Datasheet

ManualsBrandsNortel ManualsNetworkingDR4001A80E5

toring of the WLAN. Should an event

occur, administrators can troubleshoot

by drilling down to a granular level and

see user roaming and usage history, RF

and network statistics and hierarchical

maps. The threat of rogue access points

and ad-hoc users is mitigated through

immediate identiﬁcation, location and

containment. All user, network and

RF data, statistics and history can be

captured in customizable reports and

the planning tool can also be used on

an ongoing basis to support conﬁgu-

ration updates and new equipment

deployments as the network grows.

TheWLANManagementSoftware

system also features an HP OpenView

plug-in to integrate with existing

management systems.

WLAN Location Engine

TheWLANLocationEngine2340isan

integrated location services solution that

uses the RF and user data captured by

the WLAN 2300 access points to resolve

the location of thousands of mobile

stations or asset tags simultaneously.

Security standards/authentication

• WPA/WPA2

• 802.11i/802.1x

• EAP-TLS, EAP-TTLS, EAP-MD5,

EAP w/MS CHAP v2 and PEAP, PEAP-TLV

• MAC authentication

• X.509 certicates

• RADIUS AAA

• RADIUS Extensions

• Local AAA

• Web-based AAA

Cryptography

• WEP, dynamic WEP, TKIP: RC4 40/108 bit

• SSL, TLS: RC4 128 bit

• CCMP: AES 128 bit

• Public key cryptography RSA 1024/2048 bit

Wireless threat protection

• Flood attack detection

• RF jamming protection

• AP MAC address masquerading detection

• Weak WEP IV detection

• Spoof attack detection

• Rogue AP protection

Access control

• User/group identity

• Multiple SSID

• MAC ltering

• Layer 3 deny lters

• Layer 4 deny lters

• Time-of-day restrictions

• Day-of-week restrictions

• Location-based policies

• Client blacklisting

• Subnet classication

• VLAN assignments

• Roaming restrictions

Security capabilities of the

WLAN 2300 System

Rogue access point protection

with the WLAN 2300 Series

• Rogue access point detection

—

Unauthorized access point is detected

during an RF scan.

• Rogue access point alert

—

Noties the

appropriate administrator

of the event.

• Rogue access point classication

—

Analyzes and classies the threat based on

behavior.

• Rogue access point location

—

Identies

access point location on the oor map.

• Rogue access point monitoring

—

Records

behavior and usage.

• Rogue access point containment

—

Threatening access point is crippled by

an RF attack.

Figure 12. WLAN Location Engine 2340

and converged applications. The WLAN

ManagementSoftwaresystemwillmap

the access point’s physical location on

ﬂoor plans and produce an accurate

bill of materials to make installation

as simple as possible, and once access

points are installed, it can push conﬁgu-

rations out to thousands of devices with

a single key stroke to get the WLAN up

and running as quickly as possible.

The system can also import RF maps

fromanEkahau

™

site survey tool and

overlay them on top of existing ﬂoor

plans for an exact RF topology and

more accurate rogue access point and

user location. An open API can be used

to export user location to third-party

applications.

Ongoing operations

TheWLANManagementSoftware

system is designed to equip administra-

tors with the powerful tools required to

support wireless voice and converged

services. The visual interface presents a

top-level ﬂoor plan view that includes

RF topology, access point, rogue access

point and user location mapping with

conﬁgurable alarms for ongoing moni-

WSS 2382

Integrated control

User/RF data

Packet requests

Device location and tracking

WLE 2340

WA P 2300

Integrated location services

allow the WLAN 2300 system

to locate and track any mobile

station with high-resolution

accuracy for applications such

as location-based policies,

content delivery or asset

locating and tracking.