OmniAccess 6000
W I R E L E S S L A N S W I T C H
The Alcatel-Lucent OmniAccess™ 6000 (OAW-6000) Wireless LAN Switch is a high performance, fully featured modular
WLAN switch able to aggregate up to 2,048 campus connected access points (APs). The OAW-6000 provides a true
user-centric network experience, delivering follow-me connectivity, identity-based access, and application continuity services.
The OAW-6000 offers a scalable design that supports large deployments and can be easily implemented as an overlay
without any disruption to the existing wired network.
Advanced voice-over-WLAN features such as Call Admission Control (CAC), voice-aware RF management and strict
over-the-air quality of service (QoS) allow the OAW-6000 to deliver mobile VoIP capabilities. The OAW-6000 is managed
via the integrated management capability of the Alcatel-Lucent OmniAccess Wireless Operating System or the
Alcatel-Lucent OmniVista™ Mobility Manager.
B E N E F I T SF E A T U R E S
• High capacity and high performance
for large deployments
• Scalable design
• Mobile VoIP
• Integrated network management
• User-centric security
• Secure network environment
• A scalable design that supports up
to 32,768 users with follow-me
connectivity, identity based access
and application continuity
• Does not make existing deployments
obsolete since it is implemented as
an overlay without disturbing the
existing wired network
• Improves voice quality through support
of Call Admission Control, voice-aware
RF management and strict over-the-air
quality of service (QoS)
• Eliminates need for multiple network
management applications via
OmniAccess Wireless Operating System
and OmniVista Mobility Manager
• Prevents unauthenticated users and
unsafe endpoints from access the
corporate wireless network while
safely supporting guest users
• Eliminates need for additional
VPN/firewall devices
The OAW-6000 offers a best in class, user-centric security framework to authenticate wireless users, enforce role-based
access control policies and quarantine unsafe endpoints from accessing the corporate wireless network. Guest users can
be easily and safely supported with the built-in captive portal server and advanced network services.
The OAW-6000 can create a secure networking environment without requiring additional VPN/firewall devices using
integrated site-to-site VPN and NAT capabilities, split-tunneling and an ICSA-certified stateful firewall. Site-to-site VPN
support can be integrated with all leading VPN concentrators to provide seamless integration into existing corporate VPNs.
T E C H N I C A L S P E C I F I C A T I O N S
Performance and capacity
• Campus-connected APs: Up to 2,048
• Remote APs: Up to 8,192
• Users: Up to 32,768
• MAC addresses: Up to 256,000
• VLAN IP interfaces: 512
• Fast Ethernet ports (10/100): Up to 72
• Gigabit Ethernet ports (GBIC or SFP): Up to 40
• 10 Gigabit Ethernet ports (XFP): Up to 8
• Active firewall sessions: Up to 2,097,200
• Concurrent IPSec tunnels: Up to 32,768
• Firewall throughput: Up to 80 Gbps
• Encrypted throughput (3DES): Up to 32 Gbps
• Encrypted throughput (AES-CCM): Up to 16 Gbps
Wireless LAN security and
control features
• 802.11i security (WFA-certified WPA2 and WPA)
• 802.1X user and machine authentication
• EAP-PEAP, EAP-TLS, EAP-TTLS support
• Centralized AES-CCM, TKIP and WEP encryption
• 802.11i PMK caching for fast roaming applications
• E AP off loa d for AAA se rve r s cal abi lit y and
survivability
• Stateful 802.1X authentication for standalone APs
• MAC address, SSID and location-based
authentication
• Multi-SSID support for operation of multiple WLANs
• SSID-based RADIUS server selection
• Secure AP control and management over
IPSec or GRE
• CAPWAP-compatible and upgradeable
• DistributedWLAN mode for remoteAP deployments
• Simultaneous centralized and distributed
WLAN support
Identity-based security features
• C apt ive portal, 802. 1X and MAC ad dre ss
authentication
• Username,IP address,MAC address and encryption
key binding for strong network identity creation
• Per-packet identity verification to prevent
impersonation
• RADIUS and LDAP-based AAA server support
• Internal user database for AAA server failover
protection
• R ole -ba sed authori zat ion for eliminati ng
excess privilege
• R obu st pol icy enfo rce men t w ith stat efu l
packet inspection
• Per-user session accounting for usage auditing
• Web-based guest enrollment
• Configurable acceptable use policies for guest
access
• X ML- bas ed API for exte rna l c apt ive port al
integration
• xSec option for wired LAN authentication and
encryption(80 2.1 X a uth ent ica tio n, 256- bit
AES-CBC encryption)
Convergence features
• Voi ce and data on a si ngl e SSID for
converged devices
• Flow-based QoS using voice flow classification (VFC)
• Alcatel-Lucent NOE, SIP, Spectralink SVP, SCCP
and Vocera ALGs
• Strict priority queuing for over-the-air QoS
• 802.11e support – WMM, U-APSD and T-SPEC
• Q oS policing f or preventing networ k abuse
via 802.11e
• D iff Ser v m arking and 802 .1p support fo r
network QoS
• On-hook and off-hook VoIP client detection
• VoIP call admission control (CAC) using VFC
• Call reservation thresholds for mobile VoIP calls
• Voice-aware RF management for ensurin g
voice quality
• Fa st roaming support for e nsuring mobile
voice quality
• SIP early media and ringing tone generation
(RFC 3960)
• Per-user and per-role rate limits (bandwidth
contracts)
Adaptive radio management
(ARM) features
• A utomatic ch annel and power settin gs for
thin APs
• Simultaneous air monitoring and end user services
• S elf -he ali ng coverage based on dyna mic
RF conditions
• Dense deployment options for capacity optimization
• AP load balancing based on number of users
• AP load balancing based on bandwidth utilization
• Coverage hole and RF interference detection
• 802.11h support for radar detection and avoidance
• Automated location detection for active RFID tags
• B uil t-i n X ML-based Location A PI for RFID
applications
Wireless intrusion protection
features
• Integration with WLAN infrastructure
• S imu lta neo us or dedicated a ir mon ito rin g
capabilities
• R ogu e AP detection and built-in l oca tio n
visualization
• Automatic rogue, interfering and valid AP
classification
• O ver-the-ai r a nd ove r-th e-w ire rogue AP
containment
• Adhoc WLAN network detection and containment
• Windows client bridging and wireless bridge
detection
• D enial of serv ice attack protectio n for APs
and stations
• Misconfigured standalone AP detection and
containment
• Third party AP performance monitoring and
troubleshooting
• F lex ibl e a ttack signature c rea tio n f or new
WLAN attacks
• EAP handshake and sequence number analysis
• Valid AP impersonation detection
• Frame floods, Fake AP and Airjack attack detection
• ASLEAP, death broadcast, null probe response
detection
• Netstumbler-based network probe detection
Stateful firewall features
• Stateful packet inspection tied to user identity
or ports
• Location and time-of-day aware policy definition
• 802.11 station awareness for WLAN firewalling
• Over-the-air policy enforcement and station
blacklisting
• S ess ion mirroring and per-pa cket logs for
forensic analysis
2 Alcatel-Lucent OmniAccess 6000
T E C H N I C A L S P E C I F I C A T I O N S
• Detailed firewall traffic logs for usage auditing
• Application Layer Gateway (ALG) support for
NOE, SIP, SCCP, RTSP, Vocera, FTP, TFTP, PPTP
• Source and destination Network Address
Translation (NAT)
• Dedicated flow processing hardware for high
performance
• TCP, ICMP denial of service attack detection
and protection
• Policy-based forwarding into GRE tunnels for
guest traffic
• External service interface for third-party security
integration for inline anti-virus, anti-spam and
content filtering apps
• H eat h c hec kin g and load bal anc ing for
external services
VPN server features
• S ite -to -si te VPN support for br anc h office
deployments
• Site-to-site interoperability with third-party
VPN servers
• V PN ser ver emul ati on for easy in teg rat ion
into WLAN
• L 2TP /IP Sec VPN term ina tio n f or Wind ows
VPN clients
• XAUTH/IPSec VPN termination for third-party clients
• PPTP VPN termination for legacy VPN integration
• R ADI US and LDAP serv er sup por t for
VPN authentication
• PAP, CHAP, MS-CHAP and MS- CHA Pv2
authentication
• Hardware encryption for DES, 3DES, AES, MPPE
• Secure point-to-point xSec tunnels for L2 VPNs
Networking features and
advanced services
• L 2 a nd L3 switching o ver-the-air a nd
over-the-wire
• VLAN pooling for easy, scalable network designs
• VLAN mobility for seamless L2 roaming
• Proxy mobile IP and proxy DHCP for L3 roaming
• Built-in DHCP server and DHCP relay
• VRRP-based N+1 WLAN switch redundancy (L2)
• A P p rov isi oni ng- based N+1 WL AN swi tch
redundancy (L3)
• Etherchannel support for link redundancy
• 802.1d Spanning Tree Protocol (STP)
• 802.1Q VLAN tags
WLAN switch-based
management features
• RF Planning and AP Deployment Toolkit
• CentralizedAP provisioning and image management
• Live coverage visualization with RF heat maps
• Detailed statistics visualization for monitoring
• Remote packet capture for RF troubleshooting
• Interoperable with Ethereal and Airopeek analyzers
• Multi-WLAN switch configuration management
• Location visualization and device tracking
• System-wide event collection and reporting
Administration features
• Web-based user interface access over HTTP
and HTTPS
• Q uic kst art screens fo r easy WLAN switch
configuration
• CLI access using SSH, Telnet and console port
• R ole -ba sed access con tro l f or restricted
admin access
• Authenticated access via RADIUS, LDAP or
Internal DB
• S NMP v3 and SNMP v2 sup por t f or WLAN
switch monitoring
• Standard MIBs and private enterprise MIBs
• Detailed message logs with syslog event notification
Power supply options
• Power consumption: Max. 466 Watts per PSU
OAW-6000-PS200: AC power supplies deliver
200 W of power
• AC input voltage 90-132 VAC, 170-264 VAC
• AC input frequency 47-63 Hz
• AC input current 5 A @ 110 VAC
OAW-6000-PS400: AC power supplies deliver
400W of power
• AC input voltage 85-264 VAC, Auto-sensing
• AC input frequency 47-63 Hz
• AC input current 5 A @ 110 VAC
Operating specifications
and dimensions
• Operating temperature range: 0° to 40° C
• Storage temperature range: 10° to 70° C
• Humidity, non-condensing: 5 to 95%
• Height: 5.75˝ (146 mm)
• Width: 17.4˝ (444 mm)
• Depth: 12.5˝ (317.5 mm)
• Weight: 30 lbs. (unboxed)
Regulatory and safety
compliance
• FCC part 15 Class A CE
• Industry Canada Class A
• VCCI Class A (Japan)
• EN 55022 Class A (CISPR 22 Class A), EN
61000-3
• EN 61000-4-2, EN 61000-4-3, EN 61000-4-4
• EN 61000-4-5, EN 61000-4- 6, EN 61000-4-8
• EN 61000-4-11, EN 55024, AS/NZS 3548
• UL 60950, EN60950
• CAN/CSA 22.2 #60950
• CE mark, cTUVus, GS, CB, C-tick, Anatel, NOM,
MIC, IQC
3Alcatel-Lucent OmniAccess 6000
O R D E R I N G I N F O R M A T I O N
PART NUMB ER DES CR IP TION
AW-6000-PS2 Alcatel-Lucent OmniAccess 6000 chassis for non PoE configurations. Includes one modular 4-Slot 19" chassis, one fan tray, two 200 watt
O
uto-sensing 110V/240V AC PSU, and one accessory kit.
a
OAW-6000-PS4 Alcatel-Lucent OmniAccess 6000 chassis for PoE configurations. Includes one modular 4-slot 19" chassis, one fan tray, two 400 watt auto-sensing
110V/240V AC PSU, and one accessory kit.
AW-SC-1-48 OmniAccess Supervisor Card I with adaptive RF management and support for up to 48 access points. One OAW-6000 chassis can accommodate
O
ne or two Supervisor Cards.
o
AW-SC-1-128 OmniAccess Supervisor Card I with adaptive RF management and support for up to 128 access points. One OAW-6000 chassis can accommodate
O
one or two Supervisor Cards.
OAW-SC-2-256 OmniAccess Supervisor Card II with adaptive RF management and support for up to 256 access points. One OAW-6000 chassis can accommodate
ne or two Supervisor Cards.
o
AW-S3-C-2X10G OmniAccess Supervisor Card III, 10x 1000BaseX (SFP), 2x 10GBaseX (XFP), bundled with license to support 128 AP. One OAW-6000 chassis can
O
accommodate up to four (4) Supervisor Card III.
OAW-S3-0-2X10G OmniAccess Supervisor Card III, 10x 1000BaseX (SFP), 2x 10GBaseX (XFP), (no AP license included). One OAW-6000 chassis can accommodate
up to four (4) Supervisor Card III.
AW-LC-2G OmniAccess 2GE Line Card with support for two GBIC uplinks. GBIC adapters shall be ordered separately.
O
AW-LC-2G24F OmniAccess 2GE24F Line Card with support for 24 auto-sensing 10/100 interfaces and two GBIC uplinks. GBIC adapters shall be ordered separately.
O
OAW-LC-2G24FP OmniAccess 2GE24FP Line Card with support for 24 auto-sensing 10/100 interfaces with power-over-Ethernet (PoE) and two GBIC uplinks.
GBIC adapters shall be ordered separately. Requires an OAW-6000-PS4 chassis.
OAW-GBIC-T OmniAccess GBIC Interface Adapter - T
OAW-GBIC-SX OmniAccess GBIC Interface Adapter - SX
OAW-GBIC-LX OmniAccess GBIC Interface Adapter - LX
OAW-XFP-SR OmniAccess Wireless XFP - 850nm serial pluggable XFP optic (LC), target range 300m over MMF
OAW-XFP-LR OmniAccess Wireless XFP - 1310nm serial pluggable XFP optic (LC) for up to 10km over SMF
OAW-SFP-TX OmniAccess Wireless SFP - 1000BaseT, RJ45
OAW-SFP-SX OmniAccess Wireless SFP - 1000BaseSX, LC Connector
OAW-SFP-LX OmniAccess Wireless SFP - 1000BaseLX, LC connector
To learn more, contact your dedicated Alcatel-Lucent representative, authorized reseller, or sales agent.
You can also visit our Web site at www.alcatel-lucent.com.
This document is provided for p lanning p urposes o nly and does n ot cr eate, modi fy, or s upplement
any warranties, which may be made by Alcatel-Lucent relating to the products and/or services described
herein. The publication of information contained in this document does not imply freedom from patent
or other protective rights of Alcatel-Lucent or other third parties.
www.alcatel-lucent.com
Alcatel, Lucent, Alcatel-Lucent and the Alcatel-Lucent logo are trademarks of Alcatel-Lucent. All other
trademarks are the property of their respective owners. Alcatel-Lucent assumes no responsibility for
the accuracy of th e information presented, which is subject to change without notice.
© 2007 Alcatel-Lucent. All ri ghts reserved. P/N 031670-00 Rev. C 12/07
Loading...