Comprehensive Description of wireless exchange technology for decommission illegal access points

Wireless exchange technology is quite commonly used. So I have studied the basic knowledge and practical application of wireless exchange technology. I would like to share it with you here, hoping it will be useful to you. The wireless switch improves the manageability, security, and upgrade capability of the wireless network, reduces the networking cost, and becomes the "brain" of the WLAN system ". WLAN switching technology centrally controls access points and wireless switching technology, which is very similar to smart switching technology in the Wired World.

This technology provides the structured blueprint and centralized troubleshooting capabilities required to extend WLAN beyond the Department, to the entire enterprise, and to ensure the security of WLAN within the enterprise. In the current WLAN model, the Access Point runs as an isolated system that provides encryption and authentication functions. To facilitate management and upgrade of large-scale wireless infrastructure, WLAN switching technology transfers these features to switches. At this time, the access point connected to the wireless switch becomes an Ethernet wireless device that almost does not need to be managed.

The key to WLAN switching technology is to maintain user identity across wireless infrastructure, so that services and security can be seamlessly provided to users or user groups from one access point to another. Wireless users connect to the network by establishing a connection with the Access Point that receives the strongest signal. The access point is connected to a wireless switch installed in the cabling room or data center.

The Access Point acts as a forwarder to forward a 802.11 connection request to the WLAN switch. The WLAN switch in turn responds to this request. The WLAN switch authenticates wireless users through 802.1x protocol and verifies user certificates through RADIUS. Once the authentication is complete, a RADIUS server sends the encryption key to the WLAN switch. The client independently obtains the key and starts sending encrypted data.

Through a wireless switch, network administrators can mix client security functions without upgrading or resetting access points, the security features of hybrid configuration include layer-3 VPN and layer-2 authentication and encryption solutions, such as 802.1x, WEP, time Key Integrity Protocol (TKIP), and Advanced Encryption Standard (AES ). When a user is roaming in an enterprise, the wireless switch constantly monitors air signals and user identities, and dynamically adjusts bandwidth, access control, service quality, and other parameters, this gives full play to the role of the WLAN system brain.

The ability to control the power and channel settings of each access point and save configuration data is unique in wireless switching technology. For example, when an access point fails, the WLAN switch automatically detects the fault and instructs nearby access points to adjust functions and channel settings to make up for the gaps left by the faulty access point. When a new access point is installed, the WLAN switch automatically discovers the new access point, loads power for it, and configures the channel.

Wireless switching technology can also prevent security threats caused by illegal access points. When an illegal access point is inserted into the network, the WLAN switch verifies the device by listing the trusted list of allowed devices, users, and user policies. If the switch determines that the device is illegal, It proactively closes the illegal access point and automatically sends an alarm to the network administrator.

In a WLAN environment, network administrators also face the challenge of integrating security and mobility. The WLAN exchange technology integrates Mobile IP addresses. The Mobile IP address is a standard. When a user moves to another access point, the Mobile IP address maintains the user authentication status and transparently authenticates the user, while solving the problem of cross-IP subnet roaming.

The stateful policy engine executes predefined rules based on each user. When users move, their policies also move. With these functions, the network administrator can provide unique HTTP access for some users (such as guests) and provide employees with access to a wider range of TCP ports and services. Because wireless exchange technology originated from the past structured wired architecture, it provides users with a similar control model, bringing a new method for enterprise wireless network management.