H3C WSG1840X Wireless Integrated Multi-Service Cloud Router Security Gateway

รหัสสินค้า : H3C EWP-WSG1840X

H3C EWP-WSG1840X Wireless Integrated Multi-Service Cloud Router Security Gateway

Model: H3C EWP-WSG1840X

H3C WSG1840X Datasheet Download

H3C WSG1840X Wireless Integrated Multi-Service Gateway

ทางร้านเป็นตัวแทนแต่งตั้ง จากทาง H3C Authorized Thailand

มีราคาพิเศษ งานโครงการ ช่าง ร้านค้า ผู้รับเหมา และออกเอกสารงานโครงการ

พร้อมบริการ แนะนำติดตั้ง ใช้งาน เซ็ต ตั้งค่า ทดสอบเบื้องต้นให้

ติดต่อสอบถามทักไลน์ 0897993376

AP license by default : 64 License

H3C WSG1840X Wireless Integrated Multi-Service Gateway อุปกรณ์ All-In-One Gateway Wireless Controller มาพร้อม 64 AP License, รองรับ 802.1x authentication, L2-L3 Roaming 802.11k/v/r, RF management, AP Load Sharing, Firewall, Antivirus, VPN, Multicast

All-in-one Gateway

The WSG1840X Wireless Integrated Multi-Service Gateway integrates, gateway, security and AC function in one box, which is perfect for SOHO, SMB and SME environment. WSG1840X supports full enterprise controller feature sets, in addition, WSG1840X supports gateway function, such as PPPOE, NAT, dynamic IP address, and static IP address setting function.

802.11ax AP Management

In addition to 802.11a/b/g/ac AP management, the WSG1840X can work together with H3C 802.11ax based SMB APs (See ordering information for details) to provide wireless access speed several times faster than a traditional 802.11a/b/g/ac/ network.

Flexible Forwarding Modes

In a wireless network of centralized forwarding mode, all wireless traffic is sent to an AC for processing which the forwarding capability of the AC may become a bottleneck. Especially on wireless networks where APs are deployed at branches, ACs are deployed at the headquarters, and APs and ACs are connected over a WAN. In this scenario, Distributed forwarding is more suitable. The WSG1840X supports both distributed forwarding modes and centralized forwarding mode and it can set SSID based forwarding as needed.

Smart Roaming Features

l Supports intra-AC roaming, cross-AC roaming, and cross-VLAN Layer 3 roaming

l Portal roaming information synchronization function: AC and AP support Portal users' non-perceived roaming between ACs on a large-scale network, without the Portal mac-trigger server. The wireless controller can independently assume the mac-trigger server function. This reduces the pressure on the portal server and prevents the portal server from becoming a performance bottleneck. When the Portal server is done, the online terminal can still roam without authentication between no less than 10 wireless controllers.

l 802.1X roaming information synchronization function: AC and AP support 802.1X users for fast roaming between ACs on a large-scale network. Support dot1x authentication for fast roaming between ACs. Terminals do not need to do authentication again after roaming to a new AC. Alleviate server pressure and ensure fast access of terminals, and support fast roaming between more than 10 ACs.

l Support 802.11k/v/r fast roaming protocols

Intelligent Channel Switching

l In a WLAN, adjacent wireless APs should work in different channels to avoid channel interference. However, channels are very rare resources for a WLAN. There are a small number of non-overlapping channels for APs. For example, there are only three non-overlapping channels for the 2.4GHz network. Therefore, the key to wireless applications is how to allocate channels for APs intelligently

l Meanwhile, there are many possible interference sources that can affect the normal operation of APs in a WLAN, such as rogue APs, radars and microwave ovens. The intelligent channel switching technique can ensure the allocation of an optimal channel to each AP, thereby minimizing adjacent channel interference. Besides, the real-time interference detection function can help keep APs away from interference sources such as radars and microwave ovens

Intelligent AP Load Sharing

l According to IEEE 802.11, wireless clients control wireless roaming in WLANs. Usually, a wireless client chooses an AP based on the Received Signal Strength Indication (RSSI). Therefore, many clients may choose the same AP with a high RSSI. As these clients share the same wireless medium, the throughput of each client is reduced greatly.

l The intelligent AP load sharing function can analyze the locations of wireless clients in real time, dynamically determine which APs at the current location can share load with one another, and implement load sharing among these APs. In addition to load sharing based on the number of online sessions, the system also supports load sharing based on the traffic of online wireless users

l Support SSID automatic hiding function based on radio resource utilization. When the radio resource reaches or exceeds the configured threshold, the SSID automatically hides to provide users with stable and reliable wireless services.

Layer 4-7 Deep Packet Inspection

The WSG1840X can identify variety of applications and policy control can be implemented including priority adjustment, scheduling, blocking, and rate limiting to ensure efficient bandwidth resource and improve the network quality.

Layer 7 Wireless Intrusion Detection and Prevention Systems (WIDS / WIPS)

l The WSG1840X supports the blacklist, whitelist, rogue device defense, bad packet detection, illegal user removal, upgradeable Signature MAC layer attack detection (DoS attack, Flood attack or man-in-the-middle attack) and counter measures

l With the built-in knowledge base in WSG1840X, you can perform timely and accurate wireless security decisions. For determined attack sources such as rogue AP or terminals, you can perform visible physical location monitoring and switch physical port removing

l With H3C firewall/IPS device, network infrastructure can also implement layer 7 security defense in wireless campus, covering wired (802.11) and wireless (802.3) secure connections on an end-to-end basis

Comprehensive Network Security Protection Capabilities

The rich feature library can complete the detection of popular viruses. It supports anti-virus to botnets, Trojans, and worms. It can identify 1500+ high-profile applications. With rich attack prevention technology, it can support both IPv4 and IPv6. It can provide effective protection against the following attacks:

1) Abnormal packet attacks (such as illegal TCP packet flags, Land, smurf, WinNuke, Ping of Death, Large ICMP Traffic/Tiny Fragment, etc.);

2) Address spoofing attacks (such as IP address attacks, port attacks, etc.);

3) Abnormal traffic attacks (such as Ack Flood, DNS Flood, Fin Flood, HTTP Flood, HTTPS Flood,ICMP Flood, ICMPV6 Flood, SYNACK Flood, SYN Flood, UDP Flood, etc.);

l Security zone—Allows you to configure security zones based on interfaces and VLANs.

l Packet filtering—Allows you to apply standard or advanced ACLs between security zones to filter packets based on information contained in the packets, such as UDP and TCP port numbers. You can also configure time ranges during which packet filtering will be performed.

l Access control—Supports access control based on users and applications and integrates deep intrusion prevention with access control.

l ASPF—Dynamically determines whether to forward or drop a packet by checking its application layer protocol information and state. ASPF supports inspecting FTP, HTTP, SMTP, RTSP, and other TCP/UDP-based application layer protocols.

l AAA—Supports authentication based on RADIUS/HWTACACS+, CHAP, and PAP.

l Blacklist—Supports static blacklist and dynamic blacklist.

l NAT and VRF-aware NAT.

l Security logs—Supports operation logs, zone pair policy matching logs, attack protection logs, DS-LITE logs, and NAT444 logs.

l Routing—Supports static routing, RIP, OSPF, BGP, routing policies, and application- and URL-based policy-based routing.

l Traffic monitoring, statistics, and management.

Next-generation multi-service features

l Integrated link load balancing feature—Uses link state inspection and link busy detection technologies, and applies to a network egress to balance traffic among links.

l Integrated SSL VPN feature—providing secure access of mobile users to the enterprise network.

Flexible and extensible, integrated and advanced DPI security

l Integrated security service processing platform—Highly integrates the basic and advanced security protection measures to a security platform.

l Application layer traffic identification and management.Uses the state machine and traffic exchange inspection technologies to detect traffic of P2P, IM, network game, stock, network video, and network multi-media applications. It Uses the deep inspection technology to identify P2P traffic precisely and provides multiple policies to control and manage the P2P traffic flexibly.

l Categorized filtering of massive URLs—uses the local+cloud mode to provide basic URL filtering blacklist and whitelist and allows you to query the URL category filtering server on line.

l Complete and updated security signature database—H3C has a senior signature database team and professional attack protection labs that can provide a precise and up-to-date signature database.