Manualshelf

User's Manual

ManualsBrandsSiemens Communications ManualsElectronicsHiPath Wireless AP, Altitude 450, Altitude 451
21222324252627282930
Overview of the Controller, Access Points and Convergence Software solution
hwc_intro.fm
Controller, Access Points and Convergence Software and your network
A31003-W1050-U100-2-7619
, March 2008
26 HiPath Wireless Controller, Access Points and Convergence Software V5 R1 , C20/C2400 User Guide
Identifying – Detect all Wi-Fi activity and correlate information from multiple
sensors
Auto-Classifying – Limit user intervention to maximize the protection of all
devices from all threats
•Preventing – Automatically block threats through dedicated sensors to
prevent any impact on the service level
Visualizing – Visualize measured coverage for service, detection, and
prevention
•Locating – Position rogue APs and clients on the floor-plan for permanent
removal
2.3.2.1 Authentication
The HiPath Wireless Controller relies on a RADIUS server, or authentication
server, on the enterprise network to provide the authentication information
(whether the user is to be allowed or denied access to the network). A RADIUS
client is implemented to interact with infrastructure RADIUS servers.
The HiPath Wireless Controller provides authentication using:
Captive Portal – a browser-based mechanism that forces users to a Web
page
RADIUS (using IEEE 802.1x)
The 802.1x mechanism is a standard for authentication developed within the
802.11 standard. This mechanism is implemented at the wireless Port, blocking
all data traffic between the wireless device and the network until authentication is
complete. Authentication by 802.1x standard uses Extensible Authentication
Protocol (EAP) for the message exchange between the HiPath Wireless
Controller and the RADIUS server.
When 802.1x is used for authentication, the HiPath Wireless Controller provides
the capability to dynamically assign per-wireless-device WEP keys (called per
session WEP keys in 802.11). Or in the case of WPA, the HiPath Wireless
Controller is not involved in key assignment. Instead, the controller is involved in
the path between RADIUS server and the user to negotiate the appropriate set of
keys. With WPA2 the material exchange produces a Pairwise Master Key which
is used by the AP and the user to derive their temporal keys. (The keys change
over time.)
In the Controller, Access Points and Convergence Software, a RADIUS
redundancy feature is provided, where you can define a failover RADIUS server
(up to 2 servers) in the event that the active RADIUS server fails.