Alcatel-Lucent omniaccess Manuale Utente
OmniAccess RN: User Guide
58
Part 031650-00
May 2005
In the topology shown above the client connect to the Alcatel Access Points
(both wireless and wired). The wired access points tunnel all traffic back to the
Alcatel switch over the existing network.
(both wireless and wired). The wired access points tunnel all traffic back to the
Alcatel switch over the existing network.
The Alcatel switch receives the traffic and redirects relevant traffic (including
but not limited to all HTTP/HTTPS, Email protocols such as SMTP, POP3) to
the AntiVirusFirewall (AVF) server device to provide services such as Anti-virus
scanning, email scanning, web content inspection etc. This traffic is redirected
on the “un-trusted” interface between the Alcatel switch and the
AntiVirusFirewall (AVF) server device. The Alcatel switch also redirects the
traffic intended for the clients – coming from either the Internet or the internal
network. This traffic is redirected on the “trusted” interface between the
Alcatel switch and the AntiVirusFirewall (AVF) server device. The Alcatel switch
forwards all other traffic (for which AntiVirusFirewall (AVF) server does not
perform any of the required operations such as AV scanning). An example of
such traffic would be database traffic running from a client to an internal
server.
but not limited to all HTTP/HTTPS, Email protocols such as SMTP, POP3) to
the AntiVirusFirewall (AVF) server device to provide services such as Anti-virus
scanning, email scanning, web content inspection etc. This traffic is redirected
on the “un-trusted” interface between the Alcatel switch and the
AntiVirusFirewall (AVF) server device. The Alcatel switch also redirects the
traffic intended for the clients – coming from either the Internet or the internal
network. This traffic is redirected on the “trusted” interface between the
Alcatel switch and the AntiVirusFirewall (AVF) server device. The Alcatel switch
forwards all other traffic (for which AntiVirusFirewall (AVF) server does not
perform any of the required operations such as AV scanning). An example of
such traffic would be database traffic running from a client to an internal
server.
The Alcatel switch can also be configured to redirect traffic only from clients in
a particular role such as “guest” or “non-remediated client” to the
AntiVirusFirewall (AVF) server device. This might be done to reduce the load on
the AntiVirusFirewall (AVF) server device if there is a different mechanism such
as the Alcatel-Sygate integrated solution to enforce client policies on the
clients that are under the control of the IT department. These policies can be
a particular role such as “guest” or “non-remediated client” to the
AntiVirusFirewall (AVF) server device. This might be done to reduce the load on
the AntiVirusFirewall (AVF) server device if there is a different mechanism such
as the Alcatel-Sygate integrated solution to enforce client policies on the
clients that are under the control of the IT department. These policies can be
Wireless
Users
Users
Wired Users
Corporate
Network
Network
DMZ /
Internet
Internet
Un-trusted Interface
Trusted Interface
Fortinet
AntiVirusFirewall
server