Wi-Fi Alliance® is a global non-profit industry association of hundreds of leading companies devoted to seamless connectivity. With technology development, market building, and regulatory programs, Wi-Fi Alliance has enabled widespread adoption of Wi-Fi® worldwide. The Wi-Fi CERTIFIED™ program was launched in March 2000. It provides a widely-recognized designation of interoperability and quality, and it helps to ensure that Wi-Fi-enabled products deliver the best user experience. Wi-Fi Alliance has certified more than 15,000 products, encouraging the expanded use of Wi-Fi products and services in new and established markets.
Wi-Fi and WiMAX will coexist and become increasingly complementary technologies for their respective applications. Wi-Fi technology was designed and optimized for Local Area Networks (LAN), whereas WiMAX was designed and optimized for Metropolitan Area Networks (MAN). WiMAX typically is not thought of as a replacement for Wi-Fi. Rather, WiMAX complements Wi-Fi by extending its reach and providing a "Wi-Fi like" user experience on a larger geographical scale.
Yes; if the component is Wi-Fi CERTIFIED™ for the same frequency band (e.g. 2.4GHz) you can mix and match products produced by different manufacturers. The Wi-Fi Alliance tests all products independently to help ensure they are interoperable with all other Wi-Fi CERTIFIED™ products of the same frequency band and features, regardless of manufacturer.
Wireless security is important, and Wi-Fi wireless networks can enable WPA2, a sophisticated encryption technology that protects data flowing between Wi-Fi radios and access points. Make sure you enable it on your network.
Wi-Fi CERTIFIED n devices typically have a range of up to 200 meters and can cover an entire home with a strong Wi-Fi signal. Another benefit of 802.11n technology is much better coverage. Wi-Fi CERTIFIED n devices use "reflections" of the signal (from walls, etc.) to strengthen it and eliminate cold or weak spots in the signal.
The power conservation achieved depends on the particular application in use, as well as how effectively the application uses WMM Power Save. The Wi-Fi Alliance has produced a white paper which offers guidance to application developers.
A company must be a member of the Wi-Fi Alliance® to have its products reviewed for certification.
The Wi-Fi Alliance® has instituted a testing program that outlines how member products are tested to certify that they are interoperable with other Wi-Fi CERTIFIED™ products. Products awarded Wi-Fi Certification have undergone strict, rigorous and independent testing by one of our Authorized Test Laboratories. When a product successfully passes the test, the manufacturer or vendor is granted the right to use the Wi-Fi CERTIFIED™ logo on that product and its corresponding collateral material.
The Interoperability Certificate provides detailed product information regarding capabilities and features that have passed the Wi-Fi Alliance's interoperability testing requirements. For a detailed example of the Interoperability Certificate and definitions of current product standards, visit http://www.wi-fi.org/knowledge_center/insist-on-wifi-certified.
Look for the Wi-Fi CERTIFIED name and / or logo on the product. Only products which have passed Wi-Fi Alliance testing can bear the Wi-Fi CERTIFIED name and/or logo.
Core Technologies (802.11a/b/g/n)
Wi-Fi CERTIFIED n is the latest generation of Wi-Fi, offering substantial improvements in speed, range, and reliability compared to older versions of Wi-Fi. Wi-Fi CERTIFIED n products interoperate with other types of Wi-Fi (802.11 a/b/g and "draft-n") in the same frequency band.
Yes. Please see the Certified Products section of this web site to search for products that are Wi-Fi CERTIFIED.
No. Wi-Fi CERTIFIED n products must be backward compatible.
How does the Wi-Fi Alliance help ensure product compatibility and a good user experience for 802.11n based products?
This is achieved through rigorous testing of products that are based on the 802.11n standard. Consumers should always look for the Wi-Fi CERTIFIED™ logo to ensure the best user experience possible.
802.11n is a breakthrough technology that enables Wi-Fi networks to do more, faster, and over a larger area, and Wi-Fi CERTIFIED n is a designation for 802.11n based products that indicates they have passed rigorous interoperability and security requirements. Wi-Fi CERTIFIED n provides the best connection available for computer networking and home entertainment applications alike - delivering the range, bandwidth, and performance today's multimedia applications and products demand.
Key features of Wi-Fi CERTIFIED n products include: A strong Wi-Fi signal that can blanket the entire home; support for more devices connecting together on a single network without sacrificing bandwidth; use with many devices and applications without sacrificing connection performance; plenty of bandwidth to move high-definition video and audio streams from device to device throughout the home; the best user experience while using Wi-Fi devices for with voice calls, video games, and other multimedia applications; back up large files in a snap; confidence that devices from different manufacturers will work together; tested for latest security features; and configured with "good neighbor" protocol.
Performance of individual 802.11n devices is determined by the vendor’s choice of optional features as well as factors unrelated to Wi-Fi (processor speed, device design, etc.). As a group, Wi-Fi CERTIFIED n devices deliver up to 5 times or more the data rate and up to twice the range of older Wi-Fi standards; various optional 802.11n features can improve performance beyond those parameters. With a variety of optional features enabled, data rates for 802.11n devices can reach 600 Mbps. Wi-Fi device vendors deploy different sets of 802.11n features to suit the needs of a particular device, application, or market, so product performance will vary.
Will my Wi-Fi CERTIFIED 802.11n draft 2.0-based Wi-Fi product work with products that are Wi-Fi CERTIFIED n?
Yes. Wi-Fi CERTIFIED n devices interoperate with Wi-Fi CERTIFIED 802.11n draft 2.0 devices that use the same frequency band (2.4 or 5GHz). However, keep in mind that Wi-Fi CERTIFIED 802.11n draft 2.0 devices may not include some of the advanced features included in Wi-Fi CERTIFIED n products.
MIMO is an abbreviation for Multiple-Input Multiple-Output, which refers to the ability of equipment to handle multiple data input and multiple data output operation. Wi-Fi CERTIFIED n devices make use of multiple antennas to send and receive more than one communication signal simultaneously. This is similar to having two FM radios tuned to the same channel at the same time - the signal becomes louder and clearer. This multiplies the performance of the Wi-Fi signal, and is reflected in the two, three, or even more antennas found on some Wi-Fi CERTIFIED n access points or routers.
If I have a mixed network of Wi-Fi CERTIFIED n and previous-generation Wi-Fi gear, can I still get the performance benefits of 802.11n?
Wi-Fi CERTIFIED n gear is backward-compatible with Wi-Fi CERTIFIED 802.11 a/b/g and draft-n gear that operates in the same frequency bands. When using a Wi-Fi CERTIFIED n router or access point, you will probably see some performance improvements on a mixed network, but the dramatic range and throughput improvements are only possible when both the client device (notebook computers, gaming devices, printers, cameras, etc.) and access points are Wi-Fi CERTIFIED n .
Yes. All Wi-Fi CERTIFIED n products are tested for the latest generation of government-grade Wi-Fi security: WPA2 (Wi-Fi Protected Access 2). The only way to be sure that product meets these standards is to only purchase Wi-Fi CERTIFIED products.
I heard Wi-Fi CERTIFIED n products can cause interference problems with other Wi-Fi networks. Is this true?
In some configurations, Wi-Fi CERTIFIED n can interfere with other Wi-Fi networks when these products are trying to achieve the best performance using 40 MHz channels in the 2.4 GHz band. However, all products that are Wi-Fi CERTIFIED n that can operate in this mode are required to implement a "good neighbor" protocol that helps ensure interference is not a problem. This is another important reason to buy only Wi-Fi CERTIFIED n equipment.
WMM Power Save increases the efficiency and flexibility of data transmission. Specifically, the client device can doze between packets to save power, while the access point buffers downlink frames. The application chooses the time to wake up and receive data packets to maximize power conservation without sacrificing Quality of Service.
Wi-Fi Alliance estimates that WMM Power Save can provide from 15 to 40% improvement in battery life depending on the application characteristics.
If implemented correctly, WMM Power Save will activate automatically when a Wi-Fi CERTIFIED™ for WMM Power Save client device is communicating with a Wi-Fi CERTIFIED™ for WMM Power Save access point. There is no action needed from a user.
WMM Power Save uses mechanisms from the IEEE 802.11e standard.
WMM Power Save builds on the successful WMM (Wi-Fi Multimedia) program, which certifies a set of features for Wi-Fi networks to improve the user experience for voice, video, and audio applications. WMM Power Save is an optional component of the WMM program that targets power consumption when using those applications.
WMM Power Save is a more finely tuned power save mechanism which draws on a variety of tools to manage power consumption. In legacy power save, the driver decided when to transmit data, while in WMM Power Save, the application makes the determination about when to transfer data. This enables customization of the power mechanism to the particular application (e.g., Voice over Wi-Fi, video gaming, etc.). WMM Power Save is backwards-compatible with legacy power save.
Yes. WMM Power Save clients can be used in legacy mode without upgrading WMM Power Save. WMM Power Save Access Points support legacy power save clients simultaneously with WMM Power Save Clients.
Look for the Wi-Fi CERTIFIED™ logo or designation on product packaging, or check the interoperability certificate. Users can also find products that have been Wi-Fi CERTIFIED™ for WMM Power Save by using the product search tool at www.wi-fi.org.
Wi-Fi CERTIFIED™ for WMM (Wi-Fi Multimedia) provides multimedia enhancements for Wi-Fi® networks that improve the user experience for audio, video, and voice applications.
The Wi-Fi Alliance defined WMM as a profile of the IEEE 802.11e Quality of Service (QoS) extensions for 802.11 networks and started a certification program for WMM to satisfy the most urgent needs of the industry for a QoS solution for Wi-Fi networks. WMMprovides prioritized media access and is based on the Enhanced Distributed Channel Access (EDCA) method.
Yes. Devices that are Wi-Fi CERTIFIED™ for WMM also must pass baseline Wi-Fi certification and will interoperate with legacy devices.
WMM certification is required for all Wi-Fi CERTIFIED n products. For products Wi-Fi CERTIFIED for 802.11 a/b/g, the certification is optional, as not all devices need QoS capabilities.
Without Quality of Service (QoS), all applications running on different devices have equal
opportunity to transmit data frames. That works well for data traffic from applications such as web browsers, file transfers, or email, but it is inadequate for multimedia applications. Voice over Internet Protocol (VoIP), video streaming, and interactive gaming are highly sensitive to latency increases and throughput reductions, and require QoS. WMM defines four access categories (voice, video, best effort, and background) that are used to prioritize traffic to provide enhanced multimedia support.
WMM shortens the time between transmitting packets for higher priority traffic.
The comprehensive over-the-air testing program provides detailed measurements on key parameters, described in layperson terms below. The measurements are taken in a 360-degree environment in order to create “real-world” conditions:
- Measurements to provide information about the reach of a Wi-Fi radio signal sent by a converged phone or AP, called transmit power (TRP, or Total Radiated Power)
- Measurements to provide information about how well the Wi-Fi radio can detect an incoming signal in a converged phone or AP, called receive sensitivity (TIS, or Total Isotropic Sensitivity)
In addition, the program includes:
- Measurement of the signals ahead of the Wi-Fi antenna, called conducted power and sensitivity
- Measurement of the reduction in sensitivity (desensitization) of a Wi-Fi receiver caused by the presence of an active cellular transmitter, and to ensure that the performance of the Wi-Fi receiver is within acceptable limits
- Measurements of the desensitization of a cellular receiver caused by the presence of an active Wi-Fi transmitter, and to ensure that the performance of the cellular receiver is within acceptable limits
To complete the testing a device must also be Wi-Fi CERTIFIED™ for core Wi-Fi interoperability and WPA2™ security, and CTIA certified for cellular performance.
WMM-Admission Control used IEEE 802.11 management frames for the signaling between the AP and the client device. The AP evaluates the request frame from the client device against the network load and channel conditions. If the AP can accommodate the request, it accepts the request and grants the client the medium time for the traffic stream. If the request is rejected, the client device is not allowed to initiate the requested traffic stream, and may decide to either delay the traffic stream, associate with a different AP, or establish a best-effort traffic stream outside the operation of WMM-Admission Control.
On a Wi-Fi network with a dense Wi-Fi deployment designed to support heavy traffic loads, such as an enterprise campus, hospital or educational campus, WMM-Admission Control helps ensure that the network can support good quality voice calls before admitting the voice call traffic stream, and assigns it priority over other traffic, such as downloads, email, and other best effort traffic.
WMM-Admission Control further enhances the QoS introduced by WMM, with capabilities to support voice traffic by managing traffic streams depending on the availability of network resources. WMM-Admission Control is an optional certification, and is not required for WMM certification.
WMM-Admission Control certification is required for the Voice-Enterprise certification program.
To benefit from WMM-Admission Control functionality, both the AP and client device need to be Wi-Fi CERTIFIED WMM-Admission Control. Any Wi-Fi CERTIFIED client devices in a WMM-Admission Control network that do not support WMM-Admission Control will operate as usual in WMM mode, but won’t use the access categories for which admission control is mandated by the AP.
Look for the Wi-Fi CERTIFIED™ WMM®-Admission Control designation on product packaging or check the interoperability certificate. Users can also find products that have been Wi-Fi CERTIFIED for WMM-Admission Control by using the product search tool at www.wi-fi.org.
Wi-Fi CERTIFIED TDLS devices implement technology enabling them to link directly to one another when connected to a traditionanl Wi-Fi network. Wi-Fi CERTIFIED TDLS devices can set up secure links and transfer data directly between them. TDLS-linked devices benefit from an optimized connection to do things such as streaming video or synching content, without burdening the network as a whole.
TDLS operates in the background of a Wi-Fi network to optimize performance, while Wi-Fi Direct-certified devices can quickly connect to one another while on the go, even when a Wi-Fi network is unavailable. Many devices will be certified for both solutions and use them in different situations.
No. Two client devices that are Wi-Fi CERTIFIED TDLS can set up a direct connection after linking to the Wi-Fi network, regardless of the technology found in the AP. The two devices will negotiate to operate at the highest level of performance and security common to both devices.
Two Wi-Fi CERTIFIED TDLS devices will automatically form a direct connection after linking to the Wi-Fi netowork. No user interaction is required.
Miracast is an interoperability test program for products that provide seamless wireless display of content, including graphical, video and audio content, across Wi-Fi devices—anywhere, at any time, without cables or even a connection to a Wi-Fi network. Equipment that passes the testing is designated “Wi-Fi CERTIFIED Miracast.”
Miracast is the brand for the certification program operated by the Wi-Fi Alliance. Devices that pass this certification testing can be referred to as “Miracast devices”. Miracast certification is based on the Wi-Fi Alliance Wi-Fi Display Specification. This is the underlying technological specification developed by Wi-Fi Alliance members, and is copyrighted and owned by the Wi-Fi Alliance.
Miracast is an optional certification program for video-capable devices, such as TVs, handsets, tablets, laptops, over-the-top set-top boxes, cameras and projectors.
To enjoy Miracast, both the display and the source devices must be certified for Miracast. Miracast may be used on devices without embedded Wi-Fi through the use of a Miracast-certified adapter that supports an interface such as High-Definition Multimedia Interface (HDMI) or Universal Serial Bus (USB).
Miracast certification testing ensures that devices interoperate across vendors, provide simplified discovery and setup, and implement content protections if premium content is supported. Miracast devices are also tested for implementation of WPA2™ security.
Do Miracast devices implement the latest Wi-Fi core technology? What about technologies on the near horizon?
Miracast uses many of the building blocks that, over the years, have enriched the user experience and increased their trust in Wi-Fi, including Wi-Fi CERTIFIED n (improved throughput and coverage), Wi-Fi Direct™ (device-to-device connectivity), Wi-Fi Protected Access® 2 (WPA2™) (security), Wi-Fi Multimedia™ (WMM®) (traffic management) and Wi-Fi Protected Setup™. Some Miracast devices will also support Tunneled Direct Link Setup (TDLS), which allows them to connect via an infrastructure network.
Miracast is expected to directly benefit from continuous advances in Wi-Fi performance, such as those offered by the upcoming 5 GHz program, based on 802.11ac.
Wi-Fi Direct allows devices to connect directly to each other, without the need for a Wi-Fi AP, and often requiring just the push of a button. Wi-Fi Direct allows source and display devices to discover one another and provides the underlying device-to-device connectivity for Miracast. Miracast builds upon Wi-Fi Direct with mechanisms to negotiate video capabilities, setup content protection (if needed), stream content, and maintain the video session.
For video, Miracast supports the ITU-T H.264 video codec (AKA Advanced Video Coding [AVC]) for high-definition video. It supports the Constrained Baseline Profile (CBP) and the Miracast-specific Constrained High Profile (CHP), at levels ranging from 3.1 to 4.2. Supported display resolutions include common Consumer Electronics Association (CEA) formats, Video Electronics Standards Association (VESA) formats, and handheld formats.
For audio, Miracast supports a number of Linear Pulse-Code Modulation (LPCM), Advanced Audio Coding (AAC), and Dolby Advanced Codec 3 (AC3) modes.
Miracast supports High-bandwidth Digital Content Protection (HDCP) 2.0/2.1. HDCP 2.x is a wireless adaptation of the same trusted content protection mechanisms widely used for cabled interfaces, providing diversity in premium content options. This feature is designed to protect the digital rights of content owners and to encourage their efforts to make their content available.
Audio-only devices are not part of the Miracast certification program.
The term “Wi-Fi CERTIFIED Miracast™” designates products that have been certified. The underlying specification or technology is called “Wi-Fi Alliance Wi-Fi Display Specification”. Only products which have completed and passed Wi-Fi certification to the Wi-Fi Display test plan may use the Miracast name. Never use Wi-Fi Display, WFD, or other variants. On second instance, you may refer to “Miracast” products (dropping the term Wi-Fi CERTIFIED). There is no special logo or visual indicator for Miracast.
The Converged Wireless Group RF Profile Test is a test plan that was jointly developed by CTIA® and Wi-Fi Alliance® to provide detailed radio frequency performance profile in a mixed-network (Wi-Fi and Cellular) environment. Manufacturers of converged handsets and Wi-Fi networking infrastructure devices (access points) can participate in this test program to provide carriers with independent evaluations of their equipment, and carriers can use the test reports to compare handsets from different manufacturers.
Previously, carriers had no independent source of data about converged Wi-Fi / mobile devices. This industry-supported program will provide detailed information about the RF performance of the Wi-Fi radio in a converged handset, as well as how the cellular and Wi-Fi radios impact one another. It provides a uniform evaluation approach that enables a standard way to contrast and compare converged devices.
The program includes testing for converged Wi-Fi / mobile handsets, PDAs (Personal Digital Assistants), and Access Points (APs).
Wi-Fi Protected Setup (previously called Wi-Fi Simple Config) is an optional certification program developed by the Wi-Fi Alliance designed to ease set up of security-enabled Wi-Fi networks in the home and small office environment. Wi-Fi Protected Setup supports methods (pushing a button or entering a PIN into a wizard-type application) that are familiar to most consumers to configure a network and enable security.
Wi-Fi Protected Setup gear has advanced security features provided by WPA2 (Wi-Fi Protected Access), but some users find those features difficult to configure correctly. As a result, many consumers leave their Wi-Fi networks partially or completely unsecured. Wi-Fi Protected Setup gives consumers a standardized way to more easily set up a security-protected Wi-Fi network. Additional devices can be easily added to the network over time.
With Wi-Fi technology connecting a wider array of devices, including PCs, phones and consumer electronics, a simpler, standardized, approach to network configuration and security enablement is more important than ever. Wi-Fi consumers will be able to choose from a wide variety of product types and brands knowing that there is a straightforward method for adding these devices to their network.
There are two primary approaches to network setup within Wi-Fi Protected Setup: push-button and PIN entry. PIN entry is mandatory in all Wi-Fi Protected Setup devices, while push-button is optional and may also be found in some devices.
PIN entry: in all Wi-Fi Protected Setup networks, a unique PIN (Personal Identification Number) will be required for each device to join the network. A fixed PIN label or sticker may be placed on a device, or a dynamic PIN can be generated and shown on the device's display (e.g., a TV screen or monitor). PIN is used to make sure the intended device is added to the network being set up and will help to avoid accidental or malicious attempts to add unintended devices to the network.
A registrar device (which could be an Access Point/wireless router, PC television, or other device) will detect when a new Wi-Fi device is in range, and prompt the user to enter the PIN, if he or she wishes to add the new device to the network. In this mode, Wi-Fi Protected Setup network encrypts data and authenticates each device on the network. The PIN entry method is supported in all devices.
Push button configuration (PBC): in some Wi-Fi Protected Setup networks, the user may connect multiple devices to the network and enable data encryption by pushing a button. The access point/wireless router will have a physical button, and other devices may have a physical or software-based button. Users should be aware that during the two-minute setup period which follows the push of the button, unintended devices could join the network if they are in range.
Near Field Communication (NFC:) Near Field Communication readers can be used to transfer network settings to a new device without requiring manual entry of its PIN. The NFC method provides strong protection against adding an unintended device to the network. This is an optional method for Wi-Fi Protected Setup Access Points and devices.
Wi-Fi Protected Setup supports computers, consumer electronics, phones, and access points/wireless routers.
No. Access points/wireless routers which are Wi-Fi CERTIFIED for Wi-Fi Protected Setup will provide a way for the user to "look" at the network settings and manually join older devices to the network.
With PIN configuration, users can ask the Wi-Fi Protected Setup device for special numbers, called WPA keys, and assign them to legacy devices to join the network. In push button configuration, some companies may offer a firmware upgrade for legacy devices but this will be at the discretion of the individual manufacturer.
All Wi-Fi devices in a Wi-Fi Protected Setup network must be Wi-Fi CERTIFIED for WPA2 security, however. Wi-Fi Alliance recommends that users choose devices with WPA2 security for the most advanced protections.
Wi-Fi Protected Setup is a specification developed by the Wi-Fi Alliance to improve the user experience by making security-enabled networks easier to set up.
Wi-Fi Protected Setup is an optional certification program. Consumers should look for the term Wi-Fi Protected Setup or the visual identifier on Wi-Fi CERTIFIED products.
Consumers can also search for Wi-Fi CERTIFIED products that include Wi-Fi Protected Setup at the Wi-Fi Alliance web site: www.wi-fi.org.
Wi-Fi Protected Setup doesn't add new security features to devices. It makes the existing security features easy to configure and enable. WPA2 (Wi-Fi Protected Access) represents the very latest in security for Wi-Fi technology.
That depends. If all of the devices in your network are Wi-Fi CERTIFIED for WPA2 (Wi-Fi Protected Access) security, and you have enabled those features with a strong passcode, your network is protected by the strongest security technology. A strong passcode is at least 20 characters in length and combines letters, numbers and symbols, with no discernible words. However, if any of your equipment only supports WEP (Wired Equivalent Privacy), the network security level will drop back to that level and is not as secure, and should be upgraded. Moreover, no network is secure if the security features are disabled.
On most client devices, a user can determine if a network is secured by clicking on the wireless connection properties dialog. It will indicate the level of network security enabled:
- Open network or none
- WEP (Wired Equivalent Privacy)
- WPA (May also be called WPA-PSK or TKIP)
- WPA2 (May also be called AES or CCMP)
Do not use WEP if you want to have security protections in place. Wi-Fi Alliance recommends WPA2 with AES as the most advanced security protection available. If the client device does not support this, a user can check the settings on the access point device to determine the level of security which has been enabled.
Microsoft participated in the development of the Wi-Fi Protected Setup specification and Windows Vista SP2 supports it.
Microsoft announced support for WPS in Windows 7.
Wi-Fi Protected Setup can operate on either frequency band and be implemented in Wi-Fi CERTIFIED a/b/g and n devices. However, Wi-Fi Protected Setup is an optional certification, so users should check individual Wi-Fi CERTIFIED products to determine if they include Wi-Fi Protected Setup.
The Wi-Fi Protected Setup specification is available for download from www.wi-fi.org. A white paper, entitled "Wi-Fi CERTIFIED for Wi-Fi Protected Setup: Easing the User Experience for Home and Small Office Wi-Fi Networks" is also available for free download.
Wi-Fi technology is increasingly going into consumer electronics and phones, but ease of setup and security are no less important on these devices than on laptops, printers, and wireless routers. The variety of ways to support Wi-Fi Protected Setup are included to support as wide a variety of devices as possible.
In the context of Wi-Fi technology, security means two things. First, controlling who can connect to and configure your network and equipment. Second, it means securing the data travelling wirelessly across your Wi-Fi network from unauthorized view.
Wi-Fi security is just one aspect of security for networks. A protected Wi-Fi network is a great start, but you should also consider measures to protect your computer (virus software, firewall, etc.) and your communications across the Internet (virtual private network (VPN), etc.)
Wi-Fi devices are shipped with settings that will make setting up your Wi-Fi network as easy as possible - security is generally disabled. We recommend you take the following steps:
First, change the default network name (SSID) and credentials (username and password) used to manage the settings on your Access Point/Router/Gateway. This helps keep unauthorized users from getting access to your network. Wi-Fi equipment usually ships with a default network name out of the box. This should be changed immediately to make it easy to identify. Equipment also usually ships with default credentials (username and password) to make accessing the device's configuration settings easy. These default credentials should be changed as soon as you set up your network.
Second, enable strong encryption for your network: WPA2 security with AES. WPA2 security features support AES - a sophisticated form of encryption that is suitable for sensitive data communications. When WPA2 security features are enabled, the stream of communication between client devices (e.g. laptop, phone, printer, etc) and Access Points/Routers/Gateways is protected using AES.
These measures complement each other - implementing them all is the best way to protect your network. Wi-Fi CERTIFIED equipment comes with default settings that help you establish your network quickly and easily - it's important to enable the built-in security measures as soon as possible to protect your network.
Configure your Wi-Fi client devices (laptops, handsets, and other Wi-Fi enabled products) to enable security protections.
Configure for approved connections: Many devices are set by default to sense and automatically connect to any available wireless signal. The Wi-Fi Alliance recommends that you configure your device to not automatically connect to an open network without your approval.
Disable sharing: Your Wi-Fi enabled devices may automatically enable themselves to sharing / connecting with other devices when attaching to a wireless network. File and printer sharing may be common in business and home networks, but you should avoid this in a public network such as a hotel, restaurant, or airport hotspot
Some users may also wish to use complementary security measures to improve the security of their activity over the Internet including virtual private networks (VPNs), firewalls, etc.
Check to make sure that all devices on the network support WPA2 security features, the very latest version of Wi-Fi security which has been in place since 2004. If a device is not certified for WPA2, the equipment manufacturer may offer a software upgrade that allows the device to support WPA2 features.
The security level for any network is defined by the "lowest common denominator" - the device with the lowest level of security capability defines the security protections for the entire network. To get the full benefit of WPA2 security, all devices on the network must support WPA2 and have those protections enabled. Here are our recommendations step by step:
- Change the network name (SSID) from the default name. This makes the AP easy to distinguish from others that may be in the area.
- Change the default credentials (user name and password) used to manage the configuration settings of your Access Point/Router/Gateway. Select a password that meets the recommended guidelines for security (8 or more characters, etc).
- Select AES encryption
- Select a high-quality passphrase (a.k.a. pre-shared key or PSK) for the network that has at least 8 characters (the more the stronger it is), and mixture of upper and lower case letters and symbols. The passphrase should not contain a word found in a dictionary and should not include personal information (identification number, name, address, etc).
- Enable WPA2 security features on your client device and enter the passphrase for your network
A passphrase is the key to a network, so it is a good investment of time to select an effective passphrase. In general, increasing length, complexity and randomness improve the strength of a passphrase. We recommend that your passphrase is at least 8 characters long, and includes a mixture of upper and lower case letters and symbols. Your passphrase should not contain a word found in a dictionary and should not include personal information (identification number, name, address, etc).
Passphrase length and complexity enhances security. For example, implementing a passphrase that is based upon words in any language could be compromised by a program running a comparison against the contents of a dictionary.
The skill level and time required to protect a Wi-Fi network varies with the complexity of the network. A home user installing a simple, new network and configuring it for security can expect to spend 5 to 15 minutes on the task.
Wi-Fi Protected Setup (WPS) simplifies Wi-Fi configuration and security settings to automatically configure new wireless networks, add new devices and enable security. A listing of WPS-certified products is available at wi-fi.org. WPS-certified products are available at major electronics retailers and display this logo on their packaging.
Older equipment might not support the latest security standards. Check to see whether WPA2 security features are supported. Beginning in 2004, some equipment was certified for WPA2 features. All products certified after February 2006 must have WPA2 support. If not available, contact your manufacturer's web site to see if a firmware upgrade is available for download. If an upgrade to WPA2 is not available you should consider purchasing new equipment.
The Wi-Fi CERTIFIED program is the best indicator that Wi-Fi products from different companies have been tested to work together and have the latest security protections built in. Users should only purchase Wi-Fi CERTIFIED products.
It may not be obvious if your network has been compromised. You may observe network traffic when your devices are not active, or you may not see a noticeable change in the network. The best prevention is enabling security features for your network.
WPA2 is the latest version of Wi-Fi security, and it should be used to protect all Wi-Fi devices. WPA2 was introduced in 2004 and has been required in Wi-Fi CERTIFIED products since April 2006. It supports AES, the most advanced encryption standard. AES is the encryption standard endorsed by the US government. The Wi-Fi Alliance recommends that users select equipment supporting WPA2 to help protect their network from known attacks to their security and privacy.
WPA2 comes in Personal and Enterprise versions. WPA2-Personal uses a passphrase as a simple way to generate a shared key for encryption. The term passphrase refers to a single string of characters that the user enters into all their Wi-Fi devices on the same network. WPA2-Enterprise uses additional software and specialized server equipment to create encryption keys on demand and designed to support larger corporate networks.
WPA2-Personal using a passphrase is equivalent to using security doors with metal keys. All users use the same key. Changing the passphrase for the network requires changing the passphrase for all devices. WPA2-Enterprise is the equivalent to using security doors with electronic card keys. Each user has an individual card key. It is possible to change each user's card key or revoke their card key without disturbing the other users.
WPA (Wi-Fi Protected Access) is an earlier generation of Wi-Fi security certifications, it was introduced in 2003 as an interim solution. The WPA program added support for TKIP (Temporal Key Integrity Protocol) encryption. TKIP is an older form of security technology and has recently been demonstrated to have some vulnerability to cryptographic attacks. WPA is an older version of Wi-Fi security which was replaced in 2004 with more advanced protocols. Though the threat of a security compromise is small, users should not purchase new equipment which supports only WPA with TKIP.
WEP is the original security standard for Wi-Fi technology. The RC4 encryption algorithm that WEP is based on is no longer considered secure. WEP should not be used to secure your network.
I’ve read about problems with the security of the TKIP encryption algorithm (and by extension WPA certification which uses TKIP). Why is this coming up now?
Security technology evolves over time. Encryption is based on mathematical algorithms and from a practical standpoint security is largely a function of the amount of time it takes to "crack" an encryption algorithm. As computing technology becomes more powerful, encryption standards that were the state of the art when they were introduced become vulnerable and are replaced by new standards.
The current discussion around the security of TKIP indicates that the risk to users is very small. However, security experts believe that the insights behind this attack on TKIP will lead to additional attacks that continue to erode TKIP protection.
I have WEP equipment in my network and am not able to replace it. What should I do to protect myself?
Recognize that your network is vulnerable. Casual web surfing may not disclose anything private, but do not send any private data over the network or conduct activities such as banking or shopping, Realize that unauthorized users could capture valuable information transmitted over your network or use your network for illegal activities and use it accordingly.
I have equipment certified for WPA in my network and am not able to replace it. What should I do to protect myself?
Check with your equipment's manufacturers to see if an upgrade to WPA2 is available, and if it is, install and activate it on all the devices on your network. If no upgrade to WPA2 is available, check with your manufacturer for the availability of a patch for TKIP which addresses a recent vulnerability. If a patch is available, install and activate it. Use a strong passphrase, created from a combination of eight or more letters, numbers and symbols and which contains no words from any dictionary.
Consider implementing other security measures such as a firewall or VPN.
Our website contains the latest on security from the Wi-Fi Alliance and a listing of Wi-Fi CERTIFIED products.
WPA2 creates fresh session keys on every association. The benefit is that the encryption keys used for each client on the network are unique and specific to that client. Ultimately, every packet sent over the air is encrypted with a unique key. The ability to avoid key reuse and provide unique, fresh encryption keys is a basic tenet of good security practice and is why WPA2 offers such good security.
An Evil Twin, sometimes referred to as Wiphishing, is a potential security threat to users
of Wi-Fi, predominantly in public hotspots. A hacker sets up what is called a "rogue
access point" which mimics the characteristics of the network to which users expect to
connect. Users unknowingly connect to the rogue access point and the hacker's
network instead of the intended network.
The Evil Twin hijacks data, such as passwords, account information, credit card
information, etc., and then connects the user to the Internet as intended. A sophisticated
evil twin can even control what Web site appears when the Internet is accessed, often
mimicking the intended starting Web site, for the purposes of capturing the user's private
To date, there have been no reported large-scale incidences of Evil Twin attacks, but
most network administrators have been aware of this theoretical threat for some years.
Recent media coverage of Evil Twin threats has directed consumer attention to the
matter, making users concerned about the problem and how they can protect
The Wi-Fi Alliance recommends that users of wireless networks exercise the same level
of caution they've learned to use to avoid scams in the wired world. End users should
change their passwords regularly, not respond to questionable e-mails, and look for
secure connections. As Wi-Fi continues to grow in reach and popularity, consumers
need to make some new simple security precautions a habit, like connecting through a
provider that uses encryption with a list of trusted hotspots, using a VPN, and always
enabling security within a home network. Also, users should make it a point to look for
products that are Wi-Fi CERTIFIED for or WPA2 security.
Users of Wi-Fi in public hotspots should be aware of the threat posed by an "evil twin".
An evil twin can capture sensitive data, even through instant messaging.
In reality, the likelihood of attack is low but users should be cautious and use some fairly
simple security precautions to avoid becoming a victim.
There are a number of other steps you can take to reduce your risk.
At home, users should do all of the following:
- Only buy products that are Wi-Fi CERTIFIED WPA2 security
- Always enable WPA2 security for your home network. Having WPA2 in the product is not enough. The security keys must be configured on the access point/router and each client device. Security is off by default in most products. Note that using WEP security is not sufficient.
- Re-name the home network to something unique, instead of the default name. This will prevent you from inadvertently connecting to a rogue access point which is broadcasting a seemingly-familiar network name.
At Wi-Fi Hotspots, be sure to take at least one of these measures:
- Only log-in to known hotspots using an SSL (https) connection. Your browser will typically show a lock icon at the bottom of the login page when you have a secure SSL connection. To be certain of the secure connection, check the digital certificate on the login page. You can do this in Internet Explorer by selecting File: Properties: Certificates. This will show the name on the digital certificate as backed by the Certificate Authority. These are very difficult to forge.
- Use the VPN tool provided by an employer. If the employer does not provide a VPN, users can download a commercially-available VPN based on the IETF's IPSec framework - there are a number of these available online. If you cannot
make a successful VPN connection, there is a chance you've connected to a
rogue network. You should disable your Wi-Fi card and inform your company's IT
staff, as well as the hotspot operator.
- Connect through a hotspot service provider that provides a list of trusted hotspots
and a smart software client that encrypts your user information before sending it
over the Internet.
- Look for hotspots employing WPA2 security, which has mechanisms to ensure that the network to which users connect is authentic.
- Disable your laptop's Wi-Fi card unless you are planning to use it
Wi-Fi CERTIFIED WPA2 with Protected Management Frames provides a WPA2-level of protection for unicast and multicast management action frames. Unicast management actions frames are protected from both eavesdropping and forging, and multicast management action frames are protected from forging. WPA2 with Protected Management Frames augments WPA2 privacy protections already in place for data frames with mechanisms to improve the resiliency of mission-critical networks.
Wi-Fi CERTIFIED Wi-Fi Direct is an upcoming certification program from the Wi-Fi Alliance that defines a new way for Wi-Fi devices to connect to each other. Wi-Fi devices will be able to make direct connection groups quickly and conveniently to do things like print, sync, and share content - even when an access point or router is unavailable. Connections based on the specification will work at typical Wi-Fi speeds and range, protected by WPA2™-certified security protocols and including WMM® Quality of Service mechanisms. Only Wi-Fi Alliance member companies will be able to use the Wi-Fi Direct mark to indicate that their products implement this specification.
Is the specification underlying the Wi-Fi Direct certification program based on the IEEE 802.11s (Mesh) or 802.11z (Direct Link Setup) standards?
No. The specification underlying the Wi-Fi Direct certification program was developed within the Wi-Fi Alliance by member companies. It operates on 802.11 devices but is not linked to any specific IEEE 802.11 amendment.
We expect Wi-Fi Alliance member companies to begin designing and testing products implementing the standard underlying Wi-Fi Direct in mid-2010, and to begin certifying products in late 2010.
Yes. A Wi-Fi CERTIFIED Wi-Fi Direct device will be able to make device group connections with existing 802.11 a/g/n Wi-Fi CERTIFIED gear.
Will legacy devices be upgradeable to support the specification underlying the Wi-Fi Direct certification program?
The Wi-Fi Direct certification program does not require new hardware to operate, so some vendors may offer software upgrades. However, it’s important to note that interoperability between devices certified under the Wi-Fi Direct program and legacy devices is a key element of the underlying specification, so even non-upgraded devices can join a network certified as Wi-Fi Direct.
Wi-Fi CERTIFIED Wi-Fi Direct supports typical Wi-Fi speeds, which can be as high as 250 Mbps. Even at lower speeds, Wi-Fi provides plenty of throughput for transferring multimedia content with ease. The performance of a particular group of Wi-Fi Direct devices depends on whether the devices are 802.11a, g, or n, as well as the particular characteristics of the devices and the physical environment.
A Wi-Fi Direct-certified network can be one-to-one, or one-to-many. The number of devices in a Wi-Fi Direct-certified group network is expected to be smaller than the number supported by traditional standalone access points intended for consumer use. Connection to multiple other devices is an optional feature that will not be supported in all Wi-Fi Direct-certified devices; some devices will only make 1:1 connections.
Can a device simultaneously connect to a regular Wi-Fi network and a group of Wi-Fi Direct-certified devices at the same time?
All devices certified under the Wi-Fi Direct program will allow the user to connect to an infrastructure or a Wi-Fi Direct-certified network. Some devices certified under the Wi-Fi Direct program will support connections to both an infrastructure network and Wi-Fi Direct-certified group at the same time (e.g. a laptop may support an infrastructure connection while also belonging to a Wi-Fi Direct-certified group). Simultaneous connection to a Wi-Fi Direct-certified group and an infrastructure network is an optional feature.
Can a network based on devices certified under the Wi-Fi Direct program cross connect to an infrastructure network for internet connectivity?
Yes. A single device in a Wi-Fi Direct-certified group network may share internet connectivity with other devices in the network by creating simultaneous infrastructure and Wi-Fi Direct connections. A network of devices certified under the Wi-Fi Direct program operates in a security domain separate from the infrastructure network, even when cross-connected.
No. Wi-Fi Direct isn’t designed to be a replacement for a typical stationary access point. For most users and most scenarios a fixed AP will generally be desired in the home. Wi-Fi Direct offers the subset of typical AP functionality that is most useful for the types of on-the-go activities that Wi-Fi Direct is designed to support. APs offer multiple Ethernet ports, HW firewalls, advanced network management features, etc.
Does the specification underlying the Wi-Fi Direct certification program work on both frequency bands?
Yes, the specification underlying the Wi-Fi Direct certification program supports operation in both 2.4 GHz and 5 GHz. Devices operating in the 2.4 GHz frequency band only and devices operating in both the 2.4GHz and 5 GHz frequency bands can be certified under the Wi-Fi Direct program. Not all Wi-Fi Direct-certified devices will support both frequency bands, however, so you should check which bands your devices support.
The underlying specification connects devices using an approach similar to the traditional AP-to-client connection used in Wi-Fi CERTIFIED infrastructure networks. One Wi-Fi Direct-certified device will provide the connection to other participants in a group of Wi-Fi Direct-certified devices in lieu of an AP. A device certified under the Wi-Fi Direct program does not require special hardware compared to traditional Wi-Fi AP devices.
Devices will conduct a negotiation to determine which device is most appropriate. This may be determined by considering a number of factors including but not limited to power management, number of connections supported, richness of user interface and services being offered. The Wi-Fi Direct-certified device that offers the connection manages the creation, admission to, presence and termination of that network implementing the specification underlying the Wi-Fi Direct program.
All Wi-Fi Direct-certified devices can start a group, based on the specification underlying the Wi-Fi Direct program, but it’s most likely that devices with more computing power (laptops, handsets, gaming devices) will more frequently manage the network than those with less power (digital cameras, printers, etc.).
Group networks based on the specification underlying the Wi-Fi Direct program operate in a security domain that is independent from any infrastructure network. This means that they have protection of the security features certified under the WPA2 program, but are managed separately from the security system in the AP-based network (home, enterprise, hotspot). This means both the group networks based on the specification underlying the Wi-Fi Direct program and the infrastructure networks can be protected, but users don’t need credentials for the infrastructure network to connect to the network based on the specification underlying the Wi-Fi Direct program.
Wi-Fi Direct-certified devices will be identifiable as Wi-Fi Direct-certified devices to infrastructure access points. APs can prevent devices currently using Wi-Fi Direct from connecting to the AP, or disconnect them if already connected, while Wi-Fi Direct is in use and/or configure their parameters including channel. The technology behind the Wi-Fi Direct certification program will be important for enterprise environments, enabling applications such as file transfer, printing, and display in the absence of a suitable WLAN. We also expect that the specification will be used in enterprises to temporarily connect mobile data terminals and other portable devices for short-term tasks such as data transfer.
No, this is not Ad-Hoc mode (also known as IBSS) but an extension to the ubiquitous infrastructure mode of operation that can operate without a dedicated access point. Ad Hoc, or IBSS, mode is a legacy protocol for Wi-Fi devices, and Wi-Fi Direct is a new innovation. With the technology underlying Wi-Fi Direct, a device can maintain a simultaneous connection to an infrastructure network – this isn’t possible with Ad Hoc.
What about power management protocols? Are devices implementing the technology behind Wi-Fi Direct a power hog?
Most Wi-Fi Direct-certified devices will be power-sensitive, and in many cases, battery-powered. Wi-Fi Direct-certified devices can support the Power Save feature certified under the WMM program, and the specification underlying the Wi-Fi Direct program also defines new power saving mechanisms.
Like all Wi-Fi technologies, the specification underlying the Wi-Fi Direct program creates IP-based networks between the devices, allowing existing service discovery methods to work just as they do over a wireless LAN today - including Bonjour and UPnP. The specification underlying the Wi-Fi Direct program defines a new pre-association discovery method, giving Wi-Fi Direct-certified devices the ability to discover devices and limited information about device services prior to association (and before having an IP address). Pre-association discovery improves the user experience - users will know whether a desired service (e.g. printing) will be available on the network implementing the specification underlying the Wi-Fi Direct program before connecting.
We don’t always have access to a Wi-Fi access point/hotspot, or don’t want to join one. But more and more, we carry content and applications with us that we want to share, print, display, or synch. A quick, convenient Wi-Fi Direct link makes it easy to do all of these things and more.
Yes. A legacy Wi-Fi CERTIFIED station device can connect with a Wi-Fi Direct device.
Wi-Fi Direct products can work on 802.11 a, g and n Wi-Fi standards. Users can match Wi-Fi Direct products just like any other Wi-Fi CERTIFIED products. All Wi-Fi Direct devices operate in the 2.4 GHz frequency band and can connect to 802.11g and some 802.11n devices. In addition, some Wi-Fi Direct devices work in the 5 GHz frequency band to connect to 802.11a and some 802.11n. Many devices operate in both frequency bands.
Yes. Wi-Fi Direct devices will include Wi-Fi Protected Setup, which makes it very easy to set up a connection and enable security protections. In many cases, this will be as simple as pushing a button on each device.
Wi-Fi CERTIFIED Wi-Fi Direct devices work just like any Wi-Fi device, with ranges up to 200 meters. They can connect from just a few feet away, but also across a home. This means that making a Wi-Fi Direct group connection will be convenient, even when devices aren’t in immediate proximity to one another.
Not without your permission. The content available over a Wi-Fi Direct group connection is driven by the applications you are using. While there may be applications which allow an authorized use to “browse” the content on your device, most applications will have a specific focus (e.g., sharing a game application or transferring photos).
We expect that enterprises will discover the utility of Wi-Fi Direct over time and will leverage its features in appropriate circumstances, given their utility, security protections, and manageability. A good example of an enterprise use case is sharing access to a projector or printer without use of cables or network access.
Several Wi-Fi Alliance members that make devices of limited processing capabilities contributed to the specification development process to ensure that it is applicable to such devices.
Look for the Wi-Fi CERTIFIED designation with the words Wi-Fi Direct included. A current list of all Wi-Fi CERTIFIED products is always available at www.wi-fi.org.
Passpoint is an interoperability test program that verifies that Wi-Fi infrastructure equipment and mobile devices from different manufacturers will work well together for a specific feature set. Equipment that passes the testing is designated “Wi-Fi CERTIFIED Passpoint.”
Passpoint is the brand for the certification program operated by the Wi-Fi Alliance. Devices that pass this certification testing can be referred to as “Passpoint devices”. Passpoint certification is based on The Wi-Fi Alliance Hotspot 2.0 Specification. This is the underlying technological specification developed by Wi-Fi Alliance members, and is copyrighted and owned by the Wi-Fi Alliance.
Passpoint testing will be available beginning 26 June 2012. Support for additional features is planned for 2H 2013.
Infrastructure equipment (e.g. access points) as well as mobile end points (e.g. smartphones, tablets, notebooks) can be certified.
Passpoint certification testing ensures that devices perform network discovery, selection and provisioning of services the same way. Passpoint devices are also tested for implementation of WPA2-Enterprise security.
Do Passpoint devices implement the latest Wi-Fi core technology? What about technologies on the near horizon?
Passpoint testing requires that the devices are also certified for operation on 802.11 a/b/g and/or n. When Wi-Fi Alliance testing for emerging standards like 802.11ac are available, Passpoint devices will be able to support those standards as well.
Passpoint will help service providers provide the seamless user experience that users want, support goals for data offload from cellular networks and maximize the value of the investments being made in Wi-Fi hotspots.
The scope of Passpoint testing is to ensure that the mechanisms for seamless discovery and creation of a secured link are implemented correctly. It is application-agnostic.
The legacy mobile device can associate with a Passpoint certified access point that is configured for open system authentication.
The hardware and software platform of a given device determines whether it can be upgraded in the field. Equipment that has previously undergone certification testing can be updated and resubmitted for Passpoint certification.
Equipment manufacturers will submit equipment for certification testing.
Certified infrastructure devices will be deployed by Wi-Fi service providers to create user-friendly hotspots.
Users with certified mobile equipment can enjoy the benefits of streamlined connectivity and secured connection at hotspots with Passpoint equipment.
For most users, Passpoint means that there will be no need for manual intervention when entering a hotspot running on Passpoint equipment with a Passpoint mobile device. Automatic detection and secured connection will occur provided the user is a subscriber of the entity running the hotspot or is a subscriber of an entity that has a roaming relationship with the entity running the hotspot.
Members of the Wi-Fi Alliance created the program. The group which developed Passpoint includes service providers, mobile operators, fixed line operators, and makers of mobile devices and infrastructure equipment.
Passpoint makes use of elements of IEEE 802.11u during discovery. The specification underlying Passpoint also leverages WPA2™-Enterprise security and new technology defined in the Wi-Fi Alliance.
Passpoint devices use industry-agreed uniform mechanisms for discovering and creating secured connections to hotspots. This allows a subscriber to experience seamless Wi-Fi connectivity to a hotspot anywhere in the world his provider covers through roaming agreements.
The term “Wi-Fi CERTIFIED Passpoint™” designates products that have been certified. The underlying specification or technology is called “Wi-Fi Alliance Hotspot 2.0 Specification”. Only products which have completed and passed Wi-Fi certification to the Hotspot 2.0 test plan may use the Passpoint name. Never use Hotspot 2.0, HS2.0, or other variants. On second instance, you may refer to “Passpoint “products (dropping the term Wi-Fi CERTIFIED). There is no special logo or visual indicator for Passpoint.
Resources including a listing of certified devices, white paper and the program specification are available at http://www.wi-fi.org/passpoint.
Voice over Wi-Fi
The Wi‑Fi Alliance developed the Voice-Personal certification program, an optional program, to verify that access points (or wireless routers) and client devices (handsets, laptops, etc.) meet the specific requirements for voice over Wi-Fi applications. In a shift towards an expanded focus of certification beyond protocol adherence and interoperability, the Wi‑Fi CERTIFIED Voice-Personal program focuses on a specific application and is based on performance testing.
Voice-Personal devices will be tested in a typical home and small office environment, with one access point managing multiple client devices and up to four concurrent voice calls. Devices that are Wi-Fi CERTIFIED Voice-Personal have demonstrated that their Wi-Fi performance is capable of providing consistent, good-quality voice calls.
The popularity of voice over IP (VoIP) and widespread adoption of Wi-Fi networks are bringing voice over Wi‑Fi to a broad consumer market. Wi‑Fi enabled devices need to support good voice call performance that matches the user experience and ease of set-up that Wi‑Fi already provides for data applications.
The Wi-Fi Alliance baseline certification programs for 802.11a/b/g/n and Wi-Fi Protected Access®(WPA2), help to ensure interoperability between Wi-Fi CERTIFIED handsets and access points and support for standards-based security protections. Wi-Fi Multimedia™ (WMM®) also provides tools for Quality of Service, necessary for providing good performance.
The Voice-Personal certification program goes to the next level, helping to ensure that the tools are used correctly to create good voice quality when a call is made over a Wi-Fi network using a Wi-Fi CERTIFIED Voice-Personal client device and Wi-Fi CERTIFIED Voice-Personal access point or router.
The Voice-Personal certification program tests the performance of the Wi-Fi implementations in voice over Wi-Fi applications, under simulated real-world conditions that include both voice and data traffic streams in network configurations common in home and small office environments. To achieve certification, client devices and access points have to perform above rigorous thresholds for packet loss, latency and jitter when presented with simulated voice streams based around the common Voice over IP protocols.
- Packet loss of less than 1% with no burst losses;
- Latency of less than 50 milliseconds;
- Maximum jitter of less than 50 milliseconds.
Do all devices in a Wi-Fi network have to be Wi-Fi CERTIFIED Voice-Personal to offer good voice quality?
The Wi-Fi CERTIFIED Voice-Personal designation will help to assure users that voice-enabled Wi-Fi devices are capable of carrying voice over Wi-Fi calls with good audio quality. Both the client device (handset, laptop or other voice-capable device) and the access point should be Wi-Fi CERTIFIED Voice-Personal to ensure the optimal voice quality when making calls over Wi-Fi networks.
Devices that carry Voice-Personal certification are required to have passed all of the necessary certifications for interoperability, including the baseline Wi-Fi certification for core radio standards (802.11a/b/g/n), WPA2 for security, and WMM for Quality of Service. Voice-Personal certification also requires that access points have WMM-Power Save certification for improved power saving on clients that support it.
Other Wi-Fi devices in the network, even if not used for voice applications, should also be Wi-Fi CERTIFIED for core radio standards (802.11a/b/g/n) and WPA2.
Wi-Fi CERTIFIED Voice-Personal devices will deliver a better user experience with voice calls than those that are not certified for Voice-Personal. The Voice-Personal certification program helps ensure that when a call is made over a Wi-Fi network using a Wi-Fi CERTIFIED Voice-Personal client device, such as a handset, and a Wi-Fi CERTIFIED Voice-Personal access point, are capable of delivering good voice quality.
Voice over Wi-Fi offers users flexibility, convenience, and often, a better indoor signal than cellular service. For carriers and service providers offering voice of Wi-Fi service, specifying Wi-Fi CERTIFIED Voice-Personal devices will help to ensure a better user experience, fewer support calls, fewer product returns, and thus higher customer satisfaction and less churn.
Voice over Wi-Fi offers users flexibility, convenience, and sometimes, a better indoor signal than cellular service for voice calls. For voice-capable Wi-Fi devices, the Voice-Personal certification program helps to ensure that when a call is made over a Wi-Fi network using a Wi-Fi CERTIFIED Voice-Personal client device, such as a handset, with a Wi-Fi CERTIFIED Voice-Personal access point, the devices are capable of delivering good voice quality.
By achieving Voice-Personal certification, device manufacturers will help to ensure a better experience for home and small office users, fewer support calls, fewer product returns, and higher customer satisfaction.
The Voice-Personal program helps to enable users to consistently make voice over Wi-Fi calls with the same quality and convenience expected from data over Wi-Fi or wired voice applications. Users who have Wi‑Fi CERTIFIED Voice-Personal client devices designed to work with a VoIP service provider, and any Wi‑Fi CERTIFIED Voice-Personal access point, can turn on their devices, connect with the service provider, and start to make voice calls over their Wi‑Fi network with more confidence that the devices they purchased are able to produce high-quality voice over the Wi-Fi network.
Must all Wi-Fi CERTIFIED single-mode (Wi-Fi only) or dual-mode (Wi-Fi and cellular) handsets include the planned Voice-Personal certification?
No, the Voice-Personal certification program is available to Wi-Fi Alliance members as an optional certification program. Devices that are designated as Wi-Fi CERTIFIED Voice-Personal are listed in the Wi-Fi CERTIFIED products database on the Wi-Fi Alliance web site, www.wi-fi.org.
How does the Voice-Personal certification program benefit converged (Wi-Fi/cellular) mobile devices?
The number of dual-mode mobile phones is growing rapidly, and the Wi-Fi radio is increasingly used for voice applications as well as data. Wi-Fi CERTIFIED Voice-Personal handsets and access points will deliver a better user experience with voice calls conducted over a Wi-Fi network. The Voice-Personal program complements and builds on existing certification programs for converged devices, which include 802.11 radio standards, security, RF performance, multimedia (WMM), and power saving (WMM - Power Save) functionality.
Does this program mean that any Wi-Fi CERTIFIED Voice-Personal device can work with any VoIP service?
The Voice-Personal program helps to ensure that the Wi-Fi network is giving the proper performance support for the quality of the voice application. Client devices, such as handsets, and access points or routers that are Wi-Fi CERTIFIED Voice-Personal are essentially "voice ready."
Because there are many competing industry-standard and proprietary voice protocols (such as SIP and Skype) that operate above the Wi-Fi layer, service providers (including mobile telecom carriers) generally address voice protocol interoperability as part of their system offerings.
If the service provider supports voice over Wi-Fi, and the client devices and access points used are Wi-Fi CERTIFIED Voice-Personal, the user can reap the benefits with the highest quality possible for calls made over Wi-Fi networks, allowing them to use Wi-Fi instead of wires in their home or small office voice environment.
Does this program mean that any Wi-Fi CERTIFIED Voice-Personal device can work in any Wi-Fi ‘hotspot’?
The Voice-Personal certification program addresses typical home and small office environments. Because network configurations can vary widely in hotspots, the user would need to be sure the client device and access point(s) at the hotspot location are Wi-Fi CERTIFIED Voice-Personal, in order to help ensure good quality calls can be made over such a hotspot Wi-Fi network.
How will consumers know if a client device or access point or wireless router is Wi-Fi CERTIFIED Voice-Personal?
Consumers should look for "Wi-Fi CERTIFIED" logo or phrase and "Wi-Fi CERTIFIED Voice-Personal" phrase on product packaging or in product literature for voice-enabled Wi-Fi devices, or search the Wi-Fi CERTIFIED Products Database on the Wi-Fi Alliance web site: www.wi-fi.org.
Not directly. The Voice-Personal certification program takes the necessary IEEE standards and Wi-Fi CERTIFIED interoperability programs, and adds to performance testing for voice over Wi-Fi applications. This certification program is a key step in the Alliance's strategy to further enhance the Wi‑Fi user experience by taking into account the requirements of specific applications of Wi-Fi in both the home, small office and enterprise markets.
Wi-Fi is pervasive and popular wireless networking technology, with hundreds of millions of users worldwide. Voice over Wi-Fi allows a user to take advantage of Wi-Fi as the wireless technology for the home and place voice calls over Wi-Fi networks - based on VoIP services provided typically by telecom carriers or broadband service providers.
The Voice-Personal certification program addresses the correct operation of WMM for Quality of Service and tests the performance of Wi-Fi devices when carrying voice traffic, using exacting performance thresholds appropriate for voice traffic. Devices that support voice over Wi-Fi and are Wi-Fi CERTIFIED Voice-Personal allow the home and small office user to use the Wi-Fi network as a voice network, instead of, or in addition to, landline or existing cellular technologies.
The planned Voice-Enterprise certification program will address network management issues in large corporate networks.
Femtocells are being suggested as a way for carriers to extend the reach of cellular networks into the home, for places where the coverage of the existing cellular network might not be as strong. Wi-Fi networks offer the flexibility of allowing the user to choose from a wide variety of VoIP offerings, including technologies like Skype and service providers like Vonage, as well as cellular offerings based on UMA like that offered by T-Mobile. Proven Wi-Fi networks allow the user to connect across a variety of Wi-Fi enabled devices in the home or small office.
With the Wi-Fi Voice-Personal certification program as a foundation, Wi-Fi Voice-Enterprise leverages the Wi-Fi Multimedia (WMM), WMM-Power Save, and WMM-Admission Control certification programs for quality of service (QoS) and the advanced security provided by Wi-Fi Protected Access 2(WPA2) Enterprise, plus features from IEEE standards for radio resource measurement (802.11k elements), fast basic service set (BSS) transition (802.11r elements), and wireless network management (802.11v BSS Transition Management).
While Voice-Personal established core requirements to support voice applications, with a focus on single AP Wi-Fi networks found in homes and small businesses, Wi-Fi Voice-Enterprise was designed to meet the additional requirements of enterprise networks that are larger in size, require support for advanced WPA2-Enterprise security mechanisms, support fast transitions between APs and provide management for voice applications.
Like Voice-Personal, the Voice-Enterprise certification program tests the performance of the Wi-Fi implementations in voice over Wi-Fi application, in a simulated network environment, with four (802.11b) or ten (802.11a/g/n0 concurrent voice calls, a high speed video stream, and sustained data traffic loads, designed to represent a fully loaded network. To achieve certification, devices must meet the following thresholds:
- Packet loss of less than 1%.
- No more than three consecutive lost packets.
- Latency of less than 50 milliseconds.
- Maximum jitter of less than 50 milliseconds.
To benefit from Voice-Enterprise functionality, both the AP and client device need to be Wi-Fi CERTIFIED Voice-Enterprise. Any Wi-Fi CERTIFIED client devices in a Voice-Enterprise network that do not support Voice-Enterprise will be interoperable with other Wi-Fi CERTIFIED devices, but will not take advantage of advanced features of voice quality and bandwidth management features of Voice-Enterprise.
Look for the Wi-Fi CERTIFIED™ Voice Enterprise designation on product packaging or check the interoperability certificate. Users can also find products that have been Wi-Fi CERTIFIED for Voice-Enterprise by using the product search tool at www.wi-fi.org.