Enterprise Wireless


The AWM-8000 is a high-performance smart box-type access controller (AC) developed by AADONA for large wireless networks like enterprises, education, and city-wide deployments.

Integrating both wired and
wireless access means, it offers 10 GE uplink ports and integrates with AADONA smart access points (APs) to form a centrally managed wireless local area network (WLAN) solution. Featuring a flexible port configuration, the AWM-8000 provides sixteen GE combo ports, eight fixed SFP ports, and four 10G SFP+ ports. With 1+1 modular redundant power supplies, the AWM-8000 is preferred for wireless networks of educational departments, governments, and large enterprises where high performance, comprehensive functions, high security, and high reliability are required. The AWM-8000 employs hardware ASICs, which support line-rate forwarding of IPv4/IPv6 Layer 2 and Layer 3 data packets. Powered by AADONA's cutting-edge IPv6 technology, the AWM-8000 is designed with full IPv6 compatibility. The device supports a broad range of static routing protocols including RIP, OSPF, BGP, and PIM, as well as dynamic routing protocols such as IPv6 RIPng, OSPFv3, and PIM6. The AWM-8000 can manage up to 1024 smart wireless APs. The device provides strong WLAN access control through systems such as precise user control and management, complete RF management, and security mechanism, powerful QoS, seamless roaming, and authentication based on existing networks. Underpinned by a smart cluster management technology, the solution automatically adjusts AP power and channels by monitoring and controlling the RF environment of each AP in real-time, and performing load balancing based on the number of users or traffic to minimize interference to wireless signals and stabilize wireless network loads. The AWM-8000 employs an intelligent temperature control and heat dissipation system, which ensures that the entire system is stable even in heavy load conditions. Chip-level forwarding capability coupled with a rich service array position the AWM-8000 as a wired/wireless integrated smart AC preferred for applications such as WLAN access to campus networks, and wireless network coverage for colleges, hospitals, and hotels.

Read More


High-Performance and High-Reliability Wireless Network
access ports and
control and
The AWM-8000 employs an ASIC-based wireless forwarding technology to provide
high port density and high wireless throughput as compared with similar ACs in
the industry. It supports both wireless and wired switching. All wireless traffic and
wired traffic are uniformly forwarded in the same chip. Boasting of a wired/wireless
integrated control and forwarding architecture, the AWM-8000 combines the
functions of both a wireless AC and a routing switch. Its direct connection mode
greatly lowers users' investment, improves network performance, and facilitates
network management.
The AWM-8000 can be deployed on a Layer 2 or Layer 3 network without changing
the existing network architecture at all. It forms an integrated switching fabric with
wireless APs to well control and process data exchange on all the APs. A centralized
or local forwarding mode may be flexibly configured on the AWM-8000 according
to the service set ID (SSID) and virtual local area network (VLAN) planning of the
network. With the ASIC-based wireless forwarding technology, the AWM-8000
ensures that each of its ports can forward wireless packets at the line rate. The
powerful centralized forwarding capability, as a particular feature of AADONA
wireless ACs, caters to wireless forwarding of large-capacity terminals and meets
higher traffic transmission requirements of future wireless networks, such as high-
definition Video on Demand (VoD) and Voice over WLAN (VoWLAN) transmission.
High-reliability backup mechanism The AWM-8000 supports the following high-reliability backup mechanisms to
ensure that a wireless network runs reliably:
1. 1+1 fast backup
2. N+1 backup
3. N+N backup
4. Portal 1+1 backup
5. DHCP server hot backup
1+1 modular
redundant input
The AWM-8000 supports both AC and DC input power, which meet different power
supply environment requirements and attain power supply redundancy.
Automatic emergency mechanism of APs In a centralized network architecture where thin APs and a wireless AC are
deployed, the APs will be unable to operate normally when the wireless AC is down
and then the entire wireless network will crash. AADONA wireless APs support an
automatic emergency mechanism. This mechanism enables an AP to intelligently
detect links. When detecting that the wireless AC is down, the AP quickly switches
its operating mode so that it may continue to forward data while enabling new
users to access the network. This mechanism attains high availability in the entire
wireless network and really helps wireless users to be always online.
End-to-end QoS The AWM-8000 provides ASIC-based QoS and comprehensively supports Diff-Serv,
such as flow classification, traffic policing, queue management, and queue
scheduling. It also supports IPv6 QoS. AADONA ACs and APs implement the same
QoS functions, support QoS based on per-terminal control and QoS based on
air interface control. The entire wireless network provides an end-to-end QoS
the mechanism, enabling network operators to provide QoS policies of different levels
for users and offer an integrated network that simultaneously bears voice, data, and
video services.
Dual-OS backup mechanism The AWM-8000 supports a dual-OS backup mechanism. When the AWM-8000 fails
to start from the active OS, it can immediately start from a standby OS, thereby
improving the long-term running reliability of equipment in an adverse
Wireless Network of Intelligent Control and Automatic Perception
Intelligent RF management The AWM-8000 provides an automatic power and channel adjustment function. It
employs particular RF detection and management algorithms to attain a better RF
coverage effect. When the signals of an AP are interfered by strong external signals,
the AP may automatically switch to an appropriate operating channel under the
control of the AC to avoid such interference, thereby guaranteeing wireless network
communications. The system also supports wireless network blackhole
compensation. When an AP on the network accidentally stops operating, the RF
management function of the AC compensates the resulting blind area of signals so
that the wireless network can still operate normally.
Intelligent control of terminals based on airtime fairness When some outdated 802.11b and 802.11g terminals are used on a wireless network
or some terminals are far way from APs, negotiation rates will be low, causing a
large number of users to experience a long WLAN access delay, low rates, or poor
overall AP performance. The AP performance problem in a low-rate terminal access
environment, however, cannot be resolved by simply employing rate control and
traffic shaping. AADONA smart APs have essentially resolved this problem by using
intelligent control of terminals based on airtime fairness, ensuring that a user can
always enjoy the same joyful WLAN experience in the same location, no matter
what type of terminal the user is holding. The intelligent control of terminals
based on airtime fairness greatly improves the performance of both the client and
the entire network. It enables all clients with high data transmission rates to attain
strikingly higher performance while low-rate clients are almost not affected at all.
The performance will be even more obviously higher on an open wireless network.
Once high-rate clients finish data transmission, fewer clients will be transmitting
data on the wireless network. In this case, there will be less contention and retry on
the network, thereby greatly improving overall AP performance.
Intelligent load balancing mechanism In general, a wireless client will select an AP according to the signal strength of APs.
When this uncontrolled access mode is applied, however, a large number of clients
could be connected to the same AP simply because the AP provides strong signals.
As more clients are connected to an AP, the bandwidth available to each client will
be smaller, thereby greatly affecting the user experience of the clients. AADONA
wireless products support diversified intelligent load balancing means:
1. AP load balancing based on traffic
2. AP load balancing based on the number of users
3. AP load balancing based on frequency bands
4. Access control based on the signal strength of terminals
5. Mandatory roaming control of terminals to direct terminals to APs with stronger
Intelligent identification of terminals AADONA wireless ACs may combine with AADONA smart APs and a unified authentication platform to intelligently identify the size, system type, and type of each terminal; and comprehensively support mainstream smart terminal operating systems, such as Apple iOS, Android, and Windows. They intelligently identify the size of a terminal and adaptively present a portal authentication page of the corresponding size and page pattern, freeing users from multiple times of dragging to adjust the screen and enabling users to enjoy an intelligent wireless experience. They can also intelligently identify the system type of each terminal and present the system type of each terminal such as Windows, MAC OS, or Android on the unified authentication platform, exhibiting every detail of intelligence to users. In addition, they can intelligently identify the type of each terminal such as the mobile phone, tablet, or PC, and implement dynamic policy control of terminals according to different types of terminals, making possible more intelligent user control at a finer granularity.
Comprehensive support for IPv4/v6 dual-stack networks Powered by AADONA cutting-edge IPv6 technology, the AWM-8000 may be
deployed on an IPv6 network, with IPv6 tunnels established through auto-
negotiation between a wireless AC and an AP. When the wireless AC and the AP
completely operate in IPv6 mode, the wireless AC can still correctly identify IPv4
terminals and process IPv4 packets from wireless clients. Featuring flexible
adaptability to IPv4/6, the AWM-8000 caters to complex applications involved in
migration from an IPv4 network to an IPv6 network. It not only provides IPv4
service to customers on an IPv6 network but also enables users on an IPv4 network
to log in to the network through the IPv6 protocol at ease.
Network-wide seamless roaming The AWM-8000 supports advanced wireless AC cluster technology. This
technology enables multiple AWM-8000 devices to synchronize online connection
information and roaming records of all users with one another in real-time. This
technology implements not only L2/L3 seamless roaming inside a wireless AC but
also fast roaming across wireless ACs. As client, IP address information does not
change and re-authentication is not required in the roaming process, the continuity
of real-time mobile services is well guaranteed.
Secure and Controllable Wireless Network
User isolation policy The AWM-8000 supports the isolation of wireless users from one another. If this
user isolation function is enabled, two wireless clients cannot directly communicate
with each other but can only access an upstream wired network. This further
guarantees the security of wireless network applications.
Wireless intrusion detection and intrusion defense The AWM-8000 supports wireless intrusion detection and intrusion defense
features, such as the detection of unauthorized wireless devices, intrusion detection,
blacklist, and white list, as well as anti-DoS for various wireless management
packets, thereby greatly improving the security management of an entire wireless
Wireless user management at a fine granularity Under the management of the AWM-8000, each AP supports a maximum of 32
WLANs to implement multi-layer multi-service management of wireless users at a
fine granularity. Each WLAN supports access control and uplink/downlink rate limit
based on MAC or IP addresses. These WLANs may be bound to VLANs. In addition,
different authentication and accounting policies can be implemented. This feature
is practically significant in a multi-WLAN environment.
Operational-level permission management mechanism An SSID-based user permission management mechanism enables a network to be divided into multiple virtual wireless networks based on multiple SSIDs according to actual application requirements. This mechanism sets specific management and viewing permissions for specific users so that users are completely isolated from one another in terms of operation and management.
Secure user admission The AWM-8000 provides multiple secure access, authentication, and accounting
mechanisms for various application environments. These mechanisms include:
1. 802.1x authentication
2. Captive portal authentication, including built-in portal, external portal, and
custom portal authentication modes
3. MAC address authentication
4. LDAP authentication
5. WAPI encryption and authentication
6. Wired/wireless integrated authentication and accounting
Wireless SAVI AADONA wireless network products support a source address validation (SAVI)
technology to deal with spoofed packet attacks that keep emerging on today's
campus networks. As users' IP addresses are obtained through an address
allocation protocol, users access the Internet using correct addresses in subsequent
applications and cannot spoof others' IP addresses, thereby guaranteeing the
reliability of source addresses. In addition, the SAVI technology is combined with a
portal technology to further guarantee the authenticity and security of packets of
all users accessing the Internet.
PEAP user authentication With the popularization and application of smart terminals, wireless terminal users
require authentication mechanisms of higher usability and convenience. Using a
mechanism that combines portal authentication and MAC address authentication,
AADONA wireless network products support Protected Extensible Authentication
Protocol (PEAP) authentication to attain a better user experience. Initially, a user
needs to manually perform portal authentication and later the user gets
authenticated through PEAP in automatic mode. AADONA wireless network
products feature high terminal adaptation and provide good authentication
compatibility. They adapt to the majority of WLAN terminals and do not need to
adapt to clients. AADONA wireless network products are compatible with existing
portal authentication modes.
Secure access mechanism of APs An AP is usually deployed in a public area and therefore requires a strict security
mechanism to guarantee the legality of access devices. The following secure access
mechanisms may be applied between an AADONA wireless AC and a smart AP:
1. AP MAC address authentication
2. AP password authentication
3. Bidirectional digital certificate authentication
Real-time spectrum protection AADONA smart APs support a built-in RF collection module that integrates RF
monitoring and real-time spectrum protection. By implementing communications
and data collection through the respective AP, the RF collection module performs
wireless environment quality monitoring, wireless network capability tendency
evaluation, and unexpected-interference alarms. It resorts to a graphical means to
actively detect and identify RF interference sources (Wi-Fi or non-Wi-Fi) and
provides a real-time spectrum analysis diagram. In addition, it can automatically
identify interference sources and determine the locations of problematic wireless
devices, ensuring that a wireless network attains optimal performance.
Easy-to-Manage Wireless Network
AP plug-and-play The AWM-8000 smart AC can be seamlessly integrated with existing switches,
firewalls, authentication servers, and other network devices. AADONA smart APs
are able to automatically discover the AWM-8000. A wireless network function can
be enabled on an AP without performing any configuration on the AP at all. When
used with the AWM-8000, AADONA smart APs support plug-and-play, and zero
configuration. The wireless AC undertakes all the management, control, and
configuration of the APs. Network administrators do not need to separately
manage or maintain a huge number of wireless APs. All actions, such as
configuration, firmware upgrade, and security policy updating, are performed
uniformly under the control of the wireless AC.
Remote probe analysis The AWM-8000 supports remote probe analysis of APs. It listens to and captures
Wi-Fi packets in the coverage and mirrors them to a local analysis device in real-
time to help network administrators better perform troubleshooting or
optimization analysis. The remote probe analysis function can perform non-
convergence mirroring of a working channel and sampling of all channels in polling
mode as well to flexibly meet various wireless network monitoring, operation, and
maintenance requirements.
Multiple management modes and uniform management platform The AWM-8000 supports various management modes such as command lines and
the web. It can be used to plan, deploy, monitor, and manage APs on an entire network
centrally and effectively at low costs. It may also be used with an AADONA platform
for integrated management of wireless and wired devices so that administrators
can monitor and manage the entire network in a data center as follows:
1. Generating topologies
2. Checking the working states of APs and the states of online users
3. Planning RF resources on the entire network
4. Locating users
5. Generating security alarms
6. Checking link loads, device usage and roaming records
7. Generating reports


Model Name AWM-8000
Product Series APOLLO
Service port 16 GE combo ports (GE/SFP)
Management port One console port (RJ-45)
Gigabit SFP 8 GE SFP ports
10G SFP Ports 4 10G SFP+ ports
Power supply 2 power slots, 1+1 Modular Redundant
Maximum power consumption 90 W
Working/Storage temperature 0°C to +50°C -40°C to +75°C
Working/Storage RH 5% to 90% (non-condensing)
Dimensions (W x D x H) 440mmx44mmx350mm; 19 inches, 1 U high, supporting rack installation
Warranty 3 Year Default + 2 Year Extended, Total 5 Years
Software Specifications
Base number of manageable APs 32
Maximum number of manageable APs 1024
Number of manageable ACs in a cluster 64
AP upgrade step 32
Maximum number of concurrent wireless users 60k
ARP table 16k
Switching time during roaming < 30 ms
L2 protocols and standards IEEE802.3 (10Base-T), IEEE802.3u (100Base-TX), IEEE802.3ab (1000Base-T), IEEE802.1Q (VLAN), IEEE802.1p (COS), IEEE802.1x (Port Control)
IGMP Snooping, MLD Snooping
L3 protocols and standards Static Routing
RIPv1/v2, OSPF, BGP, VRRP, IGMP v1/v2/v3
ARP, ARP Proxy
Wireless protocols and standards 802.11, 802.11a, 802.11b, 802.11g, 802.11n, 802.11d, 802.11h, 802.11i, 802.11e, 802.11k
CAPWAP protocol Supports L2/L3 network topology between an AP and an AC.
Enables an AP to automatically discover an accessible AC.
Enables an AP to automatically upgrade its software version from an AC.
Enables an AP to automatically download configurations from an AC.
IPv6 protocols and standards IPv4/v6 dual-stack, manual tunnel, ISATAP, 6to4 tunnel, IPv4 over IPv6 tunnel, DHCPv6, DNSv6, ICMPv6, ACLv6, TCP/UDP for IPv6, SOCKET for IPv6, SNMP v6, Ping /Traceroute v6, RADIUS, Telnet/SSH v6, FTP/TFTP v6, NTP v6, IPv6 MIB support for SNMP, VRRP for IPv6, IPv6 QoS, static routing, OSPFv3, IPv6 SAVI
High reliability 1+1 fast backup
N+1 backup
N+N backup
Portal 1+1 backup
DHCP server hot backup
RF management Setting country codes
Manually/automatically setting the transmit power
Manually/automatically setting the working channel
Automatically adjusting the transmission rate
Blind area detection and repair RF environment scanning, which enables a working AP to scan the surrounding RF environment
RF interference detection and avoidance
SSID-based or Radio-based limit on the number of users
User online detection
Automatic aging of traffic-free users
Prohibiting the access of clients with weak signals
Remote probe analysis
Forced roaming of clients with weak signals
11n-preferred RF policy
SSID hiding
20 MHz and 40 MHz channel bandwidth configuration
Airtime protection in hybrid access of 11bg and 11n terminals
Terminal-based airtime fairness scheduling
Spectral analysis
Terminal locating (A terminal locating algorithm can be embedded in the AC)
Spectral navigation (5 GHz preferred)
11n only
Security 64/128 WEP, dynamic WEP, TKIP, CCMP, and SMS encryption
802.11i security authentication and two modes (Enterprise and Personal) of 802.1x and PSK
WAPI encryption and authentication
LDAP authentication
MAC address authentication
Portal authentication, including built-in portal, external portal, and custom portal authentication modes
PEAP user authentication
Secure access control of APs, such as MAC authentication, password authentication, or digital certificate authentication between an AP and an AC
Radius Client
Backup authentication server
Wireless SAVI
User access control based on AP locations
Wireless intrusion detection system (WIDS) and wireless intrusion prevention system (WIPS)
Protection against flooding attacks
Protection against spoofing attacks
Forwarding security control, such as frame filtering, white list, static blacklist, and dynamic blacklist
User isolation
Periodic Radio/SSID enabling and disabling
Access control of free resources
Secure admission control of wireless terminals
Access control of various data packets such as MAC, IPv4, and IPv6 packets
Forwarding IPv6 access and forwarding; constructing IPv6 WLAN access service on an IPv4 network; providing IPv4 WLAN access service on an IPv6 network; and constructing private IPv6 WLAN network service on an IPv6 network
Fast L2/L3 roaming between APs served by the same AC
Fast L2/L3 roaming between APs served by different ACs
IPv4 and IPv6 multicast forwarding
QoS 802.11e (WMM); and 4-level priority queues, ensuring that applications sensitive to the real-time effect, such as voice and video services, are transmitted first
Ethernet port 802.1P identification and marking
Mapping from wireless priorities to wired priorities
Mapping of different SSIDs/VLANs to different QoS policies
Mapping of data streams that match with different packet fields to different QoS policies
Access control of MAC, IPv4, and IPv6 data packets
Load balancing based on the number of users
Load balancing based on user traffic
Load balancing based on frequency bands
Bandwidth limit based on APs
Bandwidth limit based on SSIDs
Bandwidth limit based on terminals
Bandwidth limit based on specific data streams
Power saving mode
Multicast-to-unicast mechanism
Automatic emergency mechanism of APs
Intelligent identification of terminals
Management Web management
Configuration through a console port
SNMP v1/v2c/v3
Both local and remote maintenance
Local logs, Syslog, and log file export
Fault detection
Login through Telnet
Login through SSH
Dual-image (dual-OS) backup
Hardware watchdog
AC cluster management; automatic information synchronization between ACs in a cluster, and automatic or manual push of configuration information
SSID-based user permission management mechanism