OmniAccess WLAN Software

Photo Credit: U.S. Army

Standard with every wireless LAN, the OmniAccess base software provides unprecedented control over the entire wireless environment and enables advanced adaptive WLAN, identity-based security, and application continuity services.

The base feature-set of Alcatel-Lucent OmniAccess wireless LAN software includes sophisticated authentication and encryption, protection against rogue Access Points, seamless mobility with fast roaming, RF management and analysis tools, centralized configuration, location tracking, and more.

OmniAccess wireless LAN-based software can be complemented with the following optional modules:

• Voice service module (VSM)
• External services interface (ESI)
• Policy enforcement firewall (PEF)
• Wireless mesh (MAP and IMP)
• Remote access point (RAP)
• VPN server (VPN)
• Wireless intrusion protection (WIP)

Customer Benefits (Individual Modules)

• Base Software
  • Secure Authentication, Encryption & Access Control
  • Seamless Mobility
  • RF Management, RF Planning & Troubleshooting
  • QOS, VOIP Support & Location Tracking

• External Services Interface Module
  • Choice of AAA server for authentication
  • XML API for captive portal (external captive portal server support): “Guest” networks that do not connect to private, internal networks; content inspection and filtering (blocking access to inappropriate websites) with Fortinet antivirus firewall product integration (note: requires that the Policy Enforcement Firewall module is installed)
  • Flexible Delivery of Network Services
  • Policy-Based Network Traffic Inspection
  • Fault Tolerance for Mission-Critical Networks
  • Extended Authorization Control Using APIs

• Policy Enforcement Firewall Module
  • Role-based services for user / group classes of service differentiation and bandwidth contracts
  • Firewall permit/deny/drop/log (ICSA Labs-certified to version 4.1 corporate standard)
  • QoS – priority traffic queues, WiFi voice prioritization
  • Identity-Based Stateful Firewalls
  • ICSA Labs Certification
  • Policy-Based Access Control
  • Stateful Flow Classification
  • Web-Based Captive Portal
  • High-Performance Security

• Advanced AAA AOS Software Module
  • Automatic selection of authentication servers based on distinct SSIDs
  • Domain and realm selection of authentication server
  • RFC 3576 API
  • Automatic selection of authentication server based on SSID

• Remote AP Module
  • Remote Access Point – termination of remotely deployed APs using IPSec transport
  • Local bridging – termination of data traffic at the remote AP
  • Survivability – pre-shared key for backup WLAN encryption during WAN failure
  • Secure Mobile Connectivity
  • Centralized Management and Security
  • Ideal Solution for Telecommuters

• VPN Server Module
  • Complete client VPN services – PPTP, L2TP/IPSec
  • Site-to-site VPN services – IPSec NAT-T transport mode tunnels between OmniAccess WLAN switches or third-party VPN concentrators
  • Massive Scalability and Performance
  • VPN Concentrator Emulation
  • Streamlined Deployment
  • Site-To-Site VPN

• Wireless Intrusion Protection Module
  • Detection of network probing and DoS attacks, impersonation, and man-in-the-middle attacks
  • Detection of unauthorized devices (ad-hoc networks, Windows bridging, wireless bridges)
  • Prevention of clients roaming to unauthorized APs, attempted intrusion
  • Rogue AP Prevention
  • Denial Of Service (DOS) Attack Detection
  • Probing and Network Discovery
  • Surveillance

• xSec Module
  • Client/server xSec: termination of AES layer 2 xSec secure VPN sessions
  • Point/point xSec: termination of AES layer 2 xSec secure VPN switch port session