Aruba Networks Version 3.3 ユーザーズマニュアル
20
| Campus WLAN Validated Reference Design
Campus Wireless Networks Validated Reference Design Version 3.3
| Design Guide
z
Air Monitors – AMs are deployed at a ratio of one AM for every four APs deployed. These handle
many of the IDS related duties for the network, and will assist in drawing accurate heat maps
displaying graphical RF data. Aruba considers dedicated Air Monitors to be a security best practice
because they provide full time surveillance of the air.
many of the IDS related duties for the network, and will assist in drawing accurate heat maps
displaying graphical RF data. Aruba considers dedicated Air Monitors to be a security best practice
because they provide full time surveillance of the air.
Aruba Campus WLAN Logical Architecture
From a logical perspective, the VRD overlay introduces three new terms into the familiar “core/
distribution/access” framework. They are “Management,” “Aggregation” and "Wireless Access.”
distribution/access” framework. They are “Management,” “Aggregation” and "Wireless Access.”
z
Management
The Management layer provides a distributed control plane for the Aruba User-Centric Network that
spans the physical geography of the wired network. Critical functions provided by the Management
Layer Mobility Controllers include L3 client mobility across Aggregation layer controllers, and
failover redundancy. Typically, larger networks, such as campus systems also off load ARM and IDS
processing from the Aggregation Layer to the Management Layer.
spans the physical geography of the wired network. Critical functions provided by the Management
Layer Mobility Controllers include L3 client mobility across Aggregation layer controllers, and
failover redundancy. Typically, larger networks, such as campus systems also off load ARM and IDS
processing from the Aggregation Layer to the Management Layer.
z
Aggregation
The Aggregation layer is the interconnect point where wireless traffic is aggregated and enters or
exits the wired network. Secure encrypted GRE tunnels from APs at the Wireless Access layer
terminate on controllers at the Aggregation layer. This provides a logical point for enforcement of
roles and policies, and is where the ArubaOS creates the User-Centric Network Experience.
exits the wired network. Secure encrypted GRE tunnels from APs at the Wireless Access layer
terminate on controllers at the Aggregation layer. This provides a logical point for enforcement of
roles and policies, and is where the ArubaOS creates the User-Centric Network Experience.
arun_040
Air monitor
Internet
Local
Local
Master
standby
Data center
Master
active
Web
File
RADIUS
PBX