Cisco Cisco Aironet 1310 Access Point Bridge 릴리즈 노트
21
Release Notes for Cisco Aironet Access Points for Cisco IOS Release 12.3(8)JEA1
OL-12427-01
Documentation Updates
•
If participating in WDS, sends a DFS notification of its new operating frequency to the active WDS
device.
device.
Blocking Channels from DFS Selection
You can block groups of channels to prevent the access point from selecting them when DFS is enabled.
Use this configuration interface command to block groups of channels from DFS selection:
Use this configuration interface command to block groups of channels from DFS selection:
[no] dfs band [1] [2] [3] [4] block
The 1, 2, 3, and 4 options designate blocks of channels:
•
1—Specifies frequencies 5.150 to 5.250 GHz. This group of frequencies is also known as the UNII-1
band.
band.
•
2—Specifies frequencies 5.250 to 5.350 GHz. This group of frequencies is also known as the UNII-2
band.
band.
•
3—Specifies frequencies 5.470 to 5.725 GHz. By default, this group of channels is blocked from
DFS selection.
DFS selection.
•
4—Specifies frequencies 5.725 to 5.825 GHz. This group of frequencies is also known as the UNII-3
band.
band.
This is the command that appears in a default configuration:
ap(config-if)# dfs band 3 block
This example shows how to prevent the access point from selecting frequencies 5.150 to 5.350 GHz
during DFS:
during DFS:
ap(config-if)# dfs band 1 2 block
This example shows how to unblock frequencies 5.150 to 5.350 for DFS:
ap(config-if)# no dfs band 1 2 block
This example shows how to unblock all frequencies for DFS:
ap(config-if)# no dfs band block
NAC Support for MBSSID
Networks must be protected from security threats, such as viruses, worms, and spyware. These security
threats disrupt business, causing downtime and continual patching. Endpoint visibility and control is
needed to help ensure that all wired and wireless devices attempting to access a network meet corporate
security policies. Infected or vulnerable endpoints need to be automatically detected, isolated, and
cleaned.
threats disrupt business, causing downtime and continual patching. Endpoint visibility and control is
needed to help ensure that all wired and wireless devices attempting to access a network meet corporate
security policies. Infected or vulnerable endpoints need to be automatically detected, isolated, and
cleaned.
NAC is designed specifically to help ensure that all wired and wireless endpoint devices (such as PCs,
laptops, servers, and PDAs) accessing network resources are adequately protected from security threats.
NAC allows organizations to analyze and control all devices coming into the network. By ensuring that
every endpoint device complies with corporate security policy and is running the latest and most relevant
security protections, organizations can significantly reduce or eliminate endpoint devices as a common
source of infection or network compromise.
laptops, servers, and PDAs) accessing network resources are adequately protected from security threats.
NAC allows organizations to analyze and control all devices coming into the network. By ensuring that
every endpoint device complies with corporate security policy and is running the latest and most relevant
security protections, organizations can significantly reduce or eliminate endpoint devices as a common
source of infection or network compromise.
WLANs need to be protected from security threats such as viruses, worms, and spyware. Both the NAC
Appliance and the NAC Framework provide security threat protection for WLANs by enforcing device
security policy compliance when WLAN clients attempt to access the network. These solutions
quarantine non-compliant WLAN clients and provide remediation services to help ensure compliance.
Appliance and the NAC Framework provide security threat protection for WLANs by enforcing device
security policy compliance when WLAN clients attempt to access the network. These solutions
quarantine non-compliant WLAN clients and provide remediation services to help ensure compliance.