Datasheet

ManualsBrandsTrapeze Networks ManualsNetworkingMXR-2-EU

DATA SHEET — MOBILITY EXCHANGE

™

MXR-2

™

Reliability • Spanning tree and per-VLAN spanning tree (PVST+)

• Resilient network attachment via any MX port

• N:1 redundant MX capabilities

SECURITY

Authentication • Supports complete local AAA authentication, including 802.1x, as primary

or backup to a centralized AAA server

• Supports multiple AAA server groups and can load share across multiple

AAA servers or within a server group

• Generates and manages X.509 digital certiﬁcates

• Assigns and enforces per-user authorization policies that are managed

centrally from the AAA back-end

• Authorizations include virtual private group membership, personal ﬁrewall

ﬁlters, time-of-day/day-of-week access, encryption type, and location-

speciﬁc policies

• IEEE 802.1x with multiple EAP types (TLS, PEAP/MSCHAP, TTLS)

• WebAAA, MAC, Open

• WiFi WPA2 Enterprise certiﬁed

Encryption Key Management • Encryption distributed in Mobility Points

• MX generates master and session keys

• Provides key management for each encryption technique

Identity-based Networking • User credentials deﬁne access and network resource privileges

• Privileges and services follow users as they roam

• Maintains a user’s membership in the right virtual private group based on

the user’s authenticated identity

• Dynamically enables Virtual Private Groups to support roaming across

router boundaries

• Centralized management and control

Endpoint Assurance • Trusted Computing Group (TCG) - Trusted Network Connect (TNC)

compliant

Intrusion Detection and Protection • ActiveScan

™

rogue and denial-of-service (DoS) attack detection — Scan

all bands, associated channels and VLANs, while simultaneously providing

wireless connectivity to mobile clients

• SentryScan

™

— Scan the air nonstop on both bands and their associated

channel while other MPs support wireless LAN clients

• Rogue detection, Intrusion Detection System (IDS) and RF

countermeasures

• Trapeze/AirDefense integrated Intrusion Detection and Prevention

- Best in class IDS/IPS

- Common Trapeze MP hardware for sensor and service APs

- Dynamic threat management- convert MPs to sensors on demand

- Threat location and mitigation

MOBILITY SERVICES

Data Services • Data-intensive applications

• Latency-sensitive applications

Standards-based toll quality voice

service

• VoIP protocol support

• 802.11 e/WMM compliant

• Queuing and priority (802.11e/WMM)

• Preserve voice priority across network (802.11i PMK cache, WMM)

• Bandwidth control for voice (TSPEC)

• Maximize handset battery life (U-APSD)

• Neighbor report assisted roaming (802.11k)