LANCOM WLC-4025+ WLAN Controller With Central WLAN Management en Londres, Inglaterra, Reino Unido
Usado
Doubleclick to zoom in
Contacte al vendedor
para más fotos y información.
Especificaciones
- Condición
- usado
- P/n
- WLC-4025+
- Number of managed devices
- Up to 100 LANCOM Access Points and WLAN routers can be centrally managed by the WLAN Controller. Expansion options are available to extend support up to 1000 LANCOM Access Points and WLAN routers to be managed. Capacities can be expanded even further by clustering multiple controllers
- Auto discovery
- LANCOM access points and WLAN routers automatically discover the WLAN Controller by means of DNS name or IP addresses. Even AP's at remote sites or in home offices with no direct access to the Controller can be integrated into the central Controller
- Encryption
- DTLS encryption of the control channel between WLAN Controller and Access Point (256-bit AES encryption with digital certificates, incl. hardware encryption accelerator; encryption can be disabled for diagnostic purposes).
- Firmware deployment
- Central Firmware deployment and management of the Access Points. Requires an external web server. Automatic Firmware update on the Access Points is also possible. The Controller checks every day, depending on the defined policy, for the latest Firmware and compares it with the versions in the devices. This can also be activated using Cron jobs. If there is a Firmware mismatch, then the Controller downloads the matching Firmware from the server and updates the corresponding Access Points and Routers.
- Script distribution
- Enables the complete configuration of non-WLAN specific functions such as Redirects, Protocol Filter, ARF etc. Internal storage of up to three script files (max. 64 kByte) for provisioning access points without a separate HTTP server
- Configuration management
- Definition and grouping of all logical and physical WLAN parameters by means of WLAN configuration profiles. Fully automatic or manual profile assignment to WLAN Access Points; automatic transfer and configuration verification (policy enforcement).
- Management operating modes
- The AP can be set to 'managed' or 'unmanaged' mode for each radio interface. With LANCOM WLAN routers, the Controller manages the WLAN
- Stand alone operation
- In 'Managed' mode, an adjustable setting defines the time-span for which the AP continues Stand-alone operation in the event the connection to
- Vlan and ip contexts
- A fixed VLAN can be set for each SSID. The WLAN Controller can independently provide up to 64 separate IP networks, and each of these can be individually mapped to VLANs and, consequently, to SSIDs (Advanced Routing and Forwarding, ARF). The Controller can provide, among others, individual DHCP, DNS, routing, firewall and VPN functions for these networks.
- Dynamic vlan assignment
- Dynamic VLAN assignment for target user groups based on MAC addresses, BSSID or SSID by means of external RADIUS server.
- Radius accounting per ssid
- Deployment of 802.1X settings per SSID
- Radius server
- Integrated RADIUS server for MAC address list management. Support for RADSEC (Secure RADIUS) for secure communication with RADIUS servers.
- Eap server
- Integrated EAP server for authentication of 802.1X clients via EAP-TLS, EAP-TTLS, PEAP, MSCHAP or MSCHAPv2
- Radius/eap proxy
- Proxy mode for external RADIUS/EAP servers (forwarding and realm handling)
- Wlan visualization
- The management tool LANCOM WLANmonitor (included) acts as a central monitoring program for the WLAN Controller and visualizes the performance
- Wlan guess access accounts
- Static mapping of guest SSIDs in VLANs, access limitations and VLAN routing by means of ARF (Advanced Routing and Forwarding).
- Stateful inspection firewall
- Incoming/Outgoing Traffic inspection based on connection information. Trigger for firewall rules depending on backup status, e.g. simplified rule sets for low-bandwidth backup lines. Limitation of the number of sessions per remote site (ID)
- Packet filter
- Check based on the header information of an IP packet (IP or MAC source/destination addresses; source/destination ports, DiffServ attribute); remote-site dependant, direction dependant, bandwidth dependant
- Extended port forwarding
- Network Address Translation (NAT) based on protocol and WAN address, i.e. to make internal webservers accessible from WAN
- Tagging
- The firewall marks packets with routing tags, e.g. for policy-based routing
- Actions
- Forward, drop, reject, block sender address, close destination port, disconnect
- Traffic shaping
- Dynamic bandwidth management with IP traffic shaping
- Bandwidth reservation
- Dynamic reservation of minimum and maximum bandwidths, totally or connection based, separate settings for send and receive directions. Setting relative bandwidth limits for QoS in percent. Bandwidth control and QoS also for UMTS connections
- Diffserv/tos
- Priority queuing of packets based on DiffServ/TOS fields
- Packet size control
- Automatic packet-size control by fragmentation or Path Maximum Transmission Unit (PMTU) adjustment
- Layer 2/layer 3 tagging
- Automatic or fixed translation of layer-2 priority information (IEEE 802.11p-marked Ethernet frames) to layer-3 DiffServ attributes in routing mode. Translation from layer 3 to layer 2 with automatic recognition of 802.1p-support in the destination device
- Intrusion prevention
- Monitoring and blocking of login attempts and port scans
- Access control lists
- Filtering of IP or MAC addresses and preset protocols for configuration access
- Denial of service protection
- Protection from fragmentation errors and SYN flooding
- General
- Detailed settings for handling reassembly, PING, stealth mode and AUTH port
- Url blocker
- Filtering of unwanted URLs based on DNS hitlists and wildcard filters. Extended functionality with Content Filter Option
- Password protection
- Password-protected configuration access can be set for each interface
- Alerts
- Alerts via e-mail, SNMP-Traps and SYSLOG
- Authentication mechanisms
- EAP-TLS, EAP-TTLS, PEAP, MS-CHAP, MS-CHAPv2 as EAP authentication mechanisms, PAP, CHAP, MS-CHAP and MS-CHAPv2 as PPP authentication
- Adjustable reset button
- Adjustable reset button for 'ignore', 'boot-only' and 'reset-or-boot'
- Vrrp
- VRRP (Virtual Router Redundancy Protocol) for backup in case of failure of a device or remote station. Enables passive standby groups or reciprocal backup between multiple active devices including load balancing and user definable backup priorities
- Firmsafe
- For completely safe software upgrades thanks to two stored firmware versions, incl. test mode for firmware updates
- Load balancing
- Static and dynamic load balancing over up to 2 WAN connections. Channel bundling with Multilink PPP (if supported by network operator)
- Vpn redundancy
- Backup of VPN connections across different hierarchy levels, e.g. in case of failure of a central VPN concentrator and re-routing to multiple distributed remote sites. Any number of VPN remote sites can be defined (the tunnel limit applies only to active connections). Up to 32 alternative remote stations, each with its own routing tag, can be defined per VPN connection. Automatic selection may be sequential, or dependant on the last connection, or random (VPN load balancing)
- Line monitoring
- Line monitoring with LCP echo monitoring, dead-peer detection and up to 4 addresses for end-to-end monitoring with ICMP polling
- Ipsec over https
- Enables IPsec VPN based on TCP (at port 443 like which can go through firewalls in networks where e. g. port 500 for IKE is blocked. Suitable for client-to-site connections (with LANCOM Advanced VPN Client 2.22 or later) and site-to-site connections (LANCOM VPN gateways or routers with LCOS 8.0 or later). IPSec over is based on the NCP VPN Path Finder technology
- Hardware accelerator
- Integrated hardware accelerator for 3DES/AES encryption and decryption
- Realtime clock
- Integrated, buffered realtime clock to save the date and time during power failure. Assures timely validation of certificates in any case
- Random number generator
- Generates real random numbers in hardware, e. g. for improved key generation for certificates immediately after switching-on
- 1-click-vpn site-to-site
- Creation of VPN connections between LANCOM routers via drag and drop in LANconfig
- Ike
- IPSec key exchange with Preshared Key or certificate
- Ceertificate rollout
- Automatic creation, rollout and renewal of certificates via SCEP (Simple Certificate Enrollment Protocol) per certificate hierarchy
- Oscp client
- Check X.509 certifications by using OCSP (Online Certificate Status Protocol) in real time as an alternative to CRLs
- Xauth
- XAUTH client for registering LANCOM routers and access points at XAUTH servers incl. IKE-config mode. XAUTH server enables clients to register via XAUTH at LANCOM routers. Connection of the XAUTH server to RADIUS servers provides the central authentication of VPN-access with user name and password. Authentication of VPN-client access via XAUTH and RADIUS connection additionally by OTP token
- Proadaptive vpn
- Automated configuration and dynamic creation of all necessary VPN and routing entries based on a default entry for site-to-site connections. Propagation of dynamically learned routes via RIPv2 if required
- Algorithms
- 3DES (168 bit), AES (128, 192 or 256 bit), Blowfish (128 bit), RSA (128 or -448 bit) and CAST (128 bit). OpenSSL implementation with FIPS-140 certified algorithms. MD-5 or SHA-1 hashes
- Nat-traversal
- NAT-Traversal (NAT-T) support for VPN over routes without VPN passthrough
- Ipcomp
- VPN data compression based on LZS or Deflate compression for higher IPSec throughput on low-bandwidth connections (must be supported by remote endpoint)
- Dynamic dns
- Enables the registration of IP addresses with a Dynamic DNS provider in the case that fixed IP addresses are not used for the VPN connection
- Specific dns forwarding
- DNS forwarding according to DNS domain, e.g. internal names are translated by proprietary DNS servers in the VPN. External names are translated by Internet DNS servers.
- Categoría
- Infraestructura de TI en Reino Unido
- Subcategoría
- Networking
- Subcategoría 2
- Ethernet network switches
- ID de Anuncio
- 68786744
Descripción
LANCOM WLC-4025+ WLAN Controller With Central WLAN Management
In Good Condition
In Full Working Order
Included
1 x LANCOM WLC-4025+ WLAN Controller With Central WLAN Management
Overview
The LANCOM WLC-4025+ Controller allows you to simply "plug in" a new Access Point and the Controller takes over the setup, implementation and monitoring of WLAN security policies.
LANCOM WLC-4025+ Controller Features
Centralised Firmware deployment and management of 25 Access Points (optional up to 100)
Automatic discovery, configuration and channel assignment of Access Points
Monitoring and ensuring the security and QoS policies
Scalability and cascadability through multiple controllers including redundancy
Unique system design which prevents "single point of failure"
Comprehensive support of VLAN, RADIUS and 802.x/EAP function
Support of the 802.11n based Access Points - without additional licenses
Opiniones del vendedor
$1,917 USD