Trapeze Networks RMTS-GLOBAL-16
Contents
1. Equipment Li Sites Enabled Od 1h 18m 54s Up Down Disabled Unknown ap i o o o Radios 2 0 0 0 Det Voice Call States by Time 1 Hour Last update 14 59 43 jun 30 09 Clients by MX Clients by Equipment Group Clients by SSID Clients by Access Type Clients by Radio Type Clients by Session Type Clients by Time Client Errors by Time tziza all Chaban di EN voice Cal States v BL Hour 24 14 26 14 28 14 30 14 32 14 34 14 36 14 338 14 40 14 42 14 44 Time Accepted Rejected Find Clents Detals Y Config O Error 10 Warnings Alarm Summary a Traffic 1 Hour KBytes Sec 6 50 6 00 5 50 5 00 4 50 4 00 3 50 3 00 2 50 2 00 1 50 Performance System Client Security Info Minor Major Critical Deta Last update 14 59 43 jun 30 09 14 16 14 18 14 20 14 22 14 24 14 26 14 28 14 30 14 32 14 34 14 36 14 38 14 40 14 42 14 44 Time Bytes In rm Eg 1Hour Local Changes none Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Bytes Out Bytes Total Details Network Changes none Alarms z Slide 29 34 N A SS ASS D ak LE SR O O e 1 E t BIG File Services Tools Help Em i il E razi A K iif lt 5 z e amp Poli2. RSN WPA2 v WPA Select one or more cipher suites RSN support the following cipher suites for packet encryption listed from most vam secure to least secure Dynamic WEP RSN AES CCMP V Counter Mode with Cipher Block Chaining Message Authentication Code Protocol CCMP CCMP provides Advanced Encryption Standard AES data encryption To provide message integrity CCMP uses the Cipher Block Chaining Message Authentication Code CBC MAC RSNTKIP Temporal Key Integrity Protocol TKIP TKIP uses the RC4 encryption algorithm a 128 bit encryption key a 48 bit initialization vector IV and a message integrity code MIC called Michael WEP 104 Wired Equivalent Privacy WEP with 104 bit keys 104 bit WEP uses the RC4 encryption algorithm with a 104 bit key a WEP with 40 bit keys 40 bit WEP uses the RC4 encryption algorithm with a 40 bit key Updated Dynamic WE Updated RSN AES CCMP value Yes Previous Next Cancel Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 28 TRAPEZE A BELDEN BRAND Cy RingMaster 7 1 Plan Test7 1 gt Voice Monitorii EX File Services Tools Help den ofa h gt BEA Pe H x d Gi iv E v 9 s Policies RF Planning Configuration Verification Security Alarms Reports Organizer e MX40 Test7 1 a2 Moblity Domain 1 MX40 gie MX10 Status Summary i e MX20 22 430 0793500025
3. Disable Cluster Other Q Upload MX AAA Settings now configured at the Cluster level e RADIUS servers e LDAP Servers e 802 1X Settings e Network Access Rules e Admin Access Rules Config 0 Error 10 Warnings Local Changes none Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 EX Network Changes none Alarms o o Slide 35 S TR APEZE A BELDEN BRAND Eita LDAP Support E o B T a o L DA DP S u ppo rt gt LDAP Server Properties LDAP Server e Configure LDAP servers C E IP Address e Found under AAA settings on an Ei aaa MX or Cluster ET 10 9 4 NONE SIMPLE ALITH Bind Mode NONE sasi Mps MAC Address Format Fully Qualified Domain Name Base DN Prefix DN Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Cancel Slide 36 TR PEZE N E T WORKS A BELDEN BRAND EEX Fie Services Tools Help T Pi lef 4 Jj amp di ve Q y P is Policies RF Planning Monitor Security Alarms Reports Draanize Tasks edicalCenter Light re Create a amp i Medcntr Cluster Network Plan Q Create Mobility Domain Cluster Configuration E 3 Network Plan Name MedicalCenter Light gt Create Mobility Exchange H E MedCntr 2 1 H E MedCntr 2 2 Country Code pied Create Equipment Group DMZ Mx 2 4 GHz Chan
4. Previous Next Cancel Ly Voice Service Profile e Step 2 User configures Voice Call A rss Ad m S S O N C O N t ro E S De C fy N Q t h e ee oe Control You can ee T number of of associated sessions or VOIP calls number of allowed active calls piu De CAC Mode voIP Calls VaIP Calls Max VOIP Calls Short Retry Count a Long Retry Count Broadcast Settings Proxy ARP v No Broadcast lt Previous Next gt Finish Cancel Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 27 rd our rene ey A BELDEN BRAND Y ome s e Voice Service Profile e Step 3 User configures QoS settings for the identified Voice flows CoS and Max BW e Step 4 User completes wizard by supplying standard SSID information i e security settings VLAN configuration etc Ly Voice Service Profile Create Voice QoS Profile Settings Enter a unique name for the QoS Profile Name voice QoS Proflle Enable Session CoS Yes Session CoS g Traffic Class voip data Enable Voice CoS v Voice CoS 7 s Enable Voice Bandwidth Limit v Voice Bandwidth Limit eak Updated Maximum Bandwidth Kb s value 64 lt Previous Next gt wy Voice Service Profile Wireless Security Select one or more WR A T1438 21 TES WPA and non W PA Wireless Encryption Cipher Suites for RSN WPA2
5. Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 57 il MAC Authenticat BELDEN BRAN SmartPass Services Mozilla Firefox File Edit wiew History Bookmarks Tools Help a v e i A eE nttes t127 0 0 1 444 9p2 pagesicreateGPUser jsf _afPfm 1 1 5 1 amp _affm 1 1 5 1 Y diu oogle earch gt E Li SmartPass Services z M SmartPass 1 Setup User Tvpes Users Management Session rem Add User Lu reate Users Standard User Settings ccess Rules RADIUS Proxy Maintenance About Expired Users Name User Type 1 Hour Duration l v Password Re enter Password Bonded Authentication TM L1 7 e Import MAC Address List from CSV file e MAC Address User Sa e MAC Address Bonded User User Information O Simia user Blacklist a list of MAC Users MAC Address User O MAC Address Bonded User MAC Address Save Print Clear E 2008 Trapeze Networks Done Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 58 SmartPass Services Mozilla Firefox File Edit wiew History Bookmarks Tools Help c SmartPass Services EY XYPGO TA OR a zit a AA 6 A eE https 127 0 0 1 444 9p2 pages guestUsersControl jsf _afPfm 1 1 5 1 amp _afPfm 1 1 5 1 cr ded Ug jioogle com Search pi E SmartPass 7 1 RADIUS Proxy Mainten
6. Last upa User Name IP Address MAC Address ate 11 17 31 13 Nov VLAN Name SSID Count Access Type All Radio Type All E Voice Search Criteria N 12 00 14 00 16 00 18 00 20 00 22 00 00 00 02 00 0400 D Local Endpoint oo OB8 00 10 00 22 Equipment Time Remote Endpoint sites Excellent Good Fair Poor Bad jupes A Le Lema Config Error 21 Warnings Local Changes none Network Changes 4 devices Alarms 14 0 690 E Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 31 5 Troubleshoo A TR PEZE A BELDEN BRAND EX Cy RingMaster 7 1 Plan Test7 1 File Services Tools Help den m E BEA le ff a i di c kat UM ez y 5 Policies RF Planning Configuration verification Devices Security Alarms Reports Monitor Test7 1 Client Monitor Find Clients Find Clients Tasks 2 x cu Find Clients Result Session Details Criteria Service Type Voice ALI TUT a Fi Within Network Plan Test7 1 Find Clients Last update 15 04 01 jun 30 09 Manage A Username E IP Address M MAC Address SSID AP Radio cess Type j MX M Radio Type Endpoint Ei M aT TPP We Q Locate Client SSID Voice 1 2 ES last resort Voi 10 90 90 90 00 1c 26 05 b5 10
7. File Services Tools Help 5 di c 24 E e m 3 Q ca Policies RF Planning Configuration VeriFication Devices Monitor Security Alarms Reports Report Types Reports AII Tasks gt ah C 2 an A Alarm History Name Time Recurrence gt Access Type Generated By Alarm Summary Recurrence Manual 6 o Schedule Reports Alarm History 12 21 31 14 Oct Manual Private admin AP Availability Audit Trail 12 21 51 14 Oct Manual Private admin Reports AP Availability Details Client Errors 12 22 59 14 Oct Manual Private admin Radio Details 12 23 03 14 Oct Manual Private admin gt AP Inventory Audit Trail 12 25 50 14 Oct Manual Group Admins admin e Audi Trail PCI Compliance 12 28 03 14 Oct Manual Private admin E gt r Call Details Call Summary Client Details Client Errors a New Reports Client OUI Client Summary Al a r m H sto r Degraded Network Uplink y Inventory n e Alarm Summary Mobility Domain Configuration MX Configuration A P Ava i a b t Network Usage Port Traffic y Network Usage Radio Traffic AP Availability Details Radio Details RF Summary ene AP Inventory Roque Summary i e Audit rail Site Survey SmartPass Accounting Details SmartPass Accounting Summary e C a D et a S Top APs n Call Summary Degraded Network Uplink Low Power POE e PCI Compliance Config 17 Errors 35 Warnings Local Changes none Network Changes none
8. TRAPEZE N E T WORKS A BELDEN BRAND v7 1 Update Course FIAAAYW IF ad F py H FU i FIA Fi F4 FPEF P ji P y f Y y FEF j fe AEE IF f 2 J I RAPEZE a A BELDEN BRAND SS PIE en S 4 P 3 a 3 SSS WS 4 2 gt z ISD pe o T LET E EZ DOULEUR OUR NES LT za ES RE AP LO Me r E E f y rd o A A LL o x f E p Mi EH ISS SEE AY A P SS A S RUN T WORKS V 4 oe New Hardware RingMaster e APs MP 82 MP 622 MP 632 e Support for MSS features Appliances LA 200E RM 200 e Grouping and Granular Access Enhancement Control e MSS e Single System wide sign in e Advanced Feature Licensing Audit Trail Voice SIP Awareness Enhanced Reports Cluster Enhancements Other Features e LDAP Support RingMaster Global e Command Auditing e Architecture e IPSEC client for RADIUS e Network wide Monitoring e AP LED and MIB Enhancements e Network wide Search e Other Updates Network wide Reporting AP LED controls e SmartPass Mesh Enhancements e RADIUS Proxy Web Portal with Local Switching a Support for CA Certificate chain MAC Authentication Enhancement to Dynamic RF Blacklist Real time Session Monitoring Note CLI extracts are at the end of this e Web API Enhancement PowerPoint e Other Features Trapeze Networks A BELDEN Brand Proprietary and
9. Voice 1 APO4 Radio2 Li 3T RESORT Mx40 jB02 11a 1008 10 3 4 2 Terminate Client last resort Voi 10 90 90 91 00 1c 26 05 bb ad Yoice 1 APO4 Radio1 LABT RESORT MX4O 802 11q 300 010 9 4 2 5060 RF Link Test e y Session Details X us x Poll Statistics a Properties Statistics Location Histor client Statistics Call Status Cal Quality Reports Call State E cient Report CEI TE E RI No of Calls Accepted TT Troubleshoot a No of Calls Rejected TT ERSTES Call Detail Records 329541 72 21 55 100 Time MXName APName Remote IP Address Remote Endpoint RSSI Duration 16 2009 09 23 13 50 54 0 192 168 254 85 AP22 1 172 21 55 100 13180 3001 172 21 55 100 43 4s 17 2009 09 23 13 59 32 0 192 168 254 863 AP22J1 172 21 55 100 10278 30038172 21 55 100 45 3s R 18 2009 09 23 13 59 37 0 192 168 254 83 AP22J1 172 21 55 100 14106 3004 172 21 55 100 6 Os Vi ew 19 2009 09 23 14 00 12 0 192 168 254 863 AP22 1 172 21 55 100 12060 3004 172 21 55 100 39 Os 20 2009 09 23 14 02 56 0 192 168 254 85 AP22 1 172 21 55 100 12012 3004 172 21 55 100 44 Os 21 2009 09 23 14 06 31 0 192 168 254 83 AP22 1 172 21 55 100 17434 7001 172 21 55 100 66 2s 22 2009 09 23 14 29 38 0 192 168 254 863 AP22 1 172 21 55 100 16736 7001 172 21 55 100 45 175 Vo I ce 23 2009 09 23 17 39 44 0 192 168 254 863 AP22 1 172 21 55 100 18456 7001 172 21 55 100 41 5s 24 2009 09 23 17 47 02 0 192 168 254 83 AP22 1 172 21 55
10. AAL ROS SN N EM j M E SSS SMe A A i Za T eer EAS ISI N SS y E Ka pS k i gt ST Vo t do oO Sr Ss De er eee SS LE i Ea e e e e EET E E SSS A 44 i us FF p 3 a s AM 3 3 LI BMEaMI 4 A F s ASI 89 Aa n n ad PES 5 n X m 0 p E LU a 4 df A be a mm S i A pd ai EL S ia x AP 4 E E i a 2 Oo ee es d E PEE CN e Support for MSS features Voice SIP Awareness e Cluster Enhancements e LDAP Support e Grouping and Granular Access Control e Single System wide sign in Audit Trail e Enhanced Reports Other Features e Monitoring improvements e AP and Session scaling Client Blacklist and countermeasures enhancements e Server certificate management Configurable MX TLS port Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 26 WSS TRAPEZE A BELDEN BRAND ae j Do c A j F 7 uiti SIP Awareness amp Monit aj Voice Service Profile Bi ves sores rone Voice SSID o Ste D 1 U S e r si a rts VO Ce S e rvi Ce Enter a unique name to identify the Service Profile and specify the SSID Also select the voice vendor W Za rd a n d e n abl es statefu Name voice Service Profile SSID voice inspection of Voice protocols SSDTWe Enid v Vendor SpectraLink Enable Voice Tracking Enter the SSID of the Service Profile
11. Last update 22 52 07 Mar 25 09 Perfor Client Security System Info Minor E Major BE Critical Details al RingMaster Global RMG e Network wide Monitoring Dashboard e RMG communicates with RM Servers using the RM AGENT Web API uds 1 Hour Details Slide 50 TRAPEZE N E T WORKS A BELDEN BRAND Find Equipment Find AP Please select a AP and click Monitor AP to manage the selected AP Network Wide Search Capability Find Equipment MXs APs peine Search e Find Locale Site Building Floor N oca e e U N OO Server Name AP Name AP Model Serial Number 1 E Server Name VCHOYI P390Q 1 YCHOYI P390Q 2 Server Name YFREUND P390Q 2 1 YFREUND P390Q 2 MP SQA anchor Status MP 422 0674600035 Down Previous Monitor AP Cancel Find Client e Find Clients e Lau nch RM UI for further diagnosis Find Criteria User Name trapezeldlofton Find Result Search pj E SSID E Access Type B Radio Type pres Name ps Name g IP Address B Mac Address 1 Server Name YFREUND P3900 2 1 RAPEZEldlofton 172 21 52 116 D0 19 7e 67 9c ad lt Previous Next gt OK Cancel Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 51 TRAPEZE N E T WORKS A BELDEN BRAND Edit View Histor
12. afPfm 5 3 38 afPfm 5 3 3 ee 9 Jle earch j RingMaster Services ee I RingMaster 1 Home Setup Access Control Plan Management Reports Maintenance User Access Groups 4 user access group is used to assign a set of privileges to a group of objects in the network plan Once the user access group is defined it can be assigned to one or more users for access control To enable access control at least one user access group must be configured Select a User Access Group View Edit Delete Plan MedicalCenter Light Privileges Administration Select Name Privilege Configuration Monitor L1 O Monitor Users O O Admins O Config Users O M Add User Access Group e Multiple User Access Groups Done Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 40 BELDE R BRAND MEE 2 RingMaster Services Mozilla Firefox File Edit wiew History Bookmarks Tools c Help A OEN https 127 0 0 1 1024 admin pages access control jsf RingMaster Services RingMaster 7 1 Hora setup ERE Ea Pian Management Reports Maintenance User Access Groups RADIUS Servers Access Gontrol Login to RingMaster requires a user name and password To allow any user to login without a user name and password select Allow all users option below to disable login control This is not recommended as a security best practice Allow all
13. o NOUS S v SSS N ISI profile name cos lt 0 7 gt lt profile name gt max bw lt kb s gt profile name traffic class voip data cos lt 0 7 gt lt profile name gt traffic class voip data max bw lt kb s gt service profile lt profile name gt cac voip call lt max voip calls gt radio profile lt profile name gt cac voice max utilization lt percentage gt show session network qos profile lt profile name gt show sessions network sip lt voice details statistics verbose gt show ap counters lt apnum gt radio lt radionum gt voice details show service profile lt sp name gt cac Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 64 TRAPEZE A A BELDEN BRAND BRAND TITA 773 A Na S SSS SSN A i i A i y RR gt SS SSS SS F y TS Se f f Z A SSS gt k EF E OE MEM 6 t E E d ES 4 fg MM o ITE M NETWORK S Ss LA SS EL uf E a A Z ee AP Affinity set mobility domain ap affinity group address ip netmask lt netmask gt set mobility domain ap affinity group address lt ip masklen gt clear mobility domain ap affinity group address ip netmask lt netmask gt clear mobility domain ap affinity group address lt ip masklen gt show mobility domain ap affinity groups Hitless Software Upgrade Downgrade show cluster upgrade upgrade clus
14. users Local Users Select a User Edit Delete Select Name User Access Group O Monitor i Monitor Users O admin Admins Add User Create Users Done Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Logged in as admin logout RingMaster Services Mozilla Firefox Add User Mame Monitor Users Config Users Equipment Monitor Users iv Admins User Access Group Password Re enter Password Slide 41 BELDEN BRAN 2 RingMaster Services Mozilla Firefox File Edit wiew History Bookmarks Tools Help a X e A eE https 127 0 0 1 1024 admin pages access_control jsf E diu Ex Google earch gt RingMaster Services 4 RingMaster 7 1 Logged in as admin logout Home Setup Access Contr lan Management __ Reports Maintenance ma A Settings z RADIUS Servers RADIUS Servers 1 RADIUS authentication can be enabled only if access control is enabled The settings for the primary RADIUS server are mandatory Enable RADIUS Authentication Monitor Users Enabled Default User Access Group pre eee Admins Config Users I ET Primary RADIUS Server IP Address 10 9 4 2 Secret Key eeccece Po wa AAA Authentication for Timeout seconds RingMaster users Secondary RADIUS Server paims e g against a Windows 20
15. y 0 K 0 s E T A amp mm T Oe s A LL ki 2 ED I Og BE eS o e a e E E E 5 8 i eee ME pHga gt IF Ol Lo I A gy m b A E Ir v A EGI BN E ph Bm MN IX r m E AEBE O FS LF lt m Y s ON ea J gt er i AAA lew e No changes to show commands e Radius STOP accounting record send for each logged command with the following attributes e Acct Status Type User Name Event Timestamp e Calling Station Id e Acct Session ld Always set to STOP value TTY Name No name RM SNMP or WV IP Address of the user Unique accounting session id for each entry Acct Multi Session ld Unique value for same session id e NAS Port e NAS Port Type e NAS IP Address e NAS Identifier TTY port or connection port used Type of connection MX IP Address Always set to Trapeze Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 70 SSL SSN SSW SSSS Wy i AV ER aR DAD TA WSS 4 lt gt i j z f EG Tf Iar WSS Pos S o 9527 EES e DP a a SN Irma db mp un e e o e De e De e a SS OS St A PS I OEAUERORRGT SS a X a mM og mm m oe Lo mu HN m lt A i lay A REG EESE P p i i T B mJ HM Pe Sa i E j T gt m me i 1P a p ROT CEN lew A BELDEN BRAND e Radius STOP accounting record send for
16. 08 server Retries Secret Key NEN eme Define RADIUS server s for z centralized access control 2002 2009 Trapeze Networks Done Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 42 res TRA zy 4 T W OR K N A BELDEN BRAND RingMaster Services Mozilla Firefox aAA Fie Edit wiew History Bookmarks Tools Help A E https 127 0 0 1 1024 admin pages server_settings isf LY Googl auch J RingMaster Services M RingMaster 1 A Logged in as admin CER setu eves Control Plan management Reports vaintenane EEE Server Settings Server Certificate General Licensing MX Connection Full Detail Auditing Settings Monitoring Settings Local Auditing ja Enable Local Auditing Automatic Purge Interval days 30 Purge All External Auditing Enable RADIUS auditing IP Address Audit Trail settings aai e Local auditing is enabled by default Maximum Packet Size bytes 4096 Timeout s 5 External auditing tO a RADIUS Rey Cou 2 server may also be enabled Use the new Audit Trail report to view the entries Done Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 43 lt TRAPEZE N E TW OR K S A BELDEN BRAND wrr tim e RingMaster 7 1 Plan MedicalCenter Light admin Admins
17. 100 14772 3004 172 21 55 100 42 55 25 2009 09 23 18 00 01 0 192 168 254 83 AP22 1 172 21 55 100 14846 3004 172 21 55 100 48 4s Deta S 26 2009 09 24 11 48 48 0 192 168 254 83 AP22J1 172 21 55 100 12198 3004 172 21 55 100 40 35 27 2009 09 24 11 57 32 0 192 168 254 863 AP22 1 172 21 55 100 17358 3004 172 21 55 100 39 9s 28 2009 09 24 12 13 06 0 192 168 254 83 AP22 1 172 21 55 100 16506 3004 172 21 55 100 33 125 29 2009 09 24 12 15 35 0 192 168 254 863 AP22 1 172 21 55 100 16260 3004 172 21 55 100 38 13s 30 2009 09 24 12 16 30 0 192 168 254 83 AP22 1 172 21 55 100 13594 3004 172 21 55 100 36 125 31 2009 09 24 13 30 38 0 192 168 254 863 AP22 1 172 21 55 100 11988 3004 172 21 55 100 35 6s 32 2009 09 24 14 54 04 0 192 168 254 83 AP22 1 172 21 55 100 14840 3004 172 21 55 100 43 5s 33 2009 09 24 14 57 02 0 192 168 254 83 AP22 1 172 21 55 100 12158 3004 172 21 55 100 43 3s 34 2009 09 24 15 02 15 0 192 168 254 83 AP22J1 172 21 55 100 10354 3004 172 21 55 100 44 2s 35 2009 09 24 15 11 46 0 192 168 254 863 AP22 1 172 21 55 100 16776 3004 172 21 55 100 43 4s E v Help e Network Changes none Alarms Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 32 SS SS TRAPEZE A A BELDEN BRAND BRAND NETWORKS Voice Alarms an NA al J NS Voice Alarms he Alarms detail panel shows all current voice related alarms e g Call failur
18. 2 AP 1003 Fadiot 03 27 2009 Stand arc 12 55 30 pa Dw i O Shaw 10 9953 00 2 E A 8 01 0D0 03 Autinentication krak 172 311 223 2 AP 1003 Padioa 22 27 2009 Standard 12 55 30 p Pett r1 E bow TO o vert CIO E B CET HADRO 01 Aatiiemtscationm icrak L72 31 223 2 Aa 1 OOD Kadios os sF 009 Stand arc 19 29 11 pm Cone eteci LI y Hige I ugorg JO SE AT 01 00 09 Auitmamrscaenmon krak 172 311 2232 AP IOOL Radios D342 7 009 E Standard 18 23 10 ALCO TTS WLAN Fir Ciem IP Addresas 30 0 0 114 Aga0cuted User Type l usertypa Last Run Access Rule Rule om demand 03 27 2009 L8 33 12 Satra Started Dafz7 z2009 16 29 75 E pe Show l usa COO 4 r CE 40O OCO As itm antan Orn krak 172 31 223 2 APTODT HBEadoOt 03 10 2009 uu Stand ari 15 26 46 gt lot O amp Show 1 userf e745 2 8 OE DIO Authentication irak 172 31 223 2 APIDDIE Eado 03 27 2009 Comntetec Standard 18 33 19 Accountireg Slide 59 LL b gt SS E T WORKS p A BELDEN BRAND e Linux installer e SmartPass v7 1 now also installs on Linux platforms e Supported Linux versions are Red Hat Enterprise Linux RHEL 5 0 suse 10 2 e Server certificate import e The new SmartPass v7 1 MRI feature will now allow Administrators to replace the current server certificate with a web certificate Certificate recommendations The certificate should not be self signed Should support the Server extension Should be issue
19. Alarms Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 44 T RA PEZE E N h a n ced Re n Or S PA CN A BELDEN BRAND Y ome wy Generate Audit Trail Report Audit Trail Report The Audit Trail Report provides Auditing Information Select report options and click Nest ta generate the report Report with Access Type set to Private is only viewable by the user who generates the report Report with Access Type set to Group will be viewable by all the users From the same user group Users with Server Administrative privilege can view all the reports Access Type Private 2 Group C Public Ty He P wy Generate Report x Report Options Show Full Auditing Details PCI Compliance Report Network Plan Mobility Domain The PCI Compliance report provides PCI 055 standard specific information General More Choices Advanced Device Report with Access Type set ta Private is only viewable by the user who generates the report Report with Policy Access Type set to Group will be viewable by all the users From Ehe same user aroup Users with Server SCORE Location Group Administrative privilege can view all the reports s Search By Scope Site Outdoor Area Access Type s Private Group Public Scope Metwark Plan Building Scope Instance MedicalCenter Light Report Options z Report Scope Type Network Plan 3 Search All Report Scope Instance s Medica
20. Alarms Reports Tasks Create A Network Plan Q Create Mobility Domain Network Plan Name MedicalCenter Light o Create Mobility Exchange Country Code United States LIS Create Equipment Group 2 4 GHz Channel Set 1 6 11 Create Third Party AP 5 GHz Channel Set 36 44 52 60 100 108 116 124 132 140 149 157 165 Setup A Network Domain Network Domain Name Not Assigned O Country Code Network Domain Seeds Not Assigned Channel Set Network Domain Members Not Assigned Disable Auto Tune authentication Mode AP Local Switching SmartPass Server AirDefense A Q Set Up AirDefense Launch AirDefense UI Q Create AirDefense Sensor Other Upload mx Convert Auto AP Equipment Group created vsque Location Groups may also be created in RF Planning Configuration and or monitoring access may be granted to RingMaster users by Equipment Location Group Config 17 Errors 35 Warnings Local Changes none Network Changes none Alarms Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 38 TR PEZE A BELDEN BRAND a NETWORKS Grouping an 1 AC 2 RingMaster Services Mozilla Firefox File Edit X Cc A eN nosci 127 0 0 1 1024 2dminfpagesuser arcup RingMaster Services View History Bookmarks Tools Help RingMaster 1 1 i Add User Access Group Home Setup Access Control Plan Manageme
21. BELDEN BRAND BRAND set clear dotlx unicast rekey period 30 86400 set clear dotlx multicast rekey period 30 86400 set dotlx unicast rekey enable disable set dotlx multicast rekey enable disable show dotlx config Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 74
22. Confidential 1 27 2010 Slide 2 TRAPEZE A BELDEN BRAND Ap v ow 7 7 M0 T o Vf 7 UU LA f TR PEZE or oe 8 New Hardware ma aa A BELDEN BRAND ware e MP 82 e New high density deployment 11n AP e MP 622 e New outdoor 11a b g AP VT 992 TRAPEZE New rugged outdoor 11n AP ame Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 4 E gt m a A was Ss x Ey E E i b TN aM gt _ _ IS Ff M 1 f um BE B B E Exc m i g BM MEN ai L gt 5 SSE rr I I a a aa a re z A BELDEN BRAND e e Intended for dense deployment a a a e More APs for similar budget e Lower cost per AP e Dual band 802 11n 5GHz amp 2 4 GHz e 2x3 MIMO e RP SMA connectors e Single Ethernet port e 802 3af PoE NOT Plenum rated External antenna support mid 201 0 Mounting bracket adapter mid 2010 Availability Available now Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 5 E i ze Dia m A BELDEN BRAND me PPS e Replacement for MP 620 Provides same core features as MP 620 Uses same Power supply as MP 620 Diversity antennas i e N type connector eT e Availability asi Mid 2010 Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Sli
23. J NO r s g 5 s 7 S o NN Pa f gt 1 E P 7 L e Dn De eo A EA E LSS E cm DEM dies 4 i MP AT Ec E Ny t 4 1 O Y E E m NM W WM Ma E i B Ww g mM MA BW xu a BM E n Wa MN Nur BA Se a DU Cw As uH UM eC un Sn a e X a m aa ta x e Additions to the Cluster configuration settings e RADIUS LDAP configuration e System and Network Access rules e Global 802 1X configuration settings Note these items are no longer available on the individual cluster members e Scalability Improvements e MX 2800 scaled to 512 APs and 12 800 clients A BELDEN BRAND SS AS A MN N ETWOR K S Othe Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 18 L LL SAR N NETWORK S T WO R K DAP af upport P d tf fa A A BELDEN BRAND BRAND LDAPv3 AAA support for Web Portal authentication Console access Telnet amp SSH access MAC authentication e Supported Operations e Authentication ONLY e bindHequest bindResponse unbind Request e No support for search or admin proxy search operations e Configurable LDAP server groups LDAP server configuration is part of the Cluster configuration e For redundancy and load balancing e Configurable server timeouts Configuration Interfaces e RingMaster and CLI only not available via WebView Interoperable with leadi
24. S 0 Remaining AP s 0 SECONDART SEED Switch Upgrade MEMBER Pending PRIMAR T SEED Upgraded Updated Details value Upgraded Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 34 TR PEZE N E T WORKS A BELDEN BRAND Cy RingMaster 7 1 Plan Test7 1 File Services Tools Help vf a m di c3 Policies RF Planning Organizer la Test7 1 zi 03 Vobility Domain 1 Mobiliby Domain 1 Cluster Cluster Configuration System ACLS QoS z Wireless Wireless Services Radio Profiles Local Switching Access Points Radios RF Detection RF Snoop EP AAA RADIUS LDAP 802 1x 802 1X Access Rules MAC Access Rules Web Access Rules Open Access Rules Admin Access Rules Proxy Access Rules Location Policy Mobility Profiles MX10 MX20 MX30 e a Cluster Setti Da T c E E e tw y 9 Verification Devices Monitor Security Alarms Reports configuration Mobility Domain 1 Tasks Create Mobility Domain Mobility Exchange Name M obility Domain 1 Create Equipment Group Primary Seed 10 9 4 10 MX 10 Setup Secondary Seed 10 9 4 20 MX20 Q MX MX Security AP Signature Available Devices Current Members i Q AP Redundancy MX Name Member Type Cluster Enabled IMX4O Member Ves AP Affinity Groups MxX30 Member Yes Mx 10 Primary Yes Mobility Domain MX20 Secondary Yes O AddM Q Remove Members from Cluster Q Remove Secondary Seed
25. a list of all the configured RADIUS Servers which can be used to forward authentication requests Proxy Settings Name IP Address Authentication Port Accounting Port Server 10 9 4 2 1812 1813 Actions Y Go J To configure a new RADIUS server use the Add button below Cada RADIUS Server Groups Below is a list of all the configured RADIUS Servers Groups Name Radius Servers Description Server group Server Actions So To configure a new RADIUS server group use the Add button below Add Configure Proxy authentication to a RADIUS server Configure and apply AAA attributes locally using Proxy filters 2008 Trapeze Networks Done Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 55 T F APEZE WORKS A BELDEN BRAND SmartPass Services Mozilla Firefox PRG File Edit wiew History Bookmarks Tools Help a X C a FERRY betps 127 0 0 1 444 q92 pagesiproxyjeditForwardingRuleDescription jsf _afPFm 1 1 amp _afPfm 1 1 ye is y ct SmartPass Services SmartPass 1 Setup User Types Users Access Rules F aintenance About RADIUS Servers MAM ADE er Proxy Rules Below is a list of all the configured proxy rules Proxy Settings Move up Move down Activate all Deactivate all SelectDetails Name Description Active PARA EI Y O wShowProxyRulei Forward authentication requests based on User Name
26. ance Setup User Types ccess Rules Users Management Session Monitoring reate User Below is a list of al the clients known from Authentication Accounting or Prony requests For each clont the User Name and MAC Address are hypor links to history reports Bulk Create Users 2008 Trapeze Networks Real Time Session Monitoring All sessions that SmartPass is tracking are displayed e Advanced Sorting and filtering capability Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Expired Users Select and Choose a n action Go J Fefrosh I Filles by USER NAME 1l user OR STATUS Active Find Advanced Clear Preuss 15 61 75 of O7 Next 12 gt select ANH Select None Select Detalts eer Name MAC Addrews Tracking Re anon S Sin HAS IP Address Location AP info Lass Updated States pa Activa C Show TU uge rs QU SE I2 01 00 FI Ati mentescation krak 172 31 223 2 APIODZ KRadioli O3 27 2009 Standard 12 55 11 LI p Activ Ul po Show 10 807 QO S C A1 01 00 97 Pa dest ation krak 172 311 723 2 AP1003 Radiot O3 27 2009 Standard 19 52 50 HE Jut Cj pe Show 10 us0e6 00 56 44 1 0 1400 95 ALUN GAC ation kr k 172 931 229 2 APIOD3 Faciot 03 27 2003 T Standard 12 33 02 t Active L1 po Show 10 user OO E 7 5 AUN entcamon krak 172 31 223 2 AP 1003 Radiot 03 27 2009 Standard 12 52 58 n p Fat m a LJ p Show JO amer Cui Ea eee ee Atm entcation sera be 172 31 223
27. and No i Actions iw Go Actions Activate To configure a new proxy rule use the Add button below E dit Delete Edit Default Authorizat irn Duration ulei Forwarding Destination ProxyRule1 Hours Duration pi 24 Hours Duration Forwarding Conditions fProxyRule1 Where do you want to forward the authentication request what default authorizatio 5 Days to apply to successful authenticated users 5 Days Business Hours Which authentication requi ges do you want to forward to another RADIUS Select destination Business Hours Perform Bonded Authentication TM User Type to import from Select Select default attribut Select condition s if the User Name matches the specified pattern Strip the realm before forwarding the authentication request if the SSID matches the specified pattern e if the AP MAC Address matches any of the specified values Forwarding destination Server group if the Realm matches any of the specified values Start Date Mobility Profile Administrative Total Duration h m A serice Type Framed Y NAS Prompt v Use the local SmartPass Server as a failover home RADIUS Server ms a Input Filter Id End Date l Edit the rule description click a link below This setting must not be used for MS CHAP MS CHAPv2 authenticatio Ti D r Output Filter Id ime of Day JUN Apply this rule to incoming RADIUS Authentication requests Session Timeout if afl ete pet s iun os E E
28. bandwidth of a single voice call t uses TSPEC emulation based on the client bandwidth and data rate to maximize system voice capacity e he most specific policy is applied on a per packet basis Aroaming client with an active SIP call is always supported e SIP control packets are automatically given video priority CoS 5 Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 15 SSS SE TRAPEZE A BELDEN BRAND T i 7 J r xdi xxx uster fi Sopp AP Affinity Groups can be defined to specify a preferred PAM for a specific pool of APs specified by a CIDR like variable length Subnet mask VLSM e SAMs are chosen from a non Affinity Group MX or a different Affinity Group e Affinity Groups are specified on the Cluster Seed MX and associated to the appropriate member MXs Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 TRAPEZE NETWORKS Cluster In Se A A BELDEN BRAND BRAND Hitless upgrade of the SW on the Cluster MXs and APs e A secondary Seed MUST be available on the Cluster All MXs must be at and upgraded to the same SW version Upgrade order 1 Primary Seed 2 Secondary Seed 3 Member MXs 4 amp 5 APs Note APs are upgraded where possible with no impact to connected users 2 Y Seed 9 1 Y Seed MX MX Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 17 SS SSS SS SS SS SIM
29. cense must be installed on each MX that has the configuration for the mesh bridge APs High or Low Bias Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 13 TRAPEZE N ETW OR K Ss A BELDEN BRAND e Stateful protocol inspection at the AP Regardless of the switching model central r local e Dynamic Call Admission Control CAC preserves voice call quality through coordinated bandwidth reservations Visibility into SIP session state with QoS for detected SIP flow e Call detail records e SIP aware ACLs QoS profiles and packet marking work together to classify packets in either direction e Packets on Ethernet are classified and marked with 802 1p and DSCP Expedited Forwarding per hop behavior e Packets on the radio are classified and marked in the WMM header Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 14 SS SS SSS SSS en A e SI s L A BELDEN BRAND NETWORKS Voic e QOS Profile e A v7 1 QoS profile can set the Cos for a traffic class A traffic class is a kind of predefined traffic filter voip data is the only traffic class defined in v7 1 e raffic class voip data sets QoS policy for packets of an active SIP call To the specified CoS and max bandwidth values All other packets get the QoS policy specified on the QoS profile e he max bw parameter for voip data provides 2 features It limits the
30. cies RF Planning Configuration verification Devices Monitor Security Alarms Reports Monitor alphanet_queenb Client Monitor Organizer la alphanet_queenb Tasks alphanet_queenb gi le Alphanet Ei View A Voice Clients by Time 24 Hours Clients by Voice Type Last update 11 16 56 13 Nov Last update 11 18 45 13 Noy 3 Find Clients 2 Reports Count Calls summary Calls Details D 12 00 14 00 16 00 18 00 20 00 22 00 00 00 02 00 0400 08 00 08 00 10 00 Time Active Registered 9 Others 1 SIP 5 E Voice Clients By Time H Voice Quality by Time 24 Hours Voice Traffic by Time 24 Hours Last update 11 17 06 13 Nov Last update 11 17 31 13 Mov 14 000 12 000 A 10 000 u T c 8 000 3 E O 6 000 a b 4 000 N i os i 2 000 NO Vu M g Ld T T Le EE X PERI p p b raf 12 00 14 00 16 00 18 00 20 00 22 00 00 00 02 00 04 00 06 00 08 00 10 00 12 00 1400 16 00 18 00 20 00 22 00 00 00 02 00 0400 06 00 08 00 10 00 22 Equipment Time Time Sites Excellent Good Fair Poor Bad Transmit Bytes Receive Bytes E Config 0 Error 21 Warni
31. d to the SmartPass web site address Should not be expired The root certificate should be trusted by the web browser User data export e Anew Export to CSV File item is available on the User Management Page The exported CSV file includes User names Passwords clear text User Types MAC Addresses if available Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 60 NETWORK 5 A BELDEN BRAND ie Mt ee f NM A LAs TRAPEZE NETWORKS Advanced L A A BELDEN BRAND BRAND TILA aoe set license XXXX XXXX XXXX XXXX XXXX success license accepted Note where XXXX XXXX XXXX XXXX XXXX Is the license activation key returned by the Trapeze Networks license server at http www trapezenetworks com support product licenses show license Serial Number gt XXXXXXXXXX Platform AP Count 32 access points are supported Licensed AP Count 96 additional access points Redundant AP Count 64 access points are supported 192 access points are supported Additional Features Feature Description Installed Adv Voice Yes Mesh Bridging 32 High Availability Yes Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 63 TRAPEZE N ETW OR K Ss A BELDEN BRAND set set set set set set qos profile qos profile qos profile qos profile SS TCA e E ES Voic Y SS A MONS SSS N
32. de 6 ETWOR K MP 632 Ou AOU O 02 1 TX E A BELDEN BRAND BELDEN BRAND a ur E zm pa Designed for harsh environments e IP6 NEMA 4X MP 632 dual radio 802 11 5GHz amp 2 4 GHz lt gt e Supports 3x3 MIMO TRAPEZE e Six antennas ports e Single 1000BASE T RJ 45 port e External hardened PS included e Supported from MSS v7 0 MR6 Availability e Available now 8 Ge d ini d MM Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 7 Em E 21 ddd TRAPEZE LA A 200E Local A BELDEN BRAND BELDEN BRAND Hi m New Version of LA 200 Appliance the LA 200E More Powerful same hardware as the RM 200 Higher Scalability e Can receive data from up to 200 APs e Can track up to 4 000 devices e Integrated RF firewall Application licensed separately Future integration With RingMaster v7 4 Availability Available now S amp PRRRERE ZBSESBBHREaRBE BEE a2 BEEBE am i a Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 8 TRAPEZE eee em m A BELDEN BRAND EE h Q Ss SS gt 3 X NS S AM j s lt Sees RRR P a T NE SN Sa 2 d EE iet gt sa eee Y i x M i Wat sWgNMYMc 1 ETWORKS a n ii m a e Automatic Backup to an External FTP TFTP Site Port Bonding e Enable port bonding allows second port as backup e Remote Authentication via RADIUS
33. dit the rule description click a link below SeIDINNTIS l URL and if the matches the Group2 pattern Apply this rule to incoming RADIUS Authentication requests VLAN Name vlan20 if the User Name matches the TRPZEDU pattern Encryption Type not set and if the SSID matches the Group2 pattern Da QoS Profile forward this authentication request to Server group ee a and use the local SmartPass Server as a failback home RADIUS Serve KIF User Group Name Simultaneous Logins Termination Action Disconnect v Re authentication Idle Timeout Back Step 2 of Back Step 3 of 4 Next Finish Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 56 a dum File Edit wiew History Bookmarks Tools Help v e a fa FERRY nttps t127 0 0 1 444 9p2 pagesiproxyjediForwardingRuleDescription jsf afPfma 1 18 afPfm 1 1 A SmartPass Services SmartPass 7 1 Setup User Types Users Access Rules RADIUS Proxy aintenance About RADIUS Servers f Management Proxy Settings Proxy Rules Management Use this page to configure RADIUS Proxy related settings rore Connection Settings Retry count Timeout seconds Realm Settings Default prefix separator Default suffix separator Bonded Authentication TM Bonded Period hours 4 Save Global RADIUS Proxy settings Done
34. e Utilize Access Control feature in RM v7 1 e Commonly used HTML pages published to the platform page Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 9 TRAPEZE A BELDEN BRAND 69 73 dozei fy Ei 7 WU AE 7 op A BELDEN BRAND TR FEZE MSS v7 T E T WORK MN Advanced Feature Licensing Voice SIP Awareness Cluster Enhancements e LDAP Support Command Auditing e IPSEC client for RADIUS e AP LED and MIB Enhancements e Other Updates e Mesh Enhancements Web Portal with Local Switching e Enhancement to Dynamic RF Blacklist e Support for CA Certificate chain Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 11 fE A BELDEN BRAND S SS SS SEN N N 3 Ju s c gt gt SOLIS A A TR PEZE LA PRAESES M B TWOXRK 5 Advanced Feature Licensinc Bi Licenses loaded onto and applied to the MXs to enable support for these advanced features High Availability license enable Cluster configuration Advanced Voice license enable advanced voice capabilities Licenses loaded onto the MX to enable advanced feature support for the specified count of APs Mesh Bridging license enable Mesh and bridging between APs Mesh Bridging AP increments 4 12 32 WAPI license enable WAPI amp other China specific features China only WAPI AP increments 4 12 32 64 128 e Grandfathering License Deadline e C
35. each logged command with the following attributes continued e Trapeze Audit String VSA Containing the audit info cmdz the Logged CLI command xml the Logged XML command statusz command transaction execution status Success or Fail version MSS Version string platform MSS Platform string serial the serial number of the platform e Long Audit information is fragmented into multiple accounting audit packets fragment sequence number indicates the sequence number of the fragments Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 71 TRAPEZE ll NETWORK S AP LED Con uU A BELDEN BRAND N set ap apnum led mode auto static off set ap lt apnum range led mode auto static off set ap auto led mode auto static off show ap config e Now displays the led mode Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 72 TRAPEZE 4 A A 1 Hh b gt E 2H N NETWORKS ne A BELDEN BRAND set rfdetect black list dynamic enable disable set rfdetect black list dynamic duration seconds Set rfdetect black list mac dynamic show rfdetect black list reflects cluster wide information clear rfdetect black list Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 73 TRAPEZE ye tLlwe re gt A A
36. es Active call threshold alarms Call Detail Records Call detail records are reported via RADIUS accounting Integration with SmartPass is required New Voice related Reports Call Details Call Summary Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 33 ul LP Acta ala nha gt CIIICIILI Sg A BELDEN BRAND im PR icy Setup AP Affinity Groups e AP Affin ity Wizard Setup AP Affinity Groups This wizard allows you ta configure the AP Affinity Groups Far Ehe current Mobility Domain You can associate a list of Mobility Domain members ta each of the listed AP e Specify Affinity Group by CIDR UT AP Affinity Groups like Variable Length Subnet Mask AP Affinity Group 1 1 1 0 0 16 mxl msz e Associate Affinity Group with EUR appropriate MX s Associated Mobility Domain Devices Create Properties Delete Updated AP Affinity Group IP Address value 172 31 0 0 16 Cancel cy Install Images e Cl u ster U DQ rad e WI Za rd Cluster Image Install Status i Click Clase bo exit this dialog and continue Ehe installation in the background e Manages the hitless Cluster ren Fi ue 3 upgrade PheySed m 1 PRIMARY SEED Primary Seed Upgraded 2 BECOMDARY SEED Secondary Seed 3 MEMBER Member Switch upgrade Pending Install Progress Checking cluster Upgrade status Cluster upgrade status check completed Upgraded AP
37. lCenter Light or a Di her Start time ick 13 2009 12 27 PM Operation Type any End time Gc 14 2009 12 27 PM k Mexk gt Cancel ext gt Cancel Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 45 TRAPEZE A BELDEN BRAND enc EN SS A SS ANA SS Wy M d i SSL SVS i gt Ss gt gt gt e P gt A 7 4 Pa gt lt TA Ee a x Ju EA BR 4 7 i MA z j 9 x E TWOR K FEE e g T A d y X f E EET m e Monitoring improvements e New SNMP traps Too BW by client monitoring AP and Session scaling e 5 000 APs in a Cluster e 10 000 Sessions for MX 2800 e Other Features e Configurable RingMaster port e MX access control Enable Password Username Password e Client Blacklist and countermeasures enhancements e Server certificate management e Configurable MX management port Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 46 TRAPEZE A BELDEN BRAND EA F BUUU d i ane WI AA TRAPEZE DEI WOR A A BELDEN BRAND BRAND Centralized Management for Large scale Implementations e Manager of Managers single Management Console for Up to 20 RingMaster servers Up to 100 000 APs Note RingMaster Global communicates with RingMaster serve
38. nel Set 6 11 COEM i Third Party APs e y 5 GHz Channel Set M 44 52 60 100 108 116 124 132 140 149 157 165 Setup A Network Domain Network Domain Name Mit Assigned Q Country Code Network Domain Seeds Mbt Assigned Q Channel Set Network Domain Members Disable Auto Tune _ Authentication Mode wy Create Equipment Group 9 Q AP Local Switching Equipment Group Name SmartPass Server Enter a unique name to identify the Equipment Group AirDefense Set Up AirDefense Name Equipementgroup1 Launch AirDefense UI o Create AirDefense Sensor Other a Upload mx D Create Equipment Group Equipment Group Members Select one or more MXs to be members of the Equipment Group Available Members Mobility Domain 1 Current Members MX 10 MX20 MX 30 MX4O Updated Name value Equipementgroup 1 Updated Name Value Mx40 Previous Config 17 Errors 35 Warnings Local Changes none Convert Auto AP Q Remove Auto AP Q Network Domain Create Equipment Group Network Changes none Alarms Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 37 TR PEZE N E T WORKS A BELDEN BRAND Fie Services Tools Help a d Policies Organizer MedCntr DM M i Pete MedCntr Cluster Cluster Configuration H MedCntr 2 1 H MedCntr 2 2 Q Y v CA Monitor Security
39. ng directory servers Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 19 A BELDEN BRAND N Fu e eee oe MI c SS uM wM oO m m Am EN Ed 5 I1 M Wu gt SS _ Se i a X INSR em mt ss iN E TEN 7L TS Log all CLI commands to an external server for auditing purposes All commands which complete successfully are logged Commands may be logged to an external RADIUS server The enable password is obscured Configuration is handled as an additional RADIUS accounting type VSA 13 Each accounting command message contains Timestamp tty port Username Source IP address Command issued Command status success failure Note Incorrect commands are not logged Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 20 TEI CGUSNSNNNNSS SERDISUNSSPC i f Fi f i j Sa YA j E SEE E O Os Bee CEG 1545414 AV AP III P r FA ue SS ub Ss gt S m EEE A BELDEN BRAND Basic IPSEC support in MSS only no RingMaster support e Static key for encryption and authentication no IKE e Transport mode with encryption between the IP source and destination addresses Encapsulating Security Payload ESP mechanism e Encryption ciphers available AES 3DES e Integrity checking using HMAC SHA1 e The IPSEC tunnel must be established between an MX and RADIUS se
40. ngs Local Changes none Network Changes 4 devices Alarms 14 0 690 E Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 30 TRAPEZE N E T WORKS A BELDEN BRAND e RineMaster 7 1 Plan alphanet_queenb emincher admin group File Services Tools Help as d 24 E e c 1 v 3 Policies RF Planning Configuration verification Devices Monitor Security Alarms Reports Monitor alphanet_queenb Client Monitor Organizer y alphanet_queenb Tasks giu View A le Alphanet Ea Voice Clients by Time 24 Hours dlients by Voice Type Last update 11 16 56 13 Nov Last update 11 18 45 13 Nov sessions Find Voice Clients E J Others 1 Find Clients 2 E M Pp Reports A a 9 Calls summary 1 A A m r 1 x wy Find Clients cals Details Find Clients Please select search scope and criteria to proceed 12 00 14 00 16 00 18 00 20 00 22 00 00 00 02 00 0400 D8 Time Search Scope Scope Type Network Plan X Scope Instance Test 1 b Active Registered E Moice Clients By Time v Voice Quality by Time 24 Hours All Data Clients Service Type Yoice Clients v Voice Clients Search Criteria
41. nt Reports Maintenance LLILIL LUser cess Grouns user access Groups RADIUS Servers 4 user access group is used to assign a set of privileges to a group of objects in the network plan Once the user access group is defined it can be assigned to one or Name Config Users Allow Server Administration more users for access control To enable access control at least one user access Confiquration Privilege group must be configured Enabled Administration Plan MedicalCenter Light Privileges Select Name Privilege Configuration Monitor Access Type m E dit View only None Equipment Group Plan Access O Full 9 Scope restr Lr i Mobility Domain Add User Access Group E Equipment Scope Equipment Group Mobility Exchange Equipment Object MedicalCenter Light Pete RF Planning Scope Building None HF Planning Object Medical Center Mla toup Dutdaar Area Monitor Privilege Enabled Create User Plan Access OFull 9 Scope restricted Access Group Equipment Scope None Equipment Object Mone RF Planning Scope Location Group 2002 2009 Trapeze Networks RF Planning Object MedicalCenterLight MedCntr Done Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 39 BELDE R BRAND 2 RingMaster Services Mozilla Firefox File Edit wiew History Bookmarks Tools Help X Cc NK A FERRY nts 127 0 0 1 1024 adminpages user aroup sf
42. rs using the RingMaster Agent Web API Single sign on access control with Locate optional AAA login A BELDEN BRAND e Network Wide Monitoring Dashboard Search Capability and Reports e Licensing RMTS GLOBAL RMTS GLOBAL 4 RMTS GLOBAL 16 RMIS GLOBAL EVAL Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 48 E i TRAPEZE N E T WORKS A BELDEN BRAND oor e pt usunn Web API of e RingMaster Server RingMaster Server Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 49 TR PEZE N E T WORKS A BELDEN BRAND RingMaster Global 7 1 File Services Tools Help i F o d a d e x 2 Setup Security Alarms Reports Monitor Global Status Monitor Client Monitor Traffic Monitor Global e au on Organizer a fslobal l AlphaMNet System Status Monitor Last update 22 52 07 Mar 25 09 Sim PC 3 j pue YFRELIMND P 3906 27 MCHONI P39nQ Server Pix AP Radio Details Clients by Server Last update 22 56 10 Mar 25 09 Tatal 16 9 Sim PC 3 4 YFREUND P390Q 2 4 Sim PC 2 4 Sim PE 1 4 uis Clients by Server Find Clients Details RM Server Status 4 OK 2 Failed Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Security Rogue 10 Suspect 0 Client 57 Alarms Alarm Summary
43. rver before RADIUS communications are started e The RADIUS server must support IPSec e A RADIUS server is considered an IPSec Peer e A maximum of 16 peers are supported Hash based Message Authentication Code Secure Hash Algorithm 1 Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 21 TRAPEZE E T WORKS A BELDEN BRAND AP LED Control Allow the customer to set the LED behavior on an AP by AP basis he LED setting becomes active after the AP receives its configuration e LEDs may be set in three ways Auto default LEDS behave in Trapeze standard way Static LEDS do not flash when traffic flows all other LED behavior is as normal Off All LEDs are off once the AP is active e A range of APs may be set at the same time AP MIBs Provides more complete AP configuration MIB information AP Configuration Table indexed by AP Number Radio configuration Table indexed by AP Number Radio Number Radio Profiles Table indexed by Radio Profile Name Service Profile Table connected to Radio Profile indexed by Radio and Sevice Profile Names Snoop Filters connected to Radio Profile AP Unconfigured MIB AP Table indexed by AP Serial Number Auto AP Template Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 22 A A BELDEN BRAND BRAND TRAPEZE Other or MSS Feat ui e Mesh Enhancements e Multi hop Bridging is now
44. supported e Bridging and Mesh can now support 802 11n data rates Local Switching Extended to support Web Portal e Enhancement to Dynamic RF Blacklist Administrative add clients to the RF blacklist Ability to exclude clients from automatic entry into the list e Support for multiple CA certificates Chains Scheduled Command Execution Schedule by Date Time Frequency System Start Shutdown e Runa script file stored within the MX s file system Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 23 Ss M rR PEZE gt S x DECUS NN NN NN 4 4 d i E rii 9970959 9 5 AAL E gt SSS LSS Dd gt SO AS Do Se E t ERA DAO D E L EL Lee UM E amp lu aaa W 1 gt Y a T WORK E 8 9 d E E 1 eye e TN A BELDEN BRAND e Other improvements e Authenticate admin HTTPs requests via AAA e Service type based Access to Privileged CLI mode Wired authentication idle session timeout e Ad hoc Countermeasures rap Log MIB e 802 1X TKIP CCMP Rekey Timers e Mixed cipher support e Configurable RM communications port e SCP for secure file transfer e IFIP Daemon Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 24 NETWORKS A BELDEN BRAND EH CEnnancements VIT ZAA YY FATA i rag j S ud D A Wd fy Ss N SS SS EATER A BELDEN BRAND N TF i S
45. ter force e AP Status Show ap status options cluster member ip Options apnum boot state ip mac model names verbose Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 65 SEIZE TR PEZE AP Tunnel N E T WORKS u A BELDEN BRAND N SS x set ap apnum tunnel affinity affinity set ap auto tunnel affinity affinity set vlan profile vp name vlan lt vlan name gt mode overlay local switching set ap lt apnum gt local switching mode enable vlan profile lt name gt show ap config show tunnel ap show roaming vlan show ap vlan show vlan profile Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 66 fs x TRAPEZE NETWORKS LDAP set Con A A BELDEN BRAND BRAND pe set ldap server server name address ip address auth port port number timeout seconds deadtime minutes bind mode simple auth sasl md5 fdqn dns name mac addr format hyphens colons one hyphen raw base dn basednstring set ldap server group name group server 1 server_2 server 4 set ldap server group name group load balance enable disable set authentication web mac ssid ssid name wired user glob ldap groupi 1dap group2 ldap_group3 1dap group4 local set authentication admin console user glob ldap groupl ldap_group2 ldap group3 l1dap group4 local Trapeze Net
46. ustomers that already use the v7 1 Clustering or Mesh features have until 31st March 2010 to request free licenses to allow continuing support for these features from the Web page at http www trapezenetworks com support product licenses e There is a set command on the MXs to load these licenses and a show command to list the installed licenses Note see CLI examples at the end of this PowerPoint Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 12 TRAPEZE A BELDEN BRAND BELDEN BRAND taa Advanced Feature Licensing Examples A e Advanced Voice License e Purchased for each MX that is to support the advanced voice capabilities High Availability License Purchased for each MX that is to participate in a Cluster E g Licenses required for a cluster of 2 x MX 200R supporting 128 APs 2 x MX 2xx U32 to provide support for 64 additional APs 2 x MX 2xx HA LIC to enable clustering on both MXs e E g Licenses required for a cluster of 2 x MX 2800 supporting 512 APs 2 x MX 2800 U64 to provide support 2 x MX 2800 U128 for 384 additional APs 2 x MX 22800 HA LIC to enable clustering on both MXs Note Customers only need to purchase AP licenses for the actual number of APs being deployed in the Cluster Mesh Bridging License Purchased for each AP that is to support the Mesh or Bridging capabilities License must be installed on the Seed MXs of a Cluster system Li
47. works A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 67 TRAPEZE ye tLlwe re gt A A BELDEN BRAND BRAND pe set ldap deadtime minutes num set ldap timeout seconds num set ldap auth port port num set ldap bind mode simple auth sasl md5 set ldap mac addr format hyphens colons one hyphen raw set ldap base dn base dn string ldap ping server group ldap server name login user id password password show ldap displays all of the above LDAP settings Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 68 TRAPEZE N E T WOR A BELDEN BRAND clear clear clear clear clear clear clear clear clear clear K S ldap ldap authentication web mac ssid ssid name wired user glob gt SES Il SS LDAP clear server server name server group lt name_group gt authentication admin console lt user_glob gt Idap Idap Idap Idap Idap Idap deadtime timeout auth port bind mode mac addr format base dn Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 69 NN N S A BELDEN BRAND Set accounting Clear accounting pa SI SS S S NS SSS ie I ES NM NS WSS SS z X a NI f f S C a i A 5 i A 7 Pm i LRN M C NI 4 k A i BL L Pa
48. y Bookmarks Yahoo Tools Help Network Wide Reports Count R PEEL LELE File Edit view History Bookmarks Yahoo Tools Help e M v e tt IB https 172 16 0 100 444 services report contents Manu Top APs By Traffic Radio1 4 E alpha 216 MP mxr 2 htran cube SQA 432 E APO1 Radio1 16 Radio1 9 alpha 216 MP NMS 432 j Radio1 10 alpha 216 MP Eng 432 Radio1 17 alpha 216 MP Finance 432 Radio12211 94MB mxr 2 htran cube APO1 Radio12157 25MB 172 16 0 100 444 amp Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 52 NETWORKS A BELDEN BRAND elem yp WI W L g Hl TR I 212743 E T WORKS A BELDEN BRAND RADIUS Proxy MAC Authentication e Real time Session Monitoring Web API Enhancement e Other Features e Linux installer e Server certificate import e User data export Trapeze Networks A BELDEN Brand Proprietary and Confidential 1 27 2010 Slide 54 E TRAPEZE T WORKS A BELDEN BRAND ALL SmartPass Services Mozilla Firefox File Edit wiew History Bookmarks Tools Help y C fai FERRY https 127 0 0 1 44 gpzlpageslproxy createRadiusServer jsf _aFPm 1 amp _afPfm 1 Y jle earch _ SmartPass Services SmartPass 1 User Types Access Rules aintenance RADIUS Servers Proxy Rules Management Below is
Download Pdf Manuals
Related Search