Cisco WS-SVC-WISM-1-K9= Ficha de datos descargar pdf (Pagina 5)

Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.

Page 5 of 12

Specific intelligent RF capabilities managed by the Cisco WiSM include:

• Dynamic Channel Assignment—802.11 channels are adjusted to optimize network coverage and performance based on changing RF conditions.

• Interference Detection and Avoidance—The system detects interference and recalibrates the network to avoid performance problems.

• Load Balancing—The system provides automatic load balancing of users across multiple access points for optimum network performance,

even under a heavy load.

• Coverage Hole Detection and Correction—RMM software detects coverage holes and attempts to correct them by adjusting the power output

of access points.

• Dynamic Power Control—The system dynamically adjusts the power output of individual access points to accommodate changing network

conditions, helping to ensure predictable wireless performance and availability.

Enterprise-Class Security

The Cisco WiSM adheres to the strictest level of security standards, including:

• 802.11i Wi-Fi Protected Access 2 (WPA2), WPA, and Wired Equivalent Privacy (WEP)

• 802.1X with multiple Extensible Authentication Protocol (EAP) types, including Protected EAP (PEAP), EAP with Transport Layer Security

(EAP-TLS), EAP with Tunneled TLS (EAP-TTLS), and Cisco LEAP

The result is the industry’s most comprehensive WLAN security solution.

In Cisco’s WLAN solution, access points act as air monitors, communicating real-time information about the wireless domain to Cisco wireless LAN

controllers. All security threats are rapidly identified and presented to network administrators via Cisco WCS, where accurate analysis takes place

and corrective action can be taken.

Cisco provides the only wireless LAN system that offers simultaneous wireless protection and wireless LAN service delivery. This helps to ensure

complete wireless LAN protection, with no unnecessary overlay equipment costs or extra monitoring devices. This solution can be deployed initially

as a standalone wireless IPS, and reconfigured later to add wireless LAN data service. This allows network managers to create a “defense shield”

around their RF domains, containing unauthorized wireless activity until they are ready to deploy wireless LAN services.

Cisco addresses wireless LAN security by offering multiple layers of protection (Figure 4), including:

• RF Security—Detect and avoid 802.11 interference and control unwanted RF propagation.

• Wireless LAN Intrusion Protection and Location—The solution not only detects rogue devices or potential wireless threats, but also locates

these devices. This helps IT administrators to quickly assess the threat level and take immediate action to mitigate threats as required.

• Identity-Based Networking—IT staff must support many different user access rights, device formats, and application requirements when securing

wireless LANs. The Cisco WLAN solution enables enterprises to deliver individualized security policies to wireless users or groups of users.

These include:

– Layer 2 Security—802.1X (PEAP, LEAP, EAP-TTLS), WPA, 802.11i (WPA2), and Layer 2 Tunneling Protocol (L2TP)

– Layer 3 Security (and above)—IP Security (IPSec), Web authentication.

– VLAN Assignments

– Access Control Lists (ACLs)—IP restrictions, protocol types, port, and differentiated services code point (DSCP) value.

– QoS—Multiple service levels, bandwidth contracts, traffic shaping, and RF utilization.

– Authentication, Authorization, and Accounting (AAA)/RADIUS—User session policies and rights management.

• Network Admission Control (NAC)—Enforce policies pertaining to client configuration and behavior, to help ensure that only end-user devices

with appropriate security utilities can gain access to the network.

1 2 3 4 5 6 7 8 9 10 11 12

Sin comentarios

Cisco WS-SVC-WISM-1-K9= Ficha de datos Pagina 5