Overview
The Alcatel-Lucent OmniAccess WLAN Switch product family provides the industry's strongest integrated security feature set with the most comprehensive line of modular and workgroup WLAN systems, each designed specifically for enterprise campus, building, and branch office environments.
The OmniAccess WLAN Switch Family includes:
- OmniAccess 6000 - Alcatel-Lucent’s flagship modular mobility controller is the most scalable of its kind on the market
- OmniAccess 4504, 4604, & 4704 switches - Designed for aggregation of up to 128 campus connected access points
- OmniAccess 4324 - For regional headquarters, the OmniAccess 4324 delivers up to 400 Mbps of encrypted throughput
- OmniAccess 4308 - For remote office applications the OmniAccess 4308 supports up to 16 APs and hundreds of simultaneous users
- OmniAccess 4302 - For branch offices, retail stores, and small business applications, the OmniAccess 4302 is centrally managed from the corporate headquarters or in a data center
The OmniAccess WLAN Switch family is managed by the OmniAccess 3600 Air Manager.
Benefits
| Customer Benefits (All OmniAccess Wireless LAN Switches | |
| Policy-based network access control | |
|
|
|
| Policy based access control and business policies are translated into network controls, and violators are detected and then blocked before anything ever happens | |
| Universal authentication | |
|
|
|
| A single authentication security system provides the means of knowing what/who are using the network. | |
| Adaptive radio management | |
|
|
|
| Removes the headaches of oldfashioned manual control of wireless devices allowing the administrator to specify performance standards. | |
| Rogue and interfering access point detection | |
|
|
|
| Automatically disables the devices by preventing users from associating with them and notifies administrator of their location for removal. | |
| Wireless intrusion protection | |
|
|
|
| Provides detection and visibility of intruders to administrators to prevent malicious wireless attacks. | |
| Data encryption | |
|
|
|
|
Prevents intruders from eavesdropping on sensitive data through use of modern protocols. |
|
| Network security | |
|
|
|
| Processes traffic based on user identity and other parameters instead of just source/destination addresses. | |
| Availability | |
|
|
|
| Supports business critical applications that can’t tolerate downtime by providing VRRP-based hot standby, modular software design with protected memory, and automatic AP failover. | |
| Seamless user mobility | |
|
|
|
| Users are able to move freely without the need to restart sessions or re-authenticate each time they move in the campus. | |
| Centralized management | |
|
|
|
|
Intuitive web-based interface provides logical organization of features, while the industry-standard command line interface allows experienced network managers to be up and running quickly. Can view both wired and wireless network elements and topologies from a single screen. |
|
| Seamless wired-wireless integration | |
|
|
|
| No reconfiguration of existing network components are necessary to integrated the OmniAccess WLAN platform into the network. | |
| Endpoint integrity | |
|
|
|
| Provides facilities for client remediation, allowing out-of-spec client devices to repair themselves. | |
Features
The Alcatel-Lucent OmniAccess™ Wireless LAN switch family offers a variety of switches enabling the deployment of appropriate sized solutions to fit your needs. The OmniAccess WLAN switch supports a true user-centric network experience, delivering follow-me connectivity, identity-based access, and application continuity services. The switches feature a scalable design, mobile voice over IP, integrated network management in a secure network environment.
{p}
Overview
Alcatel-Lucent OmniAccess™ access points (APs) are small, lightweight and can be securely deployed in a variety of locations such as on walls, cubicles, desktops, and in the ceiling. The AP antenna diversity allows for the best possible signal processing using dual, omni-directional antennas.
Alcatel-Lucent OmniAccess APs work with the Alcatel-Lucent OmniAccess WLAN switches including the OmniAccess 6000 and OmniAccess 4304. These WLAN switches provide a high performance, centrally managed, wireless mobility solution for enterprises. Alcatel-Lucent OmniAccess APs have an extended lifespan because they automatically configure themselves across any L2/L3 network using discovery, allowing easy upgrades when new features, capabilities, or standards emerge.
Dual-radio MIMO access points
Benefits
| Support of voice over converged, handheld wireless devices | ||
| • | Supports voice protocols and prioritization based on the device as well as traffic flows. | |
| • | Supports converged devices on wireless connections. | |
| • | Traffic can be delivered through an integrated firewall. | |
| Admission control | ||
| • | Load-balancing between nearby APs based on thresholds. | |
| • | Unique connection and mission control - can control the number of phones that associate with an AP | |
| • | Thresholds can be configured on an access point. | |
| • | By differentiating between those on-hook and those transmitting voice, better control and allocation of access to APs can be set. | |
| Security | ||
| • | Ability to firewall an IP communication | |
| • | Instead of blocking static port, OmniAccess APs block a dynamic port - we block SIP signaling | |
| • | Security of voice | |
| • | Alcatel OmniAccess WLAN solutions provides complete, multi-layered security, scalable, centralized wireless LAN switching, advanced RF management, QoS for latency sensitive applications, and standards-based enterprise mobility. | |
| Ability to extend WiFi beyond corporate environment | ||
| • | Outdoor APs that adjust to fluctuating weather | |
| • | Extends services outdoors to areas in the immediate vicinity of the office allowing outdoor classrooms, cafes, warehouse support, or trains in tunnels. |
Features
| Support of voice over converged, handheld wireless devices | |
| • | Supports voice protocols and prioritization based on the device as well as traffic flows |
| • | Supports converged devices on wireless connections |
| • | Traffic can be delivered through an integrated firewall |
| Admission control | |
| • | Load-balancing between nearby APs based on thresholds |
| • | Unique connection and mission control - can control the number of phones that associate with an AP |
| • | Thresholds can be configured on an access point |
| • | By differentiating between those on-hook and those transmitting voice, better control and allocation of access to APs can be set |
| Security | |
| • | Ability to firewall an IP communication |
| • | Instead of blocking static port, OmniAccess APs block a dynamic port – i.e., block SIP signaling |
| • | Voice security |
| • | Alcatel-Lucent OmniAccess WLAN solutions provides complete, multi-layered security, scalable, centralized wireless LAN switching, advanced RF management, QoS for latency sensitive applications, and standards-based enterprise mobility. |
| Ability to extend WiFi beyond corporate environment | |
| • | Outdoor APs that adjust to fluctuating weather. |
| • | Extends services outdoors to areas in the immediate vicinity of the office allowing outdoor classrooms, cafes, warehouse support, or trains in tunnels. |
Technical Info
Supported protocols
• L2TP/IPsec
• IPsec over NAT-T (Network Address Translation Traversal)
• 802.11af compliant Power-over- Ethernet
Overview
Standard with every wireless LAN, the Alcatel-Lucent OmniAccess™ base software provides unprecedented control over the entire wireless environment and enables advanced adaptive WLAN, identity-based security and application continuity services.
The base feature set of Alcatel-Lucent OmniAccess wireless LAN base software includes sophisticated authentication and encryption, protection against rogue access points (APs), seamless mobility with fast roaming, RF management and analysis tools, centralized configuration, location tracking, and more.
OmniAccess wireless LAN base software can be complemented with the following optional modules:
- Wireless intrusion protection (WIP)
- Policy enforcement firewall (PEF)
- Voice service module (VSM)
- VPN server (VPN)
- Remote access point (RAP)
- Wireless mesh (MAP and IMP)
- External services interface (ESI)
Benefits
| Customer Benefits (Individual Modules) | ||
| Base Software | ||
|
|
||
| • Secure Authentication, Encryption& Access Control • Seamless Mobility • RF Management, RF Planning & Troubleshooting • QOS, VOIP Support and Location Tracking |
||
| External Services Interface Module | ||
|
|
||
| • Choice of AAA server for authentication • XML API for captive portal (external captive portal server support) content inspection with external appliance, Fortinet integration • Note: requires that the Policy Enforcement Firewall module is installed • Flexible Delivery of Network Services • Policy-Based Network Traffic Inspection • Fault Tolerance for Mission-Critical Networks • Extended Authorization Control Using API |
||
| Policy Enforcement Firewall Module | ||
|
|
||
| • Role based services for user / group class of service differentiation, bandwidth contracts • Firewall permit/deny/drop/log (ICSA certified to version 4.1 corporate standard) • QoS - priority traffic queues, Wi-Fi voice prioritization • Identity-Based Stateful Firewalls • ICSA Certification • Policy-Based Access Control • Stateful Flow Classification • Web-Based Captive Portal • High-Performance Security |
||
| Advanced AAA AOS Software Module | ||
|
|
||
| • Automatic selection of authentication servers based on distinct SSIDs • Domain and realm selection of authentication server • RFC 3576 API • Auto selection of authentication server based on SSID |
||
| Remote AP Module | ||
|
|
||
| • Remote access point - termination of remotely deployed APs using IPSec transport • Local bridging - termination of data traffic at the remote AP • Survivability - pre-shared key for backup WLAN encryption during WAN failure • Secure Mobile Connectivity • entralized Management and Security • Ideal Solution for Telecommuters |
||
| VPN Server Module | ||
|
|
||
| • Complete client VPN services - PPTP, L2TP/IPSec • Site-to-site VPN services - IPSec NAT-T transport mode tunnels between OmniAccess WLAN switches or third-party VPN concentrators • Massive Scalability and Performance • VPN Concentrator Emulation • Streamlined Deployment • Site-To-Site VPN |
||
| Wireless Intrusion Protection Module | ||
|
|
||
| • Detection of network probing and DoS attacks, impersonation and man-in-the-middle attacks • Detection of unauthorized devices (ad-hoc networks,Windows bridging, wireless bridges) • Prevention of clients roaming to unauthorized APs attempted intrusion • Rogue AP Prevention • Denial Of Service (DOS) Attack Detection • Probing and Network Discovery • Surveillance |
||
| xSec Module | ||
|
|
||
| • Client/server xSec: termination of AES layer 2 xSec secure VPN sessions • Point/point xSec: termination of AES layer 2 xSec secure VPN switch port session |
||
Features
| The selected WLAN Modules below, with the exception of the Base Software module, are all optional components of the WLAN Software solution. Please click on their corresponding links to view their detailed features. | ||
| Base Software | ||
|
The base software comes pre-loaded with each OmniAccess Wireless switch. It includes the following capabilities:
|
||
| External Services Interface Module | ||
 |
• Standards-based extensibility • Allows an OmniAccess WLAN switch to communicate with external service devices • Supports advanced interaction with authentication, authorization, and accounting (AAA) services infrastructure |
|
|
.
|
||
|
Policy Enforcement Firewall Module
|
||
 |
• User and group policy enforcement through an integrated, ICSA-certified stateful firewall • Security policies can be centrally defined and enforced on a per-user or per-group basis • Policies are enforced dynamically, following users as they move and taking into account a variety of metrics such as: (1) User location (2) Time-of-day (3)Device type (4) Authentication method |
|
|
.
|
||
|
Remote AP Module
|
||
 |
• Securely extend corporate wireless functionality to any location with an Internet connection • Remote APs allow seamless, corporate-like WLAN connectivity
|
|
|
.
|
||
|
VPN Server Module
|
||
 |
• Integration support for a variety of VPN implementations • Eliminates need for discrete, external VPN concentrators • Hardware acceleration provides LAN-speed VPN connectivity • Both client termination as well as site-to-site VPNs are supported • Supported VPN protocols include: (1) L2TP/IPSec (2) IPSec/XAUTH (3) PPTP |
|
|
.
|
||
|
Wireless Intrusion Protection
|
||
 |
• Patented classification technology that identifies and protects against vulnerabilities and malicious attacks
|
|
|
.
|
||
|
XSec Module
|
||
 |
• Termination of highly secure xSec client sessions • Link-layer 256-bit AES-CBC encryption with complete header obscuration for highly sensitive environments • Enables encryption of trunk ports between mobility controllers based on the same strong encryption standard |
|
