UNIFIED WIRELESS NETWORK

Slides:



Advertisements
Similar presentations
Submission doc.: IEEE 11-13/0343r0 Operator Oriented Wi-Fi — Problem Analysis and Proposals Dapeng Liu Chunju Shao Fang Xie Ge Liu China Mobile.
Advertisements

Wide Area Wi-Fi Sam Bhoot. Wide Area Wi-Fi  Definition: Wi-Fi (Wireless Fidelity) n. – popular term for high frequency wireless local area networks operating.
Introducing New Additions to ProSafe Advanced Smart Switch Family: GS724TR and GS748TR (ProSafe 24 and 48-port Gigabit Smart Switches with Static Routing)
D-Link Unified Access Point DWL-2600AP Sales Guide Mar 2012 ISPD.
Application Guide For Mesh AP – MAP-3120
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
Page 1 / 14 The Mesh Comparison PLANET’s Layer 3 MAP products v.s. 3 rd ’s Layer 2 Mesh.
Business Solution Seminar 2008 D-Link Unified Switch October – November 2008.
300Mbps n Wireless Gigabit Router
USRobotics Professional Access Point  Yosi Rafael.
DAP-3520 AirPremier N PoE Exterior Access Point D-Link HQ, Dec 2008 D-Link Confidential.
DAP-3520 AirPremier N PoE Exterior Access Point D-Link Confidential.
300Mbps n Wireless In-wall Access Point
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Wireless. Module Objectives By the end of this module participants will be able to: Explain the differences between thick and thin access points List.
D-Link Unified Switch DWS-3160 Sales Guide August 2011 DHQ.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
CCNA Exploration Semester 3 Modified by Profs. Ward and Cappellino
D-Link Unified Access Point
D-Link Confidential Sales Guide of DWS DWL-8600AP v1.0 Unified Wired/Wireless Solution Gary Kao D-Link HQ, August, 2009.
750Mbps ac Wireless Broadband Router WDRT-750AC.
MAP a/b/g Outdoor MESH Access Point Copyright © PLANET Technology Corporation. All rights reserved.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.
Technical Training: DIR-615
Technical Training: DAP-1360 Wireless N Access Point DAP-1360.
195Eg Ethernet Wired LAN 195Eg. Wireless Ethernet Setting IP Address Using Utility Programs Begin Programming Definition Selection Programming Modes of.
Dartmouth’s Wireless Network May 16, 2005 David W. Bourque.
AirPremier N Dual Band Concurrent PoE Access Point DAP-3690
© Aastra – 2012 SIP-DECT 4.0 RFP 43 WLAN June 2012.
Wireless standards Unit objective Compare and contrast different wireless standards Install and configure a wireless network Implement appropriate wireless.
D-Link Business Wireless. Trends of Business Wireless solutions The market is looking for Cutting-edge Technology Unified Wired and Wireless Access System.
Wireless Ethernet Adapter WEPA New Generation 11-Oct-15 Page 1.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Wireless Router Chapter 7.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 9 Virtual Trunking Protocol.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Cisco Discovery Home and Small Business Networking Chapter 7 – Wireless Networking Jeopardy Review v1.1 Darren Shaver Kubasaki High School – Okinawa,
Wireless LAN Requirements (1) Same as any LAN – High capacity, short distances, full connectivity, broadcast capability Throughput: – efficient use wireless.
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in Fireware v
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0— © 2003, Cisco Systems, Inc. All rights reserved.
Wireless Access Point Product Overview
Wireless Ethernet Programming
Wireless LAB Test Preparation Guide
Optimizing the In-Home Experience
Mobility & Wireless - Routers, APs
CWNA-106 CWNP - Certified Wireless Network Administrator
Wireless-AC3200 Tri-band Gigabit Router RT-AC3200
Wireless LAN Solution.
Product Introduction --QoS VPN Router G3 16/12/2015 Business WLAN
IFIP-UNU ADVANCED COURSE ON NETWORKING AND SECURITY Module II-Wireless Communications Section 5 Access Points.
Network Security Solution
300Mbps n Wireless In-wall Access Point
1750Mbps 11ac Dual Band Ceiling-mount Enterprise Wireless Access Point
Instructor Materials Chapter 6 Building a Home Network
Wireless IP products: GWN series
Wireless Technologies
software features Highlight
Wireless Access Point Product Overview
Wireless Fidelity 1 1.
What’s New in Fireware v12.1.1
Central WiFiManager.
Wireless LAN Security 4.3 Wireless LAN Security.
D-Link Business Wireless LAN Solution
Chapter 2: Scaling VLANs
UNIFIED WIRELESS NETWORK
AirPremier N Access Point DAP-2310
Central WiFiManager.
UNIFIED WIRELESS NETWORK
What’s New In WatchGuard Wi-Fi Cloud v8.6
Introduction to the WatchGuard AP Device
Presentation transcript:

UNIFIED WIRELESS NETWORK Controllers: DWS-3160 / DWC-2000 / DWC-1000 Access Points : DWL-2600/DWL-3610 / DWL-6600 / DWL-6610 / DWL-6700 / DWL-8600 / DWL-8610/ DWL-8710

D-Link Unified Wireless Solution DWS-3160 Series DWS-3160-24TC Wireless Switch 24 Gigabit ports 4 Combo SFP Slots Can Manage upto 48 Aps Expandable up to 4 peer with 192 APs Support WIDS

D-Link Unified Wireless Solution DWS-3160 Series DWS-3160-24PC Wireless Switch 24 Gigabit PoE ports 4 Combo SFP Slots Can Manage upto 48 Aps Expandable up to 4 peer with 192 APs Support WIDS

D-Link Unified Wireless Solution DWC-2000 Wireless Controller 4 Gigabit Copper / SFP combo ports 2 USB 2.0 ports Optional Module Slot Can Manage up to 256 APs Expandable up to 8 peer supports upto 1024 APs Support WIDS , Guest Management

D-Link Unified Wireless Solution DWC-1000 Wireless Controller 4 10/100/1000 Mbps LAN ports 2 10/100/1000 Mbps option ports 2 USB 2.0 ports Can Manage upto 66 APs Expandable up upto 264 Aps with 4 peer DWC-1000 wireless controller Support WIDS, Guest Management Support IPSec/SSL/PPTP VPN Tunnels

D-Link Unified Wireless Solution DWL- 2600AP DWL-3610AP IEEE 802.11 a/b/g/n/ac 2.4 GHZ or 5GHz Upto 300 Mbps for 802.11n Upto 867Mbps for 802.11ac 10/100 /1000 Mbps PoE LAN Port WMM-certified Support Management/ Standalone Modes IEEE 802.11 b/g/n 2.4 GHZ up to 300Mbps 10/100 Mbps PoE LAN Port WMM-certified Support Management/ Standalone Modes

D-Link Unified Wireless Solution DWL- 6600AP DWL- 6610AP IEEE 802.11 a/b/g/n 2.4 GHz & 5GHz Upto 300 Mbps in each frequency band simultaneously 10/100/1000 Mbps PoE LAN Port 4 External antenna connectors UL2043 certified chassis Support Management/ Standalone Modes IEEE 802.11 a/b/g/n/ac 2.4 GHz & 5GHz Upto 1200 Mbps 10/100/1000 Mbps PoE LAN Port 2x2 Internal antennas UL2043 certified chassis Support Management/ Standalone Modes

D-Link Unified Wireless Solution D-Link Unified WLAN Solutions D-Link Unified Wireless Solution DWL-8610AP DWL- 8600AP IEEE 802.11 a/b/g/n 2.4 GHz & 5GHz Upto 300 Mbps in each frequency band simultaneously 10/100/1000 Mbps PoE LAN Port 2x2 Detachable Antennas Solid Die Cast Metal Housing Support Management/ Standalone Modes IEEE 802.11 a/b/g/n/ac 2.4 GHz & 5GHz Upto 1750 Mbps 2 X 10/100/1000 Mbps LAN Ports 3x3 Internal Antennas Plenum-rated Housing Support Management/ Standalone Modes

D-Link Unified Wireless Solution DWL- 8710AP (Outdoor) DWL-6700AP(Outdoor) IEEE 802.11 a/b/g/n 2.4 GHz & 5GHz Upto 300 Mbps in each frequency band simultaneously 2x 10/100 Mbps LAN Ports Internal 2 x 2 antennas IP-55 rated Support Management/ Standalone Modes IEEE 802.11 a/b/g/n/ac 2.4 GHz & 5GHz Upto 1200 Mbps 2X 10/100/1000 Mbps LAN Ports Detachable 2 x 2 Antennas IP-67 rated Support Management/ Standalone Modes

Centralized Access Point Management Central Policy Control The Profile configuration is applied to a managed AP on the event such as when an AP initially transitions to managed mode, or when AP is reset. Users hence can enjoy the convenience of one-time configuration. The security is ensured owing to the applied configuration won’t be saved when AP is power off. Radius Server (Optional) Dynamic VLAN Assignment Client MAC list AP MAC list L2 or L3 Network Firmware dispatch Profile dispatch RADIUS server settings Security settings Radio configuration SSIDs, VLAN & Tunnel setting QOS configuration

Switch Clustering Admin Master Switch Peer Switches Peer Switches can form a Cluster Group Up to 4 DWS-3160 could be a Cluster Group All wireless configuration & management can be done from one switch One Master Switch gathers all statistics and status from peer switches, APs and clients in the group Provides single point of management Similar to D-Link Single IP Management (SIM) Wireless Management & Configuration Admin Master Switch Peer Switches

N+1/ N+N Switch Redundancy N+1 Unified Switch Redundancy One extra switch works only as backup Allow each switch manages its maximum number of APs Unified Switch 2 Unified Switch 1 L2 or L3 Network Primary: Secondary: Unified Switch BKP N+N Unified Switch Redundancy Each switch backup its peer switches In order to backup peer switches, the switch needs to reserve some space for peer switch managed APs. Therefore, it cannot manage its maximum number of APs

Automatic Channel/Power Adjustment Channels and Power will automatically be adjusted on any new event in the system such as an AP being added or being removed, or the switch can be programmed to automatically readjust channels and power at certain times (i.e. 2:00am each day) of the day or upon a certain interval (i.e. every 6 hours) Channel 24 Channel 48 2. Rogue AP Or Radio interference Channel 48 3. Changes to Channel 18 New AP Channel 36 Channel 54 1. When inserting new AP, the AP scans the RF area for occupied channels and selects a channel from the available non-interfering, or clear channels.

Automatic Channel/Power Adjustment Automatic power uses a proprietary algorithm to automatically adjust the RF signal to broadcast far enough to reach wireless clients, but not so far that it interferes with RF signals broadcast by other APs.

Auto Power Adjustment RF Self-Healing Auto Power Adjustment Auto RF Management Auto Power Adjustment In a clustering group, automatically adjust the power according to the strength changes of RF signals broadcasting by other APs, the unified switches readjust power by schedule (ex. upon a certain interval) RF Self-Healing When a Managed AP is powered down, the power of its neighboring AP(s) managed by the same switch is immediately increased by 20% The power level will readjust again every pre-configured interval by sensing neighboring AP power status Channel Plan Period Power Adjustment Clustering Power 50% Power 90% Auto Power Adjustment Power 90% Power 50% Power 90% Power 60% Power 30% Power 70% Power 50% Power 90% RF Self-Healing Auto Power Adjustment AP Fail

Advanced RF Feature: Radio Protection Advanced “Radio Protection” design to guarantee that 802.11 transmissions do not cause interference with legacy stations or applications It is great feature to sustain 11n client throughput on mixed wireless clients environment (11n, 11g and 11b wireless clients work together) Without Radio Protection, the 11n wireless clients will run at 11g or 11b wireless speed in mixed environment. Customers won’t need to replace all legacy wireless clients to get the benefit on 11n transmission (High throughput , High reliability) With Radio Protection Enabled 802.11n client Run at 802.11 n Transmission rate 802.11n client Run at 802.11 b/g Transmission rate 802.11 b/g client Run at 802.11 b/g Transmission rate Run at 802.11 n Transmission rate 802.11n client 802.11 b/g client 802.11n client Run at 802.11 b/g Transmission rate Run at 802.11 b/g Transmission rate

AP Traffic Load Balancing Balance traffic load of each Managed APs Based on the percentage of bandwidth utilization Based on the Max. Wireless Clients Force a new client associating to an overlapped neighbor AP which has lower unitization while the nearest one exceed the threshold Periodically update APs utilization reports Utilization Threshold: 60% Utilization Threshold: 60% AP-B AP-A Subnet B Reject association from AP-A AP Traffic Load Balancing Force the association to AP-B Request connection to AP-A Subnet A AP-A checks its utilization AP-A reaches the utilization threshold value

Multiple SSIDs can be configured on an AP. Virtual Access Points Multiple SSIDs can be configured on an AP. Each radio of an AP can be configured up to16 networks (SSIDs). Up to 16 networks are supported on DWL-2600 & DWL-3600. Up to 32 networks are supported on DWL-6600 & DWL-8600 . SSID: Sales VoIP SSID: Sales VoIP SSID: R&D VoIP SSID: R&D VoIP SSID: Sales VoIP SSID: Sales VoIP SSID: R&D VoIP SSID: R&D VoIP Sales Network R&D Network VoIP Network

Intra-Switch L3 Roaming Intra-Switch L2 Roaming Inter-Switch Fast L2/L3 Roaming Ideal for VoIP application Fast roaming can be supported within a subnet (Layer 2) or across subnet boundaries (Layer 3) without changing IP address of client Intra-switch roaming Fast roaming between APs which are managed by the same switch Inter-switch roaming Fast Roaming between switches in a roaming group Up to 4 DWS-3160 can form a Roaming group DWS-3160 I Clustering DWS-3160 II Intra-Switch L3 Roaming AP-B1 Intra-Switch L2 Roaming Subnet B Associate with AP-B1 Inter-Switch L3 Roaming AP-C1 AP-A2 AP-A1 Associate with AP-A2 Associate with AP-C1 Subnet C Subnet A Associate with AP-A2 Handover from AP-A1 to AP-A2 Associate with AP-A1

Fast Roaming Enhancement: AP-AP Tunnel AP-AP Tunnel mode is used to support L3 roaming without forwarding any traffic to the Unified SwitchThe APs will create tunnel and forward traffic with each other When clients roam to another AP which is not in the same network subnet, the traffic from roamed clients is tunneled to the originally associated AP of the client Roamed client remains on the same VLAN and has the same IP address Benefit Reduce network resources because traffic is forwarded locally Reduce Unified Switch loading DWS-3160 L3 Switch AP-AP Tunnel 192.168.1.0 172.17.3.0 10.10.10.0

Centralized User Access Control SSID Based Access Control Define Different VLANs and SSIDs for different user group (ex. Sales, RD…) With ACL configuration on VLAN, administrator can define particular access policy for specific user group The users belong to different groups need to connect with different SSIDs to get proper access right after authentication successfully Identity Based Access Control Support Dynamic VLAN Assignment with WPA/WPA2-Enterprise, MAC and 802.1X authentication In a SSID, the clients could be assigned to different VLANs that are preconfigured in the external RADIUS server With ACL configuration on VLAN, administrator can define particular access policy for specific user/ user group V 3 V1 V2 Single SSID User 2 ( ex. Guest) Internet Access Only User 1 (ex. RD) Server, Internet Access RADIUS Server User1 go to V2 User2 go to V3 AP-A

Wireless Intrusion Detection System (WIDS) AP detection and classification Periodically scan and detect the AP per device or per clustered group Four classes for AP: Managed, Standalone, Unknown, and Rogue Wireless client detection and classification Monitor disassociated, pre-authenticated, and authenticated wireless clients Three classes for authenticated wireless client: Authenticated, Black-listed, Rogue -Fake managed AP -Fake managed SSID -AP using illegal channel -AP using invalid channel -Incorrect security config -Invalid SSID -Unexpected WDS device -Etc… MANAGED STANDALONE UNKNOWN ROGUE AP Classification ? AUTHENTICATED BLACKLISTED ROUGE Client Classification B ? -Not in client database -Probe attack -Flooding network -Too many failed auth -Authenticated with Unknown AP -Etc… Hacker RF Scanning B Infect

Wireless Intrusion Prevention System (WIPS) AP & Wireless Client Threat Mitigation Protect wireless clients away from threats by sending fake de-authentication messages to de-associate the connection with rogue APs Inform to every managed AP the list of BSSIDs and channels on which rogue APs are operating Lock down the location of rogue AP via WLAN Visualization Tool for security adjustment Visualized Alive Site Map Detect rogue AP Send de-authentication message De-association with rogue AP Lock down location MANAGED STANDALONE UNKNOWN ROGUE AP Classification ? AUTHENTICATED BLACKLISTED ROUGE Client Classification B

Enhanced Security Enforcement Rogue AP Management Any AP scanned but not in the switch’s database will be listed as a rogue AP. The administrator can get better control of the environment through knowing rogue APs’ information (MAC, SSID, Channel, etc). Complete Security Features Wireless Managed AP MAC list Wireless Client MAC list WEP (Static/Dynamic) WPA Enterprise/Personal WPA2 Enterprise/Personal Wired ACL 802.1X DoS Control Broadcast Storm Control Port Security Radius / TACACS+

Enhanced Security Enforcement Captive Portal Web-based Authentication that provides intuitive, user friendly authentication Forces an HTTP client on the wireless network to see a authentication web page before surfing the Internet