Title: Enterprise Wireless Thin vs' Thick
1Enterprise WirelessThin vs. Thick
- Highlighting the strategic advantages of a
switched thin access point wireless system
2Thin Access Point ArchitectureAP Discovery
Access Points are placed wherever Wi-Fi coverage
is required, and attached to any port in the
nearest wiring closet. Access points
automatically discover the Bluesocket WLAN
controllers across layer 2 segments or layer 3
networks, establish a secure control tunnel and
user data tunnel, download their configuration,
scan each channel for noise interference,
receive channel and power assignment from the
controller, and power up into service.
User data tunnels control tunnels
Corporate Intranet Layer 2 / Layer 3
Bluesocket Access Points
3Thin Access Point ArchitectureSecure Mobility
Bluesockets patent-pending Secure Mobility
technology gives mobile users wireless access to
corporate networks and the Internet while moving
across subnets. Secure Mobility gives users
freedom to work where they choose - letting them
roam seamlessly across networks, even while using
IPSec tunneling, without the need to
Secure Mobility Matrix
GRE Tunnel
Subnet A
Subnet B
4Thin AP Architecture AdvantagesLocation Services
BlueView allows adminstrators to create location
and coverage maps by importing floor plans and
locating Access Points and Sensors on the map.
Via BlueViews secure web interface,
administrators can graphically visualize WLAN
coverage on the actual floor plan and see power,
channel, RSSI and AP user loads in real-time.
BlueViews patent-pending location technology
provides complete location information to
indicate where users, rogue APs or WLAN attackers
are, thereby enabling you to quickly find and
resolve security issues.
- One Click on client or AP
- Locates client/AP on floor plan
- BlueSecure Access Points provide
- location data to BVMS
- Find rogue APs and wireless attackers
- Support E-911 requirements
5Thin AP Architecture Advantages DynamicRF
- Old Way Manual Static RF
- Configure AP and manually make changes if you
know about issues in the RF environment - Reactive Wireless is Slow, Wireless doesnt
work - Not predicable for low latency applications like
VoIP - New Way - DynamicRF
- Automatic AP channel and power adjustments to
avoid noise, interference and neighbors - Self-Healing to correct for AP Failures
- Client Load Balancing across APs
- Fast Roaming with 802.11i key caching (PMK)
- Provides support for converged Voice, Video and
6DynamicRFTM in action
When a new AP is added to an existing network,
DynamicRF adjusts channel assignments and
transmit power levels for optimal performance and
A sample network of a Bluesocket Controller and 3
Bluesocket access points
Existing access points are at full power
A new Bluesocket access point is added to the
The new access point powers up
The Bluesocket controller optimizes channel
The Bluesocket controller optimizes power settings
7Thin AP Architecture Advantages Rogue AP
Scanning Containment
Built-in RF IDS allows Bluesocket Access Points
to find and contain Rogue APs that threaten the
security of your network. By scanning the
airwaves, BlueSecure APs can also detect and
alarm on rogue clients, ad-hoc networks and a
host of WLAN DoS and spoofing attacks to extend
your visibility into the RF spectrum.
DoS Attack
Wired Device with WLAN card in ad-hoc
Rogue AP
8Thin AP Architecture Advantages Centralized
- Bluesocket offers the most comprehensive
- Set of authentication options available
- Multiple authentication methods
- IPSec (DES, 3 DES, AES)
- Digital Certificates, Pre-shared key
- L2TP over IPSec
- Browser-based Auth (SSL)
- 802.1x, WPA (LEAP, PEAP, TLS, TTLS, FAST), WPAv2
- Mac-based authorization
- Multiple Authentication Servers
- Types
- 802.1x
- RADIUS, LDAP, and Active Directory
- Windows Domain
- Transparent Windows Login
- Transparent 802.1x Login
- Secure Tokens
9Thin AP Architecture Advantages Centralized
Bluesockets unique role-based approach provides
convenient management of privileges for each
category of users. BlueSecure Controllers match
user permissions to your organizational
structure. IT Administrators can define
destinations, services, user locations, time/date
schedules, and available bandwidth to control
which users have access to each resource.
Multiple service and destination groups simplify
policy creation and reduce the complexity and
cost of administration of large-scale networks.
A real deployment require more roles than just
employees and guests
Integrated into Bluesocket controllers
10Feature Comparison
11Feature Comparison, continued
12Delivering open, secure, scalable
enterprise-class WLAN solutions