3
3COM WIRELESS ACCESS CONTROLLERS
Mobility Architecture
Network and Mobility Domains
Groups of 3Com wireless controllers share user information
and authorizations as users roam, supporting uninterrupted
mobility and enforcing security across the entire
wireless network.
Distributed Forwarding
Optimize traffic flow, reducing latency and improving
performance.
Topology Independence
By providing a Layer 2 path for Layer 3 traffic, 3Com wireless
controllers, switches and MAPs operate as an integrated
infrastructure separated by L2/L3 devices even in distributed
remote networks, making it easy to expand or modify the
WLAN as needed.
Fast Roaming
Quick handoff of user information and authorizations within
the Network and Mobility Domain enables seamless roaming
with session integrity and mobility robust enough to support
voice traffic.
Multiple Per-User Queues
Class-based traffic queuing at the MAP helps ensure that
voice and other real-time applications receive the class of
service and QoS they need over the WLAN.
Pay-as-You-Grow Scalability
As the customer network grows and higher density is needed,
customers simply order an upgrade license for their S7900E
chassis blade and upgrades their number of APs supported in
increments of 128 to a limit of 640 APs, the highest density
controller in the industry (LIS-WX-128).
Encryption
Enterprise-Class Encryption
WPA2, AES, TKIP and WEP encryption performed at the MAP
help protect and secure all communications.
Per-User Encryption Assignment
Different security policies are enforced on a per-user or
per-group basis for flexible, in-depth security control
and management.
AAA Security
Local or RADIUS Server IEEE 802.1X Authentication
Centralized authentication control and management of all
network users helps ensure that only authorized users access
the network.
Virtual Private Group Support
IT staff can assign policies that control per-user or per-group
network access throughout the WLAN for secure seamless
roaming and to keep user traffic separate and secure.
Mobility Profile
IT staff can dynamically apply access permissions based on
attributes returned by the AAA server indicating which MAP
or LAN authentication ports a user or group can use.
AAA Integration and RADIUS Offloading
Wireless access controllers can shoulder back-end encryption
key generation and authentication tasks, reducing the
processing load and increasing the scale and efficiency of
central AAA RADIUS servers while reducing AAA traffic over
the WLAN.
User, MAC and VLAN “Globbing”
IT staff can assign AAA policies to user, subnet or device
groups for convenient, efficient, cost-effective
WLAN administration.
Bonded Authentication
By bonding 802.1X machine authentication with 802.1X user
authentication, only trusted users and client devices are
provided network access.
Time-of-Day/Day-of-Week/Location Access
IT staff are able to control and restrict network resource
access based on building location and/or on an hourly, daily,
or weekly basis.
Location Policy Enforcement
IT staff can add or override AAA-defined access permissions
based on user location, providing a choice of centralized or
location-specific policy implementation.
RF Security and Control
Rogue AP Detection
Scheduled or on-demand RF scans identify unauthorized APs
and ad-hoc networks and alert central IT staff; dedicated APs
can continually sweep the airspace for 24x7 protection in
environments that require higher security.
Dual-Band RF Scans
Both dual- and single-radio APs can sweep both 2.4 GHz and
5 GHz 802.11n bands and associated channels while the WLAN
stays up and running.
Real-time RF Monitoring and Control
RF scans measure signal strength and usage; software tools
dynamically adjust traffic loads, power, RF footprint or
channel assignments to maximize coverage with capacity.
Managed Access Point Control
Centrally maintained and distributed MAP settings eliminate
the need to individually configure each device. The MAPs also
enable granular bandwidth management on a per-user or
SSID basis and load balancing features that vastly improve
network performance and end-user experience.
Central Control and Management
Identity-Based Networking
Provides all services based on user identity so things like
virtual private group membership, ACLs, authentication,
roaming policies and history, location tracking, bandwidth
usage and other authorizations all stay with users as they
roam; also tells the IT manager who is connected to the
network, where they are, where they have been, what services
they are using and what services they’ve used.
WIRELESS FEATURES
