Secure Wireless
SECURE ENTERPRISE MESH
Secure Enterprise Mesh allows outdoor and indoor enterprise environments to be networked without any wires – and with the security and reliability of a wired LAN. In sharp contrast to existing wireless mesh technologies (used primarily for metro deployments), Secure Enterprise Mesh meets enterprise requirements including bullet-proof security, reliability, easy installation and simplified management. Secure Enterprise Mesh solution allows access points (APs) to be placed wherever needed. No fiber runs or Ethernet cabling are required, easing installation, reducing deployment costs and lowering the number of Ethernet ports required. LTI's Secure Enterprise Mesh allows any AP to act as a centrally controlled mesh AP. Applications and users get equivalent service and security regardless of whether on a wired or mesh AP, indoors or outdoors.
Click the topic headings below to learn more:
Secure Enterprise Mesh can support all enterprise wireless needs including WiFi access, concurrent Wireless Intrusion Protection, wireless backhaul, LAN bridging, and point-to-multipoint connectivity, all with a single common infrastructure. Quality of Service capabilities provide effective converged support for data, voice and video. Secure Enterprise Mesh is an excellent solution for connectivity applications, including inter-building connectivity, outdoor campus mobility, wire-free offices, and wireline back-up; security applications, such as video and audio monitoring, alarms and duress signals, and industrial applications and sensor networks.
Benefits:
- Secure enterprise mesh supports WiFi access, concurrent Wireless Intrusion Protection, wireless backhaul, LAN bridging, and point-to-multi point connectivity
- Well-suited for connectivity, security and industrial applications
- Efficiently supports converged voice, video, and data applications
LTI's Secure Enterprise Mesh features cooperative control technology which uses an intelligent link management algorithm to optimize traffic paths and links. Mesh Points communicate with their neighbors and advertise a number of RF and link attributes (e.g., link cost, path cost, node cost, loading) that allow them to make intelligent selection of the best path to take for the application. Mesh paths and links automatically adjust in the event of high-loads or interference. Further, application tags for voice and video traffic are shared to ensure latency sensitive traffic is prioritized over data. The cooperative control technology also provides self-healing functionality for the mesh network in the event of a blocked path or AP failure.
Benefits:
- Intelligent RF link management determines optimal performance path
- Allows the network to self-organize
- Self-healing functionality in the event of blocked path or AP failure
Secure Enterprise Mesh solution provides a flexible, wire-free design allowing access points and Air Monitors to be placed wherever they are needed – indoors and outdoors. The absence of fiber or cable runs significantly reduces network installation costs and requires fewer Ethernet ports. The solution fully integrates with the Aruba Mobile Edge Architecture, enabling a single, enterprise-wide network. Secure Enterprise Mesh is based on programmable software and does not require specialized hardware; virtually any indoor or ruggedized outdoor access can function as a mesh point.
Benefits:
- Full integration with Aruba Mobile Edge Architecture
- Wire-free design; no fiber or cable runs required
- Indoor and outdoor use
- Any Aruba access point can be a mesh point
Aruba Secure Enterprise Mesh networks can be segmented into highly-available clusters allowing failures and interference-driven problems to be contained to a single cluster rather than rippling through the entire network. Clusters can support multiple mesh portals for load balancing and redundancy. Additionally, mesh points can support multiple mesh profiles, defining which cluster they join and switching preferences for alternate clusters in the event of a problem. Mesh points support a recovery profile, unique to the customer's network and automatically configured upon provisioning. If a mesh point cannot associate to a mesh cluster, it will cycle through its profiles until it can. If unsuccessful, it will associate to its recovery profile to be recovered and reprovisioned by the mobility controller. No need to climb towers or the plenum if you lose a mesh point.
Benefits:
- Provides for auto-redundancy and high availability
- Allows a large mesh to be segmented into highly available clusters
- Contains interference-driven issues to a single part of the network
Secure Enterprise Mesh solutions handle all encryption and decryption centrally in the mobility controller. With this architecture, data is encrypted end-to-end, all the way from the client to the core, and at no point are encryption keys stored in the mesh access points. Following best practices originally specified for military communication systems, this architecture affords the greatest protection for network data, even in the event that a mesh access point is stolen. Additionally, security policies are centrally managed from Aruba Mobility Controllers, which offer ultra-high bandwidth, capacity, and availability. This field-proven architecture allows tight policy control and enforcement, significantly simplifies overall network management, scales to support the largest of enterprises, and provides fault tolerance when used with redundant controller features unavailable on even the most sophisticated access point-centric schemes. For low security threat, peer-to-peer latency sensitive applications, the Aruba Secure Enterprise Mesh can also support a distributed crypto model.
Benefits:
- Data is encrypted end-to-end, from client to core
- Network is protected even if a mesh access point is stolen
- Security policies are centrally managed from Aruba Mobility Controller
Secure Enterprise Mesh solutions handle all encryption and decryption centrally in the mobility controller. With this architecture, data is encrypted end-to-end, all the way from the client to the core, and at no point are encryption keys stored in the mesh access points. Following best practices originally specified for military communication systems, this architecture affords the greatest protection for network data, even in the event that a mesh access point is stolen. Additionally, security policies are centrally managed from Aruba Mobility Controllers, which offer ultra-high bandwidth, capacity, and availability. This field-proven architecture allows tight policy control and enforcement, significantly simplifies overall network management, scales to support the largest of enterprises, and provides fault tolerance when used with redundant controller features unavailable on even the most sophisticated access point-centric schemes. For low security threat, peer-to-peer latency sensitive applications, the Aruba Secure Enterprise Mesh can also support a distributed crypto model.
Detailed Network Management and Topology Mapping
- Graphical topology planning tools including coverage heat maps and automatic link budgets
- Full network visualization including floor plans and maps with network topology
- Management and troubleshooting tools via command line interface, Web user interface and Aruba Mobility Management System
applications
- Wireless Mesh Backhaul-One of the more straightforward approaches for wireless backhaul.
- Wireless Mesh Point-to-Point- To bridge multiple Ethernet LANs, a point-to-point application would be best suited.
- Wireless Mesh Point-to-Multi-Point- With this application type, you can connect multiple Ethernet LAN segments, or remote areas, in a similar format to mesh networking.
- Rajant Deployable Mesh- Whether deployed as a first responder or in a remote location, access to vital information and maintaining complete reliable communication is necessary. In an increasingly technologically focused environment we tend to take our tools for granted. That is why LTI has partnered with Rajant Corporation, to be able to offer our customers a unique and innovative way to establish those all essential communications.
To expand your wireless coverage without bridging Ethernet LAN segments, you can still use Aruba’s thin AP architecture with adding a wireless backhaul to the wired network via a secure mesh link. In this scenario, the mesh point provides network access for wireless clients and establishes a mesh path to the mesh portal, which uses its wired interface to connect to the master controller.
You can bridge multiple Ethernet LANs via the wireless mesh backhaul link that carries traffic between the mesh point on the far end and the mesh portal on the near end. This alleviates having to configure two separate bridge devices; the Mesh APs provide communication over a single hop mesh link so as to extend your wireless coverage and maintain the same security posture on the distant end since all traffic is tunneled to the WLAN controller.
This type of environment is more like a traditional wireless mesh deployment. You can connect multiple Ethernet LAN segments or the distant remote areas that require centralized connectivity even if they aren't connected to a wired network. They can simply act as wireless users that connect to the installed mesh point. You also have the luxury of deploying multiple mesh point APs that inter-connect to each other over the air while hopping across the secure mesh backhaul until it reaches the wired network via the mesh portal. All traffic sent from the wireless users is securely tunneled between all mesh points, no matter how many, to the wired mesh portal where traffic is decrypted and forwarded appropriately by the WLAN switch.
Rajant has configured its technology into a portable and durable product called a BreadCrumb. Each BreadCrumb is a small, battery powered unit that has the capability of instantly establishing a wireless meshed network in almost any condition including disadvantageous environments. When deployed the Breadcrumb will create secure, self-sustained, non-line-of-sight, wireless mesh system.
The BreadCrumb product is very flexible in that it can be configured in almost any deployment to include the harshest of environments. The BreadCrumb is also compatible with various security hardware vendors, as needed, whom which implement the most stringent security protocols, Fortress Technologies, FIPS 140-2 Validated and Harris Secnet 11, Type 1 Encryption. With its small form factor and versatility it can exceed any requirement.
Datasheets
- Solution Overviews-
- Deployable Wireless Solutions: Mission Critical Wireless Connectivity
- Secure Enterprise Mesh: Aruba's "No Wires" Solution
- Security and Surveillance: Rajant Solution Application Overview
- Wireless Security: Wireless Intrusion Detection & Prevention Solutions
- WAN Optimization and Wireless Combined for Superior Results for the Mobile Worker (Riverbed and Aruba)
- ArubaOS: Wireless Intrusion Protection
- Services Overview- LTI Wireless Solutions:
Full Life Cycle Services and Support to meet
Wireless Infrastructure and Integration Goals - Product Datasheets-