OmniAccess AP1101 – AOS-WNG R2.

1
Targeted for SMB customers
Anish Verma

1
Agenda

1. SMB IT Challenges
2. AP1101 - Hardware
3. AOS-WNG R2.1
Simplified installation
AP-Group Architecture
Zero touch provisioning – Plug and Play
Simplified Guest Management
High Level feature list

4. Deployment recommendation

2
SMB TOP IT challenges

• SMB Top 10 IT challenges include

- Budget constraints
- Mobile Security
- Finding Qualified and trained person
- Controlling cost/Justification for IT investment

• SMB WLAN solution should have

- Cost effective enterprise Grade solution
- Provide secure wifi access.
- Simple to install and can be managed by non IT-savvy person
- Integrated solution which simple to manage and avoid costly multi-box solution

2015 Top 10 SMB Business Issues, IT Challenges, IT Priorities – techaisle 2015

3
OmniAccess WLAN for SMB

• Cost effective
• Secure
Enterprise Grade • Easy to Deploy & Manage
All Inclusive • Fully integrated solution

SIMPLE SECURE AUTOMATED INTEGRATED

Wizard driven fast Built in ACL Radio Dynamic Built-in AP-Group and AP
installation Adjustment (RDA) Management
Rogue Detection &
AP-Group containment Application aware Built in complete Guest
Architecture scanning Management solution

4
Introducing Alcatel-Lucent OmniAccess OAW-AP1101
Indoor, Plenum rated AP, new AP design
Radios
• Dual radio 2x2:2 11ac Wave1
• 2.4GHz and 5GHz band support
• Built-in antennas (dual band, omni)
• Up to 867Mbps for 5Ghz and 300Mbps for 2.4Ghz radio
• Up to 8 SSID per radio
• Up to 64 concurrent users
Wired connection
• 10/100/1000 single interface
Power
• Max Power consumption – 10 W
• Direct DC source: 48 V DC nominal, +/- 5%
• 802.3af compliant for POE input
• When both power sources are available, DC power takes
priority
Certifications
• WFA certified
• In country radio certification
• UL/CB/EN

5
OAW-AP1101
Item Name Specifications
Back Ethernet Port The OAW-AP is equipped with one 10/100/1000Base-T (RJ-45)
auto-sensing, MDI/MDX wired-network connectivity port.

Console Port The console port is an RJ-45 female connector and can be used to
connect to a terminal for direct local management

DC Power Socket The OAW-AP has a single 48V DC power jack socket to support
powering through an AC-to-DC power adapter, If PoE is not
available, an optional AC-DC adapter kit (sold separately) can be
used to power the OAW-AP-1101.

Security Lock Slot The OAW-AP is equipped with a security lock slot for additional
security.

6
What’s in the box

7
Mounting kits Mounting AP

Attaching ceiling mount Bracket

Part Number Long Description

OAW-AP-MNT-B Next Generation OmniAccess Indoor AP mount kit,Type B1(9/16") and B2(15/16") for T shaped ceiling rail mounting.Standard configuration in the product packaging.

OAW-AP-MNT-W Next Generation OmniAccess Indoor AP mount kit,Type A wall mounting and ceiling mounting with screws.

OAW-AP-MNT-C Next Generation OmniAccess Indoor AP mount kit,Type C1(Open Silhouette) and C2 (Flanged Interlude), for other shaped ceiling rail mounting.

8
OmniAccessTM Campus Indoor 802.11ac Wave 1 Access Points

IAP224/225
IAP214/215 802.11ac:1
802.11ac:1 Dual radio - 3x3:3SS
Dual radio - 3x3:3SS
IAP204/205 1.9 Gbps throughput
1.9 Gbps throughput
802.11ac:1 16 SSID/radio
16 SSID/radio
AP1101 Dual radio - 2x2:2SS Instant or Controller
Instant or Controller
802.11ac:1 1.2 Gbps throughput 2 GE ports
1 GE port
Dual radio - 2x2:2SS 16 SSID/radio
Up to 128 IAPs Up to 128 IAPs
1.2 Gbps throughput Instant or Controller
8 SSID/radio 1 GE port
Controller-less Up to 128 IAPs
1 GE port
Up to 16 APs in an AP-Group
Scalability & Features

AP1101 complements the existing portfolio

9
AOS-WNG R2.1

10
Simplified Installation – how it works

1. First AP configured through

wizard driven GUI. Acts as PVC
(Primary Virtual Controller) Single Web based
management point

2. New APs automatically

connect to AP-Group and
download config

Auto-discovery

3. Whole network is up and AP-Group

running within few minutes.

11
First AP Wizard driven config
over the air access

• First AP boots up, gets IP address

from DHCP server and broadcast
SSID - ‘mywifi-xxxx’ (xxxx is last
4 digit of AP MAC)

• Browse to http://mywifi.al- 3/3

enterprise.com:8080 will
provide access to AP user
interface. (over the air access)

• Once connected. Wizard will

drive the first AP config

12
 One AP-Group supports:
AP-Group Architecture • Up to 16 AP1101
Simple, Controller-less solution
• Up to 256 concurrent
client
• AP-Group is formed within a L2 domain • Up to 16 SSID
• Auto-discovery of AP in AP-Group
• Auto Selection of PVC (Primary Virtual controller) and SVC
(Secondary Virtual controller) based on MAC address. AP-Group
Management via PVC
• PVC provides Single management interface to AP-Group
• PVC is responsible for AP-Group management, including APs
and clients. SVC

• High available solution - if PVC goes down SVC takes over

the role of PVC and another SVC is selected. PVC
• Distributed control functions – including dynamic RF
management, roaming handled by each AP
• Up to 16 APs per AP-Group

AP-Group

13
Zero touch provisioning – Plug and Play
• Support for ZTP w/OmniPCX Office PSTN
Internet
• Support for real-time applications
- VoWLAN support with end to end QoS and OmniPCX Office
seamless roaming (RCE)

OmniSwitch
• Support for built-in simple Guest
6350-P10
Management

• Incentive for ALE VAD/VARs to adopt new Wi-Fi Access

OAW-AP1101
AP
- Common incentive program – Connect IP+ OpenTouch &
- Value add feature for ease of deployment - ZTP OmniPCX Office
with OXO, OS6450, OS6350 Clients MyIC & 8-Series phones

14
Zero touch provisioning – Plug and Play
• OmniPCX Office acts as DHCP and tftp server.
• AP1101 and OS6350 gets IP address and config file from
OmniPCX Office server.
• AP1101 load the Config file and bring up the WLAN

• Config File details

- SSID Employee, Guest and Voice.
- Employee SSID is configured for 802.1x authentication.
- Guest with captive portal.
- Voice SSID has QoS configuration to provide Highest priority
to voice.

15
Intuitive GUI interface

• Designed to provide
consistent look and feels
across PC, Tablet and
Smartphones.
• Designed to take advantage
of tablet’s and
Smartphone’s touch based
interface.
• Consistent with current GUI
standards.
• Customizable color scheme.

16
Radio Dynamic Adjustment (RDA)

• RDA automatically adjusts RF parameters to ensure

optimal WiFi coverage and performance.
• Automatically selects the channel to avoid co-channel
interference
• Automatically adjusts power to minimize interference
and cover the hole in WiFi coverage in case an AP fails
• Individual AP power and channel can be manually
configured to override auto adjustment.
• Power can be adjusted in minimum 1dB increments.
• RDA also supports voice and video aware background
scanning to ensure uninterrupted voice and video
traffic.

17
Rogue AP detection, Mitigation and location
• AP is classified as Rogue AP -
- If an AP is connected on same wired network.
- Interfering AP is broadcasting the same SSID
• Rogue AP can be automatically forced into dynamic
blacklist as per the config.
• AP1101 will send DEAUTH to client associated to rogue
AP to ensure they don’t connect to rogue AP.
• AP1101 also supports AP backlist and AP white list. AP
can be added to white list in bulk using regular
expression.
• Rogue AP location - System automatically detects the
AP which receives strongest signal from the Rogue AP.
Once AP is identified, AP physical location can be
identified using AP locator (LED flashing) functionality.
Rogue AP should be located near that AP.

18
AP locator functionality

• SMB needs simplified tools to locate AP as they don’t

have IT-Savvy staff or tools to locate AP.
• GUI support unique functionality to locate AP by flashing
the LED on AP (Red->Blue->Green->Red->…). One can
visually locate the AP by looking for blinking LED.
• AP locator functionality along with rogue AP detection
can help locate the rogue AP’s physical location.
• AP LED can also be turned off.

19
Role Based Access

• Three roles are supported for GUI access

- Administrator – Full Admin Access
- Viewer – Only has viewing access.
- GuestOperator –
- Designed to simplify managing guest account
which includes adding/deleting/managing guest
user.
- To be used by front desk/receptionist/non it-
savvy person.

20
Built-in Guest Management Solution

• Built-in guest management provides the

necessary components for a guest
management solution, removing the need
to have dedicated external guest
management solution.
• Single management interface to manage
WLAN and Guest.
• Simplifies guest management and reduces
CAPEX and OPEX for SMB.
• Walled Garden – Allow unauthenticated
Guest access to certain websites. Typical
use case – Hotels allow unauthenticated
guest to access hotel website.

21
Captive Portal Customization – 1/3

• Customizable captive portal provides brand

awareness for SMB’s guests.
• Once customized, captive portal page
automates look and feel based on device
(tablet, smartphone) used to access portal.
Instead of PC like captive portal on all devices.
• Option to preview before applying the changes

22
Captive Portal Customization – 2/3
Sample page – customizable components

23
Captive Portal Customization – 3/3
Captive Portal page on phone – look and feel specific to Smartphone
• Captive portal authentication
mode can also be customized
- Username/Passwd
- Access code
- Agree to terms of use

• Once admin chooses an

authentication mode all
guests will see same mode.

• Provides flexibility to
manage guest account.

24
GuestOperator Role
• Designed for Front Guest Account
desk/Receptionist/Non-IT person to Parameters
handle guest account management.
• Unique login for GuestOperator
• Cannot modify the captive portal
options configured by Admin.
• Can only Create/Delete/Manage guest
account. No access to any other config
options including captive portal.
• Duration based Guest Account – 1 day
to unlimited

25
Logging Guest Activity

• Some countries have regulatory/audit

requirements to maintain guest activity
log.
• An external tftp server can be configured
to log guest activity.

26
AOS-WNG R2.1 Feature list – 1/2
Feature Group Feature List
System Initial Setup Wizard
AP-Group Auto Discovery & Self Organization
AP-Group New AP automatically join the AP-Group
AP-Group redundancy - In case of PVC failure SVC takes overs. PVC - Primary
AP-Group
Virtual controller, SVC - Secondary Virtual controller.
Management Single Point of Management via PVC - Central Configuration/Management
Management Monitoring
Management AP-Group Management
Management WLAN Management
Management AP Management
Management Client Management/ Central View on associated Clients on all APs
Management RF Management
RF Distributed Radio Management
RF Manual RF Management
RF Background Scanning
RF Band Steering
RF Radio Dynamic Adjustment (RDA)
RF Dynamic frequency selection DFS
RF Transmit Power Control (TPC)
RF Activate / de activate indepently 2Ghz/5GHz Radio Chains

RF Set Transmit Power levels indepently for 2Ghz/5GHz Radio Chains - 1 dBm step-up

RF CCI detection (Co-Channel interference)

RF Voice/Video Aware Channel CCI detection
Roaming L2 Roaming
Roaming Opportunistic Key Caching
Roaming Fast BSS Transition (802.11r Roaming)
Roaming Radio Resource Management (802.11k)
Roaming BSS Transition Management (802.11v)
Load Balancing Load Balancing based on Terminal SNR / RSSI
Authentication 802.1x/WPA2
Authentication Captive Portal(Internal Portal Server)
Authentication Local User Database
Authentication 802.1X supplicant (on AP)

27
AOS-WNG R2.1 Feature list – 2/2
Feature Group Feature List
Guest Management Configurable/Customizable Captive Portal (Look eand feel) - (logo, main image, terms of use)

Guest Management Separate account for Guest Management - Guest Operator

Guest Management Duration based guest acount
Guest Management Auto expiration of Guest Account
Guest Management Guest Activity logging on remote tftp server
Guest Management Walled Garden
Encryption EAP types supported: PEAP, EAP-TLS, EAP-TTLS,EAP-GTC
Networking DHCP Snooping
Networking DNS Redirect
NTP Client NTP Client
Wireless QoS Voice&Video aware wireless
Wireless QoS Qos maping - WMM to 802.1p/DSCP
M'cast optimzation IGMP Snooping
M'cast optimzation Multicst to Unicast
Firewall ACL
Rogue AP Detect - Indicate SSID for the detected AP, Indicates the MAC address of the
Security
detected AP.
Security Rogue AP Location
Security Rogue AP Containment Over the Air
Security OS Fingerprinting
Security STA Black Listing
Security STA White Listing
Maintenance Configuration Backup and Restore
Maintenance Firmware Upgrade and Restore - Central upgrade
Maintenance Syslog
Maintenance Ping/Traceroute/TCPDUMP
ZTP Zero-touch provision with ALE OXO
LED Lighting Control LED flashing to locate AP
LED Lighting Control Turn off AP LED

28
Deployment Recommendations/Guidelines

• AP can support up to 64 users – But it is advisable to plan 16 user/clients per APs.

• Things to keep in mind before proposing this solution

- R2.1 only support single AP-Group deployment
- AP-Group works in single L2 domain.
- Maximum 16 APs per AP-Group
- 256 clients per AP-Group

• All functionality of R2.1 is included. No extra license needed.

29
Follow us on: Twitter.com/ALUEnterprise

Facebook.com/ALUEnterprise

Youtube.com/user/enterpriseALU

Linkedin.com/company/alcatellucententerprise

Slideshare.net/Alcatel-Lucent_Enterprise

Storify.com/ALUEnterprise

30
enterprise.alcatel-lucent.com

31