OmniAccess 4504, OmniAccess 4604, OmniAccess 4704
W I R E L E S S L A N S W I T C H E S
The Alcatel-Lucent OmniAccess™ 4504, 4604 and 4704 (OAW-4504, OAW-4604, OAW-4704) switches are high
performance, fully-featured WLAN switches that are able to aggregate up to 32, 64 and 128 campus connected access
points (APs) respectively. These WLAN switches provide a true user-centric network experience, delivering follow-me
connectivity, identity-based access, and application continuity services.
B E N E F I T SF E A T U R E S
• High performance
• Scalable architecture
• Centralized WLAN switching
• Dynamic RF management
• Integrated wireless intrusion prevention
• Platforms designed from the ground
up to support IEEE 802.11n high
performance networks.
• Supports pay as you grow capability
through software licensing model.
WLAN switch AP capacity can grow
by adding SW licenses.
• Allows for overlay deployments
without disruption to the existing
wireline infrastructure. Simplifies
management task by minimizing the
number of network elements.
• Provides analysis of the RF environment
to facilitate deployment with self
tuning access points and facilitates
operation of the network with virtual
real time site survey.
• Integrates both wireless networking
and wireless intrusion detection and
prevention thus reducing the cost of
wireless infrastructure and cost of
operating the wireless network.
• User- centr ic se curit y wit h
stateful firewall
• Prevents unauthenticated users
from accessing the corporate wireless network while safely supporting guest users, contractors as
well as corporate users. Decreases
management burden of security
through role-based security.
B E N E F I T SF E A T U R E S
• Real time location tracking
• Allows for the real time location tracking of wireless users to enrich presence
information. Also supports location tracking of wireless asset tags throughout
he enterprise.
t
• Quality of service, extended battery
capabilities, application layer gateway
(ALG) for voice protocols
• Improves voice quality through support of QoS mechanisms such as WMM, DSCP
marking and prioritization, and connection admission control. Also improves
voice end user experience by maximizing battery lifer with protocols such as
U-APSD. Provides un-matched voice security through embedded stateful firewall.
The OAW-4504 is designed for small businesses and branch offices, while the OAW-4604 and OAW-4704 are
designed for medium to large enterprise or dense office deployments. These three WLAN switches can be easily
deployed as an overlay without any disruption to the existing wired network.
Advanced voice-over-WLAN features such as Call Admission Control (CAC), voice-aware RF management and strict
over-the-air quality of service (QoS) allow the OAW-4504, OAW-4604, and OAW-4704 to deliver mobile VoIP capabilities.
These switches are managed via the integrated management capability of the Alcatel-Lucent OmniAccess Wireless Operating
System or the Alcatel-Lucent OmniVista™ Mobility Manager.
Additionally, the OAW-4504, OAW-4604, OAW-4704 offer best in class, user-centric security framework to authenticate
wireless users, enforce role-based access control policies and quarantine unsafe endpoints from accessing the corporate
wireless network. Guest users can be easily and safely supported with the built-in captive portal server and advanced
network services.
The OAW-4504, OAW-4604, OAW-4704 can create a secure networking environment without requiring additional
VPN/firewall devices using integrated site-to-site VPN and NAT capabilities, split-tunneling and stateful firewall.
Site-to-site VPN support can be integrated with all leading VPN concentrators to provide seamless integration into
existing corporate VPNs
T E C H N I C A L S P E C I F I C A T I O N S
Performance and capacity
(OAW-4504 / OAW-4604 /
OAW-4704)
• Campus-connected APs: Up to 32/64/128
• Remote APs: Up to 128/256/512
• Users: Up to 512/1024/2048
• MAC addresses: Up to 64,000
• VLAN IP interfaces: 128
• Gigabit Ethernet ports (RJ-45 or SFP): 4
• Active firewall sessions: Up to 128,000
• Concurrent IPSec tunnels: Up to 512/1024/2048
• Firewall throughput: 3/4/4 Gbps
• Encrypted throughput (3DES, AESCBC256):
1.6/4/8 Gbps
• Encrypted throughput (AES-CCM): 0.8/2/4 Gbps
Wireless LAN security and
control features
• 802.11i security (WFA certified WPA2 and WPA)
• 802.1X user and machine authentication
• EAP-PEAP, EAP-TLS, EAP-TTLS support
• Centralized AES-CCM, TKIP and WEP encryption
• 802.11i PMK caching for fast roaming applications
• EAP offload for AAA server scalability and
survivability
• Stateful 802.1X authentication for standalone APs
• MAC address, SSID a nd l oc at ion-based
authentication Multi-SSID support for operation
of multiple WLANs
• SSID-based RADIUS server selection
• Secure AP control and management over IPSec
or GRE
• CAPWAP compatible and upgradeable
• Distributed WLAN mode for remoteAP deployments
• Simul ta ne ous centralized and distributed
WLAN support
Identity based security features
• Capti ve portal, 80 2. 1X a nd MAC address
authentication
• Usern am e, IP address, MAC ad dr es s an d
encryp ti on key bi nd ing for strong n etwork
identity creation
• Pe r-packe t id en ti ty v er if ic ation to p re vent
impersonation
• RADIUS and LDAP-based AAA server support
• Internal user database for AAA server failover
protection
• Role- ba se d au thorization for eliminating
excess privilege
• Robus t po li cy enf or ce me nt w it h st at eful
packet inspection
• Per-user session accounting for usage auditing
• Web-based guest enrollment
• Confi gu ra ble acceptable use polici es for
guest access
• XML-b as ed AP I fo r external c aptive
portal integration
• xSec option for wired LAN authentication and
encrypti on (802.1X authentication, 256-bit
AES-CBC encryption)
2 Alcatel-Lucent OmniAccess 4504, OmniAccess 4604, OmniAccess 4704
T E C H N I C A L S P E C I F I C A T I O N S
Convergence features
• Vo ice and data o n a si ng le S SI D fo r
converged devices
• Flow-based QoS using voice flow classification (VFC)
• Alcatel-Lucent NOE, SIP, Spectralink SVP, SCCP
and Vocera ALGs
• Strict priority queuing for over-the-air QoS
• 802.11e support – WMM, U-APSD and T-SPEC
• QoS policing for preventi ng network abuse
via 802.11e
• DiffS er v ma rk ing and 802.1p support for
network QoS
• On-hook and off-hook VoIP client detection
• VoIP call admission control (CAC) using VFC
• Call reservation thresholds for mobile VoIP calls
• Vo ice-awar e RF managem en t fo r en suring
voice quality
• Fa st roaming support for ensuring mo bi le
voice quality
• SIP early media and ringing tone generation
(RFC 3960)
• Per-user and per-role rate limits (bandwidth
contracts)
Adaptive radio management
(ARM ) features
• Autom at ic channel and power settings for
thin APs
• Simultaneous air monitoring and end-user services
• Self- he al in g coverage-based on dynamic
RF conditions
• Dense deployment options for capacity optimization
• AP load balancing-based on number of users
• AP load balancing-based on bandwidth utilization
• Coverage hole and RF interference detection
• 802.11h support for radar detection and avoidance
• Automated location detection for active RFID tags
• Built -i n XM L- based Location API for
RFID applications
Wireless intrusion protection
features
• Integration with WLAN infrastructure
• Simul ta ne ous or d ed ic at ed a ir monitorin g
capabilities
• Rogue AP detection and built-in location
visualization
• Autom at ic rogue, interfering and va li d A P
classification
• Over-t he-air a nd over-t he -w ire rogue
AP containment
• Ad hoc WLAN network detection and containment
• Windo ws client bridgi ng and wireless
bridge detection
• Denia l of service attack pr ot ec tion f or AP s
and stations
• Mis-c on fi gured standalone AP d et ection
and containment
• Th ird party A P pe rformance monitorin g
and troubleshooting
• Flexi bl e at ta ck s ig na tu re c re at ion for new
WLAN attacks
• EAP handshake and sequence number analysis
• Valid AP impersonation detection
• Frame floods,fake AP and Airjack attack detection
• ASLEA P, d eath b ro adcast, null probe
response detection
• Netstumbler-based network probe detection
Stateful firewall features
• Stateful packet inspection tied to user identity
or ports
• Location and time-of-day aware policy definition
• 802.11 station awareness for WLAN firewalling
• Over-the-air policy enforcement and station
blacklisting
• Sessi on mirroring and per-packet logs f or
forensic analysis
• Detailed firewall traffic logs for usage auditing
• Application layer gateway (ALG) support for
NOE, SIP, SCCP, RTSP, Vocera, FTP, TFTP, PPTP
• Sourc e an d de st ination Network Addres s
Translation (NAT)
• Dedicated flow processing hardware for high
performance
• TCP, ICMP denial of service attack det ection
and protection
• Policy-based forwarding into GRE tunnels for
guest traffic
• External service interface for third party security
integration for inline anti-virus, anti-spam and
content filtering apps
• Heath checking and load balancing for
external services
VPN server features
• Site- to -s ite V PN support for branch
office deployments
• Site-to-site interoperability with third party
VPN servers
• VPN server e mulation f or e as y in te gration
into WLAN
• L2TP/ IP Se c VPN termination for W in dows
VPN clients
• XAUT H/IPSec V PN t er mi nation f or third
party clients
• PPTP VPN termination for legacy VPN integration
• RADIU S an d LDAP server s upport f or
VPN authentication
• PA P, CHAP, MS-CHAP and MS-CHAPv2
authentication
• Hardware encryption for DES, 3DES, AES, MPPE
• Secure point-to-point xSec tunnels for L2 VPNs
Networking features and
advanced services
• L2 and L3 switching over-the-air and over-the-wire
• VLAN pooling for easy, scalable network designs
• VLAN mobility for seamless L2 roaming
• Proxy mobile IP and proxy DHCP for L3 roaming
• Built-in DHCP server and DHCP relay
• VRRP-based N+1 WLAN switch redundancy (L2)
• AP prov is io ning-based N +1 WL AN
switch redundancy (L3)
• Etherchannel support for link redundancy
• 802.1d Spanning Tree Protocol (STP)
• 802.1Q VLAN tags
WLAN switch-based
management features
• RF Planning and AP Deployment Toolkit
• Centralized AP provisioning and image management
• Live coverage visualization with RF heat maps
• Detailed statistics visualization for monitoring
• Remote packet capture for RF troubleshooting
• Interoperable with Ethereal and Airopeek analyzers
• Multi-WLAN switch configuration management
• Location visualization and device tracking
• System-wide event collection and reporting
Administration features
• Web-based user interface access over HTTP
and HTTPS
• Quick st ar t sc reens for easy WLAN
switch configuration
• CLI access using SSH, Telnet and console port
• Role- ba se d ac cess c on trol f or restricted
admin access
• Authe nt ic ated a cc es s vi a RADIUS, LDAP o r
Internal DB
• SNMPv 3 an d SN MP v2 support for W LAN
switch monitoring
• Standard MIBs and private enterprise MIBs
• Detailed message logs with syslog event notification
Power consumption
• OAW-4504: 35 W maximum
• OAW-4604: 45 W maximum
• OAW-4704: 60 W maximum
3Alcatel-Lucent OmniAccess 4504, OmniAccess 4604, OmniAccess 4704
T E C H N I C A L S P E C I F I C A T I O N S
Power specifications (AC input
equirements)
r
OAW-4504
• AC Input Voltage: 90-264 V~, universal input
• AC Input Current: 1.5 A
• AC Input Frequency: 47-63 Hz
OAW-4604 and OAW-4704
• AC Input Voltage: 90-264 V~, universal input
• AC Input Current: 2.2 A
• AC Input Frequency: 47-63 Hz
Operating specifications and
imensions
d
• Operating temperature range 0° to 40° C
• Storage temperature range 10° to 70° C
• Humidity, non-condensing 5 to 95%
• Height 1.75˝ (44 mm)
• Width 13.8˝ (351 mm)
• Depth 11.7˝ (297 mm)
Weight
• OAW-4504: 7.1 lbs/3.2 Kg (unboxed)
• OAW-4604 / OAW-4704: 7.4 lbs/3.4 Kg
(unboxed)
Regulatory and safety compliance
• FCC part 15 Class A CE
• Industry Canada Class A
• VCCI Class A (Japan)
• EN 55022 Class A (CISPR 22 Class A), EN 61000-3,
EN 61000-4-2, EN 61000-4-3, EN 61000-4-4,
EN 61000-4-5, EN 61000-4- 6, EN 61000-4-8,
EN 61000-4-11, EN 55024, AS/NZS 3548
• UL 60950, EN60950
• CAN/CSA 22.2 #60950
• CE mark, cTUVus, GS, CB, C-tick, Anatel, NOM,
MIC, IQC
O R D E R I N G I N F O R M A T I O N
PART NUMBER DES CRIPT ION
AW-4504-0 OmniAccess 4504 - 4x 10/100/1000BaseT (RJ-45) or 1000BaseX (SFP) dual personality ports (no AP license included). Can support up to 32
O
APs (additional AP licenses required).
OAW-4504-8 OmniAccess 4504 - 4x 10/100/1000BaseT (RJ-45) or 1000BaseX (SFP) dual personality ports, bundled with 8 AP license. Can support up to
32 APs (additional AP licenses required).
OAW-4604-0 OmniAccess 4604 - 4x 10/100/1000BaseT (RJ-45) or 1000BaseX (SFP) dual personality ports (no AP license included). Can support up to 64
APs (additional AP licenses required).
OAW-4604-32 OmniAccess 4604 - 4x 10/100/1000BaseT (RJ-45) or 1000BaseX (SFP) dual personality ports, bundled with 32 AP license. Can support up to
64 APs (additional AP licenses required).
OAW-4704-0 OmniAccess 4704 - 4x 10/100/1000BaseT (RJ-45) or 1000BaseX (SFP) dual personality ports (no AP license included). Can support up to 128
APs (additional AP licenses required).
OAW-4704-64 OmniAccess 4704 - 4x 10/100/1000BaseT (RJ-45) or 1000BaseX (SFP) dual personality ports, bundled with 64 AP license. Can support up to
128 APs (additional AP licenses required).
OAW-SFP-SX OmniAccess Wireless SFP - 1000BaseSX, LC Connector
OAW-SFP-LX OmniAccess Wireless SFP - 1000BaseLX, LC connector
OAW-SFP-TX OmniAccess Wireless SFP - 1000Base-T, RJ-45 connector
To learn more, contact your dedicated Alcatel-Lucent representative, authorized reseller, or sales agent. You can also visit our Web site at www.alcatel-lucent.com.
www.alcatel-lucent.com
This d ocume nt is prov ided for planning purposes o nly and doe s not create, mod ify, or supplement
any warranties, which may be made by Alcatel-Lucent relating to the products and/or services described
herein. The publication of information contained in this document does not imply freedom from patent
or other protective rights of Alcatel-Lucent or other third parties.
Alcatel, Lucent, Alcatel-Lucent and the Alcatel-Lucent logo are trademarks of Alcate l-Lucent. All other
trademarks are the property of their respec tive owners. Alcatel-Lucent assumes no responsibility f or
the accuracy of the information presented, which is subj ect to change without notice.
© 2007 Alcatel-Lucent. All rights reserved. P/N 031970-00 Rev. B 1/08
Loading...