 |
| » |
|
|
| |
|
| » |
|
| » |
|
| » |
|
| » |
|
|
| |
|
| » |
|
| » |
|
| » |
|
|
| |
|
| » |
|
|
| |
|
| » |
|
|
| |
|
|
» |
|
| » |
|
|
| |
|
| » |
|
|
| | |
| | |
| |
|
|
|
 |
|
|
|
|
|
|
|
|
|
| |
|
|
- Choice and flexibility:
- Leveraging the versatility of the Switch 5300xl
series, the ProCurve Switch xl Access Controller Module
unifies wireless and wired mobility user access control in
a 5300xl intelligent edge switch platform to meet the
mobile LAN demands of today—and it easily scales as your
business needs change.
- The Switch xl Access Controller Module enables network
managers to easily deploy edge-enforced access control on
any or all 5300xl ports or integrate user access control
into new highly scalable and secure 5300xl switch-based
networks.
- The modular design of the 5300xl allows network
designers to leverage port type, density, and PoE
capability to deploy a secure and cost-effective mobile
LAN as an integrated component of a 5300xl intelligent
edge switch.
- As your mobile LAN grows, the edge-enforcement
capabilities of the Switch 5300xl easily scale by simply
installing an additional Switch xl Access Controller
Module in any ProCurve 5300xl intelligent edge switch.
- Identity-driven policy management:
- Rights-based network access control
and management: enables network
administrators to easily create and maintain robust access
policies that permit or deny mobile access to network
resources based on user identity, location, and time of
day
- Same mobile LAN for all
users: you don't need to deploy separate
networks since identity-based access control allows
multiple types of users (employees, visitors, temporary
workforce) on the same network to access specific network
services without risk to network security or unauthorized
access to sensitive data
- Precise control over who has access
to what and when: centrally managed
access policies combined with edge-enforced packet
inspection allow or deny user access to specific network
services at the edge of the network, including services
such as Internet or intranet Web access, FTP, telnet,
specialized application servers, or any network element
that can be identified by port and IP address
- Wireless data privacy:
- Client VPN sessions are terminated using
non-proprietary, built-in VPN clients of Microsoft Windows
and Apple Macintosh operating systems and third-party VPN
clients.
- IPSec, PPTP, L2TP/IPSec, or SSH tunnels are used to
encrypt wireless traffic with DES, 3DES, Blowfish, CAST,
or AES, providing the utmost in wireless data privacy.
- User authentication and appropriate access to network
resources can be controlled at the edge of the network
since all secure tunnels terminate at each 5300xl edge
switch.
- Client-based bandwidth rate limiting:
prioritizes network bandwidth based on business need
by setting limits on upstream and downstream bandwidth based
on user, group, time, and location
- Roaming across subnets: helps
ensure that users maintain persistent connectivity to the
network and applications
- Standards-based authentication support
for LDAP, Active Directory, and 802.1X: seamlessly
integrates into existing authentication services or uses the
built-in database
- 802.1Q VLAN support:
- Supports standards-based tagging based on user or
point of network access
- Allows placement of wireless traffic on separate VLANs
- Provides application of filters based on VLAN ID
- Misconfigured service management and
proxy redirection: allow secure, transparent login
for guests or users who have changed their client network
configurations
- Anti-MAC address spoofing:
prevents untrusted users from gaining access by
spoofing a trusted user's MAC address
- Complete session logging:
provides detailed information for problem
identification and resolution
» Return
to top
|
|
| |
|
|
| |
|
|
|
|
|
|
|
|
|
|
