Penerangan
H3C WBC 580 G2 is a new generation of multi service wireless controller integrates user control and management, new WLAN intelligent operation and maintenance platform, LBS positioning, powerful authentication function, perfect RF management and security mechanism, fast roaming, super QoS and IPv4 & IPv6. It can provide strong access ability for large scale campus wireless office network.
Big data visualization
WBC580 G2 adopts x86architecture, which not only provides more powerful data processing ability, but also provides powerful edge computing ability compared with the traditional communication CPU. WBC580 G2 multi service wireless controller integrates with the new wireless intelligent operation and maintenance platform which can record operation and maintenance data for more than 30 days, and provide standard interface, support API in depth development, application information docking and other functions. It presents the wireless network environment by region, and accurately evaluates the online experience and dynamic changes of every day.
Provides management of 802.11ax AP
WBC580 G2 multi service wireless controller can not only support the traditional 802.11a/b/g/n/ac/ac wave2 AP management, but also support h3c AP based on 802.11ax protocol, so as to break through the mechanism of traditional wireless, promote the utilization of wireless spectrum resources and effectively access the number of users It can effectively reduce the deployment cost of wireless network and greatly improve the user experience in high environment.
Support Portal server function to provide services for the whole network
WBC580 G2 multi service wireless controller has built in powerful portal server function. It can support up to 61440 users for local authentication without configuring other portal authentication server
Support hierarchical AC architecture
Layered AC architecture is a new networking model proposed by H3C for the multi-level networking needs in the market. Layered AC adopts the architecture of centralized control and hierarchical management similar to that of large chain enterprises. It is managed by a general core layer AC linked with multiple local access layers AC. The main functions of access layer AC include AP access, data forwarding and other real time services. The core layer AC is mainly used for network management control, centralized authentication and other non-real time global services. In addition, the core layer AC also has the common AC access AP and data forwarding functions. The core layer AC is high performance AC and is arranged in the convergence layer; the access layer AC can be composed of standard AC, all in one AC (with routing, DPI function) or wired wireless integrated switch, which is arranged in the same level with the existing network; the layered AC architecture model pushes the wired wireless integrated concept to a new height and can be applied to the network Large scale wireless network deployment. The layered AC model naturally supports the application scenarios of headquarters and branches. The core link bandwidth and core AC forwarding capability are no longer bottlenecks. The core AC centralized control, access layer AC and down link AP can easily achieve automatic upgrade and configuration synchronization, greatly simplifying the version upgrade work. In the roaming scenario, the access layer AC responsible AP switches, and the roaming performance is greatly improved.
WBC580 G2 multi service wireless controller can be used as Central AC, providing hierarchical decentralization, vertical backup and license server for local AC in hierarchical AC architecture and other functions.
Support wireless intelligent operation and maintenance function
Integrated wireless intelligent operation and maintenance platform provides convenient and powerful operation and maintenance functions. It supports tenant management, location management, physical examination, terminal statistics, traffic rate statistics, alarm log, operation and maintenance management.
Through the built in localization oasis, it can monitor the operation status of the whole network AP and the utilization rate of each AP wireless channel, and monitor the status of the whole network. Support query based on access user Mac and IP address, support query based on AP channel utilization, and the AP responsibility is clear at a glance.
Support to view AP trend and equipment stability through graphical data curve, and intuitively count the whole network AP offline data through graphical interface, so that the whole network stability diagnosis is clear at a glance
It supports recording the traffic data and signal strength of each access terminal, real-time scanning the wireless interference of the location of the access terminal, and recording and analyzing the operation track of the access terminal
It supports one-key optimization function, wireless network analysis and other functions.
Support license server function
WBC580 G2 multi service wireless controller supports the function of license server, which can decouple authorization and equipment, centralize and unify the management of the whole network equipment, distribute authorization, pool reuse, reduce the authorization cost of users, and has the characteristics of high security and strong anti-theft ability, which can effectively protect the legitimate rights and interests of users.
Support access control and management of operation level wireless users
User based access control is a major feature of WBC580 G2 multi service wireless controller product, user profile provides a configuration template, which can save preset configuration (a set of configurations). Users can configure different content for user Profile according to different application scenarios, such as car (committed access rate) policy and quality of service (quality of service) policy.
When users access the device, they need to carry out identity authentication first. In the authentication process, the authentication server will distribute the user Profile name to the device, and the device will immediately enable the specific content configured in user Profile. When the user accesses the device through authentication, the device will restrict the user's access behavior through these specific contents. When the user is offline, the system will automatically disable the configuration item under user Profile, thus canceling the restriction of user Profile on the user. Therefore, user profile is applicable to restrict the access behavior of online users. When there is no user online (there may be no user access, or the user has not passed the authentication, or the user is offline) the user profile is the default configuration and does not take effect.
In addition, theWBC580 G2 multi service wireless controller also supports the authentication access control mode based on Mac. This mode not only enables customers to configure and modify the permissions of user group’s on AAA servers, but also supports the configuration of the permissions of specific users. This fine user permission control greatly enhances the availability of wireless networks and improves the network efficiency Administrators can easily assign access rights to different levels of people or groups through this way.
Based on Mac VLAN is also a major feature of WBC580 G2 multi service wireless controller. In terms of control strategy, the administrator can divide users with the same nature (MAC) into the same VLAN and at the same time, the controller is based on VLAN By configuring the security policy, the system configuration can be simplified, and the fine management of user level granularity can be achieved.
For security or billing considerations, system administrators may want to control the location of wireless users in the network.WBC580 G2 multi service wireless controller supports user access control based on AP location. When wireless users access to the network, they can send the list of AP to AC through the authentication server, and access control can be carried out on AC, so as to achieve the purpose of restricting wireless users to access to the AP in the specified location.
Support channel intelligent switching
In wireless LAN, channel is a very scarce resource. Each AP can only work on a very limited non overlapping channel. For example, for 2.4G network, there are only three non-overlapping channels, so how to intelligently allocate channel for AP is the key of wireless application. There are many possible interference sources in the working frequency band of WLAN, such as radar and microwave oven. Their appearance in the network will interfere with the normal operation of AP. Through the channel intelligent switching function, it can ensure that each AP can be assigned to the optimal channel, reduce and avoid the interference of adjacent channels as much as possible, and through the real time channel interference detection, it can make the AP avoid radar, microwave oven and other interference sources in real time.
Support intelligent AP load sharing
802.11 protocol gives the decision of wireless roaming to the wireless client. Generally, the wireless client will choose AP according to AP signal strength (RSSI) which easily leads to a large number of clients connecting to the same AP just because one AP signal is strong. Because these clients share wireless media, the network throughput of each client will be greatly reduced.
The intelligent load sharing method can analyze the location of wireless clients in real time, dynamically determine which AP can share the load with each other at the current time and location, and realize the load sharing among these AP by controlling the AP accessed by wireless clients. The system not only supports load sharing according to the number of user online sessions, but also supports load sharing according to user traffic.
Support 7 layer mobile security detection/defense (WIDS / WIPS)
WBC580 G2 multi service wireless controller include: blacklist, whitelist, Rogue defense, malformed message detection, illegal user offline, signature MAC layer attack detection and Countermeasures Based on preset upgrade ( for example: DoS attack, flood attack, man in the middle attack, wireless bridges, Windows bridges, Spoof spoofing, broadcast disassociation frames, hotspot attacks). With the built in massive intelligent expert knowledge base of wireless application console, flexible judgment basis of wireless security policy can be obtained. For clear illegal attack source (AP or terminal, etc.), visual physical location tracking monitoring and control and switch physical port removal can be realized.
By cooperating with H3C professional core layer firewall/ IPS devices, it can realize the 7 layer three-dimensional security defense of mobile Park, and meet the real end-to-end security protection requirements from wireless (802.11) to wired (802.3).
Support IPv4 / IPv6 dual stack (native IPv6)
WBC580 G2 multi service wireless controller supports IPv6 access of wireless customers. On the AP side of the tunnel starting point, because the device is aware of IPv6, it can achieve the mapping from IPv6 priority to tunnel priority; on the AC side, it can also perform complex control and filtering such as ACL filtering on IPv6 packets.
WBC580 G2 multi service wireless controller can also be deployed inIPv6 network, and AC and AP automatically negotiate to formIPv6 tunnel. When AC and AP work in IPv6state, the wireless controller can still sense IPv4 correctly and processIPv4 packets of wireless clients. WBC580 G2 multi service wireless controller IPv4 / 6 flexible adaptability, which can meet customers' various complex applications in IPv4 to IPv6 network migration. It can not only provide customers’ withIPv4 service in IPv6 isolated island, but also make users easily log in to the network through IPv6 Protocol in IPv4 isolated island.
Aiming at the campus network emerging in endlessly IPv6 forgery attack, WBC580 G2 multi service wireless controller support IPv6 SAVI (source address validation) technology. Through the interception of the address assignment protocol, the user's IP address is obtained, which ensures that the correct address can be used in subsequent applications to access the Internet, and other people's IP addresses cannot be forged, which ensures the reliability of the source address. At the same time, through the combination ofIPv6 SAVI and Portal technology, the authenticity and security of all Internet users' messages are further guaranteed.
Provide end to end QoS
WBC580 G2 multi service wireless controller is based on the new generation V7 system development, which not only improves the support standard protocol, but also increases the QoS support for IPv6 Protocol.
Support fast two, three layer roaming
H3C centralized wireless architecture can not only easily implement two tier roaming, but also is very conducive to the realization of cross three tier roaming. With fat AP deployed WLAN network, the limited information between leads to the realization of cross three tier roaming and its trouble. The centralized architecture is very easy to solve the problem of cross three tier roaming, WBC580 G2 wireless controller supports layer 2 and layer 3 roaming, and the roaming domain is not limited by the subnet. This excellent roaming feature allows customers to pay more attention to the coverage of wireless signals without too much consideration of existing network planning when planning wireless network. This way greatly simplifies the early network planning and reduces the cost of network planning.
In the traditional mode, when the wireless user terminal uses 802.1x as a means of 802.11 access authentication and key interaction, there will be a lot of interaction messages between the wireless user terminal and AP. For example, if the handover time between the two wireless access terminals is too long, the handover time between the two wireless access terminals will be too long.Wx5500h series wireless controller uses key caching technology to complete the fast switching of users when roaming. The key caching technology makes a good balance between the user's secure access and fast roaming. It can make the wireless user terminal do not need to complete802.1x when roaming between two AP in the process of authentication interaction, it can ensure the identification of user identity and the continuity of key use; wireless users use fast roaming mode, and the roaming time in single AC is less than50ms, which meets the harsh requirements of voice services.
Lebih maklumat tentang NetEon Communication Sdn Bhd