Trapeze无线定位解决方案（可编辑）

Trapeze无线定位解决方案（可编辑） Trapeze无线定位解决方案 中英文日报导航站com 中英文日报 导航站com 中英文日报导航站com 中英文日报导航站com Trapeze Networks A BELDEN Brand Proprietary and Confidential Slide LA-200E 的性能卓越服务器端RSSI 指纹可靠- 不受AP 发射功率变 化的影响准确- 区分楼层和周边地区最高的准确度和精密度最快的 寻找响应时间任何Wi-Fi 客户端不仅仅是标签无负载WLAN 控制器 Trapeze Other tech 10 米99 90 5 米97 50 3 米95 50 平均寻 找时间30 秒5 分钟最快寻找时间10 秒1 分钟设备4000 2500 中 英文日报导航站com Trapeze Networks A BELDEN Brand Proprietary and Confidential Slide 动态授权基于位置当日 时间带宽利用应用可用资源事件和更多加密业内最全面的移动安全 架构AAA 服务器恶意AP 恶意用户可信任的客户端X X 认证 加密 8021X EAP-TLS PEAP TTLS MAC Web 80211i WPA WPA2 TKIP AES CCMP DODD 81002 和FIPS 140-2 有效入侵防护核心WIDSWIPS 扫描检测定 位禁用恶意行为等针对40 种攻击类型的防范措施不可信任的客户端 8021X 认证RingMaster 端点完整性检查入侵防护应用防火墙每用户 站点组策略执行应用感知服务质量安排地理安全SmartPass 应用防 火墙LA-200E 和射频防火墙认证 端点完整性RADIUS LDAP 可信 任的网络连接可信任的计算组Microsoft NAP Juniper UAC Cisco NAC 中英文日报导航站com Trapeze Networks A BELDEN Brand Proprietary and Confidential Slide 卓纪思RTLS 概述只有 卓纪思拥有完整的WLAN 和RTLS 解决方案LA-200E 提供所有的RTLS 应用基础卓纪思解决方案更加准确灵活和可扩展专利的RSSI 指纹不 受射频变化的影响定位为Wi-Fi 安全增加全新的范围射频防火墙带 来即时周边锁定 The benefits of location services are numerous Tracking and managing high value mobile assets can save time and money for an organization in several ways Optimize processes for inventory management Prevent losses due to thefts by tracking assets in real time Sometimes assets are not fully utilized because they are not readily available Organization often end up purchasing additional equipment Via real time tracking assets can be accesses and utilized more efficiently This results better ROI on the asset Manually searching for misplaced assets costs time and money Real time location of the missing asset helps reduce operational costs Location services can also be used to track people for safety and security purposes In healthcare facility tracking the whereabouts of high risk patients can help staff to to improve patient care and protect them Tracking essential staff in times of emergencies can save time and lives All wired networks already have a lot of security components and wireless needs to fit within that framework So a lot of the wireless security features that are needed to allow wired and wireless to co-exist are simply table stakes Authentication and encryption –this was being done before on wired networkseg 8021X has been used widely on wired networks within the AAA framework for many years and was later ratified for use on wireless networks Of course there are many new standards that apply only to wirelessbut these have been driven by the IEEE and WFA and every serious enterprise player supports them Authorization and Endpoint security –Again must-haves in a wired networkin the past with non-mobile devices and lots of bandwidth static authorization every time you plug into a network port is more than enough There are many products that do Endpoint Integrity checking to ensure the device is safe and virus free and properly configured and Trapeze supports the related standards Again these are table stakes for any serious network Application Firewalls –All enterprise networks need to control what people can do depending on how and where geographically they entered the network Whether its limiting bandwidth for remote VPN users giving VoIP the right QoS and bandwidth reservations or stopping users from going to porn sites –this is table stakes and not our domain of responsibility Intrusion Protection –Most vendors have very adequate Wireless Intrusion Protection Prevention mechanisms that can handle the majority of common threats such as DOS attacks and Rogue access points This is not a big differentiator for anyone and very few enterprises willing to pay for dedicated security sensors Trapeze was actually the first to incorporate Air Defenseinto our security frameworkit was a great story but no-one bought it –because improving standards closed the window on WIDSWIPS But the mobility aspect of wireless networking undermines some of the existing mechanisms Furthermore lets not forget that even with 11n this is shared Ethernet But people are trying to put voice and video on it all while moving around Static Authorization is not enough It needs to be Dynamic just as a users ability to move around is dynamic Dynamic Authorization spans these three areas Authorization Application Firewall and Intrusion protection And is ultimately part of the foundation for advanced service provisioningwhich will become the next battle ground for wireless networks in 2010 and beyond Quick History Lesson With the introduction of 80211i and WPA2 in 2006 security is pretty much table stakes these days However until and during 2005 when wireless was getting a bad rap as a result of highly publicized WLAN break-ins such as TJ a small window of opportunity existed for advanced WIDSWIPS solutions Companies like AirTight AirDefense AirMagnet and others figured out how to address approximately 200 of the more obscure attack types in addition to the 40 or so Core WIDSWIPS capabilities now supported by most WLAN vendors During the window when WIDSWIPS was thought to be necessary for the most stringent security Trapeze was the first and only vendor to tightly integrate its Management solution with those of a leading WIPSWIDS vendors RingMaster is tightly integrated AirDefense management and the combined solution saves about 50 on the cost of dedicated sensors compared with using AirDefense as a pure overlay on any other WLAN vendors infrastructure Since Air Defense was recently acquired by Motorolla and since the MP-372 only supported AP has been discontinued the relevance of this past integration is largely diminshed It is inadvisable to mention this as part of our solution unless the client asks for it AND has a large installed base of MP-372 access points Since that time it has become clear that 99 of enterprises either dont feel the need for advanced WIDSWIPS protection or simply arent willing to pay for it In fact the most common deployment of advanced WIDSWIPS turns out to be in the Financial Services sector in order to prevent the deployment of wireless at all FIPS Federal has its own standards known as FIPS 140-2 and Trapeze is one of only 3 vendors that are FIPS validated SMARTPASS SmartPass is a unique application that enabled Dynamic security authorization based on users location time of day what activities they are performing and so on No one else has this capability SmartPass is becoming an integral part of our holistic approach to security and mobility services provisioning and has an important role to play in enforcing Dynamic Access Control and Intrusion Prevention Built-in Firewall and IDS Unlike other vendors that charge for embedded firewall features for their WLAN controllers Trapeze Networks AP Controllers have built-in Firewall ACLs and IDS capabilities that requires no license fee to enable Endpoint Integrity integration Trapeze Networks partners with Best-in-class vendors eg Microsoft Juniper to support endpoint integrity systems and supports open standards initiatives in this area Trusted Computing Group Safe and scalable guest access The Smart Mobile solution includes SmartPassTM the most flexible and easiest to use guest access authentication system in the industry User account types are customizable to enterprise needs but individual accounts are easily created via a Browser interface SmartPass also supports dynamic authorizations allowing an