After a successful inquiry mode, Bluetooth devices enter page mode to further pursue a connection. The source device pages the destination device, and the destination device responds in its page scanning state. The two devices then establish master and slave roles, and then establish a connection.
An antenna that uses a dish with a parabolic curve (called a parabolic reflector) to focus radio signals being transmitted or received.
A method for checking for errors. A parity bit is used to provide error checking for a single bit error. When a single bit is used, parity can be either even or odd. Even parity means that the number of ones in the data plus the parity equals an even number, and odd parity means that the number of ones in the data plus the parity.
Password Authentication Protocol - Because PAP transmits the username and password across the network unencrypted, it should not be used on a network with no privacy security. This method is often used by network managers who only encrypt passwords one-way. PAP is not an EAP method and is only supported by TTL (where the TLS tunnel protects the password).
When a Bluetooth device is in its dormant state and is listening to the network, it is in passive mode. From this state, a device may wait to be discovered by other network devices. When a device responds to inquiries or communicates in a connection, it enters Active mode.
Common name for a microstrip antenna. It is a low profile antenna consisting of a flat sheet of metal, usually found in a plastic case. The design is simple and easy to create and is often used in cell phones because of the compact size.
The Payment Card Industry Data Security Standard (PCI DSS) is a system designed to protect consumers and credit card issuers from fraud and other security vulnerabilities associated with credit card information. The standard seeks to reduce the exposure of private information inherent in a credit card transaction.
In a Bluetooth Low Energy connection, one of four roles is occupied by a device: Central, Peripheral, Broadcaster, and Observer. The Peripheral role is the Slave in a connection and may only maintain one connection. A Peripheral device pairs with the Central device and acts as the client in a connection. However, when sending data to the Central device, the Peripheral device acts as a data server to the connecting Central device, which in turn acts as a client.
The Peripheral role is most often occupied by a Bluetooth Smart (single-mode) device. Central and Peripheral roles are the two most commonly used in a Bluetooth Low Energy configuration.
The following outlines the generation of a Personal Certificate for EAP-TLS using version 4.01 of CiscoSecure ACS and a Certificate Authority (CA) both of which are running on the same Windows 2003 server. Any Windows PC with Internet Explorer may be used to generate and retrieve the certificate from the CA. In this example, the certificate is then installed on the client, an HP iPAQ running Windows Mobile v5.0.
Detailed Steps (Admin use only):
Generate the certificate
- From the IE browser on the PC, browse to the CA.
- Select Request a certificate.
- Select Advanced certificate request.
- Select Create and submit a request to this CA.
- Provide a name that matches a valid username account on the ACS Server.
- Select Client Authentication Certificate.
- Select Key Size of 1024.
- Check Mark keys as exportable.
- Accept all other defaults.
- Click Submit.
- Select Yes when prompted with Potential Scripting Violation... Do you want to request a certificate now?
- Select Install this certificate.
- Select Yes when prompted with Potential Scripting Violation.Do you want to add the certificates now?
Prepare the certificate for export
- From the IE browser on the PC, go to Tools > Internet Options > Content tab > Certificates.
- Select the certificate and click View.
- Go to the Details tab. Select Copy to File to initiate the Export Wizard.
- Select Next.
- Select Yes, export the private key.
- Select Next.
- Select Personal Information Exchange - PKCS #12 (.PFX).
- Select Include all certificates in the certification path if possible.
- Unselect Enable strong protection.
- Select Next.
- Enter a password that will be used the first time the certificate is authenticated (for example: summit).
- Select Next.
- On the File to Export screen, browse to a directory of your choice and enter a name. It will get .pfx added to it.
- Select Next.
- Select Finish.
- Select Ok to complete the wizard.
Install the certificate on the client
Note: Be sure to update the date and time on the client device or the certificate will fail.
- On the PC, copy the certificate onto a memory card (such as an SD or CF memory card depending on your client device).
- Install the memory card into the client and copy the certificate into a local directory.
- Use the PFXIMPRT utility to import the certificate into the iPAQ's certificate store.
- When the utility runs, there are two fields to fill in:
- The first field is for the certificate. Browse to the certificate on the device and select it.
- The second field is populated with the password assigned to the certificate as part of the export process (summit, in this example).
- Tap Import certificate. It will show that one personal cert and one root cert were installed.
- Tap OK.To verify that the certificate is installed properly on the client, go to Settings > System tab > Certificates. The certificate and expiration date are displayed on the Personal tab. The name of the Certificate Issuer (CA) that issued the certificate is displayed on the Root tab.
Configure an SSID to use the Certificate
- Using Windows Zero Config on the client, select the SSID from the list
- Edit its properties to use Smart card or certificate.
- Select the certificate from the available certificates in the store.
You should get prompted for the password assigned to the certificate (summit). The client should authenticate.
Note: SCU Admin use only. See the "Summit Software Administrator's Guide" for more information.
A computer network tool used to test the presence of an active connection, to test the reachability of an access point (or host) on an IP network, and to measure the round-trip time for messages sent and received from the access point.
When a ping initiated from the Diags window is active, the Status window displays a ping indicator consisting of two lights that flash green (for a successful ping) or red (for an unsuccessful ping).
Note: This indicator only appears in SCU versions prior to v4.0.
Ping Delay is an SCU Global setting that indicates the amount of time (in milliseconds or ms) between successive ping requests.
Ping Payload is an SCU Global setting that indicates the amount of data (in bytes) that is transmitted on a ping.
Ping payload values include 32, 64, 128, 256, 512, and 1024 bytes. The SCU default is 32 bytes.
Ping Timeout is an SCU Global setting that indicates the amount of time (in milliseconds or ms) that passes without a response before the ping request is considered a failure.
A ping timeout integer value can range from 1 to 30000 ms. The SCU default is 5000 ms.
Ping Tools is an SCU diagnostics tool that enables you to troubleshoot connection issues with SCU. The following properties and options are available from the Ping Tools window:
Note: The ping tools window only appears in SCU version 4.0 and later.
A protocol that allows data to transfer between a peripheral device and the CPU. Each PIO has a different speed of data transfer:
|PIO Mode||Maximum Transfer Rate (Mb/s)|
PMK (Pairwise Master Key) Caching is an SCU Global setting that indicates the type of PMK caching to use (Standard or OPMK) with WPA2 key management.
PMK caching is an alternative to CCKM supported with WPA2. The goal of PMK caching is to speed up roaming between access points by accomplishing 802.1X reauthentications without communicating with the authentication server. When a station does an initial authentication to the WLAN infrastructure, both sides receive the information needed for reauthentications.
If there are no controllers, then Standard PMK caching is used and reauthentication information is cached following the initial authentication with an access point. When the station tries to reauthenticate to that access point again, the station and the access point use the cached information to do the four-way handshake to exchange keys.
If there are controllers, then Opportunistic PMK (OPMK) caching is used and reauthentication information is cached on the controllers. When the station tries to reauthenticate, the station and the controller behind the access point use the cached information to do the four-way handshake to exchange keys.
Use the PMK Caching global setting to configure the type of PMK caching supported by your infrastructure. If the Summit radio is configured for one type of PMK caching and the infrastructure supports the other type, then PMK caching will not work, and every roam will require a full 802.1X authentication that requires interaction with an authentication server.
If the active profile has an Encryption setting of WPA2 CCKM, then the Summit radio ignores the PMK Caching global setting and attempts to use CCKM.
Point-to-Multipoint connections consist of two parts. The first is a node which acts as a host and which communicates with multiple other nodes. The second is a collection of two or more nodes which act as clients to the host, and which both share a connection to the host. Traffic is negotiated through one of several schemes, such as Time Division Multiplexing, that allows all connected clients access to network traffic. A Point-to-Multipoint connection may be configured single or bi-directionally, based on the network's needs.
The standard mode of wireless communication, Point-to-Point communication is a wireless replacement for the traditional cabled connection between devices. A Point-to-Point connection connects two devices in a wireless network.
This type of connection contrasts with Point-to-Multipoint connections, which act as a hub for several nodes.
Refers to the orientation of the flux in the electromagnetic field of a radio wave. There are various types: linear, elliptical, and circular. Linear creates a straight line on the electromagnetic plane. Circular creates an elliptical shape on the electromagnetic plane (narrower on one axis than on another). The shape of an antenna does not necessarliy dictate the kind of polarization.
In Polled mode, the driver continually checks the status of external devices to determine if they need servicing. When a device is ready for servicing, it must wait until the software polls it before it can be serviced. Consequently, polled-mode devices experience slower response time as more devices are added to the embedded system. These systems can become unstable as more devices are added because the response time of each device is affected. For smaller systems, polled-mode may be appropriate, since it generally provides a higher throughput.
With Interrupt mode, each external device typically has one interrupt that feeds into the microprocessor's interrupt port through an interrupt controller. Interrupts coming from external devices can be prioritized. In interrupt mode, a device asserts an interrupt when it needs to be serviced. The driver quickly services the highest priority interrupt first. Although the response time with Interrupt mode is much faster, there is the possibility that lower-priority devices are not serviced. There is generally more stability with interrupt systems, since the response time for each interrupt can be estimated with more accuracy and devices can be added to the system without affecting the response time of existing devices. However, depending on the system, the throughput might not be as high as with Polled mode.
By default, Summit device drivers operate in Interrupt mode which provides for optimal performance. At times, Interrupt mode may conflict with other non-Summit device drivers currently present on the device. When this occurs, the device may lock-up. Setting the Summit driver to Polled mode can often address these device lock-ups.
Note: When the Summit driver is set to Polled mode, there is a small (often unnoticeable) decrease in WLAN performance.
Polled mode can only be enabled through a registry setting. To enable polled mode, set the following registry key to a non-zero value:
Note: The polledIRQ registry value is not present in the registry by default. It must be added as a DWORD value.
To return the driver to Interrupt mode, set the above registry key to 0 and power cycle the unit.
Note: In polled mode, the CAM (Constantly Awake Mode) power-save mode may not be used. If the profile's power-save mode is set to CAM, it will be treated as Fast-PSP. See Power Save for more information on CAM and Fast-PSP power save modes.
A portable device is a device that typically transmits in direct contact or within 20 cm of the human body (such as a handheld device) under normal operating conditions.
Because of their operation within close proximity of the human body, portable devices must undergo an additional level of testing that is not required of mobile devices. This testing is referred to as Specific Absorption Rate (SAR) testing which measures the amount of energy from the device that is absorbed by the human body.
Because SAR is very device-specific, FCC rules do not allow for a Limited Modular Approval (LMA) for use with portable devices; portable device vendors must secure an FCC grant for their devices rather than leverage an existing grant at the module (radio) level.
- Mobile Devices
- FCC Grant Conditions of Certified Modules
- Modular Approval
- Limited Modular Approval
Indicates the radio's current power save setting. Power save mode allows you to set the radio to its optimum power-consumption setting.
Maximizing battery life for full shift operation is an important consideration for vendors and users of hand-held data terminals and similar devices. Summit provides a number power save modes that can significantly reduce the radio's power consumption and maximize the battery life of the host device.
Summit supports the three following power save modes:
When in power save mode, the radio "sleeps" most of the time and "wakes up" only when it has data that needs to be sent to the infrastructure (or at an interval determined between the station and the access point). When the radio is awake, the access point also delivers to the station any data that has been buffered during the radio's sleep period.
The following are the three building blocks of power save polling (PSP):
- Wakeup Procedure - There are two reasons for a station (STA) to wake up: either to transmit pending data or to retrieve buffered data from an access point. Waking up to transmit data is driven by the STA. Waking up to receive data is also initiated by the STA after it monitors its pending data bit in a periodic beacon frame sent out by its access point. Once the STA decides to transition from sleep to active mode, it notifies the access point by sending an uplink frame with the Power Save (PS) bit set to Active. Following this transmission, the STA remains active to enable the access point to then send buffered downlink frames.
- Sleep Procedure - To transition into the sleep mode, a STA (in active mode) must complete a successful STA-initiated frame exchange sequence with the PS bit set to Sleep. Following this operation, the access point buffers all the downlink frames to this STA.
- PS-Poll Procedure - Instead of waiting for the access point to transmit the buffered downlink frames, a STA (in sleep mode) can solicit an immediate delivery from its access point by using a PS-poll frame. Upon receiving this PS-poll, the access point can immediately send one buffered downlink frame (immediate data response); or it can send an acknowledgement message and response with a buffered data frame later (delayed data response).
Notes on Power Save Polling:
An 802.11 access point transmits any multicast or broadcast frames immediately unless at least one associated station is in Power Save Polling (PSP) mode. When PSP is in use by at least one station, the following occurs:
- When it associates to an access point, a PSP station sends the access point a unicast powersave "listen interval" value, which is configured as x DTIM (Delivery Traffic Indication Map).
- The access point queues frames for PSP stations.
- Once every DTIM interval, the access point determines if there are packets cached.
- With a Cisco access point, the default DTIM interval is the beacon interval (100ms) x 2, which means that the station wakes up every 200 ms.
- If there are packets cached, the access point transmits a DTIM frame or beacon, which lists the MAC addresses of associated stations for which there is data queued.
- Every x DTIM interval (such as every "listen interval"), a PSP station wakes up.
- If the station is using Fast PSP, then it checks the DTIM frame or beacon.
- If the station is using Max PSP, then it sends a power save poll to the access point.
- After sending the DTIM frame (or responding to the power save poll), the access point transmits all queued data frames.
- Each PSP station acknowledges the receipt of each packet.
- Before transmitting the last packet, the access point flips one of the bits on the frame to signal that it is the last packet.
- Upon receiving the last cached packet, the station returns to PSP mode (for example, goes back to sleep).
See Radio Profile for more information.
The Profile window displays the device’s current profiles, which are groups of radio and security settings that are stored together. Other than viewing the settings for each profile, the functions and settings located on the Profile window are only available to administrators. Non-administrators may not edit any items on this tab.
You can perform the following actions from the SCU Profile window:
- New: Create a new profile with default settings. Assign a unique name (a string of up to 32 characters). Edit profile settings using other Profile window selections.
- Rename: Change the profile name to one that is not assigned to another profile.
- Delete: Delete a non-active profile.
Note: You cannot delete an active profile.
- Scan: Tap to view a list of APs that are broadcasting SSIDs; seltect and SSID and create a profile for it.
Note: See Using Scan to Create a Profile for more information.
Note: SCU Admin use only. See the "Summit Software Administrator's Guide" for more information.
PSK, or Pre-Shared Key, is a password (shared secret) which was previously shared (through a secure channel) between the two parties before the key needs to actually be used.
See WPA-PSK/WPA2-PSK for more information.
A technique for controlling power to a device by generating variable-width pulses which represent the amplitude of an analog input signal.