Alcatel OmniAccess 4000 WLAN Switch

Alcatel OmniAccess 4000 WLAN Switch
The Alcatel OmniAccess 4000 WLAN switch is the cornerstone of Alcatel’s leading
OmniVista
Air Control System
(ACS) Software
wireless enterprise solution coordinating security, RF management, intrusion
detection, quality of service (QoS), and mobility functions across an entire wireless
network. It works in conjunction with Alcatel OmniVista Air Control System (ACS)
software, Alcatel OmniAccess 1200 access points (APs), and third-party APs to
OmniAccess 4000 WLAN Switch
provide network managers with a robust wireless LAN (WLAN) solution that
•
•
•
•
Secure Policies
QoS Policies
RF Management
Mobility Management
enables business-critical wireless applications. From voice and data services to
location tracking, the OmniAccess 4000 provides the control, scalability, and
Third Party
Access Point
OmniAccess 1200
Access Point
reliability that IT managers need to build enterprise-scale wireless networks.
The Alcatel OmniAccess 4000 WLAN switch comes in two models – the 4012, which
provides 12 auto-sensing 10/100 Ethernet interfaces and the 4024, which provides 24
auto-sensing 10/100 Ethernet interfaces. The OmniAccess 4000 switch delivers wire-speed
switching and industry-standard power over Ethernet (PoE) on each 10/100 interface. PoE
functionality can be used to power Alcatel OmniAccess access points or any third-party
802.3af compliant device.
Application I – Direct connect access points
LAN Domain
Both Alcatel OmniAccess 1200s and third-party APs can be directly connected to
the 10/100 Ethernet interfaces on the Alcatel OmniAccess 4000 WLAN switch.
The Alcatel OmniAccess wireless system provides seamless intra-subnet and intersubnet roaming across these APs. The Fast Ethernet ports or optional Gigabit
Ethernet interfaces on the OmniAccess 4000 switch can be used to connect the
Alcatel OmniAccess wireless system to existing wire-line infrastructure for seamless
network integration.
Data Center
Switch
OmniAccess 4000
WLAN Switch
Third Party
Access Point
OmniAccess 1200
Access Point
Features and benefits
The Alcatel OmniAccess 4000
WLAN switch offers many
features and benefits including:
• Integrated AirView software
Easily enables the creation of an
intelligent RF control plane for
self-configuration, self-healing,
and self-optimization
• Zero-configuration deployment
The Alcatel OmniAccess wireless
system is deployed without
modifying existing routing and
switching infrastructures, and
without touching access points
• Built-in layer 1-4 security
Flexible security policies adapt
to changing corporate security
needs
• Rogue AP detection, location,
and containment
Integrated wireless intrusion
protection preserves the integrity
of wireless networks and
precious corporate resources
• Seamless mobility management
Inter-subnet roaming without
client software facilitates device
management; no changes to
core routing infrastructure makes
roaming easy
• Enterprise reliability
Automated recovery from AP
and switch failures maximizes
the availability of the wireless
network
Application II – Appliance mode deployment
Access points can be directly connected to an existing LAN
infrastructure, such as a layer 2/3 switch. These access points
automatically connect to an OmniAccess 4000 WLAN switch
using the Lightweight Access Point Protocol (LWAPP), an
emerging Internet Engineering Task Force (IETF) standard. All
traffic from the access points are subsequently tunneled to the
appropriate OmniAccess 4000 switch, which provides mobility,
security, and RF management across an entire enterprise.
>
2
A L C AT E L
Workgroup
Switch
Data Center Switch
Workgroup
Switch
Application III – Hybrid connectivity
The Alcatel OmniAccess 4000 switch can simultaneously
work in both appliance and direct connect mode, enabling
IT managers to leverage the PoE benefits of the Alcatel
OmniAccess equipment where necessary. When used in
hybrid mode, the OmniAccess 4000 switch provides the
same wireless functionality to all access points throughout an
enterprise, whether directly or indirectly connected to Alcatel
OmniAccess hardware.
LAN Domain
OmniAccess 4000
WLAN Switch
Third Party
Access Point
OmniAccess1200
Access Point
Intelligent RF management
AirView software, the industry’s only solution for intelligent RF management, comes
embedded on all Alcatel OmniAccess hardware, including the Alcatel OmniAccess
4000 WLAN switch and the Alcatel OmniAccess 4100 WLAN appliance. AirView
software uses patent-pending algorithms that detect and adapt to changes in the air
space in real-time. These adjustments create the optimal topology for wireless
networking – much the same way that routing protocols compute the best possible
topology of IP networks.
Management Plane
OmniVista
Air Control System (ACS)
Software
RF Domain
Interference Detection/Avoidance
Transmit Power
Control Plane
Rogue Detection/Containment
AirView Software
User Load Management
Automatic Channel Management
• Intuitive management interfaces
Better visibility and control of the
air space reduces operational
costs
OmniAccess 4000 WLAN Switch
Data Plane
Coverage Hole Management
Mobility Management
1200
4100
1200
LWAPP
4000
1200
1200
Alcatel OmniAccess 4000 WLAN Switch
Air-tight security
As wireless security is a chief concern of IT managers, the Alcatel OmniAccess 4000
WLAN switch is designed to adhere to the strictest level of security standards,
including HIPAA and FIPS. To achieve this, the system supports industry standard layer
3 encryption, including IPSec with DES, 3DES, and AES CBC. At layer 2, the system
also supports 802.1x (EAP), WEP, WPA with TKIP-MIC, and AES. At layer 1, the
system provides complete RF security, including protection against dictionary and
denial of service (DoS) attacks, as well as wireless intrusion protection.
Seamless mobility
The OmniAccess 4000 WLAN switch allows users to seamlessly roam between access
points, across switches, and even across routed subnets. Security and QoS context
information follows users wherever they roam, ensuring that mobility does not
compromise performance, reliability, or privacy. The OmniAccess 4000 does not
require modifications to existing infrastructures or client devices to enable mobility
(e.g., Mobile IP). As a result, the Alcatel OmniAccess wireless system is easy to
deploy, and cost-effective to own and operate.
Enterprise reliability
In the event of an access point failure, the Alcatel OmniAccess 4000 WLAN Switch
automatically adjusts power on adjacent access points to cover up the area where the
failed access point provided service. In the event of an individual switch failure,
access points deployed in appliance mode automatically find a backup switch to
ensure that wireless service remains available. Alcatel OmniAccess 4000 WLAN
switches can be deployed in an N+1 redundant topology, allowing enterprises to
scale their wireless networks with piece of mind that a hardware failure will not affect
overall network availability. This solution also allows users to control costs without
sacrificing reliability.
The standard for wireless LANs
Intelligent RF capabilities
Specific intelligent RF capabilities
within the Alcatel OmniAccess 4000
WLAN switch include:
• Dynamic channel assignment –
802.11 channels are adjusted to
optimize network coverage and
performance based on changing
RF conditions
• Interference detection and
avoidance – The OmniAccess
4000 detects interference and
recalibrates the network to avoid
performance problems
• Load balancing across multiple
access points – The Alcatel
OmniAccess wireless system
provides automatic load
balancing of users across multiple
APs for optimum network
performance, even under heavy
load
• Coverage hole detection and
correction – AirView software
detects coverage holes and
attempts to correct them by
adjusting the power output of APs
• Dynamic power control – The
OmniAccess 4000 dynamically
adjusts the power output of
individual APs to accommodate
changing network conditions. This
ensures predictable wireless
performance and availability
The Alcatel wireless product line has revolutionized the wireless space by bringing
simplicity to day-to-day wireless network operations. This includes automated tools for
RF deployment, optimization, and fault tolerance; a comprehensive policy manager to
ensure seamless network mobility; and an end-to-end framework for enterprise-wide
security.
The OmniAccess 4000 WLAN switch provides a secure and reliable platform for
building business critical wireless networks. By combining outstanding wireless
functionality with PoE and other necessary wire-line functions, the OmniAccess 4000
has set the standard for cost effective enterprise wireless networking.
A L C AT E L
3
>
Specifications
Protocols and standards
Wireless
802.11, 802.11a, 802.11b, 802.11g
Wireline / switching
IEEE 802.3 10BaseT, IEEE 802.3u 100BaseTX
specification, IEEE 802.3z 1000BaseX, IEEE 802.3ab
1000BaseT, IEEE 802.3af Power over Ethernet, IEEE
802.3x flow control, IEEE 802.1q VLAN tagging, IEEE
802.1D Spanning Tree protocol
Data RFCs
RFC 768 UDP, RFC 783 TFTP, RFC 791 IP, RFC 792 ICMP,
RFC 793 TCP, RFC 826 ARP, RFC 854 Telnet, RFC 1122
host requirements, RFC 1542 BOOTP, RFC 2068 HTTP, RFC
2131 BOOTP/DHCP Relay, RFC 1493 bridge, RFC 2665
Ethernet like interfaces for SMIv2
Security
IEEE 802.1x, IPSec, HMAC (MD5-96, SHA-1), Encryption
(DES, 3DES, AeS), TKIP, Michael Integrity Code (MIC),
WEP 40, 104 and 128 bits (both static and shared keys),
AeS-OCB 128 bit, broadcast key rotation, IKE (+IPSec and
various crypto/hash transforms), XAuth (password based
IKE - RADIUS backend), web based authentication, WPA
Secure Management
Management interface
SNMPv2/3, Command Line Interface, web-based HTTP(S),
SSL, SSH2, TELNET, SYSLOG
Management RFCs
RFC 1155-1157 SNMP V1, SNMP V2c, SNMP V3,
HTTP/HTTPS, RFC 1213 SNMP MIB II, RFC 1493 bridge
MIB, RFC 1643 Ethernet MIB, RFC 2239 802.3 MAU MIB,
RFC 1757 RMON/Lite, RFC 2233 interfaces group MIB,
RFC 2674 VLAN MIB, RFC 2863 interfaces group, RFC
2574 User-based Security Model (USM) for SNMP v3, RFC
2575 View-based Access Control Model (VACM for
SNMP), Alcatel OmniAccess private MIBs
Console port
RS-232 with male DB-9 connector
Management port
10/100 Mbps Ethernet RJ-45
Physical and environmental
Alcatel OmniAccess 4000 Switch
• Weight: 11.9 lbs (5.4 kg)
• Dimensions (WxDxH): 17.5 x 13 x 1.75 in.
Security RFCs
RFC 2104 Keyed Hashing for Message Authentication, RFC
2401 Security Architecture for the Internet Protocol, RFC
2403 use of HMAC-MD5-96 within ESP and AH, RFC
2404 Use of HMAC-SHA-1-96 within ESP and AH, RFC
2405 ESP DES-CBC Cipher Algorithm With Explicit IV, RFC
2406 encapsulating security payload, RFC 2408 ISAKMP,
RFC 2407, 2409 internet key exchange, RFC 2560 online
certificate status protocol, RFC 2510 certificate
management protocols, RFC 2511 certificate request
message format, RFC2451 ESP CBCMode Cipher
Algorithms, RFC 2459 certificate and CRL profile
Authentication
RFC 2866 RADIUS Accounting, RFC 2867 RADIUS Tunnel
Accounting, RFC 2618 RADIUS Authentication, RFC 2869
RADIUS Extensions Others Alcatel OmniAccess wireless
MIBs, Alcatel OmniAccess switching MIBs
(44.5 x 33.1 x 4.5 cm)
• Power over Ethernet: 48 VDC over CAT5, IEEE 802.3af
PoE specification
• Storage humidity: up to 95%
• Input power:
– with PoE: 2.6 A at 110 VAC, 60 Hz, 1.3 A at 220 VAC,
50 Hz
• 3 LEDs: status, 1000BaseX activity and alarm. Separate
link and activity LEDs for 1000BaseSX and 1000BaseT
modules
• Operating temperature: 0 to 50°C (32 to 122°F)
• Storage temperature: 25 to 70°C ( 13 to 158°F)
• Operating humidity: 10 to 95%, non-condensing
Agency approvals
Alcatel OmniAccess 4000 WLAN switch
Safety – CSA 22.2 No. 950-95
CSA 1950
EMC – FCC Part 15 class A
EN55022 class A
Alcatel
ICES-003 (Canada)
26801 West Agoura Road
Calabasas, CA 91301 USA
Contact Center
(800) 995-2612 US/Canada
(818) 880-3500 Outside US
www.alcatel.com/enterprise
Product specifications contained in this document are subject to change without notice. Contact your local Alcatel representative for the
most current information. Copyright © 2004 Alcatel Internetworking, Inc. All rights reserved. This document may not be reproduced in
whole or in part without the expressed written permission of Alcatel Internetworking, Inc. Alcatel® and the Alcatel logo are registered
trademarks of Alcatel. All other trademarks are the property of their respective owners. P/N 031445-00. 2/04
Additional security
features
Some additional highlights of the
security features contained within
the Alcatel OmniAccess 4000
WLAN switch include:
• VPN termination – The
OmniAccess 4000 supports an
optional on-board security
module that supports IPSec
encryption at rates up to 2
million packets per second
• Identity-based security policies –
IT managers have granular
control over how users can use
the wireless network and where
they can roam
• Rogue AP detection, location
and suppression – The Alcatel
OmniAccess wireless system
detects rogue access points and
allows IT managers to locate
them and prevent users from
associating with them. This
preserves the integrity of the
wireless network and ensures
that malicious users cannot
access sensitive corporate
information
• Secure out of the box – As with
all Alcatel OmniAccess wireless
solutions, the OmniAccess 4000
series ships with built-in X.509
certificates. This ensures that the
system is completely secure from
the moment it is turned on