Features
Features
The features and benefits of the RBT‐4102 include the following:
•
Local network connection via 10/100 Mbps Ethernet ports or 54 Mbps wireless interface
(supporting up to 255 mobile users per radio).
•
IEEE 802.11a, 802.11b, and 802.11g compliant.
•
Rogue AP Detection provides the ability to scan the airwaves and collect information about
access points in the area. This feature detects neighboring access points and access points not
authorized to participate in the network.
•
Advanced security features, such as WEP, WPA (Wi‐ Fi Protected Access), AES, WPA2,
SNMPv3, as well as manageability features that include Enterasys NetSight Console, NetSight
Policy Manager and NetSight Inventory Manager support, secure web management, secure
Telnet management, and a CLI interface.
•
Two external antenna connectors are provided for use with both indoor and outdoor
antennas. Point‐to‐point and point‐to‐multipoint connections are also supported.
•
Provides seamless roaming within the IEEE 802.11a, 802.11b, and 802.11g WLAN
environment.
•
Automatically selects the available channel at power‐up.
•
Allows you to configure up to seven Virtual Access Points (VAPs) on each radio interface each
with its own set of authentication and security parameters.
•
Supports Cabletron Discovery Protocol (CDP).
•
Supports Spectralink Voice Priority (SVP).
•
Supports policy classification rules via the Enterasys Netsight Policy Manager.
Policy
Policy‐based networks is an architecture that allows network administrators to map network
services to identified users, machines, peripherals and other network entities. A role‐based
network access policy consists of three tiers:
•
Classification rules make up the first or bottom tier. The rules apply to devices in the policy
environment, such as switches, routers and the RoamAbout 4102. The rules are designed to be
implemented at or near the user's point of entry to the network. The rules are typically at
Layer 2, 3, or 4 of the ISO network model.
•
The middle tier is Services, which allows multiple classification rules to be aggregated.
Services can include e‐mail and Internet access.
•
Roles, or Behavioral Profiles make up the top tier. The roles assign services to various business
functions or departments, such as executive, sales, and engineering.
To implement most roles, policy‐based networking requires authentication such as MAC address
or 802.1X using EAP‐TLS, EAP‐TTLS, or EAP‐PEAP. Authorization information, attached to the
authentication response, determines the application of the access policy. One way to communicate
the authorization information is to include the Policy Name in a RADIUS Filter‐ID attribute. A
security administrator can also define a role to be implemented in the absence of an authentication
and authorization.
The RBT‐4102 supports the policy classification rules via the Enterasys Policy Profile MIB.
1-2 Introduction