Datasheet

ManualsBrandsTrapeze Networks ManualsNetworkingMX-2800-EU

Key Features

Scalability and Reliability

Ports and Interfaces • 8 x GE pluggable SFP and 10/100/1000Base-T RJ45

• 2 x 10GE pluggable XFP

Number of managed Access Points • Up to 512 APs in increments of 64 Access Points licenses

Network Domain™ service extends the reach of • Cluster of 1,024 Mobility Domains, extending mobility across 32,768 MX controllers

Mobility Domain across a global network

Reliability • Always-on availability and hitless failover with no service interruption for voice and data clients even in the unlikely event

of a controller failure

• Hot pluggable redundant power supply

• Hot pluggable fan tray module

• EtherChannel™ load-shared, redundant links

• Spanning tree and per-VLAN spanning tree (PVST+)

• Resilient network attachment via any MX port

• N:1 and N:N redundant MX capabilities

Security

Authentication • Supports complete local AAA authentication, including 802.1x, as primary or backup to a centralized AAA server

• Supports multiple AAA server groups and can load share across multiple AAA servers or within a server group

• Generates and manages X.509 digital certiﬁcates

• Assigns and enforces per-user authorization policies that are managed centrally from the AAA back-end

• Authorizations include virtual private group membership, personal ﬁrewall ﬁlters, time-of-day/day-of-week access, encryption type,

and location-speciﬁc policies

• IEEE 802.1x with multiple EAP types (TLS, PEAP/MSCHAP, TTLS)

• WebAAA, MAC, Open

• WiFi WPA2 Enterprise certiﬁed

Encryption Key Management • Encryption distributed in Mobility Point access points

• MX generates master and session keys

• Provides key management for each encryption technique

Identity-based Networking • User credentials deﬁne access and network resource privileges

• Privileges and services follow users as they roam

• Maintains a user’s membership in the right virtual private group based on the user’s authenticated identity

• Dynamically enables Virtual Private Groups to support roaming across router boundaries

• Centralized management and control

Endpoint assurance • Trusted Computing Group (TCG) - Trusted Network Connect (TNC) compliant

• Microsoft NAP compliant

Intrusion Detection and Protection • ActiveScan™ rogue and denial-of-service (DoS) attack detection — Scans all bands, associated channels and VLANs, while

simultaneously providing wireless connectivity to mobile clients

• SentryScan™ — Scans the air continuously on both bands and their associated channel while other MPs support wireless LAN clients

• Rogue detection, Intrusion Detection System (IDS) and RF countermeasures

• Trapeze/AirDefense integrated Intrusion Detection and Prevention

- Best in class IDS/IPS

- Common Trapeze MP hardware for sensor and service APs

- Dynamic threat management- convert MPs to sensors on demand

- Threat location and mitigation

Mobility Services

Data Services • Data-intensive applications

• Latency-sensitive applications

Standards-based toll quality voice service • VoIP protocol support

• 802.11 e/WMM compliant

• Queuing and priority (802.11e/WMM)

• Preserve voice priority across network (802.11i PMK cache, WMM)

• Bandwidth control for voice (TSPEC)

• Maximize handset battery life (U-APSD)

• Neighbor report assisted roaming (802.11k)