bestcom wireless

Transcription

bestcom wireless

H3C WLAN Product Training
APR Nico Wang
2010 May
Contents

H3C WLAN Product Introduction

Key Technical Features

H3C UMN Solutions and Advantages

Annex: Product Details
H3C Wireless Product Series
WX6103
S7500E Blade
S9500E Blade
AC
FIT/FAT AP
WX5004
WX5002
58(big)
WX3024
WX3010
WX3008
WA2110-AG
WA2210-AG
WA2220-AG
WA2210X-G
WA2220X-AG
58(small)
WA2620E-AGN
WA2612-AGN
WA2610E-AGN
WA 2620-AGN
H3C AC Products Position
Product Model
Maximum APs
Positioning
H3C WX3008
8
Unified Switch, For SOHO & small-sized enterprise
networks
H3C WX3010
24
networks
H3C WX3024
48
networks
H3C WX5002-64
64
For medium and small-sized enterprise networks and
medium and small-scale hotspot coverage
H3C WX5004-256
256
For medium enterprise networks and hotspot coverage
H3C S5800 64AP
wireless blade module
64
For medium and small-sized enterprise networks and
medium and small-scale hotspot coverage
H3C S5800 256AP
wireless blade module
256
For medium enterprise networks and hotspot coverage
H3C WX6103
640
For large enterprise network, WLAN access to MANs,
wireless MAN coverage, and hotspot coverage
H3C LSQM1WCMB0
640
For S7500E chassis switch
H3C LSRM1WCM2A1
640
For S9500E chassis switch.
11n, SMB market
Unified Switch
Enterprise
Main Product
Unique
H3C AP Products Position
Product Model
AP Type
Positioning
H3C WA2110-AG
FIT AP
Indoor model (single radio)
For small radius indoor areas and normal environment
H3C WA2210-AG
FIT/FAT AP
Indoor model (single radio)
H3C WA2220-AG
FIT/FAT AP
Indoor model (double radios)
H3C WA2210X-G
FIT/FAT AP
Outdoor model (single radio)
For outdoor harsh environments
H3C WA2220X-AG
FIT/FAT AP
Outdoor model (double radios)
For outdoor harsh environments
H3C WA2610EAGN
FIT/FAT AP
Enhanced 11n model (single radio)
For harsh environments, like warehouse, factory workshop, etc.
H3C WA2620EAGN
FIT/FAT AP
Enhanced 11n model (double radios)
For harsh environments like warehouse, factory workshop, etc.
H3C WA2612-AGN
FIT/FAT AP
Indoor 11n model (single radio)
H3C WA2620-AGN
FIT/FAT AP
Indoor 11n model (double radios)
11n indoor AP
New Product
Low-cost
11 a/b/g
H3C WLAN Products Selling Points
 Both unified wired and wireless solution. (Cisco alternative; Aruba can not
provide such kind of unified solution).
 Can provide FIT/FAT AP solution. (Aruba only has FIT AP solution).
 WX3000 series unified switch with 10Gigabit uplink and PoE+ capability.
(HP/Aruba can not provide such kind of unified switch).
 Unified management for wired and wireless products. (Cisco uses two
NMS to manage wired [Ciscoworks] and wireless WCS] products).
 Big scale and high-performance stand-alone AC: WX6103. (Cisco can not
provide such kind of access controller).
 Big scale and high-performance AC blade for high-end switches. (Aruba
cannot provide such kind of access controller).
3Com/H3C Wireless AC Compatible List
Item
FAT AP
3Com WX
(Trapeze)
3Com WX 3000
H3C WX
3000/5000/SecBlade
3Com AP 7760
Yes
No
Yes, need switch to FIT
3Com AP 8760
Yes
3Com AP 9152
Yes
No
3Com AP 9552
Yes
No
3Com AP 2750
No
Yes
No
No
3Com AP 3150
No
Yes
No
No
3Com AP 3750
No
Yes
No
No
3Com AP 3850
No
Yes
No
No
3Com AP 3950
No
Yes
No
No
H3C WA 2110
No
No
Yes
Yes
H3C WA 2220
No
No
Yes
Yes
H3C WA 2620
No
No
Yes
Yes
H3C WA 2610E
No
No
Yes
Yes
H3C WA 2620E
No
No
Yes
Yes
Contents




Wireless Transmission Between AP and AC
802.11 data
802.11 data
802.11 data
802.11 data
802.3 data
CAPWAP Tunnel
LAN
IP Network
Wireless Client
AP
AC
 User data is transferred via CAPWAP tunnel between AP and AC.
 AC is the bridge between wireless and wired communications. In
centralized control mode, all the wireless and wired packets exchanging
must be forwarded by AC.
Management Initiation of AC to FIT AP
1.
AP gets IP address, DNS server and domain
name from DHCP server.
2.
AP sends discovery request message to AC.
3.
If there is no response after the AP tries several
times:
The AP will get the IP address of

H3C.xxxx.xxx (xxxx.xxx is the domain
name that AP learns from the DHCP server)
and sends discovery request message to
this IP address.
4.
After receiving the discovery request message,
the AC will check if the AP has the authority to
join it, if Yes, the AC will respond with discovery
response message and validate the AP in.
5.
AP downloads the latest firmware from AC.
6.
AP downloads the latest configurations from AC.
DHCP
Server
FIT AP
DNS
Server
IP address、
DNS Server、
Domain name
AC receives discovery request
If no response
Get the AC IP address from DNS server
AC receives discovery request
AC responds with discovery response
AP firmware downloading
AP configuration downloading
7.
Last, the AP begins to work and exchange user
data with AC.
AC
User data transferring
Forwarding Modes of FIT AP
Centralized Forwarding
Local Forwarding
Any Smart Mobile
Intelligent WLAN controller
Offered load exceeds
controller capacity
X
Offered load increases with 802.11n
• All AP traffic must pass through AC.
• Delicacy management
• The AC will be overloaded if there is
too much 11n traffic.
Offered load increases with 802.11n
• The AP traffic does not pass through
AC.
• No delicacy management.
• Can forward large-capacity 11n traffic
without bottleneck from AC.
Flexible Switching Between FAT/FIT
All H3C access points (except WA2110-AG), support both FAT and FIT modes.
FAT AP deployed in small network scale
no controllers required
FIT AP
AC
FAT AP
FIT AP deployed in large network scale
 Centralized management by controllers
 Zero configuration
 “Plug and Play”
“Just one Command Line Change WLAN Deployment”
H3C RRM
RRM: Radio Recourse Management
A: The AP collects the RF information in real time and reports it to AC periodically;
B: The AC analyze the data collected from APs;
C: The AC make a global plan of each AP about transmitting power, channel, etc.
D: The AP implement the optimized RF configurations from AC
A
B
Collection
Analysis
D
C
Implementation
Decision
FIT AP Channel Auto Selection
Basic Points





Key APs in the network will get best channels first;
Avoid to use the channels interfered by radar;
Statistics of channel status, including channel utilization, interference, etc.
Avoid Co-channel interference;
Avoid the channel interference of other networks’ APs.
Before adjustment
After adjustment
BSS
BSS 2
2
BSS1
BSS 1
BSS
CHANNEL
5
BSS 5
1
CHANNEL
6
BSS 3
BSS 3
BSS
4
CHANNEL
BSS 4
11
Auto Adjustment of FIT AP FR Power
Basic principles
 To ensure reasonable signal coverage. Too large coverage will influence the network
throughput and performance.
 To ensure certain signal overlapping, to avoid coverage black hole.
 The AC will adjust the AP power one by one to make every AP provide enough signals to get
total coverage of the network.
 The AC supports to recover the signal coverage black hole in case some of the APs be offline.
(see below example)
Before adjustment
After adjustment
Intelligent Load Balance

The AC can make user load balancing among
AP1 Rejection of association

the APs

AP2
Acceptation of association
Load balancing can be based on accessed
user number, or AP traffic

If the AP traffic has passed its threshold, the
Load balancing mechanism
AC will reject any new access user and
calculate automatically to find a neighbored
Overlapped area for load balancing
AP to permit the user access

The H3C load balancing technique will be
effective only for the wireless users in the
AP1
AP2
overlapped area to avoid false load balancing
in non-overlapped areas.
Non-overlapped areas
H3C intelligent load balancing technique
H3C WLAN Reliability
1+1
(1) To ensure non-stop service for wireless users in case
of single point failure.
(2) The backup of AP and user data is required.
(3) Fast failure detection and fast switching are required
(4) Support hot backup of plain text or certificate
authentication users.
N+1
(1) One AC will provide backup for multiple ACs to
save network construction cost.
(2) If the master AC recovers, the backup AC should
be switched back to the master AC.
(3) Support maximum 4+1 AC backup
N+N
(1) N ACs provide backup for another N ACs.
(2) Support both redundant backup and load
balancing.
1+1 AC Fast Backup
Only supported by WX6100 and WX5004
User data flow
Aggregation switch
If master AC is
shutdown

User data flow
Heartbeat detection
Master AC
Backup AC
Access Network
Master CAPWAP
Tunnel
Backup CAPWAP
Tunnel
AP
The backup AC will notify
the AP to switch its backup
CAPWAP tunnel as master.
The backup AC can detect the master AC which is shutdown immediately (For WX6100 in
100ms ; for WX5004 in 300ms) and implement the switch operation.
In the 1+1 fast backup mode, the backup AC will not provide user access services.
N+1 AC Backup
AC1

AC2
ACN
Backup AC
….

AP



In N+1 AC backup mode, there are N normal ACs which provide WLAN services to the APs,
and another AC as backup.
The backup AC will be activated only in case that one of the N normal ACs is shutdown.
Furthermore, the backup AC will be switched to the normal AC after the normal AC is
recovered.
N+N AC Backup
DHCP/DNS
server
AP
AC Lists:
AC1
AC Lists:
AC2

。 AC1 PRI＝H，20 APs connected
AC2
PRI＝H，30
APs
connected
AC
Lists:
。
。 AC1 PRI＝H， 20 APs connected
ACn+1
。 AC2 PRI＝H， 30 APs connected

ACn+1
。 PRI＝L，40 APs
connected
。
ACn+1 PRI＝L， 40 APs
connected
1、Obtain AC lists
AC1 of AC1
2、Obtain the load information and access priority
3、initialize connection with AC1


AC2
ACn+1
The AP can select the AC with high priority.
The AP can select the AC with low load when AC priority is the same.
The AP will select the backup AC when its associating AC is shutdown.
For N+N backup, the total AP quantity should be less than the AP quantity that N-1 ACs can
support.
Unified Switch Integrated AAA Server
Supported authentication ways
802.1x: EAP-TLS/PEAP/MD5
MAC authentication
Before
Have to purchase AAA server which
will increase the TCO
Now
User
Dynamic
Identity
Authentication Authorization Database
Probable interoperability problem
between the AAA server and the
wireless devices.
The purchased server may not keep
up with the diverse and updating
wireless authentication ways
The configuration of AAA server may
be a great challenge to part-time IT
staff
AC integrated
with AAA server
Unified Switch Integrated Portal Server
Local portal authentication: An easy way of
wireless authentication
No need to purchase extra portal server
Tailored portal page
Different portal pages based on different SSID
HTTPs supported to provide secure access
User-based Authorization and Bandwidth
Control
User
Bandwidth
Authorization
Data user
2M
Internet access
Voice
64K
Voice network
Voice
Network
internet
AAA server
2, Authorization
allocation
user
AC
User
1, User launches
authentication
Bandwidth
Authorization
Data user
2M
Internet access
Voice user
64K
Voice network
3, Authentication
configuration
4、Data user
bandwidth:2M
AP
3, Authorization
configuration
AP
4, Voice user
bandwidth： 64K
1, User launches
authentication
Guest VLAN - Guest Access Service
AAA server
Internet
Corporate internal
network
AC
If user authentication fails, he
can be authorized as guest
to access limited network
resources.
AP
Guest
User
Authorization
Guest
Internet access
Employee
Corporate internal network
AP
Employee
Authentication Compatible with and LDAP
Server
LDAP server
AC
User information interaction
Supported LDAP
Microsoft Active Directory
SUN ONE Directory
IBM Tivoli Directory
Wired network
Portal authentication
AP
AP
Intelligent Bandwidth Limitation
•AP can adjust the bandwidth automatically to ensure
user average bandwidth dynamically
35.0
Avg.Bandwith
Bandwith
30.0
25.0
20.0
15.0
10.0
5.0
0.0
1
2
3
4
5
6
7
8
9
Users
Two working modes
User-number based access bandwidth limitation
User based access bandwidth limitation
Advantage:
Avoid P2P applications to waste unnecessary bandwidth resource
10
Contents




H3C UMN Solution
UMN: Unified Mobile Network
 The H3C UMN Solution can provide real unification between wired
and wireless networks and its key advantages are as follows:
Unified Network
Unified Management
Unified Security
Unified Wired/Wireless Integration
 Today, WLAN is critical to network infrastructure
Wired/WLAN Convergence Evolution
Value
 Mobility solutions evolving from point products
to integrated solutions over time
 Integrated Wired & WLAN extends functionality
and flexibility
Unified
Networking
 WLAN support integrated into core networking
platform and branch switches
 Core networking services extended to wireless
 Seamless end-to-end user policy and security
WLAN Overlay
 Unified Networking yields increased Value
• Integrated Switching,
Routing, Voice, Security,
WLAN + More
• Truly integrated network
management
 Reduces cost of acquisition
 Increases operational efficiency, lowers OPEX
• Separate Wired and
Wireless LANs
• Multiple network
management
platforms
Present
Past
Functionality & Flexibility
29
Unified Platform Integration
 Integrated Wired and WLAN Hardware
 Unified Switches integrate wired and WLAN
functionality for branch
 WLAN Controller modules integrate into chassis
backplane, network fabric
 Results: Lower CAPEX, improved reliability and
scalability
Unified Switches
WLAN Controllers
WX3010
WX5002
WX3024
WX5004
 Common, Unified OS: ComWareTM
 Simplifies deployment and management
WLAN Controller Modules
 Reduces staff training requirements
 Modular architecture – enhance and enable
feature set w/o wholesale changes
S7500E Module
 Results: Lower OPEX and faster time to market
 Integrated Solution extends Wired/WLAN
functionality
 WLAN support integrated into core networking
platform and branch switches
 Core networking services extended to wireless
 Seamless end-to-end user policy and security
30
S9500E Module
S5800 Module
Unified Network Management - IMC
 WLAN ‘Overlay’ complexity leads to
 Poor network reliability
 Reduced network performance
 Susceptibility to security breaches
 Wired and Wireless LAN must be managed as an integrated
system
 IMC Unified Management critical to integrating wired and
wireless
 Enables the IT Mgr to Provision, monitor, configure WLAN
and Wired LAN from single screen, in consistent manner
 Unified Network Management extends network utility
31
Unified Policy and Security
 User Policy may be configured and maintained across wired and wireless network
 Unified Security binds together wired and wireless security for most comprehensive
 security solution
 Unified Network Management and Software simplifies configuration and maintenance
End-to-End Unified Security: Defense in Depth
AP
•Endpoint
Admission
Defense
•WPA2
Wireless
Controller
•Authentication
•ACL
•VLANs
•WIDS
IPS
•Intrusion
Prevention
•WIPS
VPN, Firewall
•VPN
•Firewall
Network
Management
•Access Mgmt Control
•Service Mgmt
•Billing
•Topology Alarm Mgt
Future-proof IPv6 Evolution
IPv4 island
Three phases of IPv6 deployment:
IPv6
Internet

The backbone of Internet is IPv6 and IPv4
islands connect to each other through an
IPv4 over IPv6 tunnel.
IPv4 island
IPv6 island
IPv4
Internet
IPv6
Internet

Protocol
conversion
IPv6 island
IPv4
Internet
IPv6 island
IPv6 island
Coexistence of IPv6 and IPv4
The scale of IPv6 applications expands and
IPv6 backbone emerges. IPv4 services still
exist. The intercommunication between IPv6
and IPv4 needs protocol conversion.

IPv6 island
IPv6 leader
Early phase
IPv4 takes the lead and IPv6 islands
connect to each other through an IPv6 over
IPv4 tunnel .
Notes: All H3C WLAN products (except WX3000 series) support IPv4/IPv6 dual stack.
Contents




WA2110-AG

Indoor FIT AP
Supports single radio and multiple
modes.

Supports IEEE802.11a or
IEEE802.11b/IEEE802.11g.

Supports the virtual AP feature
realized with multiple SSIDs.

Supports encryption algorithms
such as WEP, TKIP, and AES.
Power jack
Control port
100 Mbps POE

Supports IPv6 networks.
WA2210-AG
Power jack
100 Mbps POE
Control port

Indoor FIT/FAT AP
Supports single radio and
multiple modes.

Supports IEEE802.11a or
IEEE802.11b/IEEE802.11g.

Supports the virtual AP
feature realized with multiple
SSIDs.

Supports encryption
algorithms such as WEP,
TKIP, and AES.

WA2220-AG

Indoor FIT/FAT AP
Supports double radios and
multiple modes.

Supports IEEE802.11a,
IEEE802.11b, and
IEEE802.11g.

Supports the virtual AP
feature realized with multiple
SSIDs.

Supports encryption
algorithms such as WEP, TKIP,
and AES.

Power jack
100 Mbps POE
Control port
WA2210X-G

Outdoor FIT/FAT AP
modes.

Environment temperature
requirement: -40 to 65℃
Outdoor chassis is not required.
100BASE-FX 10/100BASE-TX
Ground
Console

Supports IEEE802.11b and
IEEE802.11g.

Supports the 100 Mbps optical and
electrical uplink port.

Antenna & Feed line Port
WA2220X-AG

Outdoor FIT/FAT AP
Supports double radios and
multiple modes.

Outdoor chassis is not required.

IEEE802.11b,and IEEE802.11g.

Supports the 100 Mbps optical and
electrical uplink port.
100BASE-FX 10/100BASE-TX
Ground
Antenna & Feed line Port 1
Console
Antenna & Feed line Port 2

WA2612-AGN

Indoor FIT/FAT 11n AP
modes.

requirement: -10 to 55℃.

Supports IEEE802.11AN, or
IEEE802.11GN.

Supports 10/100/1000 Mbps
electrical Ethernet uplink port.


802.3af (PoE) supported.
WA2620-AGN
Console

Indoor FIT/FAT 11n AP
Supports dual radios and multiple
modes.

Work environment temperature
requirement: -10 to 55℃.

IEEE802.11b, IEEE802.11g, and
IEEE802.11n.

Six built-in dual-band antennas
and three RSMA interfaces


WA2610E-AGN

Enhanced FIT/FAT 11n AP
modes.


Supports IEEE802.11AN, or
IEEE802.11GN.

DC Input
GE Uplink
Console


DC power consumption: 13W.

WA2620E-AGN

Enhanced FIT/FAT 11n AP
Supports dual radios and multiple
modes.

Work environment temperature

IEEE802.11b, IEEE802.11g, and
IEEE802.11n.

DC Input
GE Uplink


DC power consumption: 16W.

802.3at (PoE+) supported.
Console
Unified Switch-WX3008
8 10/100/1000 switch
Integrated Access Controller,
8AP supported
Controller
Console
802.11n supported, 4 port PoE/POE+ power supply
Software Feature : “The same as WX3024”
License step: 12
24 AP supported at maximum
8 10/100/1000 switch
Controller
2 1000M SFP
Console
802.11n supported, 8 port POE+ power supply
Software Feature : “The same as WX3024”
Embedded WEB, Radius Server, Portal
Server and DHCP Server
10GE Uplink
48 AP supported at maximum
24 10/100/1000 switch
Controller
4 SFP combo
802.11n supported, 24 port POE+ power supply
Wireless Controller-WX5002

Independent desktop wireless
controllers
 WX5002-64

Output ports
 2x1000BASE-T ports combo
SFP
 1xconsole port
IPV6
 1x10/100 Base-TX with
external management port

Power supply
 1+1 redundant AC power
supply

Performance
 Switching capacity: 4Gbps
 Number of managed APs: 64
Wireless Controller-WX5004

Independent desktop wireless
controllers
 WX5004-256

Output ports
 4x1000BASE-T ports combo SFP
 1xconsole port
 1x10/100 Base-TX with external
management port
IPV6

Power supply
 1+1 redundant AC power supply

Performance
 Max Number of managed APs:
256
 Default 64, License step 32
S5800 Wireless Blade Module (64AP)

64AP wireless blade module for
S5800 series switch:
 LSWM1WCM20

No output port

Performance
IPV6
 Number of managed APs: 64
Dimensions (L×W×H):221×166×36.6 (mm)
Access Controller
LSWM1WCM20
Switch model
S5800-60C-PWR
S5800-32C
S5800-56C
S5800-32C-PWR
S5800-56C-PWR
S5800-32F
S5800 Wireless Blade Module (256AP)

256AP wireless blade module for
S5800 series switch:

LSWM1WCM10

No output port

Performance
 Number of managed APs:
256
IPV6
Dimensions (L×W×H): 230×220×30 (mm)
Access Controller
LSWM1WCM10
Switch model
S5800-60C-PWR
S5820X-28C
Chassis Wireless Controller-WX6100

Wireless controller chassis for both
cable and wireless networks

Output ports
 High density GE port：24GE(4
Combo）
 First wireless controller that
supports 10GE ports in the
industry

Performance
 Number of managed APs: 640
IPv6
 Number of managed APs of
two main controllers: 1280

Reliability
 Two main controllers with 1+1
redundant power supply
Wireless Controller Blades
S7500E
LSQM1WCMB0
S9500E
LSRM1WCM2A1

The performance of the S7500E/S9500E wireless controller module is the same as
that of the WX6100.
Highlights of iMC WSM management
WSM Five Highlights
Unified
Management
Terminal
Roaming
Records
Rogue
Device
Detection
RF
Management
Abundant
reports
Multiple different
network resources
Wire-Wireless Unified Management
AC
Wireless
Terminal
FAT AP
Termina
l
Wireless
switch
FIT AP
Wire-Wireless Unified Management
Unified
Performance Monitor
Unified
Alarm Mgt
Unified
configuration
Unified
Software upgrade
Terminal Roaming Records Tracking
<<Wireless terminal Inquiry Interface
Recording the
following
terminal
information: IP
address、tunnel、
SSID、belonged
AC、belonged
AP、used
Radio,etc.
Comprehensive terminal roaming information
Multi-way to locate terminal position
Backdating conveniently
Wireless terminal Roaming Inquiry Interface>>
Recording
complete terminal
information when
accessing wireless
network（time、
belonged AC、
belonged AP、
used Radio、IP
address, etc.）
Rogue AP management
iMC Rogue device and terminal topology>>
Showing intruded rogue device
information and attacking status
<<iMC Rogue device and terminal attacking interface
Adding the rogue devices into
black list and launching attack
RF Simulation Coverage Topology
Simplify
process
Step 1：Input engineering base map
Traditional layout: must run
service first then adjust.
iMC RF SCT: simulation in iMC,
no need adjust in fact
environment
Improve
efficiency
Traditional layout: very
complex and has blind area.
iMC RF SCT: simple layout, no
blind area
<<iMC RF SCT
Step 2：AP layout
Self-Defined Reports
iMC Self-Defined Report Interface>>
Supported self-definition：report form、
generating time、report format
(PDF\HTML\Excel\TXT)、sending object、sending
way (Email\FTP), etc.
Q&A

bestcom wireless

Transcription

Similar documents

get protected! - Pine Cellular

Giuseppe Razzano , Neeli R. Prasad , Roberto De Paolis

- Saurashtra University

SCENERA RESEARCH LAUNCHES NEW WEBSITE

AirTies Partners with Quantenna to Deliver Wireless HD Video

ARGUS OFFERS A TOUCH OF CLASS

Connecting Windows 8 to the Switch to the desktop - Crye

phoenix - EdgeConneX

Broadcast Quality Video over Wireless

where merchant and mobile services merge