Embed Size (px)
Citation preview
CLASS 12CLASS 12
PresentationPresentation
Enterprise AP’sEnterprise AP’s
Cisco Aironet 350 SeriesCisco Aironet 350 Series
Overview of 350 seriesOverview of 350 series
Solutions for the enterprise and small and Solutions for the enterprise and small and medium sized businessmedium sized business
Offers scalable, centralized security and Offers scalable, centralized security and inline powerinline power
integrates seamlessly into an existing integrates seamlessly into an existing network as a wireless overlaynetwork as a wireless overlay
All Cisco Aironet 350 Series client adapters All Cisco Aironet 350 Series client adapters and access points are IEEE 802.11b and access points are IEEE 802.11b compliantcompliant
Products of Aironet 350 SeriesProducts of Aironet 350 Series
Client AdaptersClient Adapters Access PointsAccess Points Multifunction BridgeMultifunction Bridge Workgroup BridgeWorkgroup Bridge AntennasAntennas Secure Access Control Server V.2.6Secure Access Control Server V.2.6
Client AdaptersClient Adapters Wireless client adapters connect a Wireless client adapters connect a
variety of devices to a wireless variety of devices to a wireless network either in ad hoc peer-to-peer network either in ad hoc peer-to-peer mode or in infrastructure mode with mode or in infrastructure mode with APs. APs.
Available in PC Card (PCMCIA) and Available in PC Card (PCMCIA) and Peripheral Component Interconnect Peripheral Component Interconnect (PCI) form factors(PCI) form factors
Features of Client AdapterFeatures of Client Adapter Superior range and throughput Superior range and throughput Secure network communications Secure network communications World mode for international roaming World mode for international roaming Full-featured utilities for easy configuration Full-featured utilities for easy configuration
and management and management Compliance with the IEEE 802.11b high-Compliance with the IEEE 802.11b high-
rate standard rate standard Support for all popular operating systemsSupport for all popular operating systems
Client AdapterClient Adapter Specifications Specifications Data Rates Supported: Data Rates Supported: 1, 2, 5.5, and 11 Mbps1, 2, 5.5, and 11 Mbps Network Standard: Network Standard: IEEE 802.11bIEEE 802.11b Frequency Band: Frequency Band: 2.4 to 2.4897 GHz2.4 to 2.4897 GHz Wireless Medium: Wireless Medium: Direct Sequence Direct Sequence
Spread Spread Spectrum (DSSS)Spectrum (DSSS) Media Access Protocol: Media Access Protocol: Carrier sense multiple Carrier sense multiple
access with collision avoidance (CSMA/CA)access with collision avoidance (CSMA/CA) Modulation Modulation
• DBPSK @1 MbpsDBPSK @1 Mbps• DQPSK @ 2 MbpsDQPSK @ 2 Mbps• CCK @ 5.5 and 11 MbpsCCK @ 5.5 and 11 Mbps
Client AdapterClient Adapter Specifications Specifications(cont’)(cont’)
Operating Channels: North America: 11Operating Channels: North America: 11 Range (typical) Range (typical)
• Indoor:Indoor: 130 ft (40 m) @ 11 Mbps 130 ft (40 m) @ 11 Mbps 350 ft (107 m) @ 1 Mbps 350 ft (107 m) @ 1 Mbps
• Outdoor:Outdoor: 800 ft (244 m) @ 11 Mbps 800 ft (244 m) @ 11 Mbps 2000 ft (610 m) @ 1 Mbps 2000 ft (610 m) @ 1 Mbps
Input Power Requirements: +5 VDC +/- 5%Input Power Requirements: +5 VDC +/- 5% Typical Power Consumption (at 100 mW transmit Typical Power Consumption (at 100 mW transmit
power setting) power setting) • Transmit: 450 mATransmit: 450 mA• Receive: 270 mAReceive: 270 mA• Sleep mode: 15 mA Sleep mode: 15 mA
Access PointAccess Point
An AP is the center point in an all-wireless An AP is the center point in an all-wireless network or a connection point between a network or a connection point between a wired and wireless network. wired and wireless network.
Multiple APs DeploymentMultiple APs Deployment
Features of APFeatures of AP
The Cisco Aironet 350 Series AP supports The Cisco Aironet 350 Series AP supports data rates up to 11 Mbps, is IEEE 802.11b data rates up to 11 Mbps, is IEEE 802.11b compliantcompliant
Support for Support for inline power over Ethernetinline power over Ethernet, , simplifying and reducing the total cost of simplifying and reducing the total cost of installation and ownership installation and ownership
High-performance 100 Milliwatt (mW) radio High-performance 100 Milliwatt (mW) radio design, with power management capabilitiesdesign, with power management capabilities
Future-proofFuture-proof(Funny)architecture that can (Funny)architecture that can support additional software features for support additional software features for investment protectioninvestment protection
Software Features of APSoftware Features of AP
802.1x-based Extensible Authentication 802.1x-based Extensible Authentication Protocol (EAP) services that provide Protocol (EAP) services that provide centralized, user-based authentication for centralized, user-based authentication for hassle-free security administration and hassle-free security administration and user-based privacy user-based privacy
Automatic channel selection, Cisco Automatic channel selection, Cisco Discovery Protocol (CDP), Dynamic Host Discovery Protocol (CDP), Dynamic Host Configuration Protocol (DHCP), and BOOTP Configuration Protocol (DHCP), and BOOTP services to simplify installation and services to simplify installation and management of WLAN infrastructures management of WLAN infrastructures
Software Features of AP Software Features of AP (cont’)(cont’)
High-availability services, such as High-availability services, such as load balancing and hot-standby load balancing and hot-standby redundancy, for dependable, redundancy, for dependable, performance, and reliability performance, and reliability
Rich filtering options on both the Rich filtering options on both the Ethernet and radio side to provide Ethernet and radio side to provide performance and application tuning performance and application tuning to meet specific business to meet specific business requirementsrequirements
Load Balancing of APLoad Balancing of AP Up to three APs, configured for different channels, Up to three APs, configured for different channels,
can be colocated to achieve aggregate peak can be colocated to achieve aggregate peak capacity of 33 Mbps for a single coverage area. capacity of 33 Mbps for a single coverage area.
Load-balancing policies based on number of Load-balancing policies based on number of users, error rates, or signal strengths redistribute users, error rates, or signal strengths redistribute users to deliver more balanced collision domainsusers to deliver more balanced collision domains
Another scalability enhancement is the addition Another scalability enhancement is the addition of broadcast and multicast filtering. This enables of broadcast and multicast filtering. This enables administrators to select the amount of such administrators to select the amount of such frames that enter the WLAN, conserving the frames that enter the WLAN, conserving the shared bandwidth. shared bandwidth.
Security of APSecurity of AP
Cisco Aironet APs interoperate with EAP-enabled Cisco Aironet APs interoperate with EAP-enabled Remote Access Dial-In User Service (RADIUS) Remote Access Dial-In User Service (RADIUS) servers such as the Cisco Access Control Server 2000 servers such as the Cisco Access Control Server 2000 Version 2.6 and EAP-enabled client adapters such as Version 2.6 and EAP-enabled client adapters such as Cisco Aironet Series clients providing user-level Cisco Aironet Series clients providing user-level authentication over an encrypted link.authentication over an encrypted link.
After successful mutual authentication with the After successful mutual authentication with the RADIUS server, the user derives a dynamic WEP RADIUS server, the user derives a dynamic WEP encryption key that uniquely encrypts that user’s encryption key that uniquely encrypts that user’s traffic over the air, ensuring security from both traffic over the air, ensuring security from both outside sources and inside network users.outside sources and inside network users.
specifications of APspecifications of AP Uplink: Uplink: Auto-sensing 10/100BaseT Auto-sensing 10/100BaseT
EthernetEthernet Range (typical @ 100-mW transmit Range (typical @ 100-mW transmit
power setting with 2.2 dBi diversity power setting with 2.2 dBi diversity dipole antenna) : dipole antenna) : • Indoor:Indoor:
130 ft (39.6 m) @ 11 Mbps 130 ft (39.6 m) @ 11 Mbps 350 ft (107 m) @ 1 Mbps 350 ft (107 m) @ 1 Mbps
• Outdoor:Outdoor: 800 ft (244 m) @ 11 Mbps 800 ft (244 m) @ 11 Mbps 2000 ft (610 m) @ 1 Mbps 2000 ft (610 m) @ 1 Mbps
Specifications of AP Specifications of AP (cont’)(cont’)
Automatic Configuration Support: Automatic Configuration Support: BOOTP and DHCPBOOTP and DHCP
Remote Configuration Support:Remote Configuration Support:
Telnet, HTTP, FTP, TFTP, and SNMPTelnet, HTTP, FTP, TFTP, and SNMP Input Power RequirementsInput Power Requirements
24 +/- 10% to 60 VDC (Ethernet line power)24 +/- 10% to 60 VDC (Ethernet line power) Local Configuration: Local Configuration:
Direct console port (with supplied serial Direct console port (with supplied serial cable)cable)
Multifunction BridgeMultifunction Bridge
The Cisco Aironet ® 350 Series MultifunctionThe Cisco Aironet ® 350 Series Multifunction Bridge is a dual-purpose wireless device.Bridge is a dual-purpose wireless device.
• In bridge mode, the Cisco Aironet 350Series Multifunction In bridge mode, the Cisco Aironet 350Series Multifunction Bridge provides for high-speed long-range outdoor links Bridge provides for high-speed long-range outdoor links between buildings.between buildings.
• When configured as an access point (AP), the Cisco When configured as an access point (AP), the Cisco Aironet 350 Series Multifunction Bridge is the ideal Aironet 350 Series Multifunction Bridge is the ideal wireless infrastructure device for installations subject to wireless infrastructure device for installations subject to plenum rating and harsh environments such as warehouses, plenum rating and harsh environments such as warehouses, factories,factories,
and the outdoors. and the outdoors.
Point-to-point Wireless bridge Point-to-point Wireless bridge SolutionSolution
Point-to-Multipoint Wireless Point-to-Multipoint Wireless Bridge SolutionBridge Solution
Multifunction Bridge featuresMultifunction Bridge features
High-speed (11-Mbps) high-power (100-mW)High-speed (11-Mbps) high-power (100-mW) radios delivering building-to-building links ofradios delivering building-to-building links of up to 18 miles (28.9 km)up to 18 miles (28.9 km) Metal case for durability and plenum rating Extended Metal case for durability and plenum rating Extended
operating temperature rating for harsh environmentsoperating temperature rating for harsh environments Simplified installation, improved performance, and Simplified installation, improved performance, and
investment protectioninvestment protection Full user-selectable AP functionality Upgradable Full user-selectable AP functionality Upgradable
architecture, ensuring investment protectionarchitecture, ensuring investment protection
Workgroup Bridge Workgroup Bridge SpecificatoinsSpecificatoins
Range (typical) :Range (typical) :• Bridge mode outdoors:Bridge mode outdoors:
18 miles (28.9 km) @ 11 Mbps18 miles (28.9 km) @ 11 Mbps Up to 25 miles (40.2 km) @ 1 MbpsUp to 25 miles (40.2 km) @ 1 Mbps
• AP mode indoors:AP mode indoors: 130 ft (39.6 m) @ 11 Mbps130 ft (39.6 m) @ 11 Mbps 350 ft (107.0 m) @ 1 Mbps350 ft (107.0 m) @ 1 Mbps
• AP outdoors:AP outdoors: 800 ft (244 m) @ 11 Mbps800 ft (244 m) @ 11 Mbps 2000 ft (610 m) @ 1 Mbps2000 ft (610 m) @ 1 Mbps
Workgroup BridgeWorkgroup Bridge
Designed to meet the needs of remoteDesigned to meet the needs of remote
workgroups, satellite offices, and mobile users,workgroups, satellite offices, and mobile users, The workgroup bridge quickly connects up toThe workgroup bridge quickly connects up to
eight Ethernet-enabled laptops or other portable eight Ethernet-enabled laptops or other portable computers to a wireless LAN (WLAN), providingcomputers to a wireless LAN (WLAN), providing
the link from these devices to any Cisco Aironetthe link from these devices to any Cisco Aironet
Access Point (AP) or Multifunction Bridge. TheAccess Point (AP) or Multifunction Bridge. The
A Remote WorkgroupA Remote Workgroup
Workgroup Bridge FeaturesWorkgroup Bridge Features
Driverless installation of up to eight Ethernet-Driverless installation of up to eight Ethernet-enabled devicesenabled devices
Optimum wireless performance and rangeOptimum wireless performance and range Standards-based centralized securityStandards-based centralized security Two versions for a range of application Two versions for a range of application
requirementsrequirements Full-featured utilities and robust managementFull-featured utilities and robust management
Workgroup Bridge Workgroup Bridge SpecificationsSpecifications
Client Interface Client Interface 10BaseT Ethernet10BaseT Ethernet Clients Supported Clients Supported
• Direct: OneDirect: One• Via hub: EightVia hub: Eight
Range (typical) Range (typical) • Indoor:Indoor:
130 ft (40 m) @ 11 Mbps130 ft (40 m) @ 11 Mbps 350 ft (107 m) @ 1 Mbps350 ft (107 m) @ 1 Mbps
• Outdoor:Outdoor: 800 ft (244 m) @ 11 Mbps800 ft (244 m) @ 11 Mbps 2000 ft (610 m) @ 1 Mbps2000 ft (610 m) @ 1 Mbps
AntennaAntenna
350 Series includes a complete 350 Series includes a complete range of antennas for client range of antennas for client adapter, access point, and adapter, access point, and bridge equipment that enable a bridge equipment that enable a customized wireless solution for customized wireless solution for almost anyalmost any
Optional, Higher-Gain Antennas Can Optional, Higher-Gain Antennas Can be Used to Extend the Range of be Used to Extend the Range of
Access PointsAccess Points
With Cisco Aironet Bridge Antennas, With Cisco Aironet Bridge Antennas, Wireless Links over Great Distances Wireless Links over Great Distances
and Obstacles are Possibleand Obstacles are Possible
Secure Access Control Server Secure Access Control Server V.2.6 (ACS)V.2.6 (ACS)
To support the growing population of users that connect to To support the growing population of users that connect to your network from all types of devices and services— VPNs, your network from all types of devices and services— VPNs, remote access, broadband, voice, and wireless solutions—remote access, broadband, voice, and wireless solutions—Cisco introduces Cisco Secure Access Control Server (ACS) Cisco introduces Cisco Secure Access Control Server (ACS) V.2.6 for Windows 2000 and NT. V.2.6 for Windows 2000 and NT.
Cisco Secure ACS is a highly scalable, high performance Cisco Secure ACS is a highly scalable, high performance access control server that operates as a centralized RADIUS or access control server that operates as a centralized RADIUS or TACACS+ server system and controls the authentication, TACACS+ server system and controls the authentication, authorization, and accounting (AAA) of users accessing authorization, and accounting (AAA) of users accessing corporate resources through the network.corporate resources through the network.
ACS AdministrationACS Administration
Who can log in to the network from wired or wireless Who can log in to the network from wired or wireless connectionsconnections
What privileges each user has in the networkWhat privileges each user has in the network What accounting information is recorded in terms of What accounting information is recorded in terms of
security audits or account billingsecurity audits or account billing What access and command controls are enabled for What access and command controls are enabled for
each administrator configuring Cisco IOS ® routers, each administrator configuring Cisco IOS ® routers, Catalyst ® switches, or any TACACS+ enabled Catalyst ® switches, or any TACACS+ enabled network devicenetwork device
802.16a802.16a
Still relatively new to meStill relatively new to me Will be best for large organizations.Will be best for large organizations. We are looking into implementing We are looking into implementing
this.this.
IEEE 802.16:IEEE 802.16:
The Next Wireless The Next Wireless RevolutionRevolution
General OverviewGeneral Overview
Standard for wireless metropolitan Standard for wireless metropolitan area networks (WirelessMANarea networks (WirelessMAN™)™)
Supports a variety of services such as Supports a variety of services such as IP, voice over IP, and streaming videoIP, voice over IP, and streaming video
Protocol independent supporting ATM Protocol independent supporting ATM & packet based protocols& packet based protocols
ApplicationsApplications
Economically bridges the “last mile”Economically bridges the “last mile”• Buildings equipped with subscriber and base Buildings equipped with subscriber and base
stations, SS & BSstations, SS & BS• Users connect to SS via conventional network Users connect to SS via conventional network
technologies (e.g. 802.3, 802.11)technologies (e.g. 802.3, 802.11)• BSs connected directly to backboneBSs connected directly to backbone
Lowers barriers to entry for new ISPs Lowers barriers to entry for new ISPs increasing competitionincreasing competition
Provides broadband to rural communities Provides broadband to rural communities and developing nationsand developing nations
802.16 Characteristics802.16 Characteristics
Point-to-multipoint broadband wireless accessPoint-to-multipoint broadband wireless access• Operates in 10-66 GHz spectrumOperates in 10-66 GHz spectrum• Data rates up to 134 MbpsData rates up to 134 Mbps• Requires directional line-of-sight (LOS) propagationRequires directional line-of-sight (LOS) propagation
802.16a adopted to address these concerns802.16a adopted to address these concerns• Operates in 2-11 GHz spectrumOperates in 2-11 GHz spectrum• Eliminates need for directional LOS propagationEliminates need for directional LOS propagation• Greater range but lower data ratesGreater range but lower data rates
802.16 MAC802.16 MAC
WirelessMAN operates at MAC sub-WirelessMAN operates at MAC sub-layer of Data Link Layerlayer of Data Link Layer
MAC layer is further subdivided into MAC layer is further subdivided into three layersthree layers• Convergence sub-layer (CS)Convergence sub-layer (CS)• Common part sub-layer (CPS)Common part sub-layer (CPS)• Privacy sub-layerPrivacy sub-layer
802.16 MAC: CS Layer802.16 MAC: CS Layer
Interoperability requires convergence Interoperability requires convergence sub-layer to be service specific sub-layer to be service specific • Separate CS layers for ATM & packet Separate CS layers for ATM & packet
protocolsprotocols
CS Layer:CS Layer:• Receives data from higher layersReceives data from higher layers• Classifies data as ATM cell or packetClassifies data as ATM cell or packet• Forwards frames to CPS layerForwards frames to CPS layer
802.16 MAC: CPS Layer802.16 MAC: CPS Layer
Performs typical MAC functions such as addressingPerforms typical MAC functions such as addressing• Each SS assigned 48-bit MAC addressEach SS assigned 48-bit MAC address• Connection Identifiers used as primary address after Connection Identifiers used as primary address after
initializationinitialization
MAC policy determined by direction of MAC policy determined by direction of transmissiontransmission• Uplink is DAMA-TDMAUplink is DAMA-TDMA• Downlink is TDMDownlink is TDM
Data encapsulated in a common format facilitating Data encapsulated in a common format facilitating interoperabilityinteroperability• Fragment or pack frames as neededFragment or pack frames as needed• Changes transparent to receiverChanges transparent to receiver
802.16 MAC: Privacy Sub-Layer802.16 MAC: Privacy Sub-Layer
Provides secure communicationProvides secure communication• Data encrypted with cipher clock Data encrypted with cipher clock
chaining mode of DESchaining mode of DES
Prevents theft of servicePrevents theft of service• SSs authenticated by BS using key SSs authenticated by BS using key
management protocolmanagement protocol
802.16 Physical Layer802.16 Physical Layer
Variety of services supported requires Variety of services supported requires support for continuous and bursty trafficsupport for continuous and bursty traffic
Burst profiles associated with every Burst profiles associated with every frameframe• Profiles describe transmission properties Profiles describe transmission properties
such as encoding & modulation schemessuch as encoding & modulation schemes• Modulation & encoding schemes Modulation & encoding schemes
dynamically adjusted to account for dynamically adjusted to account for changing link conditionschanging link conditions
802.16 Physical Layer802.16 Physical Layer
Data rates determined Data rates determined by exact modulation by exact modulation and encoding schemesand encoding schemes
TDD and FDD TDD and FDD supported in 802.16 to supported in 802.16 to accommodate burst accommodate burst profilingprofiling
802.16a adds OFDM 802.16a adds OFDM and OFDMA to support and OFDMA to support NLOS multipath NLOS multipath propagationpropagation
ChannChannel Sizeel Size
(MHz)(MHz)
Bit Bit RateRate
(Mbps)(Mbps)
QPSKQPSK
Bit Bit RateRate
(Mbps)(Mbps)
16-16-QAMQAM
Bit Bit RateRate
(Mbps)(Mbps)
64-64-QAMQAM
2020 3232 6464 9696
2525 4040 8080 120120
2828 44.844.8 89.689.6 134.4134.4
AlternativesAlternatives
Mobile Broadband Wireless AccessMobile Broadband Wireless Access• IEEE standard 802.20IEEE standard 802.20• Extends broadband wireless to mobile Extends broadband wireless to mobile
usersusers• Data rates in excess of 1 MbpsData rates in excess of 1 Mbps• Optimized for IP transportOptimized for IP transport• Supports vehicular mobility at 250 km/hSupports vehicular mobility at 250 km/h
802.16e vs. 802.20802.16e vs. 802.20
IEEE commissioned 802.16e working IEEE commissioned 802.16e working group to extend WirelessMAN to group to extend WirelessMAN to mobile end usersmobile end users• 802.16 has greater interoperability802.16 has greater interoperability• 802.20’s data rates will likely exclude 802.20’s data rates will likely exclude
bandwidth intensive applicationsbandwidth intensive applications• 802.20 must be built from scratch802.20 must be built from scratch• 802.16 enjoys strong industry support802.16 enjoys strong industry support
HomeworkHomework
Read AntennaAlignmentTool.pdfRead AntennaAlignmentTool.pdf ½ Page bullets½ Page bullets 5 Questions and Answers5 Questions and Answers Due 04-26-04Due 04-26-04
QuizQuiz
Whats the the default SSID for a Cisco AP?Whats the the default SSID for a Cisco AP? What is Cisco’s version of RADIUS?What is Cisco’s version of RADIUS? How much can a Cisco client card put out?How much can a Cisco client card put out? What is the advertised outdoor range of a What is the advertised outdoor range of a
Cisco AP?Cisco AP? What’s muticast filtering?What’s muticast filtering? How many digits in a 128 bit hex key?How many digits in a 128 bit hex key?
