Alcatel-Lucent OmniAccess 3500 User Manual
OmniAccess 3500 Nonstop Laptop Guardian Administration Guide
• A hardware acceleration module for IPsec encryption/decryption, key
management, and compression.
• A hard disk for storage of local information and application caching.
• A secure management interface for driving all OmniAccess 3500 NLG operation,
• A secure management interface for driving all OmniAccess 3500 NLG operation,
administration, management, and provisioning (OAM&P) procedures.
The OmniAccess 3500 NLG gateway terminates the secure remote-access tunnels,
manages user credentials and security policies (up to 16K users in the OmniAccess 3500
NLG R1.2), and provides storage and file transfer capabilities in support of third-party
remote-access and device-management applications. The OmniAccess 3500 NLG
manages user credentials and security policies (up to 16K users in the OmniAccess 3500
NLG R1.2), and provides storage and file transfer capabilities in support of third-party
remote-access and device-management applications. The OmniAccess 3500 NLG
gateway also cooperates with the OmniAccess 3500 NLG card in ensuring that vertical
handovers (run-time connectivity switchovers from one laptop interface to another)
are not disruptive to running network applications.
handovers (run-time connectivity switchovers from one laptop interface to another)
are not disruptive to running network applications.
Figure 2 - Recommended placement of the OmniAccess 3500 NLG gateway within the
network
The OmniAccess 3500 NLG gateway is best deployed as a stub of the enterprise
firewall at the edge of the enterprise network (Figure 2): the firewall and the
OmniAccess 3500 NLG gateway exchange encrypted traffic over the external interface
of the gateway and decrypted traffic over its internal interface. This way the firewall
can apply full protection both to the external interface of the OmniAccess 3500 NLG
gateway and to the inner portion of the enterprise network. Alternative, sub-optimal
arrangements can also be adopted to match topological and functional peculiarities
that may be found in the pre-existing network infrastructure.
Multiple instances of the OmniAccess 3500 NLG gateway can be deployed within the
OmniAccess 3500 NLG gateway exchange encrypted traffic over the external interface
of the gateway and decrypted traffic over its internal interface. This way the firewall
can apply full protection both to the external interface of the OmniAccess 3500 NLG
gateway and to the inner portion of the enterprise network. Alternative, sub-optimal
arrangements can also be adopted to match topological and functional peculiarities
that may be found in the pre-existing network infrastructure.
Multiple instances of the OmniAccess 3500 NLG gateway can be deployed within the
same enterprise network to increase capacity and extend geographical coverage and
service availability. In the OmniAccess 3500 NLG R1.2, each OmniAccess 3500 NLG
gateway is installed with its own management system instance and serves its own set
service availability. In the OmniAccess 3500 NLG R1.2, each OmniAccess 3500 NLG
gateway is installed with its own management system instance and serves its own set
4