Manualshelf

User guide

ManualsBrandsMotorola ManualsOther5440SM - Canopy 5.4 GHz Subscriber Module
441442443444445446447448449450
438
pmp-0229 (Mar 2013)
Filtering Management through Ethernet Securing Your Network
Encrypting Downlink Broadcasts
An AP can be enabled to encrypt downlink broadcast packets such as the following:
ARP
NetBIOS
broadcast packets containing video data on UDP.
The encryption used is DES for a DES module, and AES for an AES module. Before the Encrypt
Downlink Broadcast feature is enabled on the AP, air link security should be enabled on the AP.
Isolating SMs
In an AP, you can prevent SMs in the sector from directly communicating with each other. In
CMMmicro Release 2.2 or later and the CMM4, you can prevent connected APs from directly
communicating with each other, which prevents SMs that are in different sectors of a cluster from
communicating with each other.
In the AP, the SM Isolation parameter is available in the General tab of the Configuration web
page. In the drop-down menu for that parameter, you can configure the SM Isolation feature by
any of the following selections:
Disable SM Isolation (the default selection). This allows full communication between SMs.
Block SM Packets from being forwarded. This prevents both multicast/broadcast and
unicast SM-to-SM communication.
Block and Forward SM Packets to Backbone. This not only prevents multicast/broadcast
and unicast SM-to-SM communication but also sends the packets, which otherwise would
have been handled SM to SM, through the Ethernet port of the AP.
In the CMMmicro and the CMM4, SM isolation treatment is the result of how you choose to
manage the port-based VLAN feature of the embedded switch, where you can switch all traffic
from any AP or BH to an uplink port that you specify. However, this is not packet level switching.
It is not based on VLAN IDs. See the VLAN Port Configuration parameter in the dedicated user
guide that supports the CMM product that you are deploying.
Filtering Management through Ethernet
You can configure the SM to disallow any device that is connected to its Ethernet port from
accessing the IP address of the SM. If you set the Ethernet Access Control parameter to
Enabled, then