Trapeze Networks MXR-2 Mobility Exchange MXR-2-EU Data Sheet
Product codes
MXR-2-EU
2
DATA SHEET — MOBILITY EXCHANGE
™
MXR-2
™
Reliability
• Spanning tree and per-VLAN spanning tree (PVST+)
• Resilient network attachment via any MX port
• N: redundant MX capabilities
• Resilient network attachment via any MX port
• N: redundant MX capabilities
SECuRITY
Authentication
• Supports complete local AAA authentication, including 802.x, as primary
or backup to a centralized AAA server
• Supports multiple AAA server groups and can load share across multiple
AAA servers or within a server group
• Generates and manages X.509 digital certificates
• Assigns and enforces per-user authorization policies that are managed
• Assigns and enforces per-user authorization policies that are managed
centrally from the AAA back-end
• Authorizations include virtual private group membership, personal firewall
filters, time-of-day/day-of-week access, encryption type, and location-
specific policies
specific policies
• IEEE 802.x with multiple EAP types (TLS, PEAP/MSCHAP, TTLS)
• WebAAA, MAC, Open
• WiFi WPA2 Enterprise certified
• WebAAA, MAC, Open
• WiFi WPA2 Enterprise certified
Encryption Key Management
• Encryption distributed in Mobility Points
• MX generates master and session keys
• Provides key management for each encryption technique
• MX generates master and session keys
• Provides key management for each encryption technique
Identity-based Networking
• User credentials define access and network resource privileges
• Privileges and services follow users as they roam
• Maintains a user’s membership in the right virtual private group based on
• Privileges and services follow users as they roam
• Maintains a user’s membership in the right virtual private group based on
the user’s authenticated identity
• Dynamically enables Virtual Private Groups to support roaming across
router boundaries
• Centralized management and control
Endpoint Assurance
• Trusted Computing Group (TCG) - Trusted Network Connect (TNC)
compliant
Intrusion Detection and Protection
• ActiveScan
™
rogue and denial-of-service (DoS) attack detection — Scan
all bands, associated channels and VLANs, while simultaneously providing
wireless connectivity to mobile clients
wireless connectivity to mobile clients
• SentryScan
™
— Scan the air nonstop on both bands and their associated
channel while other MPs support wireless LAN clients
• Rogue detection, Intrusion Detection System (IDS) and RF
countermeasures
• Trapeze/AirDefense integrated Intrusion Detection and Prevention
- Best in class IDS/IPS
- Common Trapeze MP hardware for sensor and service APs
- Dynamic threat management- convert MPs to sensors on demand
- Threat location and mitigation
- Common Trapeze MP hardware for sensor and service APs
- Dynamic threat management- convert MPs to sensors on demand
- Threat location and mitigation
MOBILITY SERvICES
Data Services
• Data-intensive applications
• Latency-sensitive applications
• Latency-sensitive applications
Standards-based toll quality voice
service
service
• VoIP protocol support
• 802. e/WMM compliant
• Queuing and priority (802.e/WMM)
• Preserve voice priority across network (802.i PMK cache, WMM)
• Bandwidth control for voice (TSPEC)
• Maximize handset battery life (U-APSD)
• Neighbor report assisted roaming (802.k)
• 802. e/WMM compliant
• Queuing and priority (802.e/WMM)
• Preserve voice priority across network (802.i PMK cache, WMM)
• Bandwidth control for voice (TSPEC)
• Maximize handset battery life (U-APSD)
• Neighbor report assisted roaming (802.k)