July Tech Bulletin

As your trusted M2M communications partner, USAT Corp. prioritizes data security for critical WWAN data transmissions on the public networks. Through technical innovation, USAT places enhanced wireless data security within the reach of all clientele, regardless of project size. See information about the way that USAT is reimagining private network implementation below. In other networking news, VZW extends availability of IPv4 static IPs in a new PSA. Also herewith, see important information regarding changes in price structure for both the Cradlepoint and the Sierra Wireless cloud-based device management systems. Info from USAT is below about the roadmap indicating the end-of-the-line for the IBR6XX-LPE models from Cradlepoint. In addition, Digi international, Red Lion, and Multi-Tech, have officially published end-of-life dates on some of their cellular routers/modems—info that is digested at the end of this email.

  • USAT CORP. NEWS—USAT has released a private network with no line/device minimums, no mandatory contractual terms, and in some cases, no set-up fees—and the potential for a 24-hour implementation time. Unlimited IPv4 static IP addresses are available. Read about Express M2M Prime Network service/airtime here. Reply to this email if you would like additional info about why isolating your M2M data transmissions from the public Internet should be part of your security strategy.
  • VERIZON WIRELESS NEWS—Please note: Verizon Wireless issued a new, revised Public Service Announcement that pushed back the date that IPv4 addresses will no longer be available to mid-2018 from the original date that VZW had set of June 30th, 2017. Read the new VZW PSA here.
  • SIERRA WIRELESS AIRLINK NEWS—ALMS is now free-of-charge for clients with under 16 devices registered for this device health monitoring service. Read the additional details about that program here. Want to take advantage of free ALMS, but don’t know where to begin? Reply to this email and we can help you sign into your free account for sub-quantity 16 device users.
  • Sierra Wireless has extended their trade-in program that offers cash incentives for upgrading older Airlink Devices until September 30th. Read the program overview here.
  • CRADLEPOINT NEWS—IMPORTANT—Enterprise Cloud Manager, ECM, has evolved and beginning on July 17th has been rebranded as NetCloud Manager (NCM). When it comes time for service subscription renewal, the Basic service option will remain the same cost. The Prime service option will have an approximate 30% increase in cost. See an explanation for that change here.
  • CRADLEPOINT USERS OF THE POPULAR IBR6XXLPE PRODUCT LINE please note well: although the official EOL date has not yet been published for this line, the published roadmap points to these best-selling models going EOL in 2017. If you are a user of the IBR600LPE or IBR650LPE Cradlepoint router, then the time to proactively manage the model change is now. Contact USAT for a presentation of your options.
  • DIGI INTERNATIONAL NEWS—EOL Announcement-Accessories & Some Transport WR44 models
  • RED LION SIXNET NEWS—EOL Announcement-SN-68XX & RAM68XX
  • MULTI-TECH NEWS—Near EOL Announcement-2G & 3G MultiModem iCell Line

Archive-October 2016-Tech Bulletin–Mirai Advisory And New Wireless Network Products MG90

Our mission is to keep you informed about information key to the success of your organization’s wireless data initiatives. Below you will find an overview of important facts about the Mirai virus. Near the bottom of this email, you will find information about new products that you should be aware of in the wireless data communications space.

Mirai Summary: A new Trojan virus called Mirai is in the news.  Mirai is targeting Linux servers, M2M and IoT devices, including cellular gateways and routers, but mainly cameras and DVRs, running Linux-based firmware, for the purpose of nefariously engaging these systems as part of a large botnet used to stage Denial-of-Service DDoS attacks designed to disrupt access to web properties. (More info: https://safeum.com/blog/2014-mirai-trojan-is-the-next-big-threat-to-iot-devices-and-linux-servers.html) Runaway cellular airtime usage can be a result of infection. In the world of wireless networking, any device that runs on Linux is susceptible. PLEASE NOTE USAT CLIENT BASE: Critical infrastructure clients who are on private networks run a reduced risk of infection.

How Infection Happens: Mirai infects devices via brute-force attacks on the Telnet port, exploiting a “black hat” list of default password credentials, taking advantage of instances where device owners have forgotten to change the built-in default password to a secure password. Critical infrastructure clients who are not on private networks but who have implemented complicated passwords (like what the USAT DevProv+ service facilitates) and instituted other basic security functions like “white lists” and “black lists” are unlikely victims. If you have not or suspect that a user within your organization has not changed the default passwords on the devices attached to your corporate network, then it is important to implement secure passwords now in order to avoid operational ramifications as well as possible financial charges due to data consumption overages.

How To Diffuse Your Risk & Treat Infection: Good news: even if your device is infected, restarting the device and changing the password is an effective treatment. Sierra Wireless, a world leader in the manufacture of cellular gateways was the first to issue a technical bulletin detailing the threat of Mirai to the M2M/IOT ecosystem. Please refer to the steps that they suggest to secure devices here: http://usatcorp.com/action-required-sierra-wireless-technical-bulletin-mirai-trojan/.  The Department of Homeland Security also very recently issued an informative publication on defeating Botnets here https://www.us-cert.gov/ncas/alerts/TA16-288A. In addition to the advice issued on the DHS link, best practices dictate that if you are a user of cellular routers and gateways, make sure that devices in your network are running the latest firmware.
Please feel free to respond to this email with additional questions or concerns about the Mirai virus.

NEW PRODUCT ANNOUNCEMENTS FOLLOW:
USAT NEW PRODUCTS—Poynting High-Gain Multi-band Antennas Launched
Poynting high gain directional antennas are now a stocked item at USAT Corp. USAT conducted an extensive search for multi-band high gain antennas, both omni and directional (yagi) that can support the different flavors of LTE used domestically and around the world, and this product line tested out the best. See examples here http://usatcorp.com/usat-corp-will-now-offer-poynting-antennas/. If you have interest in superior high gain antennas, respond to this email, and a specialist will contact you.

CRADLEPOINT NEW PRODUCTS

SIERRA WIRELESS AIRLINK NEW PRODUCTS

DIGI NEW PRODUCTS

As you set budgets for wireless data communication and networking initiatives in 2017 and beyond, please consider USAT Corp. as your consultative partner and engage with us early and often. You can get in touch with me to discuss your upcoming projects, or reach out directly to your USAT account manager.

Digi's Transport Goes Mainstream With the Transport WR21

When Digi acquired Sarian Systems in 2008, they bought a powerful software package with many robust security features for moving money wirelessly. With the advent of the WR21, we get a glimpse of the future of the Digi product line as they hypridize the features of the legacy ConnectWAN models with the Transport line.

In summary, the Transport WR21 has two flavors. Basically, flavor one is a “WR21 LITE,” with standard software, at a very low price-point, and does not contain all of the sophisticated features as the rest of the Transport line but will fit the bill for many of the same applications as the ConnectWAN. The second flavor, termed ” the enterprise software version” is packing the full feature set of the Transport line including advanced routing, VPN, and statefull firewall. View a specification sheet here.

Since the SKUs of the Transport line can be complex, as a public service we are listing the part numbers and descriptions below.

-WR21-B11B-DB1-SU TransPort WR21 1XRTT Sprint, 1 Ethernet, RS232, Standard Software Package, US Power Supply and Antennas
-WR21-B21B-DB1-SU TransPort WR21 1XRTT Verizon, 1 Ethernet, RS232, Standard Software Package, US Power Supply and Antennas
-WR21-C51B-DB1-SU TransPort WR21 EVDO IUSACELL, 1 Ethernet, RS232, Standard Software Package, US Power Supply and Antennas
-WR21-E11B-DB1-SU TransPort WR21 Edge, 1 Ethernet, RS232, Standard Software Package, US Power Supply and Antennas
-WR21-U61B-DB1-SU TransPort WR21 HSPA+ ATT, 1 Ethernet, RS232, Standard Software Package, US Power Supply and Antennas
-WR21-U71B-DB1-SU TransPort WR21 HSPA+ Worldwide (850/900/1900/2100MHz), 1 Ethernet, RS232, Standard Software Package, US Power Supply and Antennas
-WR21-U81B-DB1-SU TransPort WR21 EVDO/HSPA+ Gobi 3000 (850/900/1900/2100MHz), 1 Ethernet, RS232, Standard Software Package, US Power Supply and Antennas
-WR21-C01B-DB1-SW TransPort WR21 EVDO 450MHz, 1 Ethernet, RS232, Standard Software Package, International Power Supply and Antennas
WR21-C31B-DB1-SW TransPort WR21 EVDO 450MHz RUIM, 1 Ethernet, RS232, Standard Software Package, International Power Supply and Antennas
-WR21-C41B-DB1-SW TransPort WR21 EVDO 450MHz Norway, 1 Ethernet, RS232, Standard Software Package, International Power Supply and Antennas
-WR21-C61B-DB1-SW TransPort WR21 EVDO 450MHz Sweden, 1 Ethernet, RS232, Standard Software Package, International Power Supply and Antennas
WR21-E11B-DB1-SW TransPort WR21 Edge, 1 Ethernet, RS232, Standard Software Package, International Power Supply and Antennas
-WR21-U41B-DB1-SW TransPort WR21 HSPA+ EU/APAC (900/2100MHz), 1 Ethernet, RS232, Standard Software Package, International Power Supply and Antennas
-WR21-U71B-DB1-SW TransPort WR21 HSPA+ Worldwide (850/900/1900/2100MHz), 1 Ethernet, RS232, Standard Software Package, International Power Supply and Antennas
-WR21-U81B-DB1-SW TransPort WR21 EVDO/HSPA+ Gobi 3000 (850/900/1900/2100MHz), 1 Ethernet, RS232, Standard Software Package, International Power Supply and Antennas

A recent Digi newsletter contained an excellent article about utilizing the Digi Transport line’s Digi Surelink feature.
Digi SureLink has several mechanisms to help maintain a persistent wireless connection and take action if the connection is lost.
First, there are mechanisms to test that traffic is actually passing. On the Digi TransPort® this can be done actively by generating traffic from the device or passively by testing outbound TCP traffic and checking that responses (ACKs) are received.
If the test fails, then corrective action is taken. These configurable items are:
1. Drop the current PPP session and attempt to re-establish it. (If the Digi TransPort senses the PPP session is gone, it will automatically attempt to re-establish it even without Digi SureLink.)
2. If the PPP session does not re-establish, then reset the embedded module and try again.
3. If that still fails, then reboot the Digi Transport device itself.
Since several different functions come into play, the Digi TransPort engineers came up with an easy-to-follow SureLink Wizard in the built-in WebUI. The user selects the wizard, reads the on-screen info and prompts, and builds the SureLink setup without even needing to crack the User Manual.

iDIGI & The Concept Of Having A 3rd Party Manage Critical Network Device Data

I read an excellent post today regarding the iDigi device management “cloud” platform.

http://www.smartgridnews.com/artman/publish/Videos-Interviews/Smart-grid-companies-Digi-International-wants-to-be-the-Windows-of-wireless-3666.html

I like Digi, and I like the promise of iDigi for managing devices for some applications. However, I must  voice my critical infrastructure colleagues’ concerns about allowing any 3rd party (in this case Digi) to host key information, and in fact monitor, the performance of  critical network assets. A previous Digi WWAN device management offering, Connectware Manager, was a device management console that was hosted internally, “inside the firewall” of our critical infrastructure clients. Digi seems to have ceased the sale of Connectware Manager, and with its demise, goes the option of keeping all of one’s critical device data in-house. iDigi is subscription-based, and follows a software-as-a-service business model. Basically, with Digi, it is now iDigi or the nothing.  CradlePoint, with their offering WiPipe,  is also a software-as-a -service model. I am hoping that Sierra Wireless does not follow suit and try to yank Ace Manager and force all clientele to utilize a S-A-S management platform. I have heard rumblings that this is the plan.

Now I understand the beauty of a world where all devices could be managed seamlessly, in the cloud, preferably by somebody else who takes care of all the technical headaches of hosting a secure server. I also understand that the BIG money for these network device manufacturers would be in an upsell to the a software-as-a-service  business model with its recurring revenues. And talk about a sticky client retention strategy! However, for those manufacturers that are truly interested in serving the needs of all critical infrastucture clients (utilities, government, energy, rail), they will  need to understand that options must be kept open about who hosts the critical data.  And if big energy or a government agency wants to manage their own network device data, on their own secured server, and not outsource it to a third party that is not exactly in the “secure server” business, then you have to give them a robust, intuitive, scalable management application platform to do so.  Therefore, find my open letter below:

Dear valued network device manufacturer partners,

Please understand that some critical infrastructure clients will never implement the 3rd party hosted wireless network device management model that you are all marketing heavily at the moment and that other options are desired in the marketplace.

Sincerely, Yours In Partnership,

WWANWOMAN

I’d love to hear some feedback on this piece from critical infrastructure network jockeys who are both pro- and con- the concept of outsourced network device monitoring and have opinions that they would like to share.

Initial Experience With The Digi Connect WAN 4G

4G Network Device Options

 

 

 

 

 

 

I’m back after a hiatus, and am eager to share with my peers information about wireless gateways and routers that are available on the “nominally 4G” networks. I have a lot of information to report on, so this data download will take multiple posts. Digi International was the first to release a wireless gateway  for Sprint’s WiMax network. The unit, the DIGI Connect WAN (DC-WAN-Y301-A) is a wireless gateway (see info here http://usatcorp.com/proddetail.asp?prod=DC-WAN-Y301-A). The first one that my team sold and integrated was for a security company that will be using this device to back-haul surveillance video. This application makes perfect sense, as the Sprint WiMax network has the kind of throughput that makes it a powerhouse for transmitting realtime-video. And hey, the great airtime plans that Sprint is offering for WiMax help, too! We were very optimistic to see this device put into a testing environment by a security company. However, the gilding on the lily was tarnished when we worked to provision this device and low and behold, Sprint did not have a static IP option available for it. This revelation caught our company (and Digi) unaware! We saved the day by hosting a DNS name for the device for the client. However, we all need to do a SHOUT OUT to Sprint about offering a static IP option for this scenario. That reminds me that I have to check back and see if Sprint has any ETA on this. If anything has changed, I will reveal the resolution in a future post.

Digi To Release New Smart Modem With GPS Receiver

Yes, the lines are blurring again as to who manufacturers what. Digi will be releasing a new product, in the June timeframe, with an integrated GPS receiver. The new product has an enclosed form factor that is very different from the box-y, industrial, “completely undesigned” design of the ConnectPort WAN-series and is much more reminiscent of the Sierra Wireless MP line. The overall feel is that Digi has discovered that modems need to be designed to a certain spec to be adopted for in-vehicle use. (Note: The ConnectPort WAN is already available with a GPS reciever, but my feeling is that very few people actually bought this device as GPS was an afterthought to this router.)  There will be two distinct models of this product–a low-bandwidth, small storage model and a more robust and more expensive version. Proposed price-points that I have seen seem too good to be true, so I will not mention them here until they have been verified as accurate closer to the release date. But take this away: the pricing looks great.