Ssid/vlan/security, Vlan overview – Proxim AP-4000 User Manual

Page 113

Advertising
background image

Advanced Configuration

AP-4000 Series User Guide

SSID/VLAN/Security

113

SSID/VLAN/Security

The AP provides several security features to protect your network from unauthorized access. This section gives an
overview of VLANs and then discusses the SSID/VLAN/Security configuration options in the AP:

VLAN Overview

Management VLAN

Security Profile

MAC Access

Wireless-A or Wireless-B

The AP also provides Broadcast SSID/Closed System and Rogue Scan to protect your network from unauthorized
access. See the

Broadcast SSID and Closed System

and

Rogue Scan

sections from more information.

VLAN Overview

Virtual Local Area Networks (VLANs) are logical groupings of network hosts. Defined by software settings, other VLAN
members or resources appear (to clients) to be on the same physical segment, no matter where they are attached on the
logical LAN or WAN segment. They simplify traffic flow between clients and their frequently-used or restricted resources.

VLANs now extend as far as the reach of the access point signal. Clients can be segmented into wireless sub-networks
via SSID and VLAN assignment. A Client can access the network by connecting to an AP configured to support its
assigned SSID/VLAN.

AP devices are fully VLAN-ready; however, by default VLAN support is disabled. Before enabling VLAN support, certain
network settings should be configured, and network resources such as a VLAN-aware switch, a RADIUS server, and
possibly a DHCP server should be available.

Once enabled, VLANs are used to conveniently, efficiently, and easily manage your network in the following ways:

• Manage adds, moves, and changes from a single point of contact
• Define and monitor groups
• Reduce broadcast and multicast traffic to unnecessary destinations

Improve network performance and reduce latency

• Increase security

Secure network restricts members to resources on their own VLAN

Clients roam without compromising security

VLAN tagged data is collected and distributed through an AP's wireless interface(s) based on Network Name (SSID). An
Ethernet port on the access point connects a wireless cell or network to a wired backbone. The access points
communicate across a VLAN-capable switch that analyzes VLAN-tagged packet headers and directs traffic to the
appropriate ports. On the wired network, a RADIUS server authenticates traffic and a DHCP server manages IP
addresses for the VLAN(s). Resources like servers and printers may be present, and a hub may include multiple APs,
extending the network over a larger area.

Advertising
Popular Brands
Popular manuals