Manualshelf

Datasheet

ManualsBrandsNortel ManualsNetworkingDR4001A80E5
12345678910
5
domains that can span multiple floors,
an entire building or campus. Within
the mobility domain, each user’s security,
QoS and access policies follow them as
they roam from access point to access
point. Regardless of where a user roams,
their traffic will always be tunneled back
to the WLAN Security Switch that can
put them on to the appropriate network
VLAN and subnet. This roaming archi-
tecture ensures a symmetrical data flow
and wont break multi-cast memberships
like competing solutions.
Virtual service groups for
management exibility
EachWLANSecuritySwitchcansupport
up to 32 independent virtual WLANs
overasingleinfrastructure.Eachvirtual
WLAN can be set up as a unique service
group that can be assigned its own
VLAN, subnet and AAA server(s), along
with specific security and QoS policies.
In shared environments or managed
services implementations, each virtual
service group can have its own Web
authentication page to request usernames
and passwords or display instructions,
welcome banners, corporate identities or
advertisements.
AAA management/ofoading
offers authentication options
WLAN Security Switches are capable of
enforcing multiple authentication options
includingclientMACaddress,802.1Xor
Web-based authentication, and can map
any SSID or virtual service group to a
primary and backup AAA server, or load
balance requests among multiple AAA
servers for service resiliency. The WLAN
Security Switch offloads back-end AAA
servers by terminating and processing
ExtensibleAuthenticationProtocol
(EAP)for802.1Xusers,includingkey
generation and management functions
forEAP-TLS,EAP-MD5andPEAP.
The WLAN Security Switch will also
offload Transport Layer Security (TLS)
processing,includingX.509certicate
generation and management.
Centralized access point
management provides simplied
administration
EachWLANSecuritySwitchprovides
centralized management for the access
points under its control. Firmware
updates, configuration changes and RF
management can all be performed by
the WLAN Security Switch through a
management interface or via Wireless
ManagementSoftware.TheWLAN
Security Switch management system
provides administrators with detailed
tracking and reporting of activity on all
access points.
Dynamic RF management
ensures optimal coverage
The WLAN Security Switch continually
receives RF data from associated access
points and processes important informa-
tion such as traffic load, interference from
nearby devices, noise levels, client signal
strength and signal-to-noise ratios. Using
this data, the WLAN Security Switch
calculates the optimal 802.11 channel
assignments and radio power transmission
levels for all associated access points. The
WLAN Security Switch can automati-
cally apply these settings to the respective
access points and keep the WLAN system
operating at peak performance and effi-
ciency even when adverse or unexpected
conditionsarise such as outages, interfer-
ence or radio jamming attacks.
User RF optimization provides
personalized performance
The WLAN Security Switch 2300 Series
takes RF management to a new level by
assimilating client RF data and client
Figure 4. Mobility management
Control of the mobility domain
Device
(MAC 00XXXX)
Group
(NE Sales)
Geography
(Boston 1)
Site location
(4th oor E.)
Time of day
(Wed. 08:30 ET)
SSID
VLAN
Subnet
AAA
ACL (Layer 3/4)
Bandwidth allocation
Roaming permissions
QoS priority
Multicast membership
Time-out
User (Bob Smith)
User
identity
extensions
Mobility
service
prole
An identity-based networking option shifts the management focal point
from physical location and ports to the user
User identity extensions are dynamically acquired during authentication
User mobility prole denes policies based on user identity, location and
time of day
User mobility prole follows roaming user and dynamically adapts for
location and time