620 likes | 753 Views
BUSINESS WIRELESS 2010 Nyári Egyetem. Preface. This section intends to : Refresh the key selling points of Unified Switch Reveal the way to fight against competition For detailed info, please refer to a product’s sales guide. Competitive analyses which can be found on the PMD server. Agenda.
E N D
Preface • This section intends to : • Refresh the key selling points of Unified Switch • Reveal the way to fight against competition • For detailed info, please refer to a product’s sales guide. Competitive analyses which can be found on the PMD server.
Agenda • Key Selling Feature Refreshing • Art of War – Competitor Analysis • Success Stories • Roadmap
Centralized WLAN Solution Becomes Main Stream Revenue from sales of WLAN switches and controllers increased 92% year on year, totalling $572 million (equivalent to 43% of the WLAN market revenue). The business market will continue the gradual shift from the traditional stand-alone WLAN architecture to the newer, centralized one (WLAN switches and controllers managing coordinated access points) in 2007 Shipments of coordinated access points are forecast to account for 71 percent of the total enterprise-class access point shipments by 2010 Market UpdateBusiness WLAN Source: Infonetics Research, 2007 Source: Gartner, 2006
Key Selling Feature Refreshment • D-Link Unified Access System Solution Provides: • Unified Switching (=Wireless Controller + L2+ Switch) • Unified AP • Centralized Policy Management • Automatic Power/Channel Adjustment • Self-Healing Wireless Network • Fast L2/L3 Roaming • Rogue AP Management • Logging for Dynamic RF Status
Flexible Deployment • Overlay Solution – Wireless Controller Deployment • Deploy deeper into existing network infrastructure to protect current investment in network infrastructure
Flexible Deployment • Unified Solution – Converged Edge Deployment • Deploy at the network edge for greatest scalability, and with all the benefits of Unified Switching • Full GbE speed for next generation 802.11n
Internet Flexible Deployment • Adaptable Wireless • Wireless traffic can be local-switched at the AP or Central-switched at the Unified Switch depending on users’ needs • No need to purchase additional license or upgrade firmware Unified Switch Server Farm • Local-Switched (Non-Tunnel Mode) • Better performance • Central-Switched (Tunnel Mode) • Better centralized security control
Unified Switch AP-1 AP-3 AP-2 Pre-set Configuration and Centralized Management • Security can be pre-set and management of AP can be centralized • The Profile configuration is applied to a managed AP on the event such as when an AP initially transitions to managed mode, or when AP is reset. • Unified Switch will automatically detect all APs attached to the switch • When an AP is removed or added, switch automatically configures new AP with same configuration of replaced unit APs detected on the network AP-1 AP-2 AP-3 2> New AP detected!!! 1> AP-3 appear and attached to a Unified Switch port 3> Configured AP with the pre-set profile configuration
Pre-set profile configuration Pre-set profile configuration Pre-set profile configuration Pre-set profile configuration Pre-set Configuration and Centralized Management • Central Policy Control • Security setting/configuration can be saved even when the AP is powered off. L3-switch Unified Switch • Content of pre-set profile configuration packet: • RADIUS server settings • Security settings • Radio configuration • SSIDs, VLAN & Tunnel setting • QoS configuration L2-switch Access points attached to the network
RF Management • Automatic channel adjustment • Unified Switch automatically adjusts channels in the controlled Access Points in an event such as a new AP being added or being removed • Unified Switch can be programmed to automatically readjust channels periodically at certain time or upon a certain interval. Unified Switch Experience signal interference, Change channel Channel 44 Channel 36 Channel 44 Appear rogue AP which using channel 44 Channel 52 New AP attached to the network Scan RF area for occupied channel… Channel 40 Select non-interfering channel Channel 48
RF Management & Self-Healing Wireless Network • Automatic power adjustment • Automatically adjust the RF signal to broadcast far enough to reach wireless clients, but not so far that it interferes with RF signals broadcast by other APs • When a Managed AP is powered down, the power of its neighboring AP(s) managed by the same switch is immediately increased by20% (Fail-safe feature). Power adjusted to prevent interference Power increased Wireless coverage area Another AP appear on the network Wireless coverage area The AP is powered down
user4 user4 Load Utilization • Unified Switch performs load utilization across the switch-managed access points on per radio basis based on AP’s utilization rate. • The APs report bandwidth utilization to the Unified Switch regularly • If the bandwidth utilization reaches a configured threshold then the new client associations are rejected. The new client will be forced to connect to an overlapped neighbor AP with lower utilization. Default bandwidth utilization: 60% Utilization rate increased Unified Switch Reach utilization threshold!!! User4 rejected Utilization rate for AP-2: 10% Force to connect to Ap-2 AP-2 AP-1 User4 connect to AP-2 Attempt to connect AP-1
L2 Roaming L3 Roaming Fast Roaming • Ideal for VoIP Application • Fast L2/L3 Roaming • One DWS-3000 switch can support fast roaming across up to 48 APs. • This fast roaming can be supported with in a subnet (Layer 2) or across subnet boundaries (Layer 3). Unified Switch Subnet B Subnet A AP-3 AP-1 AP-2
Fast Roaming • Inter-Switch Roaming • 4 Peer Switches in the same Roaming group • Not only can D-Link’s DWS-3000 support fast roaming between APs being managed by a particular switch, but can support up to 4 peer Unified Switches in a roaming group. • Support up to 192 APs • Since each switch can support up to 48 APs, this means up to 192 APs can be supported in a mobility group or domain. L2 or L3 Inter-Switch Roaming
Fast Roaming Pre-Shared Keys PSK • Fast Roaming • No relocating IP • Re-auth time is tiny PSK PSK Dynamic Keys (WPA2 Enterprise) PMK Radius Server • Fast Roaming • No relocating IP • Re-auth time is tiny – the dynamic key - PMK (Pairwise Master Key) can be cached in Switch and forwarded to APs in the same roaming group • Management of thousands of users is possible PMK 802.1x Auth PMK
Enhanced Security Enforcement • Rogue AP Management • Any AP scanned but not in the switch’s database will be listed as a rogue AP. The administrator can get better control of the environment through knowing rogue APs’ information (MAC, SSID, Channel, etc). • Complete Security Features • Wireless • Managed AP MAC list • Wireless Client MAC list • WEP (Static/Dynamic) • WPA Enterprise/Personal • WPA2 Enterprise/Personal • Captive Portal • Wired • ACL • 802.1X • DoS Control • Broadcast Storm Control • Port Security • Radius / TACACS+
Enhanced Security Enforcement • Captive Portal • Web-based Authentication that provides intuitive, user friendly authentication • Forces an HTTP client on the wireless network to see a authentication web page before surfing the Internet
L2 IGMP Snooping 8021.D/802.1w/802.1s Spanning Tree 802.3ad Link Aggregation Port mirroring 802.1Q VLAN GVRP L3 Floating Static Route VLAN Routing VRRP QoS 802.1p DSCP CoS based on: Switch Port/VLAN/TCP UDP port/TOS/MAC/IP Bandwidth Control Security ACL 802.1X DoS Control Port Security Management DHCP Server Etc… Complete Switching Features
Comprehensive Network Management • D-Link Unified Access System includes a set of comprehensive management functions for managing and monitoring the WLAN by using one of the three methods provided • Web-based management interface • Command-Line Interface (CLI) • The command-line interface (CLI) is a text-based way to manage and monitor the system. CLI can be accessed by using a direct serial connection or by using a remote logical connection with Telnet or SSH. • Simple Network Management Protocol (SNMP) • The D-Link Unified Switch uses both standard public MIBs for standard functionality as well as a number of additional private MIBs for additional functionality supported by the switch.
Monitoring All Access Points • Shows summary information about managed, failed, and rogue access points the switch has discovered or detected. • The font color for the AP listing indicates that the AP is one of the following types: • Green—Managed AP • Red—Failed AP • Gray—Rogue AP • Amber—Peer Managed AP
Monitoring All Access Points • Provides a variety of information about each AP that the switch manages. • Status tab provides configuration and association information about managed APs and their neighbors. • Statistics tab displays information about the number of packets and bytes transmitted and received on different interfaces.
Monitoring Associated Clients • Shows a variety of information about the wireless clients that are associated with the APs the switch manages. • Authenticated Client info can be logged by SNMP Trap or Syslog.
Monitoring and Managing Ad-Hoc Clients • View and manage wireless clients that are connected to the WLAN through an ad hoc network.
Network monitoring – WLAN Visualization The diagram below shows an example of a floor plan and network with a D-Link Unified Switch that manages two APs. The graph also shows a peer switch and a rogue AP in the network.
SNMP Traps • Client State Change Traps • Client Association Detected • Client Disassociation Detected • Client Roam Detected
Unified Access Point Overview • Access Points that operate with or without Unified Switch • Can work in both Standalone mode and Managed mode • Provides migration ability and deployment flexibility • Switching between Standalone & Managed mode does not need firmware upgrade DWL-3500AP DWL-8500AP
Ethernet LAN Layer 2 switch Standalone mode UAP Standalone mode UAP Standalone mode UAP Manual set up configuration Manual set up configuration Manual set up configuration Modes in Unified Access point • Standalone Mode • Independent access point (Decentralized management) • Suitable for small scope network • Manually set up the configuration. For example: • SSID • User authentication • Power level • QoS • etc
Unified Switch Layer 2 switch Centralized AP profile dispatch Centralized security policy enforcement Centralized wired/wireless VLAN/QoS/ACL control Auto Power/Channel adjustment AP Self healing & Fail-over Fast Roaming Modes in Unified Access point • Managed Mode • Managed/ controlled by the Unified Switch • Centralized management with all extra benefits from Unified Switch • Automatically received the configuration from Unified Switch • Suitable for large scope network Ethernet LAN No Manual Configuration for each AP Standalone mode UAP Instead Managed mode UAP Managed mode UAP Managed mode UAP Large network deployment using managed mode UAP Page is Animated
Agenda • Key Selling Feature Refreshing • Art of War – Competitor Analysis • Success Stories • Roadmap
Product Positioning The market is differenced into three segments SMB ( 3Com, Netgear) Mid-to-Large size enterprise/Campus Network (3Com, Aruba, Cisco) Telco (Aruba, Cisco) D-Link’s solution for SMB market DES-1228P + DWL-3140AP + WLAN management utility Providing a easy-to-use, affordable centralized wireless deployment solution. DWS-3000L Unified Wired & Wireless Access System D-Link’s solution for Mid-large enterprises and campus networks DWS-3000 Unified Wired & Wireless Access System Enhanced security Better manageability Rogue AP mitigation Unified AP option Helio will be next generation Unified Switch
Product Positioning Catalyst 6500 WiSM 300APs MC-6000 2048APs Telecom In Development Helio48+ APs Cisco 4404 100APs MC-3000 128APs WX4400 24-120APs Mid-Large Enterprise Cisco 4402 12-50APs MC-2400 48APs DWS-3024 DWS-302648APs WX2200 24-120APs MC-800 16APs Cisco 2100 6APs DWS-3024L24APs WX2200 12APs WFS709TP16APs Unified Switch24APs SMB MC-200 6APs Cisco 526 Mobility Controller 6APs DES-1228P+3140AP 24APs WXR100 3APs
Aruba 2400 DWS-3024L or DES-1228P + WLAN Manager will be the match Cisco 4400 3Com WX4400 D-Link DWS-3000 3Com Unified Gigabit Switch Prospect for D-Link Unified Switch Product • Competitive Analysis – Gigabit wireless controller/switch • Ring Master • Management Tool • Third Party AP Support • RF Attack Mitigation • Individual User Groups • Thin APs only • Weak L2/L3 feature • Less no. of VLANs • Lower Switching Capacity • No embedded Network • Visualization (RFMaps) • Lower Switching Capacity • Weak L2/L3 feature • Less no. of VLANs • Lower Switching Capacity • No L3 roaming • Weak L2/L3 feature • No Peer Switching • No embedded • No Network Visualization • Lower Switching Capacity P e r f o r m a n c e • More Advanced • Security - • VPN/Firewall • Proprietary features • RF Attack Mitigation • Location tracking • Third party AP support • RF Attack Mitigation Current Wireless Controller don’t have Unified Switching capability Strength Weakness P r i c e
Cisco * Price is MSRP (Manufacture Suggested Retail Price)
Cisco • Strategic Focus • Besides Mobility Controllers (4400, 2100) – • Switches (3750, 6500) and ISR (Integrated Services Router) series can be upgraded to have wireless controller ability • Fat APs can be upgraded to Thin APs • Unified 11n AP (Aironet 1250)
Wireless Traffic Decrypt Encrypt Encrypt Decrypt Control Packets EoIP (Ethernet over IP) Cisco • Technical Basics • Control packets between AP & Controller are sent thru LWAPP Tunnel • Wireless traffics MUST be forwarded to Controller for decryption • Controllers share client information by EoIP tunnel in order to support roaming
Cisco Issues • Controller/LWAPP architecture is not scalable, especially when under intensive throughput or remote AP applications • To resolve this problem, Cisco has REAP (Remote Edge AP) and H-REAP (Hybrid REAP) • REAP or H-REAP support Local-Switched. Wireless traffics do not go back to the Controller. But… • REAP & H-REAP are only supported by few selected AP models • Extra license fee and fw upgrade are needed for REAP & H-REAP • Only ONE VLAN is supported for wireless traffic on REAP! • H-REAP does not support WPA2 fast Roaming! • H-REAP does not support client load balancing! • H-REAP does not support Station Isolation (WLAN partition)! • 4402 and 4404 Controllers are not future-proofing • With 4G and 8G switching separately. Sufficient for 50 and 100 11a/b/g APs. • The switching power will not satisfy 11n AP’s needs! • New 1250 11n AP does not support REAP or H-REAP!
Cisco Issues • D-Link’s solution is scalable, flexible, and future-proofing • AP supports Adaptable Wireless: Local-switched (VLAN forwarding mode) and Central-switched (L3 Tunneling mode) without extra license fee and fw upgrade • With 24 GE ports, 24G switching power, and Adaptable Wireless support, suitable for future 11n AP upgrade • Cisco’s Unified AP is actually fw upgrade to standalone AP with extra charge • D-Link’s Unified AP provides maximized flexibility • Unified AP is supported in one single fw, and can operate between standalone and managed mode without fw change and extra fee, providing maximized flexibility.
Aruba • Strategic Focus • Follow-me Security • Identity-based security • Centralized security & voice add-on modules • Voice services • Policy enforcement firewall • Wireless intrusion protection • VPN server • External services interface • xSec • All with expensive extra fees • Large supported AP number, good for very large deployment (>500 APs)
All the wireless traffic must be tunneled back before heading for the destination Marketing focus Central traffic management Truly Secure –Encrypted traffic from Client to Controller L2 or L3 Network Aruba Issues • Technical Basics 802.11 packets on GRE Tunnel
Aruba Issues • Central-switched architecture is not scalable • Remote AP is introduced to avoid this problem, but… • Only few selected models (60, 61, 70AP) support Remote AP • Extra fee, fw upgrade, no flexibility • Aruba Controllers are not future-proofing • 11n sales pitch: (http://www.arubanetworks.com/pdf/technology/whitepapers/wp_AWO.pdf) • Even with 11n AP, same amount of users will generate same amount of wireless traffic • If possible, add a slave Controller at the edge • Suggested to deploy 11n AP only at the location that needs more bandwidth • Low throughput ports (MC-2400: 24FE + 2SFP) • Current Mobility Controllers definitely will not handle 11n traffic! • Does not protect customer’s investment
Aruba Issues • Add-on security modules are selling points. But do customers need them? • Is encrypted traffic all the way from client to the controller truly secure? • Wireless – Encrypted by wireless protocols • Wired - Most of the enterprises do not encrypt wired traffic. When they need it, they have VPN gears • Cisco discontinues selling VPN module on Mobility Controllers due to low demand • All modules with extra cost • Good for large enterprises, but large enterprises usually already had other best-of-breed solutions! • No Unified AP • D-Link provides scalable, future-proofing, and cost effective solution!
3Com Wireless Controllers * Price is MSRP (Manufacture Suggested Retail Price)
3Com Wireless Controllers • Strength • Smart Mobile – Wireless traffic local-switched at the AP or central-switched at the Controller • Weakness • Low switching capacity, not good for Central-Switched architecture. • Not future-proofing for 11n application • No Unified AP • Less L2/L3 features • The QoS is only by AP (WMM). Switch does not support QoS • With 24 GE PoE ports, D-Link provides flexibility for deploying the solution as edge switch or overlay unit • D-Link’s Unified AP provides maximum flexibility
A software solution. L3 Roaming is not supported (L3 Roaming needs chipset support) No Inter-switch Roaming Lack of many important features 3Com Unified Switch • 3Com Unified Switch is OEM from Nexthop
Netgear • Netgear WFS709TP is OEM from Aruba (MC-800) • Strength • Good wireless features inherited from Aruba • Good VoIP support • Firewall support • Weakness • Tunneled mode only • Low throughput number • Impossible for 11n upgrade • No Unified AP • Lack of L2 switch features
Agenda • Key Selling Feature Refreshing • Art of War – Competitor Analysis • Success Stories • Roadmap
Success Stories - Germany • Customer: Lankwitzer Premium Coatings group • DWS-3024 • DWL-8500AP x 24 • WLAN construction for a new building • WiFi Phone Fast Roaming • Auto RF Channel & Power Adjustment