Information Technology Reference
In-Depth Information
Access to this VLAN is filtered. Such placement ensures that any attacks launched on
these servers are contained within that segment.
Yo u s h o u l d c o n t r o l n e t w o r k a c c e s s t o t h e s e r v e r s . C o n s i d e r t h e W L A N a n u n s e c u r e d s e g -
ment and apply appropriate segmentation and access lists. Such a step ensures that WLAN
access is controlled and directed to only those areas that need it. For example, you might
not want to permit WLAN access to management servers and HR servers.
Yo u m u s t a l s o p r o t e c t t h e s e s e r v e r s a g a i n s t n e t w o r k a t t a c k . T h e c r i t i c a l i t y o f t h e s e s e r v e r s
makes them an ideal target for denial-of-service (DoS) attacks. Consider using network
based intrusion detection systems (IDS) to detect network attacks against these devices.
This section covers the Cisco Unified Wireless Network (UWN) architecture, Control
and Provisioning for Wireless Access Point (CAPWAP), WLAN controller components,
roaming, and mobility groups. Cisco UWN components provide scalable WLAN solu-
tions using WLAN controllers to manage LWA P s . The CCDA must understand how these
components work with each other, how they scale, and how roaming and mobility
groups work.
Cisco UWN Architecture
With the explosion of wireless solutions in and out of the enterprise, designers must cre-
ate solutions that provide mobility and business services while maintaining network secu-
rity. The Cisco UWN architecture combines elements of wireless and wired networks to
deliver scalable, manageable, and secure WLANs. As shown in Figure 5-2, the Cisco
UWN architecture is composed of five network elements:
Key
To p i c
Client devices:
These include laptops, workstations, IP phones, PDAs, and manufac-
turing devices to access the WLAN.
■
Access points:
These devices provide access to the wireless network. APs are
placed in strategic locations to minimize interference.
■
Network unification:
The WLAN system should be able to support wireless appli-
cations by providing security policies, QoS, intrusion prevention, and radio fre-
quency (RF) management. Cisco WLAN controllers provide this functionality and
integration into all major switching and routing platforms.
■
Network management:
The Cisco Wireless Control System (WCS) provides a cen-
tral management tool that lets you design, control, and monitor wireless networks.
■
Mobility services:
These include guest access, location services, voice services, and
threat detection and mitigation.
■
Cisco UWN provides the following benefits:
Reduced total cost of ownership (TCO)
■
Enhanced visibility and control
■
Dynamic RF management
■
