Enterprise Wireless
APOLLO : AWM-8000
-
Overview
Enterprise Wireless Controller Enterprise Wireless Enterprise -
L3 Enterprise Wireless Controller for max 1024 APs
The AWM-8000 is a high-performance smart box-type access controller (AC) developed by AADONA for large wireless networks like enterprises, education, and city-wide deployments.
Integrating both wired and
wireless access means, it offers 10 GE uplink ports and integrates with AADONA smart access points (APs) to form a centrally managed wireless local area network (WLAN) solution. Featuring a flexible port configuration, the AWM-8000 provides sixteen GE combo ports, eight fixed SFP ports, and four 10G SFP+ ports. With 1+1 modular redundant power supplies, the AWM-8000 is preferred for wireless networks of educational departments, governments, and large enterprises where high performance, comprehensive functions, high security, and high reliability are required. The AWM-8000 employs hardware ASICs, which support line-rate forwarding of IPv4/IPv6 Layer 2 and Layer 3 data packets. Powered by AADONA's cutting-edge IPv6 technology, the AWM-8000 is designed with full IPv6 compatibility. The device supports a broad range of static routing protocols including RIP, OSPF, BGP, and PIM, as well as dynamic routing protocols such as IPv6 RIPng, OSPFv3, and PIM6. The AWM-8000 can manage up to 1024 smart wireless APs. The device provides strong WLAN access control through systems such as precise user control and management, complete RF management, and security mechanism, powerful QoS, seamless roaming, and authentication based on existing networks. Underpinned by a smart cluster management technology, the solution automatically adjusts AP power and channels by monitoring and controlling the RF environment of each AP in real-time, and performing load balancing based on the number of users or traffic to minimize interference to wireless signals and stabilize wireless network loads. The AWM-8000 employs an intelligent temperature control and heat dissipation system, which ensures that the entire system is stable even in heavy load conditions. Chip-level forwarding capability coupled with a rich service array position the AWM-8000 as a wired/wireless integrated smart AC preferred for applications such as WLAN access to campus networks, and wireless network coverage for colleges, hospitals, and hotels.
Read More
wireless access means, it offers 10 GE uplink ports and integrates with AADONA smart access points (APs) to form a centrally managed wireless local area network (WLAN) solution. Featuring a flexible port configuration, the AWM-8000 provides sixteen GE combo ports, eight fixed SFP ports, and four 10G SFP+ ports. With 1+1 modular redundant power supplies, the AWM-8000 is preferred for wireless networks of educational departments, governments, and large enterprises where high performance, comprehensive functions, high security, and high reliability are required. The AWM-8000 employs hardware ASICs, which support line-rate forwarding of IPv4/IPv6 Layer 2 and Layer 3 data packets. Powered by AADONA's cutting-edge IPv6 technology, the AWM-8000 is designed with full IPv6 compatibility. The device supports a broad range of static routing protocols including RIP, OSPF, BGP, and PIM, as well as dynamic routing protocols such as IPv6 RIPng, OSPFv3, and PIM6. The AWM-8000 can manage up to 1024 smart wireless APs. The device provides strong WLAN access control through systems such as precise user control and management, complete RF management, and security mechanism, powerful QoS, seamless roaming, and authentication based on existing networks. Underpinned by a smart cluster management technology, the solution automatically adjusts AP power and channels by monitoring and controlling the RF environment of each AP in real-time, and performing load balancing based on the number of users or traffic to minimize interference to wireless signals and stabilize wireless network loads. The AWM-8000 employs an intelligent temperature control and heat dissipation system, which ensures that the entire system is stable even in heavy load conditions. Chip-level forwarding capability coupled with a rich service array position the AWM-8000 as a wired/wireless integrated smart AC preferred for applications such as WLAN access to campus networks, and wireless network coverage for colleges, hospitals, and hotels.
Features
| High-Performance and High-Reliability Wireless Network | |
| High-density access ports and smart wired/wireless control and forwarding Architecture |
The AWM-8000 employs an ASIC-based wireless forwarding technology to provide high port density and high wireless throughput as compared with similar ACs in the industry. It supports both wireless and wired switching. All wireless traffic and wired traffic are uniformly forwarded in the same chip. Boasting of a wired/wireless integrated control and forwarding architecture, the AWM-8000 combines the functions of both a wireless AC and a routing switch. Its direct connection mode greatly lowers users' investment, improves network performance, and facilitates network management. |
| Powerful centralized forwarding Capability |
The AWM-8000 can be deployed on a Layer 2 or Layer 3 network without changing the existing network architecture at all. It forms an integrated switching fabric with wireless APs to well control and process data exchange on all the APs. A centralized or local forwarding mode may be flexibly configured on the AWM-8000 according to the service set ID (SSID) and virtual local area network (VLAN) planning of the network. With the ASIC-based wireless forwarding technology, the AWM-8000 ensures that each of its ports can forward wireless packets at the line rate. The powerful centralized forwarding capability, as a particular feature of AADONA wireless ACs, caters to wireless forwarding of large-capacity terminals and meets higher traffic transmission requirements of future wireless networks, such as high- definition Video on Demand (VoD) and Voice over WLAN (VoWLAN) transmission. |
| High-reliability backup mechanism | The AWM-8000 supports the following high-reliability backup mechanisms to ensure that a wireless network runs reliably: 1. 1+1 fast backup 2. N+1 backup 3. N+N backup 4. Portal 1+1 backup 5. DHCP server hot backup |
| 1+1 modular redundant input Power |
The AWM-8000 supports both AC and DC input power, which meet different power supply environment requirements and attain power supply redundancy. |
| Automatic emergency mechanism of APs | In a centralized network architecture where thin APs and a wireless AC are deployed, the APs will be unable to operate normally when the wireless AC is down and then the entire wireless network will crash. AADONA wireless APs support an automatic emergency mechanism. This mechanism enables an AP to intelligently detect links. When detecting that the wireless AC is down, the AP quickly switches its operating mode so that it may continue to forward data while enabling new users to access the network. This mechanism attains high availability in the entire wireless network and really helps wireless users to be always online. |
| End-to-end QoS | The AWM-8000 provides ASIC-based QoS and comprehensively supports Diff-Serv, such as flow classification, traffic policing, queue management, and queue scheduling. It also supports IPv6 QoS. AADONA ACs and APs implement the same QoS functions, support QoS based on per-terminal control and QoS based on air interface control. The entire wireless network provides an end-to-end QoS the mechanism, enabling network operators to provide QoS policies of different levels for users and offer an integrated network that simultaneously bears voice, data, and video services. |
| Dual-OS backup mechanism | The AWM-8000 supports a dual-OS backup mechanism. When the AWM-8000 fails to start from the active OS, it can immediately start from a standby OS, thereby improving the long-term running reliability of equipment in an adverse Environment. |
| Wireless Network of Intelligent Control and Automatic Perception | |
| Intelligent RF management | The AWM-8000 provides an automatic power and channel adjustment function. It employs particular RF detection and management algorithms to attain a better RF coverage effect. When the signals of an AP are interfered by strong external signals, the AP may automatically switch to an appropriate operating channel under the control of the AC to avoid such interference, thereby guaranteeing wireless network communications. The system also supports wireless network blackhole compensation. When an AP on the network accidentally stops operating, the RF management function of the AC compensates the resulting blind area of signals so that the wireless network can still operate normally. |
| Intelligent control of terminals based on airtime fairness | When some outdated 802.11b and 802.11g terminals are used on a wireless network or some terminals are far way from APs, negotiation rates will be low, causing a large number of users to experience a long WLAN access delay, low rates, or poor overall AP performance. The AP performance problem in a low-rate terminal access environment, however, cannot be resolved by simply employing rate control and traffic shaping. AADONA smart APs have essentially resolved this problem by using intelligent control of terminals based on airtime fairness, ensuring that a user can always enjoy the same joyful WLAN experience in the same location, no matter what type of terminal the user is holding. The intelligent control of terminals based on airtime fairness greatly improves the performance of both the client and the entire network. It enables all clients with high data transmission rates to attain strikingly higher performance while low-rate clients are almost not affected at all. The performance will be even more obviously higher on an open wireless network. Once high-rate clients finish data transmission, fewer clients will be transmitting data on the wireless network. In this case, there will be less contention and retry on the network, thereby greatly improving overall AP performance. |
| Intelligent load balancing mechanism | In general, a wireless client will select an AP according to the signal strength of APs. When this uncontrolled access mode is applied, however, a large number of clients could be connected to the same AP simply because the AP provides strong signals. As more clients are connected to an AP, the bandwidth available to each client will be smaller, thereby greatly affecting the user experience of the clients. AADONA wireless products support diversified intelligent load balancing means: 1. AP load balancing based on traffic 2. AP load balancing based on the number of users 3. AP load balancing based on frequency bands 4. Access control based on the signal strength of terminals 5. Mandatory roaming control of terminals to direct terminals to APs with stronger Signals |
| Intelligent identification of terminals | AADONA wireless ACs may combine with AADONA smart APs and a unified authentication platform to intelligently identify the size, system type, and type of each terminal; and comprehensively support mainstream smart terminal operating systems, such as Apple iOS, Android, and Windows. They intelligently identify the size of a terminal and adaptively present a portal authentication page of the corresponding size and page pattern, freeing users from multiple times of dragging to adjust the screen and enabling users to enjoy an intelligent wireless experience. They can also intelligently identify the system type of each terminal and present the system type of each terminal such as Windows, MAC OS, or Android on the unified authentication platform, exhibiting every detail of intelligence to users. In addition, they can intelligently identify the type of each terminal such as the mobile phone, tablet, or PC, and implement dynamic policy control of terminals according to different types of terminals, making possible more intelligent user control at a finer granularity. |
| Comprehensive support for IPv4/v6 dual-stack networks | Powered by AADONA cutting-edge IPv6 technology, the AWM-8000 may be deployed on an IPv6 network, with IPv6 tunnels established through auto- negotiation between a wireless AC and an AP. When the wireless AC and the AP completely operate in IPv6 mode, the wireless AC can still correctly identify IPv4 terminals and process IPv4 packets from wireless clients. Featuring flexible adaptability to IPv4/6, the AWM-8000 caters to complex applications involved in migration from an IPv4 network to an IPv6 network. It not only provides IPv4 service to customers on an IPv6 network but also enables users on an IPv4 network to log in to the network through the IPv6 protocol at ease. |
| Network-wide seamless roaming | The AWM-8000 supports advanced wireless AC cluster technology. This technology enables multiple AWM-8000 devices to synchronize online connection information and roaming records of all users with one another in real-time. This technology implements not only L2/L3 seamless roaming inside a wireless AC but also fast roaming across wireless ACs. As client, IP address information does not change and re-authentication is not required in the roaming process, the continuity of real-time mobile services is well guaranteed. |
| Secure and Controllable Wireless Network | |
| User isolation policy | The AWM-8000 supports the isolation of wireless users from one another. If this user isolation function is enabled, two wireless clients cannot directly communicate with each other but can only access an upstream wired network. This further guarantees the security of wireless network applications. |
| Wireless intrusion detection and intrusion defense | The AWM-8000 supports wireless intrusion detection and intrusion defense features, such as the detection of unauthorized wireless devices, intrusion detection, blacklist, and white list, as well as anti-DoS for various wireless management packets, thereby greatly improving the security management of an entire wireless Network |
| Wireless user management at a fine granularity | Under the management of the AWM-8000, each AP supports a maximum of 32 WLANs to implement multi-layer multi-service management of wireless users at a fine granularity. Each WLAN supports access control and uplink/downlink rate limit based on MAC or IP addresses. These WLANs may be bound to VLANs. In addition, different authentication and accounting policies can be implemented. This feature is practically significant in a multi-WLAN environment. |
| Operational-level permission management mechanism | An SSID-based user permission management mechanism enables a network to be divided into multiple virtual wireless networks based on multiple SSIDs according to actual application requirements. This mechanism sets specific management and viewing permissions for specific users so that users are completely isolated from one another in terms of operation and management. |
| Secure user admission | The AWM-8000 provides multiple secure access, authentication, and accounting mechanisms for various application environments. These mechanisms include: 1. 802.1x authentication 2. Captive portal authentication, including built-in portal, external portal, and custom portal authentication modes 3. MAC address authentication 4. LDAP authentication 5. WAPI encryption and authentication 6. Wired/wireless integrated authentication and accounting |
| Wireless SAVI | AADONA wireless network products support a source address validation (SAVI) technology to deal with spoofed packet attacks that keep emerging on today's campus networks. As users' IP addresses are obtained through an address allocation protocol, users access the Internet using correct addresses in subsequent applications and cannot spoof others' IP addresses, thereby guaranteeing the reliability of source addresses. In addition, the SAVI technology is combined with a portal technology to further guarantee the authenticity and security of packets of all users accessing the Internet. |
| PEAP user authentication | With the popularization and application of smart terminals, wireless terminal users require authentication mechanisms of higher usability and convenience. Using a mechanism that combines portal authentication and MAC address authentication, AADONA wireless network products support Protected Extensible Authentication Protocol (PEAP) authentication to attain a better user experience. Initially, a user needs to manually perform portal authentication and later the user gets authenticated through PEAP in automatic mode. AADONA wireless network products feature high terminal adaptation and provide good authentication compatibility. They adapt to the majority of WLAN terminals and do not need to adapt to clients. AADONA wireless network products are compatible with existing portal authentication modes. |
| Secure access mechanism of APs | An AP is usually deployed in a public area and therefore requires a strict security mechanism to guarantee the legality of access devices. The following secure access mechanisms may be applied between an AADONA wireless AC and a smart AP: 1. AP MAC address authentication 2. AP password authentication 3. Bidirectional digital certificate authentication |
| Real-time spectrum protection | AADONA smart APs support a built-in RF collection module that integrates RF monitoring and real-time spectrum protection. By implementing communications and data collection through the respective AP, the RF collection module performs wireless environment quality monitoring, wireless network capability tendency evaluation, and unexpected-interference alarms. It resorts to a graphical means to actively detect and identify RF interference sources (Wi-Fi or non-Wi-Fi) and provides a real-time spectrum analysis diagram. In addition, it can automatically identify interference sources and determine the locations of problematic wireless devices, ensuring that a wireless network attains optimal performance. |
| Easy-to-Manage Wireless Network | |
| AP plug-and-play | The AWM-8000 smart AC can be seamlessly integrated with existing switches, firewalls, authentication servers, and other network devices. AADONA smart APs are able to automatically discover the AWM-8000. A wireless network function can be enabled on an AP without performing any configuration on the AP at all. When used with the AWM-8000, AADONA smart APs support plug-and-play, and zero configuration. The wireless AC undertakes all the management, control, and configuration of the APs. Network administrators do not need to separately manage or maintain a huge number of wireless APs. All actions, such as configuration, firmware upgrade, and security policy updating, are performed uniformly under the control of the wireless AC. |
| Remote probe analysis | The AWM-8000 supports remote probe analysis of APs. It listens to and captures Wi-Fi packets in the coverage and mirrors them to a local analysis device in real- time to help network administrators better perform troubleshooting or optimization analysis. The remote probe analysis function can perform non- convergence mirroring of a working channel and sampling of all channels in polling mode as well to flexibly meet various wireless network monitoring, operation, and maintenance requirements. |
| Multiple management modes and uniform management platform | The AWM-8000 supports various management modes such as command lines and the web. It can be used to plan, deploy, monitor, and manage APs on an entire network centrally and effectively at low costs. It may also be used with an AADONA platform for integrated management of wireless and wired devices so that administrators can monitor and manage the entire network in a data center as follows: 1. Generating topologies 2. Checking the working states of APs and the states of online users 3. Planning RF resources on the entire network 4. Locating users 5. Generating security alarms 6. Checking link loads, device usage and roaming records 7. Generating reports |
Specifications
| Model Name | AWM-8000 |
| Product Series | APOLLO |
| Service port | 16 GE combo ports (GE/SFP) |
| Management port | One console port (RJ-45) |
| Gigabit SFP | 8 GE SFP ports |
| 10G SFP Ports | 4 10G SFP+ ports |
| Power supply | 2 power slots, 1+1 Modular Redundant |
| Maximum power consumption | 90 W |
| Working/Storage temperature | 0°C to +50°C -40°C to +75°C |
| Working/Storage RH | 5% to 90% (non-condensing) |
| Dimensions (W x D x H) | 440mmx44mmx350mm; 19 inches, 1 U high, supporting rack installation |
| Warranty | 3 Year Default + 2 Year Extended, Total 5 Years |
| Software Specifications | |
| Base number of manageable APs | 32 |
| Maximum number of manageable APs | 1024 |
| Number of manageable ACs in a cluster | 64 |
| AP upgrade step | 32 |
| Maximum number of concurrent wireless users | 60k |
| VLANs | 4K |
| ARP table | 16k |
| Switching time during roaming | < 30 ms |
| L2 protocols and standards | IEEE802.3 (10Base-T), IEEE802.3u (100Base-TX), IEEE802.3ab (1000Base-T), IEEE802.1Q (VLAN), IEEE802.1p (COS), IEEE802.1x (Port Control) IGMP Snooping, MLD Snooping GVRP, PVLAN |
| L3 protocols and standards | Static Routing RIPv1/v2, OSPF, BGP, VRRP, IGMP v1/v2/v3 ARP, ARP Proxy PIM-SM, PIM-DM, PIM-SSM |
| Wireless protocols and standards | 802.11, 802.11a, 802.11b, 802.11g, 802.11n, 802.11d, 802.11h, 802.11i, 802.11e, 802.11k |
| CAPWAP protocol | Supports L2/L3 network topology between an AP and an AC. Enables an AP to automatically discover an accessible AC. Enables an AP to automatically upgrade its software version from an AC. Enables an AP to automatically download configurations from an AC. |
| IPv6 protocols and standards | IPv4/v6 dual-stack, manual tunnel, ISATAP, 6to4 tunnel, IPv4 over IPv6 tunnel, DHCPv6, DNSv6, ICMPv6, ACLv6, TCP/UDP for IPv6, SOCKET for IPv6, SNMP v6, Ping /Traceroute v6, RADIUS, Telnet/SSH v6, FTP/TFTP v6, NTP v6, IPv6 MIB support for SNMP, VRRP for IPv6, IPv6 QoS, static routing, OSPFv3, IPv6 SAVI |
| High reliability | 1+1 fast backup N+1 backup N+N backup Portal 1+1 backup DHCP server hot backup |
| RF management | Setting country codes Manually/automatically setting the transmit power Manually/automatically setting the working channel Automatically adjusting the transmission rate Blind area detection and repair RF environment scanning, which enables a working AP to scan the surrounding RF environment RF interference detection and avoidance SSID-based or Radio-based limit on the number of users User online detection Automatic aging of traffic-free users Prohibiting the access of clients with weak signals Remote probe analysis Forced roaming of clients with weak signals 11n-preferred RF policy SSID hiding 20 MHz and 40 MHz channel bandwidth configuration Airtime protection in hybrid access of 11bg and 11n terminals Terminal-based airtime fairness scheduling Spectral analysis Terminal locating (A terminal locating algorithm can be embedded in the AC) Spectral navigation (5 GHz preferred) 11n only |
| Security | 64/128 WEP, dynamic WEP, TKIP, CCMP, and SMS encryption 802.11i security authentication and two modes (Enterprise and Personal) of 802.1x and PSK WAPI encryption and authentication LDAP authentication MAC address authentication Portal authentication, including built-in portal, external portal, and custom portal authentication modes PEAP user authentication Secure access control of APs, such as MAC authentication, password authentication, or digital certificate authentication between an AP and an AC Radius Client Backup authentication server Wireless SAVI User access control based on AP locations Wireless intrusion detection system (WIDS) and wireless intrusion prevention system (WIPS) Protection against flooding attacks Protection against spoofing attacks Forwarding security control, such as frame filtering, white list, static blacklist, and dynamic blacklist User isolation Periodic Radio/SSID enabling and disabling Access control of free resources Secure admission control of wireless terminals Access control of various data packets such as MAC, IPv4, and IPv6 packets |
| Forwarding | IPv6 access and forwarding; constructing IPv6 WLAN access service on an IPv4 network; providing IPv4 WLAN access service on an IPv6 network; and constructing private IPv6 WLAN network service on an IPv6 network Fast L2/L3 roaming between APs served by the same AC Fast L2/L3 roaming between APs served by different ACs IPv4 and IPv6 multicast forwarding WDS AP |
| QoS | 802.11e (WMM); and 4-level priority queues, ensuring that applications sensitive to the real-time effect, such as voice and video services, are transmitted first Ethernet port 802.1P identification and marking Mapping from wireless priorities to wired priorities Mapping of different SSIDs/VLANs to different QoS policies Mapping of data streams that match with different packet fields to different QoS policies Access control of MAC, IPv4, and IPv6 data packets Load balancing based on the number of users Load balancing based on user traffic Load balancing based on frequency bands Bandwidth limit based on APs Bandwidth limit based on SSIDs Bandwidth limit based on terminals Bandwidth limit based on specific data streams Power saving mode Multicast-to-unicast mechanism Automatic emergency mechanism of APs Intelligent identification of terminals |
| Management | Web management Configuration through a console port SNMP v1/v2c/v3 Both local and remote maintenance Local logs, Syslog, and log file export Alarm Fault detection Statistics Login through Telnet Login through SSH Dual-image (dual-OS) backup Hardware watchdog AC cluster management; automatic information synchronization between ACs in a cluster, and automatic or manual push of configuration information SSID-based user permission management mechanism |
