SonicWall SonicWave Deployment Guide
Glossary
91
Dedicated third scanning radio
Most SonicWave access points include a dedicated scanning radio that performs continual scanning
of the wireless spectrum for rogue access points plus additional security functions that help with PCI
compliance.
Wireless intrusion detection and prevention
Wireless intrusion detection and prevention scans the wireless network for unauthorized (rogue)
access points and then the managing firewall automatically takes countermeasures, such as
preventing any connections to the device.
Wireless guest services
Wireless guest service enables administrators to provide internet-only access for guest users. This
access is separate from internal access and requires guest users to secure authenticate to a virtual
access point before access in granted.
Lightweith hotspot messaging
LIghtweight hotspot messaging extends the SonicWall wireless guest services model of differentiated
internet access for guest users, enabling extensive customization of the authentication interface and
the use of any kind of authentication scheme.
Captive portal
Captive portal forces a user’s device to view a page and provide authentication through a web
browser before internet access is granted.
Virtual access pont segmentation
Administrators can create up to eight SSIDs on the same access point, each with its own dedicated
authentication and privacy settings. This provides logical segmentation of secure wireless netword
traffic and secure customer access.
Cloud ACL
An extension to local ACL, cloud ACL is deployed and managed from a centralized RADIUS server in
the cloud. This eliminates local ACL scalability issures, enabiling organizations to confiugure
authentication accounts base on their specific requirements. In addition, MAC authentication can be
enforced on all WiFI-enabled device even if they are not capable of 802.1x support. This adds
another layer of protection to the wireless network.
Multi-RADIUS authentication
Multi-RADIUS Authentication provides enterprise-class redundancy by enabling organizations to
deploy multiple RADIUS servers in actively/passive mode for high availability. Should the primary
RADIUS server fail, the managing SonicWall firewall discovers the failure and switches to the
secondary server, ensuring wireless devices can continue to authenticate. Further, multi-RADIUS
authentication can be supported on each virtual access point and configured for WPA-Enterprise
WPA2-Enterprise or WPA2-Auto-Enterprise mode.
Granular security policy enforcement
Network administrators can implement and enforce firewall rules on all wireless traffic and control all
wireless client communications to any host on the network — wired or wireless.
Deployment and Management
Simplified setup and centralized management
SonicWave access points are automatically detected, provisioned and updated by the cloud or
through SonicWall next-gen firewalls. WLAN administration is also handled directly from the
managing firewall, simplifying setup and centralizing ongoing management.
WiFi planner
To optimize access point placement before deployment, the WiFi planning tool provides
comprehensive visualization of the WiFi environment including obstacles that impact signal
performance plus both covered and non-covered zones.
To Next Page
Loading...
