Alcatel OmniAccess 4000 WLAN Switch
Transcription
Alcatel OmniAccess 4000 WLAN Switch
Alcatel OmniAccess 4000 WLAN Switch The Alcatel OmniAccess 4000 WLAN switch is the cornerstone of Alcatel’s leading OmniVista Air Control System (ACS) Software wireless enterprise solution coordinating security, RF management, intrusion detection, quality of service (QoS), and mobility functions across an entire wireless network. It works in conjunction with Alcatel OmniVista Air Control System (ACS) software, Alcatel OmniAccess 1200 access points (APs), and third-party APs to OmniAccess 4000 WLAN Switch provide network managers with a robust wireless LAN (WLAN) solution that • • • • Secure Policies QoS Policies RF Management Mobility Management enables business-critical wireless applications. From voice and data services to location tracking, the OmniAccess 4000 provides the control, scalability, and Third Party Access Point OmniAccess 1200 Access Point reliability that IT managers need to build enterprise-scale wireless networks. The Alcatel OmniAccess 4000 WLAN switch comes in two models – the 4012, which provides 12 auto-sensing 10/100 Ethernet interfaces and the 4024, which provides 24 auto-sensing 10/100 Ethernet interfaces. The OmniAccess 4000 switch delivers wire-speed switching and industry-standard power over Ethernet (PoE) on each 10/100 interface. PoE functionality can be used to power Alcatel OmniAccess access points or any third-party 802.3af compliant device. Application I – Direct connect access points LAN Domain Both Alcatel OmniAccess 1200s and third-party APs can be directly connected to the 10/100 Ethernet interfaces on the Alcatel OmniAccess 4000 WLAN switch. The Alcatel OmniAccess wireless system provides seamless intra-subnet and intersubnet roaming across these APs. The Fast Ethernet ports or optional Gigabit Ethernet interfaces on the OmniAccess 4000 switch can be used to connect the Alcatel OmniAccess wireless system to existing wire-line infrastructure for seamless network integration. Data Center Switch OmniAccess 4000 WLAN Switch Third Party Access Point OmniAccess 1200 Access Point Features and benefits The Alcatel OmniAccess 4000 WLAN switch offers many features and benefits including: • Integrated AirView software Easily enables the creation of an intelligent RF control plane for self-configuration, self-healing, and self-optimization • Zero-configuration deployment The Alcatel OmniAccess wireless system is deployed without modifying existing routing and switching infrastructures, and without touching access points • Built-in layer 1-4 security Flexible security policies adapt to changing corporate security needs • Rogue AP detection, location, and containment Integrated wireless intrusion protection preserves the integrity of wireless networks and precious corporate resources • Seamless mobility management Inter-subnet roaming without client software facilitates device management; no changes to core routing infrastructure makes roaming easy • Enterprise reliability Automated recovery from AP and switch failures maximizes the availability of the wireless network Application II – Appliance mode deployment Access points can be directly connected to an existing LAN infrastructure, such as a layer 2/3 switch. These access points automatically connect to an OmniAccess 4000 WLAN switch using the Lightweight Access Point Protocol (LWAPP), an emerging Internet Engineering Task Force (IETF) standard. All traffic from the access points are subsequently tunneled to the appropriate OmniAccess 4000 switch, which provides mobility, security, and RF management across an entire enterprise. > 2 A L C AT E L Workgroup Switch Data Center Switch Workgroup Switch Application III – Hybrid connectivity The Alcatel OmniAccess 4000 switch can simultaneously work in both appliance and direct connect mode, enabling IT managers to leverage the PoE benefits of the Alcatel OmniAccess equipment where necessary. When used in hybrid mode, the OmniAccess 4000 switch provides the same wireless functionality to all access points throughout an enterprise, whether directly or indirectly connected to Alcatel OmniAccess hardware. LAN Domain OmniAccess 4000 WLAN Switch Third Party Access Point OmniAccess1200 Access Point Intelligent RF management AirView software, the industry’s only solution for intelligent RF management, comes embedded on all Alcatel OmniAccess hardware, including the Alcatel OmniAccess 4000 WLAN switch and the Alcatel OmniAccess 4100 WLAN appliance. AirView software uses patent-pending algorithms that detect and adapt to changes in the air space in real-time. These adjustments create the optimal topology for wireless networking – much the same way that routing protocols compute the best possible topology of IP networks. Management Plane OmniVista Air Control System (ACS) Software RF Domain Interference Detection/Avoidance Transmit Power Control Plane Rogue Detection/Containment AirView Software User Load Management Automatic Channel Management • Intuitive management interfaces Better visibility and control of the air space reduces operational costs OmniAccess 4000 WLAN Switch Data Plane Coverage Hole Management Mobility Management 1200 4100 1200 LWAPP 4000 1200 1200 Alcatel OmniAccess 4000 WLAN Switch Air-tight security As wireless security is a chief concern of IT managers, the Alcatel OmniAccess 4000 WLAN switch is designed to adhere to the strictest level of security standards, including HIPAA and FIPS. To achieve this, the system supports industry standard layer 3 encryption, including IPSec with DES, 3DES, and AES CBC. At layer 2, the system also supports 802.1x (EAP), WEP, WPA with TKIP-MIC, and AES. At layer 1, the system provides complete RF security, including protection against dictionary and denial of service (DoS) attacks, as well as wireless intrusion protection. Seamless mobility The OmniAccess 4000 WLAN switch allows users to seamlessly roam between access points, across switches, and even across routed subnets. Security and QoS context information follows users wherever they roam, ensuring that mobility does not compromise performance, reliability, or privacy. The OmniAccess 4000 does not require modifications to existing infrastructures or client devices to enable mobility (e.g., Mobile IP). As a result, the Alcatel OmniAccess wireless system is easy to deploy, and cost-effective to own and operate. Enterprise reliability In the event of an access point failure, the Alcatel OmniAccess 4000 WLAN Switch automatically adjusts power on adjacent access points to cover up the area where the failed access point provided service. In the event of an individual switch failure, access points deployed in appliance mode automatically find a backup switch to ensure that wireless service remains available. Alcatel OmniAccess 4000 WLAN switches can be deployed in an N+1 redundant topology, allowing enterprises to scale their wireless networks with piece of mind that a hardware failure will not affect overall network availability. This solution also allows users to control costs without sacrificing reliability. The standard for wireless LANs Intelligent RF capabilities Specific intelligent RF capabilities within the Alcatel OmniAccess 4000 WLAN switch include: • Dynamic channel assignment – 802.11 channels are adjusted to optimize network coverage and performance based on changing RF conditions • Interference detection and avoidance – The OmniAccess 4000 detects interference and recalibrates the network to avoid performance problems • Load balancing across multiple access points – The Alcatel OmniAccess wireless system provides automatic load balancing of users across multiple APs for optimum network performance, even under heavy load • Coverage hole detection and correction – AirView software detects coverage holes and attempts to correct them by adjusting the power output of APs • Dynamic power control – The OmniAccess 4000 dynamically adjusts the power output of individual APs to accommodate changing network conditions. This ensures predictable wireless performance and availability The Alcatel wireless product line has revolutionized the wireless space by bringing simplicity to day-to-day wireless network operations. This includes automated tools for RF deployment, optimization, and fault tolerance; a comprehensive policy manager to ensure seamless network mobility; and an end-to-end framework for enterprise-wide security. The OmniAccess 4000 WLAN switch provides a secure and reliable platform for building business critical wireless networks. By combining outstanding wireless functionality with PoE and other necessary wire-line functions, the OmniAccess 4000 has set the standard for cost effective enterprise wireless networking. A L C AT E L 3 > Specifications Protocols and standards Wireless 802.11, 802.11a, 802.11b, 802.11g Wireline / switching IEEE 802.3 10BaseT, IEEE 802.3u 100BaseTX specification, IEEE 802.3z 1000BaseX, IEEE 802.3ab 1000BaseT, IEEE 802.3af Power over Ethernet, IEEE 802.3x flow control, IEEE 802.1q VLAN tagging, IEEE 802.1D Spanning Tree protocol Data RFCs RFC 768 UDP, RFC 783 TFTP, RFC 791 IP, RFC 792 ICMP, RFC 793 TCP, RFC 826 ARP, RFC 854 Telnet, RFC 1122 host requirements, RFC 1542 BOOTP, RFC 2068 HTTP, RFC 2131 BOOTP/DHCP Relay, RFC 1493 bridge, RFC 2665 Ethernet like interfaces for SMIv2 Security IEEE 802.1x, IPSec, HMAC (MD5-96, SHA-1), Encryption (DES, 3DES, AeS), TKIP, Michael Integrity Code (MIC), WEP 40, 104 and 128 bits (both static and shared keys), AeS-OCB 128 bit, broadcast key rotation, IKE (+IPSec and various crypto/hash transforms), XAuth (password based IKE - RADIUS backend), web based authentication, WPA Secure Management Management interface SNMPv2/3, Command Line Interface, web-based HTTP(S), SSL, SSH2, TELNET, SYSLOG Management RFCs RFC 1155-1157 SNMP V1, SNMP V2c, SNMP V3, HTTP/HTTPS, RFC 1213 SNMP MIB II, RFC 1493 bridge MIB, RFC 1643 Ethernet MIB, RFC 2239 802.3 MAU MIB, RFC 1757 RMON/Lite, RFC 2233 interfaces group MIB, RFC 2674 VLAN MIB, RFC 2863 interfaces group, RFC 2574 User-based Security Model (USM) for SNMP v3, RFC 2575 View-based Access Control Model (VACM for SNMP), Alcatel OmniAccess private MIBs Console port RS-232 with male DB-9 connector Management port 10/100 Mbps Ethernet RJ-45 Physical and environmental Alcatel OmniAccess 4000 Switch • Weight: 11.9 lbs (5.4 kg) • Dimensions (WxDxH): 17.5 x 13 x 1.75 in. Security RFCs RFC 2104 Keyed Hashing for Message Authentication, RFC 2401 Security Architecture for the Internet Protocol, RFC 2403 use of HMAC-MD5-96 within ESP and AH, RFC 2404 Use of HMAC-SHA-1-96 within ESP and AH, RFC 2405 ESP DES-CBC Cipher Algorithm With Explicit IV, RFC 2406 encapsulating security payload, RFC 2408 ISAKMP, RFC 2407, 2409 internet key exchange, RFC 2560 online certificate status protocol, RFC 2510 certificate management protocols, RFC 2511 certificate request message format, RFC2451 ESP CBCMode Cipher Algorithms, RFC 2459 certificate and CRL profile Authentication RFC 2866 RADIUS Accounting, RFC 2867 RADIUS Tunnel Accounting, RFC 2618 RADIUS Authentication, RFC 2869 RADIUS Extensions Others Alcatel OmniAccess wireless MIBs, Alcatel OmniAccess switching MIBs (44.5 x 33.1 x 4.5 cm) • Power over Ethernet: 48 VDC over CAT5, IEEE 802.3af PoE specification • Storage humidity: up to 95% • Input power: – with PoE: 2.6 A at 110 VAC, 60 Hz, 1.3 A at 220 VAC, 50 Hz • 3 LEDs: status, 1000BaseX activity and alarm. Separate link and activity LEDs for 1000BaseSX and 1000BaseT modules • Operating temperature: 0 to 50°C (32 to 122°F) • Storage temperature: 25 to 70°C ( 13 to 158°F) • Operating humidity: 10 to 95%, non-condensing Agency approvals Alcatel OmniAccess 4000 WLAN switch Safety – CSA 22.2 No. 950-95 CSA 1950 EMC – FCC Part 15 class A EN55022 class A Alcatel ICES-003 (Canada) 26801 West Agoura Road Calabasas, CA 91301 USA Contact Center (800) 995-2612 US/Canada (818) 880-3500 Outside US www.alcatel.com/enterprise Product specifications contained in this document are subject to change without notice. Contact your local Alcatel representative for the most current information. Copyright © 2004 Alcatel Internetworking, Inc. All rights reserved. This document may not be reproduced in whole or in part without the expressed written permission of Alcatel Internetworking, Inc. Alcatel® and the Alcatel logo are registered trademarks of Alcatel. All other trademarks are the property of their respective owners. P/N 031445-00. 2/04 Additional security features Some additional highlights of the security features contained within the Alcatel OmniAccess 4000 WLAN switch include: • VPN termination – The OmniAccess 4000 supports an optional on-board security module that supports IPSec encryption at rates up to 2 million packets per second • Identity-based security policies – IT managers have granular control over how users can use the wireless network and where they can roam • Rogue AP detection, location and suppression – The Alcatel OmniAccess wireless system detects rogue access points and allows IT managers to locate them and prevent users from associating with them. This preserves the integrity of the wireless network and ensures that malicious users cannot access sensitive corporate information • Secure out of the box – As with all Alcatel OmniAccess wireless solutions, the OmniAccess 4000 series ships with built-in X.509 certificates. This ensures that the system is completely secure from the moment it is turned on