7.5 Release update
Download
Report
Transcript 7.5 Release update
SIMPLY WIRED-LESS CONNECTED
September 2011
072611v5
THE STEPS TO SIMPLY CONNECTED
2
Copyright
Juniper Networks,
www.juniper.net
Copyright © 2011 Juniper Networks,
Inc. © 2010
www.juniper.net
JuniperInc.
Confidential
Onderwijs maakt het meest gebruik van iPads.
Breda, 28 september 2011 – Sinds februari van dit jaar neemt Computer Profile het gebruik van tablets
mee in de interviews die worden gehouden met IT & Telecom verantwoordelijke functionarissen. In totaal
is inmiddels bij circa 9.000 bedrijfsvestigingen met ten minste 50 medewerkers het tablet-gebruik
geïnventariseerd. Voor de bedrijfsvestigingen die vanaf februari 2011 tablet-systemen hebben
aangekocht, geldt dat het in bijna 85 procent van de gevallen de aanschaf van Apple iPads betreft. De
penetratie zakelijke iPads in de Benelux komt daarmee op circa 6 procent te liggen.
3
Copyright © 2010 Juniper Networks, Inc.
www.juniper.net
JUNIPER WIRELESS - COMPLETE WLAN SOLUTION
WLM – Management and Access Control
RingMaster
SmartPass
WLM - Appliance
Simple - Secure - Mobile
WLA – Access Points
4
Copyright © 2010 Juniper Networks, Inc.
WLC – Controllers
www.juniper.net
THE STRONGEST FOUNDATION
FOR MOBILITY SERVICES
Nonstop mobility services
Unmatched reliability
Leading management
Comprehensive security
Superior performance
Location awareness
Simplify the most important
Simple WLAN functions
Focus on security capabilities
Secure that really matter
Mobile
5
Design mobility into the heart of
the network
Copyright © 2010 Juniper Networks, Inc.
www.juniper.net
WL PRODUCT RELEASE UPDATE
WL 7.5 Controller Software:
Secure Branch
Spectrum Management
Advanced Tunneling
Misc enhancements
WL 7.5 Management Software:
Spectrum Management
Client Watch list
RingMaster / SmartPass Integration
Hardware:
WLC880
WL UMS
7
Copyright © 2010 Juniper Networks, Inc.
www.juniper.net
WATCHED CLIENT LIST
Overview:
This is an advanced troubleshooting feature that highlights correlation across
infrastructure and session information to provide insight into connectivity, poor call
quality, roaming and other issues.
Feature description for Juniper WL 7.5:
Allow the RingMaster server to collect detailed data for a list of selected clients to
assist administrators with the troubleshooting problematic clients.
A new task is available in the Clients view tasks group (Equipment, SSIDs, Sites)
and will open a new tab that with all the watched client stored data.
The client watch list tracks and displays historical data for 30 days, in the raw format
and after this period, the higher scopes, up to one year will be aggregated.
The data includes session properties (details), location history, events, and statistics.
All the clients in the watched list are tracked by MAC address.
Data lifetime: Non-trended data for watch list clients including session details, events,
and locations will be stored for 30 days.
New option is available in the Client Details report that allows the user to choose
whether to include the watch list information.
11
Copyright © 2010 Juniper Networks, Inc.
www.juniper.net
WLC - CONTROLLER FAMILY
64 - 512 11n AP
Cluster Reliability
In-Service Upgrades
One Software Platform
Distributed & Centralized
WLC2800
WLC Series Highlights
16 - 256 11n AP
3-Stream
WLC880
16 - 128 11n AP
3-Stream
WLC800
12 AP
32 - 192 11n AP
Distributed a/b/g/n
4 AP
WLC8
WLC200R
WLC2
# of AP
12
Copyright © 2010 Juniper Networks, Inc.
www.juniper.net
WLM – UMS 1.0
Management systems
RingMaster
SmartPass
Location appliance
Platforms
Shrink wrap software (RM, SP)
WLA1200-RMTS
WLA1200-LA
Services
Location: LA-200/E for location services and RF-Firewall
Security: MSS, SmartPass.
Guest services: SmartPass
13
Copyright © 2010 Juniper Networks, Inc.
www.juniper.net
THE STEPS TO SIMPLY CONNECTED
14
Copyright
Juniper Networks,
www.juniper.net
Copyright © 2011 Juniper Networks,
Inc. © 2010
www.juniper.net
JuniperInc.
Confidential
1
DEVICE-AGNOSTIC CONNECTION
1
Device
Configuration
Guest Self
Provisioning
Security Cert
Provisioning
Secure Remote
Access
3G/4G/Wi-Fi
Employee
Self Registration
IPASS
Service
Juniper Wired, Wireless, Firewall and Identity solutions collaborate
to create the industry’s simplest provisioning experience
15
Copyright © 2010 Juniper Networks, Inc.
www.juniper.net
EXAMPLE1 - ENDPOINT INTEGRITY WITH JUNIPER
UAC
Juniper UAC / IC-controller
(also AAA server)
Encrypted
VLAN = 1
VLAN = 2
Enterprise VLAN (1)
802.1X
Authentication using
Juniper Supplicant/ Pulse
Quarantine VLAN (2)
1. 802.1X Authentication using WPA2/AES; policies are met by client
2. UAC Controller responds with VLAN=1 assignment
3. Endpoint gains access to Enterprise VLAN
4. UAC controller detects that DAT files are OUTDATED
5. Endpoint is forced to re-authenticate
6. UAC Controller updates VLAN assignment to VLAN=2; endpoint
can only access Quarantine VLAN
16
Copyright © 2010 Juniper Networks, Inc.
www.juniper.net
EXAMPLE2 - IC + SRX + WL FOR SIMPLE POLICY
Campus
WLC800
SRX
Client
Protected
Server
• User attempts to access
protected resource
• SRX blocks traffic and checks
with IC for user status
• SRX dynamically configures FW
per user traffic according to role
JUEP
17
IC
• On successful authentication:
• The user is assigned a role
• RADIUS attributes are applied to
the user session
• This user identity follows the user
• The VLAN and all other authorization
attributes are dynamically applied
wherever the user connects or roams
CAPWAP
Ctrl-plane tunnel
Copyright © 2010 Juniper Networks, Inc.
RADIUS
www.juniper.net
• User presents credentials to
the network
• The username is matched to a
‘glob’ on a network access
rule
• The user is authenticated
using the configured method
against the IC
User Data
EXAMPLE2 - IC + SRX + WL FOR SIMPLE POLICY
Campus
WLC800
SRX
Client
IC
• IC informs Pulse agent to
disable network access for noncompliant user
• IC informs SRX to block noncompliant user traffic
JUEP
18
• On successful authentication:
• The user is assigned a role
• RADIUS attributes are applied to
the user session
• This user identity follows the user
• The VLAN and all other authorization
attributes are dynamically applied
wherever the user connects or roams
CAPWAP
Ctrl-plane tunnel
Copyright © 2010 Juniper Networks, Inc.
RADIUS
www.juniper.net
• User presents credentials to
the network
• The user is authenticated
using the configured method
against the IC
• User becomes non-compliant
with Antivirus and Antispyware
policy
User Data
2
BUILD ONE GENERAL PURPOSE,
APPLICATION AGNOSTIC NETWORK
WAN Edge
Extend Virtual Private
LANs with MPLS
M Series
SRX210
Core Layer
WLC-2800
10GE with
LAG
High density,
wire-rate
10GbE
Virtualized
security
SRX5800
IC Series
Remote Office
Access
Layer
Single fabric using Virtual Chassis technology
EX4500
EX4200
PoE
PoE
10GbE servers
MP-522 APs
19
Copyright © 2010 Juniper Networks, Inc.
www.juniper.net
PERFORMANCE
HIGH
PERFORMANCE
3
High Performance
Access Points
Detect and
Mitigate
Interference
High Performance
Network
Voice Aware
Network
Lowest
Latency
Video Tuned
Network
Juniper Wired, Wireless, Firewall and Identity solutions collaborate
to create the industry’s highest performance experience
20
Copyright © 2010 Juniper Networks, Inc.
www.juniper.net
3
WIRED-LESS – MORE WIRELESS THAN WIRED
Wireless becomes the primary
business premises access method
Requires:
Nonstop availability
Scalability
Seamless
roaming
21
Copyright
Juniper Networks, Inc.
Copyright © 2011 Juniper Networks,
Inc. © 2010
www.juniper.net
www.juniper.net
4
SIMPLIFY THE WIRED NETWORK
Reduce number of physical and managed devices
Loop-free topology / Virtual Chassis
Move to 10GE aggregation
22
Copyright
Juniper Networks, Inc.
Copyright © 2011 Juniper Networks,
Inc. © 2010
www.juniper.net
www.juniper.net
WHY JUNIPER FOR WIRED-LESS
Fewer Wires
Scalable Mobility
• Virtual chassis
• Fewer devices to manage
• Cost effective 10GE agg
• Nonstop mobility
• Ubiquitous connectivity
• Wired-like application
experience
• RF -Firewall
EX Series
WL Series
UAC
Comprehensive
Security
• All in one firewall + IPS
• Industry leading scale –
from small to very large
23
Single Client For
All Devices
SRX Series
Copyright © 2010 Juniper Networks, Inc.
• Security + access
• Enforces policies
• Supports all major devices
www.juniper.net