FortiWLC – RF Interferer Classification

RF Interferer Classification

Wi-Fi networks operate in the unlicensed 2.4 and 5 GHz frequency bands, where they share a medium with a variety of other devices. With the exception of Bluetooth devices, none of the other devices have any mechanisms to co-exist with Wi-Fi networks. As a result, when an interfering device is emitting energy in the WLAN channel the WLAN Access Point is used for communication, the throughput of the AP can be significantly affected.

Spectrum detects all non-802.11 interference devices, especially the devices mentioned in the below list:

  • Microwave ovens (conventional)
  • Microwave ovens (inverter)
  • Motorola Canopy Wireless
  • Non-Wifi Wireless Bridges
  • Wireless video cameras (digital and analog)
  • Analog cordless phones (2.4GHz and 5GHz)
  • FHSS cordless phones (2.4GHz and 5GHz)
  • DSSS cordless phones (2.4GHz and 5GHz)
  • Bluetooth devices
  • Wireless baby monitors
  • Game Controllers
  • RF Jammers (both narrowband and wideband)
  • Wireless mice
  • Zigbee devices
  • Motion Detectors (S-band, radar-based)

In addition to the above mentioned devices, the RF Jamming devices also exist. The RF Jamming devices can be used to intentionally interfere with wireless communications. Although, these devices are considered to be illegal in the US and elsewhere, they provide performance and security issues to WLANs.

Wireless LANs based on the IEEE 802.11 standards, function in the unlicensed 2.4 and 5 GHz frequency bands. Other devices emitting radio-frequency energy in these bands can interfere with WLAN transmissions. The “Radio frequency characteristics for the interferer devices listed below” on page 126 lists some common RF interferer and their RF characteristics.

Radio frequency characteristics for the interferer devices

The Radio frequency characteristics for the interferer devices are listed below:

From the deployment perspective, the Spectrum coverage not only depends upon its sensor (receiver sensitivity), but also depends upon the interference devices transmit power (or signal strength). We cannot place the sensors far away and expect the very low signal strength interference device packets to reach the sensor.

Theoretically, lower the signal strength of the interference devices more sensors must be packed to catch those devices.

The “Sensors” on page 123 (“Software Sensors” on page 123 and “Hardware Sensors” on page 123) must be installed at least six feet away from a servicing AP. Having it closer affects the accuracy of interference classification.

The servicing APs must not be installed very close to PSM3x, as the false events (Analog Cordless Phones, etc.,) may be detected by PSM3x sensor due to the EMI (Electromagnetic Interference) emitted near by APs.

For Example:

Bluetooth has 2.2 dBm transmit power, for which the sensors must be placed closer in the given site, for it to be captured. So, the signal strength of interference devices is inversely proportional to the sensors coverage area.

Also the sensor coverage area is proportional to the receiver sensitivity. More the receiver sensitivity (which can be obtained with higher gain antennas) the sensors can be more sparsely distributed compared to the above example.

The conclusion is, the coverage area of the sensor depends upon the lowest signal strength of the interference device to be detected and depends upon the receiver sensitivity of the sensor. More the signal strength of the interference device and more the receiver sensitivity, the sensors will have more coverage and vice versa. Assuming the above considerable factors the predictable coverage can be identified with the following table, which has a specified interference transmit power. So it’s the administrator or the user environment the deployment for the sensors can be predicted.

TABLE 9: Radio frequency characteristics for the interferer devices listed below

Interferer Device Frequency Range Transmit Power Modulation #

Communication

Channels

Supported

Width Features
Bluetooth 2402-2480 MHz 2.2 dBm GFSK, FHSS 79 1 MHz Pulsed, low-power
Analog Cordless Phone 2403-2480 MHz NA Narrow

Band FM

40 ~300 kHz Narrow Band FM
DSSS Digital

Cordless

Phone

2407.5-2472

MHz

20 dBm DSSS 40 1.5 MHz Highpower, duty Factor
FHSS Digital

Cordless

Phone

2408.5-2472

MHz

21 dBm FHSS 90 892 kHz Pulsed, high-power
Conventional

Microwave

Oven

2.4 GHz 800W N/A N/A N/A Pulsed, broadband
Inverter

Microwave

2.4 GHz 1300W N/A N/A N/A Pulsed, broadband
Wireless

Video Camera

2414 – 2468

MHz

10 dBm Frequency

Modulation

(FM)

4 N/A Broadband, highpower
Digital Video Monitor 2402 – 2483

MHz

20 dBm FHSS 27 2MHz Highpower, frequency hopping
Game Con-

troller

2402 – 2482

MHz

N/A FHSS 40 500kHz Pulsed, low-power,

Frequency hopping

RF Interferer Detection

With the WLANs supporting critical applications such as voice and video communications, monitoring and management of RF interference becomes a security imperative. Interference can be from an intentional, malicious interferer such as an RF jammer or from an unintentional source such as a cordless phone in a nearby location. In either case, the ability of the WLAN to support the real-time communication required by these applications can be severely compromised by the RF interference. WLANs must be able to continuously detect the interferer in the RF environment for these security issues and trigger alerts to network administrators.

The Sensors which are listed in the Event Log page provides the interference event information.

Figure 32 on page 127 illustrates the sensors listed on the Event Log screen.

Figure 32: Sensors listed on the Event Log screen

Each interferer device signal is treated as an interference event and is detected by the following parameters:

  • Event Subtype (Type of interferer)
  • Signal Strength (Current/ Average / Maximum) dBm
  • Affected Channel(s) (Impact will be on the channels listed)
  • Center frequency
  • Duration (how long the inference event was seen)
  • Start Time (At what time the interference event started)
  • Stop Time (At what time the interference event stopped)

The active Interference event is highlighted in bold font and a red dot.

The event which is not alive at the moment will be grayed out as shown in the

The RF Interferer classification is detected by the following parameters

  • Channel
  • Signal Strength

Interferer can be detected,

  • By opting to filter, for only on that channel.
  • Interferer fading into the 2.4GHz and the 5GHz spectrum by varying its signal strength which is detected by opting to filter the signal strength ranging from >=- 10 dBm to >=110 dBm
  • By Specific interferer devices.

Interferer on all channels, in the range of signal strength and also on all types of Interferer devices can also be filtered by opting “All”.

Historical Spectrum dashboard Analysis

Spectrum Manager provides historical spectrum data for analysis. The impact on the interferer devices can be determined with the data available from the past with the tentative date and time. Interference events caused by the interferer devices are stored in the Spectrum Manager database for future analysis. A history of interference events for one year is maintained.

Event logs

The triggered events from the particular sensor are consolidated, captured and displayed in the Event Log screen as displayed in Figure 146 on page 351.

Time-based Analysis

The Spectrum events are the time-based triggered events, for which the “Start and Stop time” is not provided. It must display the dashboard for the current interference activity. Ensure the “Earliest Time possible in Start time and Use current time in Stop time” check box is checked, to view the dashboard for real time display.

Proactive Spectrum Manager

Proactive Spectrum Manager, designed for single channel deployment, takes a top-level view into the channel spectrum, then recommends the best channels) for network operation. The PSM dashboard presents a goodness value for all channels and recommended channels of operation for the network using a chart with green (good) and red (don’t use) bars.

Configure Proactive Dashboard Manager Using the Web UI

Use the dashboard to see the channel goodness over the spectrum and best available channels for 20MHz or channel-bonded (40MHz) operation on the 2.4 and 5GHz bands. The spectrum shows bar chart goodness values for all 20MHz and 40MHz channels. The higher the bar, the better the channel is. If the color of the bar is grey, no observation on that channel has taken place.

You have two PSM options, View and Evaluate.

  • View is enabled on all channels by default. View mode monitors interference, such as rogues, and displays recommendations for channel use. If you see solid green bands on every channel in the charts, either only View is enabled or Evaluate is also enabled and there are no rogues on any channels.
  • Evaluate is disabled on all channels by default. If you enable Evaluate mode on the channels, then PSM will manage the use of those channels by moving devices away from channels with a specified amount of rogue activity. To enable Evaluate:
  1. Click Monitor > Spectrum Manager > PSM.
  2. Click Evaluate at the top of the screen.

Optionally, select one of the options from the Evaluate drop-down list:

View turns on rogue detection, does an immediate scan, turns off rogue detection, and then displays the results.

One Time Adapt turns on rogue detection, does a scan, turns off rogue detection, and then moves stations to recommended channels immediately

Periodic Adapt repeats at the interval you set in the minutes value. Every x minutes, it turns on rogue detection, does a scan, turns off rogue detection, and then moves stations to recommended channels immediately.

  1. Optionally change the Evaluation Time from 120 seconds to a value of 5 – 300 seconds. Evaluation affects rogue scanning (turns it on for Evaluation Time seconds) and optionally changes channels.
  2. Optionally change the Threshold from 25 to a value of 1 – 100 rogues. Threshold indicates a delta in goodness value between current and recommended channel that triggers a change of channel. Non-zero threshold applies to periodic adaptation.
  3. Optionally change the Adaption Interval from 30 to a value of either zero or 5 – 10080 seconds. (The values 1-4 seconds are not supported.) The adaptation interval determines how often channels can be automatically changed for this controller.
  4. Click Start Wizard.
  5. Confirm by clicking OK twice.

Click Graph Help to see what the chart colors mean. Click Details on either chart to see numeric values for the green bars in the charts. A summary of rogue scanning parameters is presented at the bottom of the screen. Also, the adaptation period of a periodic adaptation is shown if one is running. The view automatically refreshes every minute.

If rogue detection is not enabled on the network, PSM turns it on when needed for evaluate mode, then turns it back off. For example, if you use the option One Time Adapt, PSM turns on rogue detection, does a scan and then moves stations to recommended channels immediately. This overwrites the running config and reboots the APs (save it to make it permanent).

Blacklisted channels are never recommended. RS4000 and mesh radios are not supported. The more non-Fortinet equipment on a channel, the lower the recommendation will be to use that channel. Do not use this feature with a multichannel configuration.

 

Configure Proactive Dashboard Manager Using the CLI

The CLI command for Proactive Dashboard Manager is proactive-spectrum-manager evaluate. This is an example:

mg‐mc2# proactive‐spectrum‐manager evaluate

** Attention: Stations may be disconnected in this evaluation **

Are you absolutely sure [yes/No]? yes   

Evaluation time [120s]? 10

View or Adapt [View/adapt]? adapt

Adaptation period [0] min (5‐10080)? 0

This entry was posted in Administration Guides, FortiWLC on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.