1-4
Introduction
1.2.1
WLAN Access Manager
The WLAN Access Manager is positioned between each access point and the
network. It inspects and filters each packet arriving from the wireless client
through the access point, deciding whether to allow or deny forwarding of the
packet. The WLAN Access Manager applies a set of rules to each packet. Allowed
packets can be redirected based on other rule sets.
Initially, the WLAN Access Manager knows of no connected devices. As a user
sends a packet through a wireless access point, it forwards the packet to the
network through the WLAN Access Manager. The WLAN Access Manager uses
the received packet to determine the hardware MAC address of the client device,
and requests an initial set of rights from the Rights Manager through the WLAN
Secure Server.
The Rights Manager supplies a set of logon rights that allow DHCP, DNS, and
HTTP requests, additionally redirecting HTTP requests to the Rights Manager. The
Rights Manager uses the first HTTP request to require user authentication by
means of an SSL-protected HTTP connection. After verifying a user’s identity
through the HTTPS connection, the Rights Manager sends a new rights package
through the WLAN Secure Server, to the WLAN Access Manager. This rights
package is based on the user’s identity, location, and the time and date.
In addition to filtering and redirecting packets, the WLAN Access Manager
coordinates with other Access Managers through the WLAN Secure Server to
maintain connections as a client device roams from one access point to another.
The Access Manager is also responsible for maintaining Airwave Security
encryption using PPTP, L2TP, or IPSec protocols.
Scalability is ensured by concentrating all packet-level inspection and rewriting
functions and encryption at the WLAN Access Manager. An individual Control
Server can easily supervise several WLAN Access Managers.
1.2.2
Control Server
Each WLAN Secure Server administrative domain requires only one Control
Server, which is embedded in the WLAN Secure Server. The Control Server in the
WLAN Secure Server performs two functions:
•
Coordinates between the WLAN Access Managers and the Rights Manager
•
Coordinates WLAN Access Manager-to-WLAN Access Manager communications, such
as a roaming handoff.
To ensure scalability, all per-packet operations are confined to the WLAN Access
Managers. The WLAN Secure Server merely coordinates the client meta-
information among the WLAN Access Managers.
All policy and user database entries are kept in the Rights Manager, which is part
of the WLAN Secure Server.
Содержание ELITECONNECT SMC2504W
Страница 2: ......
Страница 4: ......
Страница 14: ...xiv...
Страница 18: ...x Preface...
Страница 44: ...2 18 Configuring the WLAN Security System...
Страница 64: ...4 12 Controlling the System Functions...
Страница 74: ...5 10 Viewing System Status...
Страница 136: ...6 62 Configuring the Rights Manager Figure 6 72 Filter Redirect Editor Step 6 Click Update...
Страница 140: ...6 66 Configuring the Rights Manager Figure 6 77 Rights for Guest Step 7 When you have finished click Done...
Страница 150: ...6 76 Configuring the Rights Manager...
Страница 168: ...B 14 Command Line Interface...
Страница 182: ...C 14 Rights Tutorial Figure C 8 Rights for Guest Table C 4 explains the Rights Debugger...
Страница 189: ...EliteConnect WLAN Security System User Manual C 21 Figure C 12 Rights Debugger for Fred...
Страница 240: ...X 4 Index...
Страница 242: ...ii...