User Guide

OmniAccess RN: User Guide

58 Part 031650-00 May 2005

In the topology shown above the client connect to the Alcatel Access Points

(both wireless and wired). The wired access points tunnel all traffic back to the

Alcatel switch over the existing network.

The Alcatel switch receives the traffic and redirects relevant traffic (including

but not limited to all HTTP/HTTPS, Email protocols such as SMTP, POP3) to

the AntiVirusFirewall (AVF) server device to provide services such as Anti-virus

scanning, email scanning, web content inspection etc. This traffic is redirected

on the “un-trusted” interface between the Alcatel switch and the

AntiVirusFirewall (AVF) server device. The Alcatel switch also redirects the

traffic intended for the clients – coming from either the Internet or the internal

network. This traffic is redirected on the “trusted” interface between the

Alcatel switch and the AntiVirusFirewall (AVF) server device. The Alcatel switch

forwards all other traffic (for which AntiVirusFirewall (AVF) server does not

perform any of the required operations such as AV scanning). An example of

such traffic would be database traffic running from a client to an internal

server.

The Alcatel switch can also be configured to redirect traffic only from clients in

a particular role such as “guest” or “non-remediated client” to the

AntiVirusFirewall (AVF) server device. This might be done to reduce the load on

the AntiVirusFirewall (AVF) server device if there is a different mechanism such

as the Alcatel-Sygate integrated solution to enforce client policies on the

clients that are under the control of the IT department. These policies can be

Wireless

Users

Wired Users

Corporate

Network

DMZ /

Internet

Un-trusted Interface

Trusted Interface

Fortinet

AntiVirusFirewall

server