FAQ (Frequently Asked Questions)

General
Coverage
Capacity
Performance
QoS
Security
Hardware
Mobility
AWMS
Network Deployment Considerations
More Q&As on Network Security
Appendix - AWMS configuration Requirement

I. General
Key Advantages of Altai Solution (World's leading outdoor WiFi base station)
Larger coverage per AP (typically require 2-4 APs per square km vs. 12-24 APs for others), that means lower
total cost of ownership with Altai solution.
Improved uplink performance for low-power WiFi clients
Minimize latency for improvement of real-time applications - Unlike mesh, cellular architecture can reduce
traffic latency and it is better to support real-time applications. Mesh network induce latency due to multiple
hops problem.

Where are the deployments?

Including cities in the U.S. (Silicon Valley, Crystal Lake in Illinois, New York City), China (Beijing, Hangzhou, Jiangxi,
Shandong and Shenzhen), Taiwan (Kaoshiung), Malaysia (Sarawak, Ipoh), Vietnam, Cambodia, Mexico, Panama,
Brazil, Middle East, Europe and other Asian-Pacific countries.

What is the largest deployment in the field?

Over 150 BTS deployed in various cities of Sarawak, Malaysia.

Do you have the 802.11n product?

The 802.11n product is under development for both indoor/outdoor installation, target to be launched in early 2009.

Do you have the WiMAX solution?

We are part of the WiMAX solution. We developed the smart antenna-based hardware engine that can work with either
WiFi or WiMAX. Right now WiMAX terminals are uncommon in the market, we will incorporate the WiMAX capability in
future product release. Currently,WiMax backhaul equipment can be integrated with our base station.

What is the price of base station?

A few thousands USD price goes with quantity, please go to discuss with our sales.

Investors
Key investors include Morningside Ventures, Wong's International (Holdings), HK and US based Hi-Tech
entrepreneurs.

II. Coverage

Coverage of A8 Base Station

In line-of sight environment, our base station can cover the cell radius of 1 km typically, whereas in non-line of sight, it is
very environmental-dependent, it can cover 300-500m radius typically (Competitors' products: 100-150m radius).

What technique is being used for the large coverage?

Through smart antenna multiple beam transmission and reception, the signal processing algorithm can resolve the
optimum beam for each terminal.
The signal processing algorithm allows flexible antenna configuration to suit the local environment. (e.g. per antenna
downtilt and orientation)

III. Capacity
No. of users supported per A8 base station
Our base station is designed to support up to 256 associated users. Practically speaking, the number of concurrent
users supported depends on the traffic type, required data rate, access behavior, and the security setting, etc. The
maximum number concurrent users of our customers observed in the field is over 100.

No. of VoIP calls can be supported

Over 30 for indoor, and over 20 for outdoor.

Throughput
Data rate is upto 54Mbps. Throughput is upto 20Mbps for TCP and 25Mbps for UDP (Note: backhaul connection
dependent)

IV. Performance
Scalability
Yes, very scalable. Our network architecture is based on the proven cellular network architecture.

Latency
Typically less than 5ms for access link or each backhaul link. Other mesh APs use layer 3 backhaul routing and each
hop count induces 10ms latency.

Data Rate vs. Receive Sensitivity, specified at 10% PER (packet error rate)
802.11g
54Mbps
48Mbps
36Mbps

-73dBm
-76dBm
-82dBm

24Mbps
18Mbps

-85dBm
-89dBm

12Mbps
9Mbps

-90dBm
-91dBm

6Mbps

-92dBm

802.11b
11Mbps

-89dBm

5.5Mbps
2Mbps
1Mbps

-91dBm
-93dBm
-96dBm

Redundancy
The A8 incorporates Link Integrity and Self-healing Node protocols. Each access point has wireless and wired backhaul
mutually backup with each other. The Link Integrity Check feature can detect backhaul radio port health condition and
Internet access line availability for hot failure switchover.
Redundancy can also be achieved by network design, use double AP coverage for access redundancy and dual
backhaul link connection for backhaul redundancy to prevent single point of failure.

How can system log of abnormal events be collected regularly?

A8 supports Syslog messages and SNMP, it can be collected by Syslog server, AWMS or SNMP tools. A0/A2 supports
SNMP only and Syslog will be supported in future release.

How can performance statistics be collected regularly?

The AP generates real time information for the whole AP. AWMS will poll data from AP regularly. After each polling,
AWMS will aggregate the received data counts and store into the database (upto 14 days of data storage). AWMS shall
display the statistics both in table and line chart format, and allow user to specify the performance data, polling period
and total duration displayed in the line chart. Performance reports can be generated in PDF/HTML format.

How can the number of on-line users be monitored per AP and SSID?
AWMS can view the associated client MAC address of each base station, and the web interface of A8 can also display
the associated client MAC address and IP address.

Does hidden node problem more significant due to large coverage, so more collision will occur?
In CSMA, collision occurs when both clients transmit at the same time because they can't hear each other and the
RTS/CTS mechanism is disabled. Since A8 has 4-sector architecture and each sector has dedicated radio, the hidden
node problem is limited to within a single sector. The average client distance within a sector is statistically much less
than omni antenna coverage, so the probability of hidden node is reduced. A8 also has hidden node collision avoidance
algorithm because of multiple receive capability, one of the collided packets received can be selected, whereas
standard single radio AP will neglect all the collided packets.

V. QoS
QoS support for A8 base station
A8 has WMM support which is a subset of 802.11e. It supports upto 16 VLANs/SSIDs to prioritize different traffic. Or
each VLAN/SSID can be assigned for a different service package, and it needs to integrate with 3rd-party Radius
server and bandwidth manager to offer different service package.

Bandwidth Management
The A8 doesn't have bandwidth allocation function. It needs to leverage with 3rd party product (e.g. service controller)
to do the bandwidth control per SSID or user basis.

VI. Security
A8 Encryption scheme
A8 supports encryption scheme including WEP, TKIP and AES.

A8 authentication scheme
A8 supports open key, shared key and 802.1x authentication.
A8 supports WPA, WP

VLAN Support
The AP supports VLAN tagging in the trunk port, and the SSID/VAP can be mapped to the VLAN ID.

Inter/Intra VAP client communication control

The AP supports the enabling / disabling of forwarding inter/intra VAP traffic among the clients. In public WiFi network,

it is important to disable inter/intra VAP traffic forwarding to maintain security among the clients.

More Q&As in Network Security

Refer to the later section.

VII. Hardware
Certifications
A8 is FCC Certified in Part 15 C & E, CE certified, SRRC and DGT certified. Type approvals in different countries (e.g.
Brazil, Malaysia, Russia) are also available

Weather-Proof Enclosures
Yes, equivalent to NEMA4X or to IP66 plus protection against corrosion.

Operating Temperature
Unit operation from 33C to 55C
Heaters will come on below approx. 0C

How many radios in A8?

Dual-band, multiple radios supporting 802.11a backhaul and 802.11b/g radio access

Backhaul
Ethernet interface and 802.11a backhaul are integrated.

Power
AC 80~264 VAC
Power consumption: Typical 20W
Max 58W (low temp, heaters turn on, and high throughput)

TX Power
TX power can be adjusted in 1 dB step from 5-23dBm.
Nominal setting is 21dBm to give EIRP of 34dBm (14dBi antenna gain, 1dB cable loss).

Mounting options
Tower, roof-top, pole or wall mounted

Lightning Protection
A8 includes lightning and surge protection in its design. It consists of various embedded lightning and surge protection
circuitries made up of gas-filled surge arrestors, thyristor surge protectors, varistors and isolation transformers,
protecting the Ethernet port, AC power, console port and internal circuitries. The protection principles are to minimize
pickup of lightning induced transients, limit transient voltages and shunt surge currents.
Moreover, the A8 has a grounding pin for connection to the building's electrical earthing facility.
In high lightning areas, an external lightning protection system is recommended.

Mean Time Between Failure (MTBF)

All the hardware platform (A0, A2 and A8) have the MTBF over 100,000 hours (~11.4 years).

VIII. Mobility
Client Device Dependency
The performance depends on the client device. (e.g. When the client device starts to search for a new AP, the scanning
time and the handoff time). Client devices can have different handoff mechanism: Hard Handoff (make after break) or
Soft Handoff (make before break), so handoff time are different.

By network design

In site planning phase, the cell overlapping area will be determined to enable handoff to portable clients. The APs
should be set with the same SSID and the wireless network should be designed in the same subnet to facilitate handoff.

IX. AWMS
Management Capabilities
AWMS acts as an Element Management System (EMS) used to manage Altai NEs (e.g. A8, A2, A0). The management
features basically include fault, configuration, performance, and security management. Northbound interface can be
built to integrate with the operator's NMS.

Remote capabilities of AWMS

Remote firmware upgrade, remote AP configuration, template-based configuration, alarm monitoring

How many network elements can be managed by software?

Upto 500 network elements

What kind of statistics can be recorded by management software over time to obtain performance
trending?
Throughput, bytes sent/received and packets sent/received statistics for all interfaces (2.4GHz, 5GHz, and Ethernet)
are available.

What level of SNMP is used?

SNMP v1/v2c

Supported Languages in GUI

English, Traditional Chinese and Simplified Chinese

Hardware Configuration
Refer to AWMS Configuration Requirement in the Appendix

X. Network Deployment Considerations

Network planning
Network planning will consider the surrounding environment, target coverage area, selection of site location and
installation site planning. Our technical support team will provide the network deployment guideline in due course.

Antenna installation parameters

Typical parameters will include the antenna height, antenna orientation and down- tilt angle.

Statistics for Optimization

The A8 web interface can display the RF and performance statistics (e.g. link throughput, noise floor data), so network
administrator can understand the network status and perform any optimization on the network.

Automatic Channel Selection

A8 will scan the environment and select a suitable channel during start up. It will select a channel which is relatively
clear, i.e. less interference. After A8 boots up and selects a channel, the channel will not be changed automatically until
next boot up. This can prevent channel being changed frequently, i.e. the back-and-forth effect causing stability
problem. The automatic channel selection feature can be enabled or disabled.

XI. More Q&As in Network Security

1. WiFi network is not secured in most existing deployments?

Typical discussion in security refers to 2 areas: user authentication, and traffic encryption. User authentication prevents
unauthorized users to use network resources. Traffic encryption prevents unauthorized users to monitor the content of
the information going through the wireless link.
Most existing public WiFi deployments are using Open security mode. This mode can be monitored by hackers. (refer
to Common WiFi Security Attacks)

2. Some deployment has captive portal, could that improve the wireless security?
The captive portal is typically used only for user authentication, which prevents hackers to utilize the network resources
but does not prevent hackers from monitoring any unencrypted traffic.

3. What kind of user traffic could expose to the attacks?

Most plain text traffic:
Unsecured Web browsing (HTTP)
Unsecured Email
Telnet, etc.
However, most secured traffic are not exposed to the attacks:
Secured Web browsing (HTTPS)
Secured Email (SSL-based email)
VPN

4. Any way to provide more secure WiFi network?

802.1x
This is a built-in security for WiFi network, 802.1x works with back-end radius server, to provide better security, A8/A2
supports this mode.
Cons:
Compatibility issues on Old clients
Difficult to setup for novice users.
Operator provided VPN termination
User connects to WiFi network with unsecured mode.
Operator provides VPN termination service (e.g. SSL-VPN) for the users, to ensure the privacy.

5. Does Altai products provide co-exist open and more secured wireless modes?
Yes, different VAPs could have different security modes in both A8 and A2.
Common WiFi Security Attacks

Attack 1: Man in Middle (Sniffing)

Description:

The hackers sniff the user traffic through the air. If the user is not using
strong security mode, its traffic can be monitored by hackers easily. The
hackers just need a WiFi client and a downloadable software.

Problematic Security
Modes:

Open Mode (No Security), WEP

User Risk:

The plain text network usage, e.g. Unencrypted Email, Telnet,

Unsecured Web browsing (HTTP), could be monitored by hackers
easily.

Remedy:

Use Strong Security Modes: WPA (PSK), WPA (802.1x)

Attack 2: Rogue AP
Description:

The hackers setup a bad AP pretends the ISP AP, by using the same
SSID.

Problematic
Security Modes:

Open Mode (No Security), WEP

User Risk:

TThe type of user traffic at risk is the same as the man-in-middle attack.
However, the user exposes to the higher risk because the user login and
user session can be tracked more easily.

Remedy:

- Use Strong Security Modes: WPA (PSK), WPA (802.1x)

- User login (which help user to identify the AP)
- Rogue AP detection (for Enterprise only.
In public environment, you cannot do anything even you detected there is a
rogue AP.

Pros and Cons of Stronger WiFi Security Modes

WPA-PSK
Pros:
Resist to man-in-middle (stronger encryption)
Resist to rogue-AP attack (using server certification)
Cons:
Not applicable for Public Access, to have a pre-shared key

Pros:
Built-in module for accounting
Resist to man-in-middle (stronger encryption)
Resist to rogue-AP attack (using server certification)
Cons:
802.1x client compatibility
The setup procedure is too difficult for novice users

Open

WEP (Shared Key)

WPA PSK

WPA 802.1x

Resist to Man-in-Middle Attack

XX

Resist to Rogue AP attack

XX

Public Access

VV

VVV

XXX

Ease-of-use

Possible Business Model for more secured WiFi network

Users Norm
Most free/low-cost WiFi users do not have so much concern about the network security.
In fact, the network security is already provided by the application level, (i.e. Secured Web Browsing
(HTTPS))
The users that required extra security are willing to pay for it.
Possible Model
Coexist Secured and Open Network
Provides secured network for the users that are willing to pay.
Security Models

802.1x

Pros

Cons

Built-in support in most client and AP (including A8)

Difficult to setup for novice users

Compatibility issues on Old generation WiFi clients
Operators provided VPN termination (e.g. SSL-VPN)
o Pros
Ease of Use
o Cons
Extra cost for operator to setup VPN termination services (e.g. SSL-VPN gateway)

XII. Appendix - AWMS Configuration Requirement

Network
Size

Enterprise-Small

Enterprise-Medium

Enterprise-Large

Carrier* (Will be
supported upon
request)

15 AP

16 - 200 AP

200 500 AP

2,000 25,000 AP

Number of
AWMS user
supported:

4-20

Number of
AWMS
Server:

1-20

Number of
Proxy per
AWMS
Server:

N/A

N/A

Number of
AP per
Proxy:

N/A

N/A

200

1000

2u server, Intel Xeon, 3.6

GHz, 2 GB RAM, 80 GB
disk space, 100M
Ethernet NIC card,
Windows server 2003
x64 Std Edition
MySQL 4.0.12 / 4.1.18
(ver. 5.0 is NOT
supported)
JDK 1.4.2

2u server, dual CPU Intel

Xeon, 3.6 GHz/2MB
Cache, 2 GB RAM, 80
GB disk space, 100M
Ethernet NIC card,
Windows server 2003
x64 Std Edition
MySQL 4.0.12 / 4.1.18
(ver. 5.0 is NOT
supported)
JDK 1.4.2

2u server, dual CPU Intel

Xeon, 3.6 GHz/2MB
Cache, 2 GB RAM, 80
GB disk space, 100M
Ethernet NIC card,
Windows server 2003
x64 Std Edition
MySQL 4.0.12 / 4.1.18
(ver. 5.0 is NOT
supported)
JDK 1.4.2

(integrated in AWMS
Server)

2u server, Single CPU,

Intel Xeon, 3.0 GHz, 2
GB RAM, 40 GB disk
space, 100M Ethernet
NIC card, Windows
server 2003 Std Edition
JDK 1.4.2 / 4.1.18 (ver.
5.0 is NOT supported)

2u server, Single CPU,

Intel Xeon, 3.0 GHz, 2
GB RAM, 40 GB disk
space, 100M Ethernet
NIC card, Windows
server 2003 Std Edition
JDK 1.4.2 / 4.1.18 (ver.
5.0 is NOT supported)

System capacity
Number of
AP
supported:

Hardware Requirement
AWMS
Server

Desktop Pentium 4
2.8GHz, 2 GB RAM,
40 GB Disk space,
100M Ethernet NIC
card, Windows XP
Professional SP2
Microsoft.Net
Framework 2.0
MySQL 4.0.12 / 4.1.18
(ver. 5.0 is NOT
supported)
JDK 1.4.2

Proxy Server (integrated in AWMS

Server)

Client

(integrated in AWMS
Server)

Desktop Pentium 4
2.8GHz, 1GB RAM, 40
GB Disk space, 100M
Ethernet NIC card
Windows XP
Professional SP2,
Microsoft.Net Framework
2.0

Managed
Network
Element

Altai - A8 (ver. or
Altai - A8
above)
Altai - A0 (ver. 3.37 or
Altai - A0 (ver. 3.37 or above)
above)

Desktop Pentium 4
2.8GHz, 1 GB RAM, 40
GB Disk space, 100M
Ethernet NIC card
Windows XP Professional
SP2, Microsoft.Net
Framework 2.0

Desktop Pentium 4
2.8GHz, 1 GB RAM, 40
GB Disk space, 100M
Ethernet NIC card
Windows XP Professional
SP2, Microsoft.Net
Framework 2.0

Altai - A8
Altai - A0 (ver. 3.37 or
above)

Altai - A8
Altai - A0 (ver. 3.37 or
above)