610 likes | 1.07k Views
ALCATEL-LUCENT ENTERPRISE. WLAN Presentation - March 2014. Agenda. WLAN portfolio and Key differentiator AOS-W 6.4 – Software Features AOS-W 6.4 – Hardware platform AP274/275 AP103 Instant Portfolio - 4.0 – Software Features Instant 4.0 – Hardware platform IAP224/225 IAP114/115
E N D
ALCATEL-LUCENT ENTERPRISE WLAN Presentation - March 2014
Agenda • WLAN portfolio and Key differentiator • AOS-W 6.4 – Software Features • AOS-W 6.4 – Hardware platform AP274/275 AP103 • Instant Portfolio - 4.0 – Software Features • Instant 4.0 – Hardware platform IAP224/225 IAP114/115 • Roadmap
THE NEXT GENERATION WORKPLACE 3+ devicesper user Apps driving 30% CAGR data usage 40+ apps per user
WLAN CHALLENGES • More devices than capacity • Devices make roaming decisions • QoS doesn’t work when apps are obscured • VLAN-layer security is no longer adequate
Today’s Wireless Migration AP70 802.11a/g AP125 802.11n AP225 802.11ac 5GHz 802.11a 5GHz 802.11n 802.11a 5GHz 802.11ac 802.11a 2.4GHz 802.11g 802.11b 2.4GHz 802.11n 802.11g 2.4GHz 802.11n 802.11g 2004 2009 2013-2014 • First Dual-band AP’s • Legacy 802.11b on 2.4GHz radio • 108 Mbps = 10X • First 802.11n AP’s • Legacy 802.11g/b on 2.4GHz radio • 600 Mbps = 6X • First 802.11ac AP’s • Legacy 802.11n/g on 2.4GHz radio • 1750 Mbps = 3X
Smarter Wi-Fi for the Next-Gen Workplace • 802.11ac speeds for high density • Faster & further for 802.11n devices • Leverages standard PoE switches 220 Series • Eliminate effects of sticky clients • For 802.11n and 802.11ac ClientMatch™ • Deliver QoS for Lync voice/video/share • AirGroup™ enables AirPlay/AirPrint for enterprise • Prioritize enterprise apps above personal apps AppRF™ • Dynamic firewall actions based on identityand device • Enable secure, self-serve device onboarding Role-based Security
Purpose-built Enterprise WLAN - APs AP224/225802.11ac Dual radio3x3:3SS Highest Performance AP134/135802.11n Dual radio3x3:3SS HighPerformance & Density AP114/115 802.11n Dual radio3x3:3SS High Performance & Maximum Coverage Price AP104/105 802.11n Dual radio2x2:2SS Budget AP103 802.11n Dual radio2x2:2SS Entry Level AP92/93/93H 802.11n Single radio 2x2:2SS Entry level Performance
Purpose-built Enterprise WLAN - Controllers Large Office Branch Office OAW-4604 64 APs 256 RAPs 4Gbps Firewall OAW-4504XM 32 APs 128 RAPs 3Gbps Firewall OAW-4306G 16 APs, 64 RAPs USB-WAN, NAS/Print 2Gbps Firewall Campus OAW-4704 128 APs 512 RAPs 4Gbps Firewall OAW-4550 512 APs 512 RAPs 20 Gbps Firewall OAW-4650 1024 APs 1024 RAPs 40 Gbps Firewall OAW-4750 2048 APs 2048 RAPs 40 Gbps Firewall
RFProtect: Protect the Air Prevent threats & eliminate vulnerabilities • Prevent DoS, man-in-the-middle, other attacks • Identify & contain uncontrolled wireless devices across 802.11ac and 802.11abgn • Automatic classification of security threats Complete spectrum visibility • Identify sources of RF interference • Automatic channel optimization adapts to noise • Capture & playback of intermittent interference
ClientMatch™ Enables 802.11ac Wi-Fi REAL-TIME RF CORRELATION • Enables use of 802.11ac Wi-Fi rates • 98% of mobile devices with higher signal quality • 94% better performance for “sticky” clients • No client-side software required DEVICE TYPE LOCATION CONGESTION INTERFERENCE Match to another AP
AppRF™ Technology Identify Apps Box Lync Skype BitTorrent FaceTime SalesForce AirPlay Adjust RF Limit Bandwidth Optimize Video Unicast Bonjour IncreasePriority Load Balance AdjustPriority Blacklist
Intelligent Traffic Control with AppRF™ High priority real-time Medium priority business apps Low priority personal • Enable administrators to control usage • Business-critical communications prioritized • Bandwidth allocated to corporate cloud applications • Policy enforcement at network edge AppRF
AirGroup™ Enables AirPlay, AirPrint & DLNA • Operate in a single broadcast domain • Utilize multicast that is sent at lowest 802.11 rate • Lacks control/authorization Protocols Were Designed for Home Networks • Zero- touch install of services • Unifies wireless, wired networks and VLANs • Context based access control based on user/role/location AirGroup • Self-service portal to authorize users for media devices • Enable users to access printers and projectors, even across different networks Control with ClearPass & Workspace
Architecture with Flexible Deployment Options OV3600 Network Management WLAN Controller Internet / WAN Customer HQ Branch Controller On the Road Home Office Branch Office OR Instant Cluster Instant/RAP Virtual Intranet Access (VIA) Client CAPs
CONVERGED CAMPUS NETWORK SOLUTION Wide Area Network Management MPLS Service Router Branch Routers Network Infrastructure (OmniVista) VPN Client OA5700 ESR OA5800 ESR VIA 7750 SR MPLS WAN & LAN (5620 SAM) Local Area Network Access Policy & BYOD (ClearPass) Core Service Level (VitalSuite) OS10K OS6900 OS9000E OA4x04, OA4x50 Unified Access IP address Management (VitalQIP) BYOD BUILT-IN OS6850E/OS6855 OS6450 OS6250 IAP, AP, RAP On The Road Home Office Branch Office Corporate Office Data Center
AOS-W 6.4 – Available Mid April Software Features
AOS-W Release Terminology • Release Numbering • Major.Minor.Feature.Patch(hotfix) e.g. 6.1.3.3 • Major updates and/or architectural changes (e.g. new licensing models) • Minor updates (significant new features, support for new hardware) • Feature updates (secondary features or updates, support for new hardware) • Patches • Approximately two new significant feature releases per year • Difference between Early Deployment & GA • Early Deployment is not Beta • Common characteristics: • Features have been fully regression tested • Fully supported by TAC • Fully ready for deployment • General Availability • At least 3 – 5 large deployments in production for 30 days or more
High-Availability Phase 2 • KEY BENEFITS • Failover trigger is standby controller driven rather than AP driven • Faster AP switchover Inter Controller Heartbeat • KEY BENEFITS • Also called Oversubscription gives the convenience of having more APs to be terminated on the Standby more than its rated AP capacity • Support N:1 redundant model Capacity Extension • KEY BENEFITS • PMK & Key-Cache entries of the clients will be synced between the Serving & Standby Controllers to avoid full dot1x authentication • Faster Users switchover State-Sync
Five 9’s availability • Active/Active 1:1 Deployment • 1k+ APs failover from primary to backup controller in less than a second • SSID/Network stays ON during failover • 2000 APs start passing traffic over the backup in ~20 seconds • Works for both 1:1 and N+1 • Works over L2 or L3 connectivity between primary and backup
AppRF • Incorporates Application-Aware Deep Packet Inspection technology • Over 1500 Applications • Operates at user role level to provide application control • Block application or categories of apps • QoS applications • Bandwidth contracts for applications • New Category Dashboard element • Shows apps by category such as Peer-to-Peer, Streaming video • Graphically based application blocking work flow
Unified Communications Features • New Unified Communications dashboards • Network-wide aggregate view • New information on client-specific view (and renamed UCC) • Correlation of call quality with Wi-Fi health • LyncQoS configuration is now done per-role • Changes to Call Admission Control (CAC) • Data export to OV3600 • OV3600 version 7.8 will include network-wide UCC dashboard • New unified CLI “show” commands for UCC
UCC dashboard – Graphical and Tabular Call Volume Call Quality Call Quality vs. Client Health Call per device type Roaming QoS Correction
Additional Features and Supports • 802.11w • IPv6 enhancements • DNS based ipv6 controller discovery • FTP support for image upgrade in ipv6 network • DHCPv6 client support • Authentication • Authentication Server Load Balancing • RADIUS accounting on Multiple Servers • RADIUS accounting for VIA and VPN users • Client Authentication State failover • Supported Topologies • Active-Active • Active-Standby
AOS-W 6.4 Hardware platform - Available Mid April AP274/275 & AP103
Hardware Support in AOS-W 6.4 • AP130 Series Functionality improvements when Powered over 802.3af (POE) • Support for newer 4G models • RAP3WN, RAP108, RAP109 and RAP155 • Franklin Wireless U770 4G USB cellular modem for the Sprint LTE service on the RAP155 • Huawei E3276 LTE USD cellular modem on the RAP3WN, RAP108, RAP109, and RAP155 • Future Support • Last release to support AP120 Series • AOS-W R6.3 will be the last release to support the a/b/g only APs outside the AP-120 series. • New APs supported in 6.4 • AP270 Series (AP274/AP275) • AP103
AP270 Series APs • Antenna Gain: 5 dBi • 3x3:3 11n (2.4 GHz) • 3x3:3 11ac (5.15 to 5.875 GHz) • 11ac Beamforming • Conducted Tx Power • 2G: 23 dBm per branch (27.8 aggregate) • MAX EIRP = 36 dBi • 5G: 23 dBm per branch (27.8 aggregate) • MAX EIRP = 36 dBi • Power Interface: AC and 802.3at (PoE+), Power Consumption: 25 W • WAN + LAN Port • Advanced Cellular Coexistence • IP66 and IP67 • -40° to +65°C • No Heater to Start and operate
AP270 abilities • Orderability • For AP275 you have unit and bracket • Installability • Installer skill set identical to installing video camera • 2 parts vs up to 11 parts • No weather proofing required for AP275 install. • AP274 provides protected connector interfaces • Reliability • AP275 is based on full industrial parts. • I-temp parts are rated for -40° to +125°C • No lightning arrestors for RF cables up to 2m in length for AP274 • IP66 and IP67 rated • Deployability • Multiple bracket solution • Advance filtering allows for co location with traditional cellular, 2.3 and 2.5/2.6 GHz LTE solutions • Serviceablity • 2 screws and possible security strap and unit can be rapidly replaced Easy to Order, Install, and Service
AP275: Campus Access / Outdoor Retail • Unit does not look like radio • Omni antennas are fully integrated in the chassis • Resembles video cameras and light fixtures • Long Bracket Shown: OAW-AP270-MNTV1 8.5”
AP274: Flexible Connectorized Solution • Compact size • Under Mounted Connectors reduces/removes need for weatherproofing • Aesthetic cover reduces visual impact of connectors/cables • Multiple Bracket Options 5.75”
Reduced install time • Brackets are designed to be • Strapped onto poles • Lagged into wall • Once bracket is in place unit slides in and is held with 2 screws. Lock in Place
OAW-AP103 • Lowest cost dual radio 2x2 11n enterprise AP • Functionally equivalent to AP105 • Only compromises: no plenum rating, reduced max operating temperature,reduced maximum client density/performance, no USB, no external antenna versions • Both Instant and Controller-based product variants • Two platforms (both with integrated antennas only): • (I)AP103: campus AP, optimized for ceiling mount • (I)AP103H: hospitality AP, designed for wall-box mount, local ports added • Dual radio: • Each: 802.11n 2x2:2 (300Mbps max at HT40) • Advanced Cellular Coexistence (ACC) support • Wired interfaces: • 10/100/1000Base-T Ethernet (uplink), console port (pin header), DC power, reset button • Power: • DC or 802.3af/at POE, 9W max peak • AP103H adds POE-out capability (PSE) on one local port List Price - $395 Pricing - Same as AP93 which is a single radio Features – Similar to AP105
Instant Portfolio Instant 4.0 – Software Features
Comprehensive Instant Access points POrtfolio Instant 225 Highest performance wireless802.11ac. 3X3 MIMO 1.3 Gbps Ceiling Instant 135 High performance wireless Dual band 802.11n. 3X3 MIMO 450 Mbps Instant 114 Low density wireless Dual band 802.11n. 3X3 MIMO 450 Mbps Desktop Instant 155 Highest performance wireless and wired Dual band 802.11n, 3X3 MIMO, 450 Mbps, 4 wired ports Instant 105 Most popular wireless Dual band 802.11n. 2X2 MIMO 300 Mbps Instant 109 High performance wireless and wired Dual band 802.11n, 2X2 MIMO 300 Mbps, 4 wired ports Instant 3 Affordable wireless and wired 2.4 GHz 802.11n, 2X2 MIMO 300 Mbps, 3 wired ports Outdoor Instant 175 Outdoor wireless, 802.11n, 2X2 MIMO 600 Mbps
Highest Performance Airtime Fairness and band steering (ARM) allows more clients move faster on the network. Client Match improves wireless performance by removing sticky client OnlyWLAN with auto-optimized Wi-Fi channel and power that avoids interference for faster performance Automatic voice/video QoS ensures Fast, smooth communication. Only WLAN with always-on scanning Detects interference without disconnecting clients
Most Resilient • Only WLAN 100% functional without WAN • User authentication • WIPS scanning • Local management • Only WLAN with Redundant wired uplinks • Two ISPs for max uptime • Dual live links • Only WLAN with Fast failover VPN to central services • Plus, 3G/4G uplink option • 100% investment protection with AP hardware
Client Match Before Client Match lots of clients connect to one IAP. • Problem: • Similar to AOS, IAP clients could experience connectivity and performance issues due to stickiness, improper band usage, and improper load balancing • Challenge: • IAP must solve this problem without depending on any external, centralized data structure • Solution: • A distributed algorithm that group APs into RF-neighborhoods and co-decide which AP should service which clients After enabling Client Match for about 5 minutes, the clients connect to the IAPs evenly.
Client Match State Machine • Standard FSM changes: INIT Done HOME INIT Adopte request Adopte request INIT ADOPTED Target Adopte response Adopte Done Adopte response Adopte Done INIT DENY INIT
OKC - Opportunistic Key Caching • Why OKC - Overcome the limitations of PMK • Full 802.1X authentication to any new AP the client roams • Limit on how many PMKSAs client can cache • How it Works • Share the PMK key info across all the APs in the swarm • OKC is applicable only when key management is • WPA2-Enterprise • Both (WPA-2 & WPA) • OKC is enabled by default • Default PMK cache time is 8 hours • Currently supported only on single swarm • Client also should support OKC(below clients are tested) • PolycomSpectraLink 8400 • Windows 8
802.11r Roaming – Overview • Advantages of 802.11r roaming over PMK and OKC • Pre-auth with multiple target APs before roaming • Reserves WMM resources • Supports OPEN, WPA2-PSK and WPA2-Enterprise • No EAPoL key exchange while roaming • 802.11r Fast Transition methods • OTA - Over-the-Air [Client to new AP] • 4 packets are changed over the Wi-Fi channel • ODS - Over-the-Distributed System [Through the old AP] • 2 packets are exchanged over the Wi-Fi channel and 2 via Ethernet Note: Reserving WMM resources and ODS transition method are not supported currently on IAP as well as AOS
802.11r Roaming • 802.11r Initial Authentication • Example for Open security 802.11r roaming
Other Instant 4.0 Features • LACP • GRE outside IPSec and GRE enhancements • Centralized L3 with DHCP relay • Restricted Management Access • Restricted Corporate Access • DRP IP • VLAN configuration monitoring on upstream devices • Bandwidth contract enhancements • MDNS enhancements
Instant 4.0 - Hardware Platform IAP224/225, IAP114/115
IAP224/225 • Enterprise class 3x3 802.11ac • Aggregate TCP platform throughput performance >1Gbps • Two platform models: • AP224: external antennas (3x, dual band) • AP225: integrated antennas • “Advanced Cellular Coexistence” support • Dual radio: • 802.11n 3x3:3 HT40 2.4GHz (450Mbps), support for “TurboQAM” • 802.11ac 3x3:3 HT80 5GHz (1.3Gbps) • Wired interfaces • Network: 2x 10/100/1000Base-T Ethernet, with MACSec support • USB 2.0 host interface, console port, DC power • Will require 802.3at PoE (or DC power) for full functional operation • Functional, but capabilities reduced when powered from 802.3af POE • Enterprise temperature range, plenum rated, TPM • Instant 4.0 supports • IAP 225 (Integrated antennas) • IAP 224 (External antennas) IAP 224 IAP 225
IAP114/115 • Enterprise class baseline 3x3 802.11n • Design: similar to Ardmore (but smaller, and minor changes to look) • Reuse AP220 mount (and other) accessories • Two platform models: • AP114: external antennas (3x, dual band diplexed) • AP115: integrated antennas (6x) • Advanced Cellular Coexistence (ACC) support • Dual radio 802.11n 3x3:3 (450Mbps) • SDM, CSD, STBC, MRC, LDPC support (no TxBF) • Wired interfaces • Network: 1x 10/100/1000Base-T Ethernet (no MACSec) • USB 2.0 host interface, console port, DC power • Power: 12Vdc or 802.3af/at POE, 13W max (excluding USB) • Enterprise temperature range, plenum rated, TPM • Minimum software versions: 6.3.1 / 4.0 • Instant 4.0 supports • IAP 115 (Integrated antennas) • IAP 114 (External antennas)
New IAP Image Class • IAP224/225 AP-Class is Centaurus (New) • IAP114/115 AP-Class is Pegasus, shares the same image file as RAP108/109 (Dalmore) IAPv4.0 has 5 AP classes total: • Orion: RAP3, IAP92/93, IAP104/105, IAP175 • Cassiopeia: IAP134/135 • Pegasus: RAP108/109, IAP114/115 • Aries: RAP155/155P • Ardmore: IAP224/225