Aruba NetworksメーカーVersion 3.3の使用説明書/サービス説明書
ページ先へ移動 of 75
Campus Wireless Networks Validated Reference Design Version 3.3 Design Guide.
www.arubanetworks.com 1322 Crossman Avenue Sunnyvale, California 94089 Phone: 408.227.4500 Fax 408.227.4550 Campus Wireless Networks Va lidated Reference De sign Version 3.3 | De sign Guide March 2008 Copyright © 2008 Aruba Networks, Inc. All rights reserved.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Contents | 3 Contents Chapter 1 Introduction 5 Aruba Refere nce Architect ures 5 Reference Documen ts 5 Contacting Aru.
4 |C o n t e n t s Campus Wireless Network s Validated Refer ence Design Versio n 3.3 | Design Guide AP Location and Density Conside rations 35 Office Deployment 35 Voice Deployment 36 Active RFID Tag.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Introduction | 5 Chapter 1 Introduction This design guide is one of a seri es of books that describes Aruba’s User-C.
6 |I n t r o d u c t i o n Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide T elephone Sup port Aruba Corporate +1 (408) 227-4500 F AX +1 (408) 227-4550 Support United S.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Aruba’s User-Centric Network Architecture | 7 Chapter 2 Aruba’s User-Centric Network Architecture This chapter pro.
8 | Aruba’s User-C entric Network Architecture Campus Wireless Networks Validated Reference Design Version 3.3 | Design Guide Introducing Aruba’s User-Centric Network In recent years, controller -based wi reless switch architectures h ave been widely ad op ted to overcome the limitations of the au tonomous AP.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Aruba’s User-Centric Network Architecture | 9 ArubaOS and Mobility Controller This section describes Arub a’s operating system features, optional add-on mod ules and the Mobility Controller that comprise Aruba’s User-Centric N etwork Architectu re.
10 | Aruba’s User-Centr ic Network Architecture Campus Wireless Netwo rks Validated Reference Design Versi on 3.3 | Design Guide Mobility Controller The Aruba Mobility Controller i s the center of the U s er-Centric Network.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Aruba’s User-Cen tric Network Architecture | 11 Multi-function Thin Access Points Aruba’s access points serve multiple functions depend ing on their role in the network.
12 | Aruba’s User-Centr ic Network Architecture Campus Wireless Netwo rks Validated Reference Design Versi on 3.3 | Design Guide Aruba recommends using dedicated Air Monitors fo r deployments of latency sensiti ve applications such as voice an d video.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Aruba’s User-Cen tric Network Architecture | 13 Remote AP Using the Remote AP license, the AP can be used as a remote access device across a WAN.
14 | Aruba’s User-Centr ic Network Architecture Campus Wireless Netwo rks Validated Reference Design Versi on 3.3 | Design Guide the network grows to multiple clusters, a single centra lized view across multip le Master/Local controllers of the following key operat ional data becomes highly desirable.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide A Proof-of-Concept Network | 15 Chapter 3 A Proof-of-Concept Network To help set the stage for the co mplex campus network presented in Chapter 4 on page 19 , it is useful to begin with a very s mall network.
16 | A Proof-of-C oncept Network Campus Wir eless Networks Valida ted Reference Design Version 3.3 | Design Guide In this netwo rk, the AP has been deployed into a conference room, and is con nected to the existing VLAN provided for wi red users.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide A Proof-of-Concept Network | 17 Users will associate to the Access Point and authenticate with the RADIUS server that already exists in the network. Employee users will use the Employee SSID, while guests will use the Guest SSID.
18 | A Proof-of-C oncept Network Campus Wir eless Networks Valida ted Reference Design Version 3.3 | Design Guide.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Campus WLAN Va lidated Reference Design | 19 Chapter 4 Campus WLAN Validated Reference Design This chapter presents a more complex network m odel representing a common Arub a deployment in a large campus WLAN en vironment.
20 | Campus WLAN Valida ted Reference Design Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide z Air Monitors – AM s are deployed at a rati o of one AM for ever y four APs deplo y ed.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Campus WLAN Va lidated Reference Design | 21 Aggregation Layer Mobility Co n trollers allo w user traffi c to stay close to associ ated servers; there is no need to tunnel user traffic all the way to the Management layer.
22 | Campus WLAN Valida ted Reference Design Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 23 Chapter 5 Mobility Controller and Access Point Deployment Deploy.
24 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide The Master is responsible for pr oc essing wi reless intrusion detectio n system e vents, presenting the event and the corresponding wirele ss vulnerability and exploit (WVE) identifier.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 25 Master Controller Redundancy To achieve high availability of the Master Contro ller, use the Master Redundancy method.
26 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide Configure Local Controllers to use the VIP addres s as their Master Controller address as follows.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 27 When one active Local Controller becomes unreac hable, APs connected to the unreachable controller fail over to the standb y Local Controller load ing that controller to 100% capacity.
28 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide production AP load. By contrast Arub a supports up to 2,048 campus-connected APs and 8,192 Remote APs per controller which makes a 1:1 redundancy m odel feasible for th e largest campus deploy ments.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 29 In the second diagram the client devi ce is placed into VLAN 20 0 by th e control ler following completion of the role deriv ation process.
30 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide VLAN Pools Network administrat o rs prefer t o ke ep subnet sizes down to what is commonly referred to as class C network.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 31 Aruba’s VLAN Pooling feature a llows a set of VLANs to be assigned to a designate d group of users. These VLANs can be confi gured as a non-contiguo us set, a contiguous range, or a combination of the two.
32 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide With Mobile IP, the ArubaOS will automatical ly tu nnel traffic b.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 33 When the client ro ams off of its ‘hom e’ network to another network, the network is said to b e attached to a ‘foreign’ ne twork.
34 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide least two conne ctions settin g up redundant link s to two data center dist ribution switch es.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller and Access Point Deployment | 35 VLAN at the Local Controller where a VLAN trun k al ready exists.
36 | Mobility Contro ller and Access Poi nt Deployment Campus Wireless Networks Va lidated Reference Design Version 3.3 | Design Guide Be sure to remember that RF travel s in three dimensions. In a multi-fl oor building, the strongest signal may be above or below rathe r than side-to-side.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 37 Chapter 6 Mobility Controller Configuration Once the ha rdware has been deplo yed there are se veral design decisions re quired to build out a working producti on network.
38 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide names. This all ows the administrat or to define a pa rticular profile once and reuse it as needed which reduces errors and data entry.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 39 AP Groups An AP Group is a unique combination of Conf igurati on Profiles. In general, all profiles are available to be assigned to an AP Group to cr eate a complete co nfiguration.
40 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide SSIDs SSIDs appear as the name o f the network displaye d in the ‘Available Wireless Networks’ screen on a wireless client. W hile many APs in t he same network w ill share the same SSID, each will h ave a unique BSSID.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 41 Role Derivation Aruba uses the term ‘Role Deriva ti on’ to describe the process of determi ning which role is to be assigned to a user.
42 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide Authenticatin g with 802.1X 802.1X was dev eloped to secure wired p orts by placing the port in a ‘blocking’ state until au thenti cation completed using Extensi ble Authentica tion Proto col (EAP).
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 43 Using RADIUS and a WPA2 protected connection as an example, authenticat ion occurs using 802.
44 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide Authenticatin g with Captive Port al For clients that do not support WPA, VPN, or other securit y software, Arub a supports a Web-based captive portal that provides secu re brow ser-based auth entication.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 45 Configuring Roles for Employee , Guest and Application Users The Aruba system is un ique; it comb ines user- based security as a part of the WLAN model.
46 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide Guest Role Guest usage warrants special consideration for enterpri se wireless netwo rks. It is not enough for guest users to be separated from employee users through VL A Ns in the network.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 47 Good guest policy as impl emented by the stateful firewall shou ld only allow the guest to access the local resources that are required for IP connec tivity.
48 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide Create aliases: Create the guest-logon-access policy: Create the auth-gue st-a.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 49 Create the auth-guest role: Configure the guest VLAN: Configure captive port .
50 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide With the appropriate levels of encryption and auth enti cation used, for differ ent users associated and authenticated to the same AP at the same time , the system is completely sec ured.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 51 Role Variation by Authentication Method Role assignment has man y options under the u m brella of ro le derivation.
52 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide Advanced Denial of Service (DoS) pr otection keeps enterprise s safe against a variety of other wire less attacks, incl uding associatio n and de-authenticati on floods, ‘honeypo ts’ and AP or station impersonations.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Mobility Co ntroller Configur ation | 53 ‘Rogue Classificati on’ means the process of dete cting the presence of a Rogue AP and determining which type it represents.
54 | Mobility Controlle r Configuration Campus Wireless Network s Validated Referenc e Design Version 3.3 | D esign Guide.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide RF Planning and Operation | 55 Chapter 7 RF Planning and Operation Wireless networks break many of the old rules when .
56 | RF Planning and Oper ation Campus Wireless Netwo rks Validated Ref erence Design Versio n 3.3 | Design Guide The RF Plan tool is availabl e on the Mobility Co ntroller, Mobil ity Management Sy stem™, and in a standalone version.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide RF Planning and Operation | 57 The ARM system handles setting all power and chan nel sett ing, including mov ing the APs to new channel and power sett ings automatically when ap propriate.
58 | RF Planning and Oper ation Campus Wireless Netwo rks Validated Ref erence Design Versio n 3.3 | Design Guide Aruba recommends that the above settings should be run f o r a minimum o f one hour, and if possible overnight. Onc e the network has settled, t he following configuration should be u sed for normal ARM operation .
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Voice over Wi-Fi | 59 Chapter 8 Voice over Wi-Fi As more enterprises move from pu rely data-driven app l ications and .
60 | Voice ove r Wi-Fi Campus Wireles s Networks Validated Reference Design Version 3.3 | Design Guide call quality. Jitter buffers are used in VoIP network s to smooth out t his effect, but they add delay and must be as small as po ssible. Aruba Mobility Controll ers adjust network settings to mini mize jitter and maximize voice quality.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Voice over Wi-Fi | 61 simultaneous vo ice calls handled by a single AP must be lim ited. This limit vari es based on network conditions and handset manufacturer, and is typically p rovided in a manu factur er’s design guidelines.
62 | Voice ove r Wi-Fi Campus Wireles s Networks Validated Reference Design Version 3.3 | Design Guide.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Multiple Ma ster/Local Cl usters | 63 Chapter 9 Controller Clusters and the Mobility Management System™ The Aruba Mo.
64 | Multiple Master/Loca l Clusters Campus Wireless Networ ks Validated Refer e nce Design Versi on 3.3 | Design Guide Configuration is han dled by the same Profile system discussed n Chapter 6 on page 37 .
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Multiple Ma ster/Local Cl usters | 65 The MMS soluti on will produce a number of stan dard reports to help with trending and capacity planning, and ca n be easily configured t o do custom reporting.
66 | Multiple Master/Loca l Clusters Campus Wireless Networ ks Validated Refer e nce Design Versi on 3.3 | Design Guide The same heat maps and location tools available on the controller are also available on the MMS.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Licenses | 67 Appendix A Licenses To extend the b ase capabilitie s of ArubaOS, a num ber of licensed software module .
68 | Licenses Campus Wir e less Networks Va lidated Referenc e Design Version 3.3 | Design Guide.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide WLAN Extens ion with Remote AP | 69 Appendix B WLAN Extension with Remote AP Remote Access Point (RAP) solutions invol.
70 | WLAN Extension with Remote AP Campus Wireless Network s Validated Refer ence Design Version 3.3 | Design Guide The AP itself should be config ured to perform split tunnel ing.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Alternative De ployment Architec tures | 71 Appendix C Alternative Deployment Architectures This Ca mpus Wire less LAN R eferenc e Architec ture re presents a large scale, hig hly available WLAN deployme nt model in a single large campus e nviro nment.
72 | Alternative De ployment Architectur es Campus Wireles s Networks Validated Reference Design Version 3.3 | Design Guide Figure 1 Mobility Controller located in the network data center Figure 2 Mob.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Alternative De ployment Architec tures | 73 Redundancy in this mod e l is handled vi a Master redun dancy, with both controllers acting as a Master Mobility Cont roller.
74 | Alternative De ployment Architectur es Campus Wireles s Networks Validated Reference Design Version 3.3 | Design Guide Figure 4 A single Master Mobility Co ntroller pair backs up a ll Local Mobility Controllers In this scenario the Local Contro ller a customer would select will typically be a MMC-3000 series controller.
Campus Wireless Ne tworks Validated R eference Design Vers ion 3.3 | Design Guide Alternative De ployment Architec tures | 75 Pure Remote Access Deployment In some instances, the scale of the Remote A.
デバイスAruba Networks Version 3.3の購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
Aruba Networks Version 3.3をまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはAruba Networks Version 3.3の技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。Aruba Networks Version 3.3の取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。Aruba Networks Version 3.3で得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
Aruba Networks Version 3.3を既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はAruba Networks Version 3.3の不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、Aruba Networks Version 3.3に関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちAruba Networks Version 3.3デバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。