Aruba Network’s new remote office access point, the RAP-2WG, allows an enterprise to securely extend the corporate wireless network to remote offices. While REAP technology is nothing new, the price point on the RAP-2WG certainly is. List price is only $99, and the street price brings its price in line with that of a Linksys WRT54GL. The unit is extremely small, too: about the size of a deck of cards.
How does it work?
The RAP-2WG’s E0 port is connected to the internet connection at the remote or home office. The unit establishes an IPSEC tunnel (using your choice of 3DES or AES) back to the Aruba controller at the main office. Once connected, the controller extends the corporate wireless — including all security policies — to the remote unit. You can also configure the second wired port in any way imaginable – from 802.1x port security, to a vlan bridge, even as an 802.1q trunk. You can also apply an ACL and run the RAP-2WP in split tunnel mode so that client internet traffic doesn’t cross the tunnel.
Enough marketing, how well does it really work?
I tested an Aruba RAP-2WG as follows:
– Aruba OS 126.96.36.199
– 6000 Controller Cluster. The cluster was in regular production mode during this test.
– 100 Mb internet connection
– RedHat 5 running vsftpd – Server
– Ubuntu 10.04 – Client
– Dell D620 with an Intel 4965AGN wifi card
The Test Procedure:
After configuring the RAP-2WG to connect back to the mothership, I connected it to a high-speed remote network. To test the unit’s throughput, I created a file containing 20Mb of random data (testfile.tar.gz); this file would then be transferred via FTP to the client machine.
This technique generally works pretty well, the whole way up to 1Gb/s if you follow these two simple rules:
1) Ignore the results of the first test. The first time you download the file, the server has to read it from disk. Subsequent requests (within a few minutes, at least) will come from the server’s disk cache and be significantly faster.
2) Don’t actually write the file to disk on the client machine, otherwise you’ll just be testing the hard drive speed. The best way to do this is to use wget under Linux. The syntax I prefer is:
# wget -O /dev/null ftp://your-ftp-server.pskl.us/testfile.tar.gz
This will simply dump the data to /dev/null as it comes in. When wget completes, it will give you the average transfer rate in BYTES per second — don’t forget to multiply by 8.
Step 1: Baseline Test
To determine the maximum speed at this site, the client machine was connected directly to the local internet connection using the system’s wired ethernet port. The test file was then transferred ten times and the average bit rate computed.
Average Transfer Rate, No Crypto: 84.64 Mb/s
Step 2: IPSEC AES128, using the Wired port
The test system was then connected to the RAP-2WG’s E1 port. The test file was then transferred ten times and the average bit rate computed.
Average Transfer Rate, IPSEC 128, Wired Port: 2.73 Mb/s
Step 3: IPSEC AES128, Wireless 802.1X PEAP
The test system was then connected wirelessly to the RAP-2WG. The system established a solid connection at 54Mb/s using PEAP/MSCHAP/AES auth/crypto. The test file was then transferred ten times and the average bit rate computed.
Average Transfer Rate, IPSEC 128, Wireless PEAP: 1.821 Mb/s
The RAP-2WG works as promised. The rated IPSEC throughput of the unit is 2Mb/s, which agrees with my findings. The slightly slower throughput over wireless is due to a combination of effects, but most likely a result of the double-encryption (PEAP wifi plus the IPSEC tunnel) that the unit has to handle. The RAP-2WG is inexpensive enough that it can be deployed as a robust VPN solution for staff working from home. You could actually buy RAP-2WGs and hand them out to your staff for about the same cost as buying Cisco VPN licenses for your existing ASA. Yes, that ‘s right. A robust hardware solution for the same price as the competition’s software license.
Aruba, you guys rock.
NOTE: InGrid recently changed their name to LifeShield, but the equipment and service is still the same as is reviewed here
If you are interested in how I got to this point, check out the first post.
UPDATE (05-10-2012): I’ve been less-than-thrilled with the business practices of LifeShield lately. I still am a big fan of their products and services, so these reviews stand true, but if you’d like to know what they are up to, read this blog post.
UPDATE 10-18-2010: LifeShield has added a few items/features you should know about:
They now sell the cellular backup unit. Add it to your system and your alarms will go through even if your phone lines and internet connection are cut.
They also now offer a smartphone app for the iPhone, Android, and BlackBerry.
One last thing, I’ve reviewed their Wireless Homeview Camera which integrates with the security system.
UPDATE 11-11-2010: The battery in my Siren Detector died already, which is odd, but the good news is that it uses the same batteries as the door/window sensor: a CR2450 coin-cell battery. These can be purchased from amazon.com for pretty cheap…I bought a 5-pack for under $7 shipped.
UPDATE 12-08-2011 – THIS IS AN IMPORTANT ONE: In the past year LifeShield has changed their business plan a lot. As you read the review below, bear in mind that the following things are now the case for new customers:
- They no longer sell the base systems outright, they are free-ish and subsidized by a…
- Minimum 3 year contract. Sign up for a 5 year contract and your monthly rate will be cheaper (of course). Minimum $35/month for a 3 year contract, minimum $30/month for 5 year. One nice thing about being on contract is that the hardware is completely supported by LS, even including the batteries in your sensors.
- There is a (minimum) $99 activation fee. It can be higher if you select certain options, such as the Cellular Backup unit
All this being said, it is still a decent deal. If I were security-system shopping today (instead of 2 years ago), I’d probably still go with LifeShield. I recommend you call the competition and get a quote, then check out LifeShield and see how it compares. If you are handy enough to install the system yourself (and you are… it isn’t hard), I think you’ll end up being happier with the LifeShield system.
As I discussed in the last post, I decided to go with the InGrid (LifeShield) security system. I ordered up all the parts I wanted and waited for them to arrive. Before you even receive your hardware, you can set up your account with the web portal (http://myingrid.com/). You create a password for accessing the account as well as other security questions. All of this can be edited later but you might as well get it out of the way now. Once you finish, you can poke around the site and see what kind of settings are available to you. Interesting, but I just couldn’t wait for the hardware to arrive so that I could get started with…
The packaging and documentation were all very impressive. There’s a great attention to detail they show here and it does not go unappreciated. The photo above shows all the stuff I got to start with, although I might add more later. It includes some very nice signs which I think I’ll be leaving in the box. Letting people know you have an alarm system is one thing, letting them know exactly what kind you have is another. Maybe I’ll put up some Brinks signs or something. When you open up the big box, you get this:
A paper telling you, among other things, that “specialty sensors” can’t be added until 24 hours after system activation. No problem, plenty of other sensors to install first. It ended up being less than 24 hours for me anyway. Also included is a CD with PDFs of all the manuals. Then you get to the meat of the system:
The numbered boxes make it even easier than I thought it would be. These 4 units make up the backbone of your security system. They are already associated with each other so there is no “syncing” to be done with these items. Just follow the simple instructions for each box (basically, connect the internal backup battery and plug it in) and you are good to go. Here is a shot of the book showing how simple the instructions are:
As I mentioned, all of the items have internal backup batteries. Supposedly, the batteries will last around 24 hours if your power goes out. They are all simple rechargeable-phone-type batteries that you can buy at WalMart. First up is the base unit:
This guy is the real brain of the operation. You plug it into your internets and into your phone system (VOIP, in my case). It has a cradle for charging the phone unit, but the phone also comes with a charging base, so you don’t NEED to use this to charge the phone. I prefer hiding this somewhere out of sight so that nobody knows where to look to disable your system. If you are using your phone system as a backup, two of the other parts have phone jacks (the Console and the Grid Extender)…which means that this unit could be destroyed but either of those units could still phone home to the monitoring service. That’s part of what is so cool about this system…it is so decentralized.
Next up is the Handset and charger. Here is a pic next to a soda can for size reference:
This handset has all the functionality of the Console, which is up next:
Either the handset or the console can be used to arm the system, disarm the system, view the status of sensors, and act as a phone (the console acts as a speakerphone). You can set the console on a countertop or mount it on the wall. It needs to be connected to AC power at all times (the battery is really just for backup purposes) so you are somewhat limited in mounting options. These units are also used for adding sensors and other goodies to the system. We’ll get into that shortly. I should also mention that you can view your current weather on either of these units as well as any “weather alerts.” Neato.
I didn’t take a photo of the grid extender… it isn’t very exciting. Basically a brick that you plug into the wall. As I mentioned before, it has a phone jack which will be used to call the monitoring center if other systems fail. The grid extender also does what the name implies… it physically extends the network for sensors and other devices to be recognized by your system, so you should take that into account when deciding where to place all this stuff. You can even put a grid extender in your neighbor’s house (with permission, of course) and plug it into their phone line. That way, a thief would have to cut your internets, your phone, AND your neighbor’s phone to stop the system from calling in an alarm. If power, phone, and cable are knocked out for your entire neighborhood…well… I guess you are SOL… but InGrid says they have a GSM backup module coming soon, so you’ll be able to breathe easy (UPDATE: the GSM backup module is now available from lifeshield.com)
Once you have these 4 items powered up, you can activate your system online with myingrid.com. Very simple process that involves getting a code from the website and then entering it into your handset. Done. Now you can start adding open/closed sensors to your windows and doors. Here’s a little video introduction to the open/closed sensors, followed by a video I made explaining the very simple process of adding a sensor to your security system:
You can add a bunch of these sensors and then sit down at your computer and name them appropriately from there (if you don’t want to do it from the handset or console).
Once the 24 hours have passed, you’ll get an email to tell you that your system has been activated and you are now in “Practice Mode” for 7 days… which means that any alarm you set off won’t call the monitoring system. So you have 7 days fool around and see how things work without being afraid that the cops will show up and yell at you. This activation email also means you can install your other sensors and dealies. In my case, that meant keyfobs, a siren detector, and a motion detector.
Here are a few videos showing my experience with those 3 addons:
All of that was pretty painless, right? I was a bit annoyed at how the motion sensor integrates with the system, so it gave me an excuse to call their tech support. The problem is that it logs motion events whether the system is armed or not. I understand that concept with door/window sensors, but not with motion sensors… The idea is to keep them in living spaces, so that means you’ll be tripping it all day long. Every time it senses motion, the console and the handset both display “Open: Motion Sensor” as if it is a window you keep opening and closing. My event log on myingrid.com very quickly just gets spammed with these “events.” Sure, I can filter the event log, but I shouldn’t have to. I asked tech support about it and they basically told me that it “isn’t a big deal” and that’s just how it works. They are right, it isn’t a “big deal,” but it IS annoying. There should at least be an OPTION to set it so that motion detector events only get logged (or noticed at all) when the system is armed. Working the way it does, I’m going to put a cover over my motion detector and only take it off when I leave the house or go to bed at night.
Now that the system is up and running, the only thing left to do is give you a quick tour of the myInGrid web UI. The following slideshow takes you through a bunch of the important screens. Many of the features shown here are also available via their mobile-friendly version of the myInGrid site, including being able to look at content grabbed by the cameras attached to your system (I really need to get one of their cameras). If you move your mouse over the slideshow, the controls pop up at the bottom which will allow you to pause it or move forward or backwards in the slideshow. The caption on each screenshot explains what you are looking at.
View the screenshots here if you want to look more closely.
I already mentioned the cameras they offer to integrate with the system. They have a few other items that I don’t (yet) own, but you should know about:
- Glass break sensors – these recognize the sound of glass breaking and trigger the alarm
- Water/temperature sensors – these are convenience sensors that alert you to a change in temperature and/or water where it shouldn’t be. I need one of these for our upstairs laundry room.
- Smoke/heat detectors – you can use these rather than the siren detector I’m using.
I’m hoping that they’ll release some new products soon, such as:
- A thermostat – would be killer to be able to see the current temperature and change the desired settings remotely
- Light/appliance controls – or just add a module that supports X10 stuff
- An outdoor camera – preferably wireless. If it is wired, make it support PoE and include a power injector. Seriously. I will pay for this.
- A doorbell. This would be interesting to log events on, and it could just ring through all the same units that chirp when a door opens.
- How about a module with a dry contact interface so we can start to have some REAL fun with this thing…
So that’s pretty much it… If you have any questions that I have not answered, feel free to ask in the comments and I’ll do my best. Aside from the motion detector silliness, I think this is the perfect home security system…well, it is perfect when used in conjunction with the .44 Desert Eagle I keep in my bedroom. Maybe I should put a picture of THAT in my yard rather than the InGrid signs…
What can you get for $.99? An excellent, yet independently-published Kindle book called “Uncubicled.”
This is important, so pay attention.
There was a time in the not-so-distant past when budding authors, musicians, and filmmakers were all hobbled by a common burden: Publishers. As a creative individual, finding a publisher was your only choice for distribution if you wanted to share your creations with the rest of the world (and, possibly, be paid for it). Having a quality product might seem like it would be enough, but it often was not. As an unknown, just getting your foot in the door of a publisher was an enormous feat. Often it was a matter of “knowing the right people.” If you didn’t know the right people, you’d have to hire them. Agents, managers, and many other people looking to take a cut of your hard-earned payday IF that payday ever comes.
Most would not get published, destined to return to anonymity and give up their dreams, their wallets considerably lighter for the effort.
Some would succeed, however, but few actually end up making a profit. Most would get a very weak record, book, or movie deal, thanks to their non-existent negotiating power. If your product happened to beat the odds and become very successful, the publisher and agents and other paper-pushers would make a great deal of money. The struggling artist, however, would still be working at their day job, hoping that their current success could be carried over into a more favorable deal next time they are at the negotiating table.
This all happens for a good reason, of course. Creating and distributing massive quantities of physical media (books, CDs, DVDs) costs a great deal of money. Publishers are taking a risk on every item they publish and many of them don’t pan out, so the ones that do succeed need to pay big to make up for the failures.
Fine, that’s capitalism, but it hardly fosters new and exciting media. Very few publishers would take a big risk, so an unbelieveable amount of marketable books, music, and films ended up in the trash, never to be seen again. Talented artists gave up their dreams and returned to the daily grind, their spirits crushed by the system.
As we all know, a system like this is hard to even fathom in the age of the internet. MP3s have rocked the RIAA to its very knees (not just because of piracy) and sites like YouTube allow filmmakers to test out their craft on a world-wide audience (and build a fan base) before attempting to sell a larger production to a movie or television studio.
But where does this leave the authors? Sure, they can try to sell a .pdf of their Great American Novel on the web, but how will they get eyeballs on the website? And who even buys a PDF of a novel? Not many people are willing to stare at a computer screen for hours and hours reading a PDF. Well, I guess I would if I didn’t have a Kindle, but it isn’t preferable.
MP3s hit the scene in a big way around 1996 but didn’t really evolve into a major force until two things happened:
a) portable players (I had an original Rio PMP300 in 1999…32MB of storage)
b) digital distribution (iTunes, amazon.com)
This all means that anybody with a decent recording of their music (and a relatively small upfront investment) can get their tracks on iTunes or amazon.com or some other digital music store where people will find it and possibly buy it. The system is far from perfect (and still involves “labels” to some extent), but it certainly is an improvement. For more information on digital music publishing, check out this excellent blog post: Can A Musician Sell Their Music Online?
So, once again, where does this leave authors? This finally brings me to:
The Point Of This Entire Rambling Blog Post
If we look at the success of the MP3 model and compare it to books, we now have the two building blocks for success:
a) portable devices (the Kindle)
b) digital distribution (amazon.com, some other sources)
Ideally, we would not be dealing with only one company here (for the most part), but this is really just the beginning. Yes, I know there are other e-book readers (the Sony, etc). Yes, I know there are other places to purchase e-books. However, the Kindle + the amazon.com Kindle store make the first real Joe Consumer-friendly combination that really gets it right. The “Whispernet” wireless shopping and distribution method on the Kindle is the real deal-breaker, in my opinion, and sets the Kindle miles ahead of any other device or distro method.
Amazon has made it incredibly easy to self-publish a book via the Kindle store. Using their Digital Text Platform, anybody with an amazon.com account can upload a manuscript (in .doc format, for instance), set a price, and have their book available for purchase in the Kindle store almost immediately with ZERO dollars up front. They take a nice cut of your earnings, of course, but that’s the price you pay for having your material in front of a zillion eyeballs. You don’t even need to pony up for an ISBN, which is nice, since selling digital music still requires you to pay for a unique UPC (what a load of crap).
Let me clarify this just to make sure everybody is clear: I could take this blog post, upload it to amazon, set a price, and it would be available to be purchased for the Kindle (either via the web or via the Kindle itself) by tomorrow. If (hypothetically) it started selling, I’d start to get checks from amazon.com. It is that simple. Maybe you’ll sell 1 copy (to your mom) or maybe you’ll sell a million copies. Either way, it didn’t cost you a dime to see if all that hard work really did produce something that people would enjoy reading. If it IS successful, I’m sure the book publishers will come knocking on YOUR door to acquire publishing rights to your current and future work.
As you may have guessed, I own a Kindle (the Kindle 2, to be precise). I think it is the greatest thing since my first MP3 player and I’m not sure what I would do without it. I’ve been reading materials by some established authors, but I’ve also stumbled across some interesting work that I never would have found in a Barnes and Noble. The book I’m most impressed by, and the very reason for this blog post, is called Uncubicled.
Uncubicled was written by Josh McMains. McMains is an electrical engineer by trade and, like many of us, thought “I have an idea for an interesting novel and I think I could write it.” UNlike many of us, he actually sat down and did it. Not just the first chapter, the entire book. As a first-time author with no connections to the industry, what does he do with the fruits of his labor? Does he walk into the HQ of a major book publisher with his hat in hand? No, he publishes his book himself. Although there are other ways to purchase the book, the keystone of his publishing strategy appears to be the amazon Kindle store.
Presently, you can purchase Uncubicled for the Kindle for only $.99. Yes, 99 cents. You spend that much on a single crappy song from iTunes. A pack of Tic Tacs. Clearly a bargain. But is the book any good?
You bet it is.
The Kindle version on amazon has 22 customer reviews with a 4.5 star average. I haven’t yet posted my own review, but I will after I finish this blog post (I’ll give you a hint, it will be 5 stars). Besides, for $.99, you can afford to find out for yourself. McMains has done an excellent job of marketing the book via twitter, facebook, and a website. I found him on twitter, actually (or HE found ME, I should say, after I mentioned my Kindle in a twitter post). This is a business model that I believe is very important to the future of digital publishing and, as such, needs to succeed. If you have a Kindle (or know somebody who does), you owe it to yourself to check out this book.
What’s that? You don’t have a Kindle yet? Well, there’s no time like the present.
One last thing: if you have read this book, please review it on amazon! The quantity and quality of reviews has a direct effect on the visibility of the book to amazon.com users. If he could get over 50 reviews, it would really help him out.