or classes of access. For example, one level can provide blanket access to the Internet; another can provide access to the Internet as well as to email communications; yet another account class can provide access to the Net, email and the secure business file server. Like other sophisticated security technologies, RADIUS comes in a variety of types and levels.

Range
The distance covered by a wireless network or radio device. Depending on the environment and the type of antenna used, Wi-Fi signals can have a range of up to a mile. RC4 An encryption cipher designed RSA Data Security. It allows key lengths up to 1024 bits and is a component in many encryption schemes, including SSL, WEP, and TKIP.

RDPS (Remote Distribution Power Supply)
A Xirrus proprietary power supply used for delivering power from a remote source to the Xirrus family of products.

Repeater
A wireless repeater is a device that extends the coverage of an existing access point by relaying its signal. A wireless repeater does not do intelligent routing per formed by wireless bridges and routers.

Residential gatewa
A wireless device that allows multiple devices accessing a home network, including PCs and peripherals to access the Internet and communicate with one another.

RFID (Radio Frequency Identification)
An electronic identification technology that uses radio frequency signals to read identifying data contained in tags on equipment and merchandise. An alternative to bar codes.

Roaming
The ability to move seamlessly from one area of Wi-Fi or cellular phone coverage to another with no loss in connectivity. Roaming also refers to the ability of road warriors to wirelessly connect to the Internet from dif ferent hotspots without confronting the array of schemes used by dif ferent providers to authorize use and track billing. Roaming agreements among providers allow mobile professionals to a single authentication and authorization scheme to have all charges resolved to a single bill. (See hotspot, mobile professional).

Rogue Access Point
An unauthorized access point installed on a company’s WLAN, typically by a user. Rogue access points present security risks. They rarely conform to the organization’s security policies and, typically, no security at all is enabled on them. Rogues present open, insecure inter faces to the company’s network. (See intrusion detection).

Router
A wireless router is device that accepts connections from wireless devices to a network and includes a network firewall for security, and provides local network addresses.

RSSI (Received Signal Strength Indicator)
A measure of the energy observed by an antenna when receiving a signal.

S

Satellite broadband
Wireless high-speed Internet service provided by satellites. Some satellite broadband connections are two-way—up and down. Others are one-way, with the satellite providing a high-speed downlink and then using a dial-up telephone connection or other land-based system for the uplink to the Internet.

SDMA (Spatial Division Multiple Access)
A wireless communications mode that optimizes the use of the radio spectrum and minimizes cost by taking advantage of the directional proper ties of antennas. The antennas are highly directional, allowing duplicate frequencies to be used for multiple zones.

Security Supplicant
Client software that coordinates authentication and session key creation.

Server
A computer that provides resources or services to other computers and devices on a network. Types of ser vers can include print ser vers, Internet servers, mail servers, and DHCP servers. A server can also be combined with a hub or router. (See DHCP, hub, router).

Site survey
A comprehensive facility study per formed by network managers to insure that planned service levels will be met when a new wireless LAN, or additional WLAN segments to an existing network, are deployed. Site sur vey’s are usually performed by a radio frequency engineer and used by systems integrators to identify the optimum placements of access points to insure that planned levels of service are met. Site surveys are sometimes conducted following the deployment to insure that the WLAN is achieving the necessary level of coverage. Site surveys can also be used to detect rogue access points. (See intrusion detection, rogue). Sniffer A software program that monitors network traffic. Sniffers can capture data being transmitted on a network and are sometimes used illegitimately to hack a network.

SNMP (Simple Network Management Protocol)
A standard protocol that regulates network management over the Internet. SNTP (Simple Network Time Protocol) A simplified version of NTP. SNTP can be used when the ultimate performance of the full NTP implementation described in RFC 1305 is not needed or justified.

SOHO
The term describes an of fice or business with ten or fewer computers and/or employees.

SSID
A unique 32-character network name, or identifier, that differentiates one wireless LAN from another. All access points and clients attempting to connect to a specific WLAN must use the same SSID. The SSID can be any alphanumeric entry up to a maximum of 32 characters.

SSH (Secure SHell)
Developed by SSH Communications Security, Secure Shell is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over insecure channels. SSH protects a network from attacks, such as IP spoofing, IP source routing, and DNS spoofing. Attackers who has managed to take over a network can only force SSH to disconnect—they cannot “play back” the traf fic or hijack the connection when encryption is enabled. When using SSH's slogin (instead of rlogin) the entire login session, including transmission of password, is encrypted making it almost impossible for an outsider to collect passwords.

SSL (Secured Sockets Layer)
A protocol used to secure Internet communications. SSL is commonly used to encrypt transactions on online retail and banking. SSL encr ypts the exchange of information between a user’s browser and Web ser ver so only the intended parties can read it. When an SSL session begins, the ser ver sends its public key to the browser. The browser then sends a randomly generated secret key back to the ser ver in order to have a secret key exchange for that session.

Subnetwork (or Subnet)
An IP address range that is part of a larger address range. Subnets are used to subdivide a network address of a larger network into smaller networks. Subnets connect to other networks through a router. Each individual wireless LAN will typically use the same subnet for all of its clients.

Subnet Mask
A mask used to determine what subnet an IP address belongs to. An IP address has two components: (1) the network address and (2) the host address. For example, consider the IP address 150.215.017.009. Assuming this is part of a Class B network, the first two numbers (150.215) represent the Class B network address, and the second two numbers (017.009) identify a particular host on this network.

Switch
A network device that controls network usage to prevent data collisions and insures optimal network performance. A switch acts as a network traffic cop: Rather than transmitting all the packets it receives to all ports, as a hub does, a switch transmits packets to only the receiving port.

T

TCP/IP
The underlying technology of Internet communications. While IP handles the actual deliver y of data, TCP tracks the data packets to ef ficiently route a message through the Internet. Ever y computer in a TCP/IP network has its own IP address that is either dynamically assigned at star tup (See DHCP) or permanently assigned as a static address. All TCP/IP messages contain the address of the destination network, as well as the address of the destination station. This enables TCP/IP messages to be transmitted to multiple networks (subnets) within an organization or worldwide. For example, when a user downloads a web page, TCP divides the page file on the web ser ver into packets, numbers the packets, and for wards them individually to the user’s IP address. The packets may be routed along dif ferent paths before reaching the user’s address. At the destination, TCP reassembles the individual packets, waiting until they have all arrived to present them as a single file.

Throughput
Usually measured in bps, Kbps, Mbps or Gbps, throughput is the amount of data that can be sent from one location to another in a specific amount of time.

TKIP (Temporal Key Integrity Protocol)
The wireless security encryption mechanism in Wi-Fi Protected Access. TKIP uses a key hierarchy and key management methodology that removes the predictability that intruders relied upon to exploit the WEP key. It increases the size of the key from 40 to 128 bits and replaces WEP’s single static key with keys that are dynamically generated and distributed by an authentication server, providing some 500 trillion possible keys that can be used on a given data packet. It also includes a Message Integrity Check (MIC), designed to prevent an attacker from capturing data packets, altering them and resending them. By greatly expanding the size of keys, the number of keys in use, and by creating an integrity checking mechanism, TKIP magnifies the complexity and dif ficulty involved in decoding data on a Wi-Fi network. TKIP greatly increases the strength and complexity of wireless encryption, making it far more dif ficult—if not impossible—for a would-be intruder to break into a Wi-Fi network.

TLS Transport Layer Security
A newer version of the SSL protocol, It suppor ts more cr yptographic algorithms than SSL. TLS is designed to authenticate and encrypt data communications, preventing eavesdropping, message forgery and interference.

Transmit Power
The amount of power used by a radio transceiver to send the signal out. Transmit power is generally measured in milliwatts, which you can convert to dBm.

Tri-mode
In the Wi-Fi context, tri-mode refers to devices which are 802.11b, a, and g-compatible. In the mobile context, tri- mode describes a cellular phone that is capable of using analog, digital and GSM frequencies.

U

UWB (Ultra Wideband)
A relatively new term that is used to describe a technology known since the early 1960s as “carrier- free”, “baseband” or “impulse”. UWB transmits and receives extremely shor t bursts of radio signals, typically a few trillionths of a second to a few billionths of a second (nanoseconds) in duration. These bursts produce waveforms that are extremely broadband.

V

Voice over Wi-Fi
VoIP services delivered over wireless networks. Sometimes referred to as wireless voice over IP. VoIP Voice over Internet Protocol. A technology for transmitting ordinary telephone calls over the Internet using packet- based networks instead of standard public switched telephone networks or Plain Old Telephone Service (POTS).

VLAN (Virtual LAN)
A group of devices that communicate as a single network, even though they are physically located on different LAN segments. Because VLANs are based on logical rather than physical connections, they are extremely flexible. A device that is moved to another location can remain on the same VLAN without any hardware reconfiguration.

VLAN Tagging
Static port-based VLANs were originally the only way to segment a network without using routing, but these port-based VLANs could only be implemented on a single switch (or switches) cabled together. Routing was required to transfer traffic between unconnected switches. As an alternative to routing, some vendors created proprietary schemes for sharing VLAN information across switches. These methods would only operate on that vendor’s equipment and were not an acceptable way to implement VLANs. With the adoption of the 802.1Q standard, traffic can be confined to VLANs that exist on multiple switches from different vendors. This interoperability and traffic containment across different switches is the result of a switch's ability to use and recognize 802.1Q tag headers—called VLAN tagging. Switches that implement 802.1Q tagging add this tag header to the frame directly after the destination and source MAC addresses. The tag header indicates: 1. That the packet has a tag. 2. Whether the packet should have priority over other packets. 3. Which VLAN it belongs to, so that the switch can for ward or filter it correctly. VPN (Virtual Private Network). A network layer encr yption scheme that allows remote clients to securely connect to their corporate networks using the Internet. Most major corporations today use VPN to protect their remote-access workers and their connections. It works by creating a secure virtual “tunnel” from the end-user's computer through the end-user's access point or gateway, through the Internet, all the way to the corporation's ser vers and systems. It also works for wireless networks and can effectively protect transmissions from Wi-Fi equipped computers to corporate ser vers and systems.

W

WAN Wide Area Network (WLAN)
A data communications network that spans large local, regional, national or international areas and is usually provided by a public carrier (such as a telephone company or service provider).The term is used to distinguish between phone-based data networks and Wi-Fi networks. Phone networks are considered WANs and Wi-Fi networks are considered Wireless Local Area Networks.

WAP (Wireless Applications Protocol)
A protocol designed to deliver applications to mobile devices, including cell phones, pagers, two-way radios, smar tphones and communicators.

Wireless Distribution System (WDS)
A method of wirelessly connecting access points or Arrays together instead of using a wired uplink connection to the network.

WEP (Wired Equivalent Privacy)
An optional IEEE 802.11 function that offers frame transmission privacy similar to a wired network. The Wired Equivalent Privacy generates secret shared encr yption keys that both source and destination stations can use to alter frame bits to avoid disclosure to eavesdroppers.

Wi-Fi Alliance
A nonprofit international association formed in 1999 to certify interoperability of wireless Local Area Network products based on IEEE 802.11 specification. The goal of the Wi-Fi Alliance's members is to enhance the user experience through product interoperability.

Wi-Fi CERTIFIED™
The certification standard designating IEEE 802.11-based wireless local area network (WLAN) products that have passed interoperability testing requirements developed and governed by the Wi-Fi Alliance.

Wi-Fi Interoperability Certificate
A statement that a product has passed interoperability testing and will work with other Wi-Fi CERTIFIED products.

Wi-Fi ZONE™
A certification program of the Wi-Fi Alliance that allows users to easily identify public hotspot locations that have Wi-Fi connectivity available. The program allows customers from anywhere in the world to look for a single Wi-Fi ZONE brand. The Wi-Fi ZONE logo assures users that they will be able to get a fast, reliable Internet connection in a coffee shop, hotel, airpor t, convention center or other public venue.

Wi-Fi®
Short for wireless fidelity. A term developed by the Wi-Fi Alliance to describe wireless local area network (WLAN) products that are based on the Institute of Electrical and Electronics Engineers’ (IEEE) 802.11 standards.

WiMAX (Worldwide Interoperability for Microwave Access)
Refers to the 802.16 standard being developed by the IEEE to provide a wireless coverage of up to 31 miles. It operates in the 2 to 11 GHz bands and enables connectivity without a direct line-of-sight to a base station although line-of-site is probably required to achieve connectivity at the distance of 31 miles. It provides shared data rates up to 70 Mbps, which, according to WiMAX proponents, is enough bandwidth to simultaneously support more than 60 businesses and hundreds of homes.

Wireless Network
Devices connected to a network using a centralized wireless access point.

WLAN (Wireless Local Area Network)
A type of local-area network in which data is sent and received via high frequency radio waves rather than cables or wires.

WLAN Array
The WLAN Array (or Array) architecture maximizes RF capacity by solving the fundamental issue of allowing multiple access points to function at ver y close proximity to each other. This high degree of integration and coordination allows the Array to deliver Gigabit-class Wi-Fi bandwidth over an extended coverage area – all from a single device. The Array Controller, Integrated Access Points and the Multi-sector Antenna System make up the key components of the Array Architecture. WMAN (Wireless Metropolitan Area Network) A wireless data network that is comparable to a cell phone network in that users throughout a metropolitan area can freely access the Internet. WiMAX technology provides the basis of WMAN networks.

WMM™ (Wi-Fi Multimedia)
A group of features for wireless networks that improve the user experience for audio, video and voice applications. WMM is based on a subset of the IEEE 802.11e WLAN QoS draft standard. WMM adds prioritized capabilities to Wi-Fi networks and optimizes their per formance when multiple concurring applications, each with dif ferent latency and throughput requirements, compete for network resources. By using WMM, end-user satisfaction is maintained in a wider variety of environments and traf fic conditions. WMM makes it possible for home network users and enterprise network managers to decide which data streams are most impor tant and assign them a higher traf fic priority.

WPA™ (Wi-Fi Protected Access)
An improved security standard for wireless networks that provides strong data protection and network access control. WPA was developed by the Wi-Fi Alliance and addresses all known WEP vulnerabilities. It provides strong data protection by using encr yption, as well as strong access controls and 802.1X-based user authentication which was largely missing in WEP. WPA is designed to secure all versions of 802.11 devices, including 802.11b, 802.11a, and 802.11g, dual-band and tri-mode. WPA can be enabled in two versions, WPA-Personal and WPA-Enterprise. WPA-Personal protects against unauthorized network access by utilizing a set-up pass phrase, or pre- shared key. WPAEnterprise verifies network users through an authentication ser ver. In either mode, WPA utilizes 128-bit encryption keys and dynamic session keys to ensure the wireless network's privacy and security.

WPA2™ Wi-Fi Protected Access 2
The follow on security method to WPA for wireless networks that provides stronger data protection and network access control. It provides enterprise and consumer Wi-Fi users with a high level of assurance that only authorized users can access their wireless networks. Based on the ratified IEEE 802.11i standard, WPA2 provides government grade security by implementing the National Institute of Standards and Technology (NIST) FIPS 140-2 compliant AES encr yption algorithm and 802.1X-based authentication. There are two versions of WPA2: WPA2-Personal, and WPA2-Enterprise. WPA2-Personal protects unauthorized network access by utilizing a set-up password. WPA2-Enterprise verifies network users through a ser ver. WPA2 is backward compatible with WPA. Like WPA, WPA2 uses the 802.1X/EAP framework as part of the infrastructure that ensures centralized mutual authentication and dynamic key management and of fers a pre-shared key for use in home and small of fice environments. Like WPA, WPA2 is designed to secure all versions of 802.11 devices, including 802.11b, 802.11a, and 802.11g, multi-band and multi-mode. (See WPA2-Enterprise, WPA2-Personal).

WPA-Enterprise (Wi-Fi Protected Access–Enterprise)
A wireless security method that provides strong data protection for multiple users and large managed networks. It uses the 802.1X authentication framework with TKIP encr yption and prevents unauthorized network access by verifying network users through an authentication server.

WPA2-Enterprise (Wi-Fi Protected Access 2 – Enterprise)
The follow on wireless security method to WPA that provides stronger data protection for multiple users and large managed networks. It prevents unauthorized network access by verifying network users through an authentication server.

WPA-Personal (Wi-Fi Protected Access–Personal)
A wireless security method that provides strong data protection and prevents unauthorized network access for small networks. It uses TKIP encr yption and protects against unauthorized network access through the use of a pre-shared key (PSK).

WPA2-Personal (Wi-Fi Protected Access 2 – Personal)
The follow on wireless security method to WPA that provides stronger data protection and prevents unauthorized network access for small networks.

WPAN (Wireless Personal Area Networ)
A network that wirelessly connects personal devices centered within a radius of about 30 feet such as an individual’s workspace or room environment in a home. WPAN technologies include Bluetooth and others defined by the IEEE 802.15 standard. Devices specifications include low data rates (250 kbps, 40 kbps, and 20 kbps), and multi-month to multi-year batter y life and include such things as joy sticks and interactive toys. WPAN devices operate in unlicensed international frequency bands and can communicate directly with one another, a concept called “plugging in”.

X

XA-3300 / XM-3300
The Xirrus Wireless Management System (XA / XM) is a Xirrus product used for managing large Array deployments from a centralized Web-based inter face.

XP-3100
The Xirrus Remote DC Power System (XP-3100) is an optional Xirrus product that provides distributed DC power to multiple Arrays, eliminating the need to run dedicated AC power to each unit and facilitating backup power when connected via a UPS.

XS-3900
The Xirrus Array (XS-3900) is a 16-radio, high capacity, multi-wireless access point specifically designed for the Enterprise market.

XS-3700
The Xirrus Array (XS-3700) is an 8-radio, high capacity, multi-wireless access point specifically designed for the Enterprise market.

XS-3500
The Xirrus Array (XS-3500) is a 4-radio high capacity, multi-wireless access point specifically designed for the Enterprise market.