Features
Features
The features and benefits of the RBT‐4102 include the following:
•Local network connection via 10/100 Mbps Ethernet ports or 54 Mbps wireless interface (supporting up to 255 mobile users per radio).
•IEEE 802.11a, 802.11b, and 802.11g compliant.
•Rogue AP Detection provides the ability to scan the airwaves and collect information about access points in the area. This feature detects neighboring access points and access points not authorized to participate in the network.
•Advanced security features, such as WEP, WPA (Wi‐ Fi Protected Access), AES, WPA2, SNMPv3, as well as manageability features that include Enterasys NetSight Console, NetSight Policy Manager and NetSight Inventory Manager support, secure web management, secure Telnet management, and a CLI interface.
•Two external antenna connectors are provided for use with both indoor and outdoor antennas. Point‐to‐point and point‐to‐multipoint connections are also supported.
•Provides seamless roaming within the IEEE 802.11a, 802.11b, and 802.11g WLAN environment.
•Automatically selects the available channel at power‐up.
•Allows you to configure up to seven Virtual Access Points (VAPs) on each radio interface each with its own set of authentication and security parameters.
•Supports Cabletron Discovery Protocol (CDP).
•Supports Spectralink Voice Priority (SVP).
•Supports policy classification rules via the Enterasys Netsight Policy Manager.
Policy
A policy‐based network architecture allows network administrators to map network services to identified users, machines, peripherals and other network entities. A role‐based network access policy consists of three tiers:
•Classification rules make up the first or bottom tier. The rules apply to devices in the policy environment, such as switches, routers and the Enterasys RoamAbout 4102. The rules are designed to be implemented at or near the user’s point of entry to the network. The rules are typically at Layer 2, 3, or 4 of the ISO network model.
•The middle tier is Services, which allows multiple classification rules to be aggregated. Services can include e‐mail and Internet access.
•Roles, or Behavioral Profiles make up the top tier. The roles assign services to various business functions or departments, such as executive, sales, and engineering.
To implement most roles, policy‐based networking requires authentication such as MAC address or 802.1X using EAP‐TLS, EAP‐TTLS, or EAP‐PEAP. Authorization information, attached to the authentication response, determines the application of the access policy. One way to communicate the authorization information is to include the Policy Name in a RADIUS Filter‐ID attribute. A security administrator can also define a role to be implemented in the absence of an authentication and authorization.
The RBT‐4102 supports the policy classification rules via the Enterasys Policy Profile MIB.