Obviously, secure management is but one element of a WLAN security implementation. With support for 802.1x, WPA, VPN termination and pass-through, hardware AES encryption and captive-portal authentication, Airespace's Enterprise Platform can handle just about any security challenge. Simple Web-based login is offered through the customizable captive portal, a handy capability when you can't imagine implementing other alternatives, such as 802.1x or VPN, in your environment. Any user with a browser-based device--including visitors and guests--can gain access with user- or group-specific access restrictions.
To help thwart WLAN intrusions, the 4100 has a blacklist feature that will prevent a user from performing an 802.11 association for an administratively configurable amount of time following a definable number of failed logins. The system also can perform rogue AP detection, notifying administrators in the event an unauthorized AP appears. It can even prevent users from associating to the rogue device--by essentially launching a denial-of-service attack on it!
Setup and testing went off without a hitch. We had the 4100 and its accompanying APs up and running in less than 10 minutes. Airespace is trying hard--and largely succeeding--in making installation as simple as possible, so you don't need an RF specialist to install and administer its product. The Web management interface is generally intuitive, without sacrificing power and flexibility. An IOS-like command line is also supported.
Subnet roaming was clean and easy. In addition to supporting 802.1x, Airespace can terminate IPsec (IP security) sessions and allow full-context mobility across subnets. Performance was at or near the top of the pack for our single- and multistation tests, both with 11a (maximum throughput of 25.7 Mbps) and 11b (maximum throughput of 6.6 Mbps). Range was also impressive: 802.11b coverage was at the top of the pack, about the same as that of Cisco and Symbol. Range for 11a was the best of any product tested, likely confirming the soundness of the antenna design.
Airespace Wireless Enterprise Platform, Airespace, (866) 546-2100, (408) 635-2000. www.airespace.com
Aruba Wireless Networks delivered an excellent proposal based on its highly scalable Aruba 5000 wireless switch and Aruba 52 multipurpose AP. Although configurable to support direct connection of as many as 72 APs, this beefy, $30,000, 3U device is clearly a better fit at the distribution or backbone layer rather than the edge closet. And that's exactly where Aruba pitched it to us, connected to our backbone switch via Gigabit Ethernet in what amounted to an appliance configuration.