When we first fired up AirMagnet, a busy but well-designed opening screen greeted us. It displayed summary graphical information for each 802.11 channel and a hierarchical Explorer-like display of key WLAN attributes, including APs, stations and SSIDs (service set IDs). AirMagnet passively scans all 14 channels in the 2.4-GHz band, analyzing traffic and applying its AirWise expert-analysis system, which provides alarms and alerts for 31 security conditions, 24 performance conditions and 13 miscellaneous diagnostic issues. The system quickly detected unprotected APs, excessive channel noise (perhaps from leaky microwave ovens or cordless phones), multiple APs on the same channel, and even some ad hoc traffic we didn't know existed. Fortunately, the product can disable alarms and alerts that may be false positives.

AirMagnet provides detailed real-time measurements of RF signals. It displays these signal levels in percentages but can be configured to show absolute signal levels in decibels. However, since there is significant variation in PC Card radios, these absolute signal levels will not be as accurate as those from Yellowjacket, which has a fully calibrated RF-spectrum analyzer. Nonetheless, AirMagnet did let us measure signal levels as we wandered through our facility, giving us a better understanding of the building's radio-propagation characteristics, an important element of WLAN design.

AirMagnet worked well within the constraints of the Pocket PC interface. Almost every screen includes summary information, and we found it easy to drill down to minute details. For example, we viewed a wide range of performance information on each AP we analyzed. While AirMagnet likely will be useful right out of the box, exploiting all its capabilities will require some training. Fortunately, documentation is very good. Nonexperts can learn a lot about WLANs just by reading the documentation and playing with the product's many features.

AirMagnet includes a number of useful tools to perform site surveys, measure throughput, perform ping and trace-route tests, locate rogue wireless devices using a Geiger-counter type utility, plot signal levels to GPS (global positioning system) coordinates (provided you connect your Pocket PC to a GPS unit), and even perform rudimentary packet analysis with filtering capabilities. We successfully tested all but the GPS functions, though the performance-testing utility's inconsistent results did not give us much confidence to use this device for performance analysis. You can also diagnose connection problems, from the simple (mismatched SSID) to the complex (Cisco 802.1x/LEAP authentication problems). AirMagnet provides all these functions, but it doesn't completely take over control of your Pocket PC device. You can still associate to APs and use the wireless connection to access a Web site or check your e-mail while in the field.

AirMagnet's most powerful capability is its AirWise expert engine, which provides security and performance analysis. Security alarms are comprehensive; the latest version adds 15 alarms, including those for association and authentication; denial-of-service, RF-jamming and dictionary attacks; and EAP (Extensible Authentication Protocol)-rekeying issues. Basic alarms include those for detecting rogue and misconfigured APs, APs and clients with WEP (Wired Equivalent Privacy) disabled, and security analysis for problems in 802.1x authentication and L2TP, PPTP, SSH and IPsec VPN tunnels.

AirWise's performance analysis generates alerts or alarms upon detecting high error and retry rates, missed beacons, excessive multicast and broadcast traffic, channels with high noise level and overloaded APs. We saw some of these problems in our lab, but overall traffic was not high enough to generate significant alarms. We were able to trigger alarms by simulating high-traffic conditions, introducing external interference, and bringing up APs and gateways in their factory-default configuration.

Expert systems have their limitations, so don't expect miracles, but AirMagnet has done an excellent job of thinking about what data elements should be measured and providing useful diagnostics, while giving the operator full documentation and full control over the display of all alarms.

AirMagnet Handheld Wireless LAN Analyzer 2.5, $2,495 for software with Compact Flash or PC Card NIC. AirMagnet, (650) 694-6754. www.airmagnet.com