Soluções de Dados Avaya | Router, VPN e WLAN

Avaya
Networking
Rafael Rocha, Sales Engineer | Westcon Convergence
Programação
1. Introdução (02/set - 10:00)
2. Conceitos básicos I (16/set - 10:00)
3. Conceitos básicos II (07/out - 10:00)
4. Conhecimento aplicado (21/out - 10:00)
5. Switches empilháveis (11/nov - 10:00)
6. Switches modulares (25/nov - 10:00)
7. Gerenciamento e NAC (09/nov - 10:00)
8. Roteadores, VPN e WLAN (21/dez -15:00)
Premiação
Participe de todas as sessões de Dados (8 sessões) e responda aos
quizzes no final de cada sessão.
Acumule pontos e concorra a um Web Prêmio de R$ 500,00.
Quem acumular maior pontuação nos quizzes, será o vencedor!!!
Para participar da premiação é necessário:
- Preencher os quizzes a serem realizados ao término de cada sessão (Aprox. 15 minutos);
- Pontuação máxima por evento: 100 Pontos;
- Para concorrer ao prêmio é necessário ter atingido o mínimo de 85% de participação na série
de Webinars Westcon & Avaya.
Regras para Desempate:
1º. Número de presenças nos Treinamentos Online (quantidade de sessões assistidas);
2º. Pontuações máximas obtidas nos quizzes;
3º. Número de vendas (Avaya) em pedidos colocados na Westcon.
Link para Apresentações da Série
http://br.westcon.com/content/vendors/avayanes/apresentacoes-e-documentos-treinamentosonline-westcon-avaya
Soluções de Dados
Ethernet
Switching
Wireless
Networking
Unified
Branch
Access
Control
Unified
Management
Branch
& Remote
Enterprise
Campus
Data Center
Investimento agressivo no portifólio
5
Consolidação de Filial
 Entrega a plataforma de
sobrevivência de voz SIP para a filial
 Consolida o networking da Filial em
IP Phones / Analogue Phones / PCs / Wireless APs / Legacy PBX
menor número de dispositivos
altamente integrados
– Reduz a complexidade da rede
& diminui os custos de CAPEX e
OPEX
PBX / Call Server
LAN Switch
High-performance
traditional Routing
Consolidated
functionality
Firewall
VPN
 Fornece aos usuários uma
Wide Area Network
experiência de alta qualidade
– Independentemente das
aplicações ou serviços utilizados
ao longo da rede
6
Secure Router
Data Centre
Resiliência de Voz & Dados para Filiais Remotas
 Convergência de dados, voz e
segurança em um único dispositivo
de baixo custo
–
Nortel
Telset
Nortel
Softphone
SIP
Telset
Application
Plug-Ins
Serviços integrados: roteamento IP,
gateway PSTN, VPN & Firewall
Branch
 Entrega de serviços de voz
resilientes & “abertos”
–
–
“Failover” para SR PSTN gateway
quando a conexão com o Servidor
SIP falhar
Compatibilidade com servidores de
chamada SIP e telefones Nortel e de
terceiros
SR 2330 / 4134
PSTN
Wide Area Network
Secure Router
 Assegura a qualidade dos serviços
Central Site
tanto de voz quanto dados
–
QoS avançado, VRRP, dial back-up
7
SIP Call Server
Avaya AuraTM “Novo” Modelo para Filiais
System Manager
CM
MM
CM
CM
VP
MX
App
Aplicação
Filial
Avaya SR4134
8
PSTN
Avaya AG2330
“Unified Networking” para Filiais & Escritórios
 Consolida UC, Voz, Gateway &
funções de Networking
–
Em uma plataforma integrada,
confiável e de alta performance
Take the award-winning SIP-based
Software Communications System…
 Entrega uma solução completa de
comunicações para o SMB e filial
–
Em uma preço competitivo
 Aumento da produtividade e
…and add it to the
SR 4134 with the
SCS Server Module
colaboração dos funcionários
–
Suporta até 250 usuários com todas
funcionalidades de UC
 Diminuição dos custos operacionais
–
4-5X a confiabilidade de múltiplos
dispositivos separados
–
Diminuição dos custos de energia
elétrica e facilities
9
Delivers on the promise of UC, in a complete,
unified Voice & Data solution
Portfóllio Secure Router
Price/Performance
Portfólio de Roteadores Empresarias
SR4134
SR2330
Plataformas de Filial Convergente
Capacity / Density
10
Portfólio Secure Router
Secure Router
Chassis and IO
SIP-VoIP
• 7 Slot chassis
• IPv4, RIP, OSPF,
BGP, GRE, PBR,
VLAN, Multicast
• DS3/CT3/HSSI, Serial,
BRI/PRI, T1/E1, ADSL
SR 4134
• Up to 76 ports 10/100POE
58 ports 10/100/1000
• 2x1000BT, 2xSPF base
• Hosted server module
• SIP Gateway
• Survivable SIP
Proxy/user
agent,
Registrar
• FXS/DID/FXO/
CAMA/BRI/
PRI interfaces
• 3 Slot chassis
• T1/E1/Sync/PRI/BRI
SR 2330
• 2x1000BT, 4x100BT,
2xSPF base
Data Features
• CAS, BRI, PRI
QSIG, E1 R2
signaling
• SIP trunks
• PPP, MLPPP, FR,
MLFR, BCP,
HDLC
• IPv6, MPLS L2
VPN (SR4134,
SR2330)
• 8-queue QoS
• Filters, ACL,
Stateful Firewall
• NAT
• Denial of Service
• IPSec VPN (sitesite, remote
access)
• VRRP
• SNMP, CLI, PCAP,
RMON, RADIUS
Secure Routers para a Filial Convergente
SR 2330
SR 4134
12
Ideal como:
 Roteador convergente para filiais pequenas / médias ou
localidades remotas
 Ambientes com necessidades de conectividade T1/E1, Serial,
ADSL ou Ethernet WAN
 Gateway de voz SIP resiliente de bom custo/benefício para
localidades remotas
Ideal como:
 Roteador convergente para filiais maiores ou localidades remotas
 Ambientes com necessidades de conectividade de alta velocidade
ou múltiplos enlaces WAN
 Gateway de voz SIP resiliente de maior capacidade para
localidades maiores
 “Unified networking solution” combinando serviços de UC, Voice, &
Data em um único dispositivo
Vista Fontal e Traseira do SR2330
•
•
Three Small Module Slots
(Compatible with SR4134)
Two Optional Internal Modules (not hotswappable)
•
•
•
•
VPN HW Acceleration (SCIM)
Packetized Voice Module (PVIM)
Four Gigabit Ethernet Ports (two Copper
and two Fiber)
Four Fast Ethernet Ports
3 x Small
Modules
• External CF Slot
• Console Port
• 12VDC Input for optional External
redundant Power Supply
• 1RU High
• LED Indicators
• All IO Interface Modules are Hot
Swappable
• Removable top for field serviceability
Redundant 12VDC
Power Input
Rear View
Front
View
Power
Entry
13
4 x Fast
Ethernet
Ports
4 x Gigabit Ethernet Ports
(2 1000BaseT and 2 SFP)
Console
Port
Compact
FLASH
SR 2330 – Resumo do Produto
Detalhes da Plataforma
Software e serviços
•IPv4, IPv6 and Multicast routing
•Frame relay (MLFR), PPP (MLPPP),
HDLC
•MPLS L2-VPN (Ethernet, PPP, HDLC)
•L2/3 Ethernet Switching
•Security services (firewall, IPSec VPNs,
NAT, hardware encryption)
•SIP Gateway and Survivability
Confiabilidade
WAN
PSTN
2xFXS
4xFXS
2xFXO
4xFXO
1xT1/E1/PRI
2xT1/E1/PRI
ADSL2+
1xSerial
2xSerial
BRI
1xT1/E1/PRI
2xT1/E1/PRI
BRI
•Port Resiliency (MLPPP, MLFR,
802.1ad)
•Platform Resiliency (VRRP, BGP multihoming)
•Platform Redundancy (power, cooling,
hot-swap_
•MPLS Fast Reroute
•Survivable SIP Gateway
Rentabilidade
•Cost effective as survivable SIP
Gateway on existing data networks
•Extremely cost effective as converged
branch with VoIP, routing, security, QoS
and WAN
SR2330: Módulos Internos
•Opcional: Packetized Internal Voice Module (PVIM)
•
Para habilitar voz, a instalação é necessária !!!
•Opcional: Security Co-processor Internal Module for
VPN acceleration and IPsec (SCIM)
•
Para habilitar VPN, a instalação é necessária !!!
PVIM
PVIM Habilita VOZ !
Sobrevivência SIP
• SSM (SIP survivability module)
Media Gateway
• SIP-PSTN
15
SCIM
Advanced Gateway 2330
Posicionamento e Funcionalidades Chave
•
Voz com custo/benefício para filiais
•
•
•
Provê serviços locais de PSTN/ voz quando a conectividade
para o servidor central SIP falhar
Provides local PSTN/voice services if connectivity lost to the
central SIP server
Preço competitivo para um upgrade de voz em roteador Cisco
Funcionalidades Chave
– Voice media gateway with FXO, PRI and FXS interface options
– SIP Survivable voice for up to 100 users
– Certified with Avaya Aura™, CS1K and other SIP servers
– Compatible with Avaya 9600 IP Deskphones and other Avaya and 3rd-party SIP
devices
– Software upgrade option to full-function WAN router
Posicionamento
– Cost-effective “basic” survivable gateway solution for small to mid-size branches
– Best for enterprises who may want to later upgrade to a full-featured WAN router
Gateway custo / benefício para filiais em implementações centralizadas
de Avaya Aura™
Advanced Gateway 2330
Multiplos pacote
•
Bundled options based on the Avaya Secure
Router 2330 hardware
•
•
•
Bundle includes chassis, voice gateway
hardware and associated software licenses
Separate bundles for FXO and PRI options
Componentes de voz incluem:
•
•
•
Integrated packet voice module DSP module
(factory-installed)
25-user SIP user survivability license
(upgradeable to 100)
PSTN interface modules
– AG2330-2FXO: 2xFXO and 2xFXS
– AG2330-4FXO: 4xFXO and 4xFXS
– AG2330-PRI: 1xPRI and 4xFXS
•
AG2330- 2FXO
AG2330- 4FXO
2x FXS
4xFXS
2xFXO
4xFXO
AG2330-PRI
32 channel DSP license (for AG2330-PRI)
• Um slot livre para expansão
4xFXS
Upgrade de software converte o Advanced Gateway em um
Secure Router 2330
1xT1/E1 PRI
Advanced Gateway 2330 para Aura e outros Call Servers
Highlights
> Sobrevivência SIP com
interaces modulares
PSTN
> Certificado com Avaya
Aura & telefones 9600
Aura, CS1K, CS2K/A2E, CS2100,
SCS, OCS R2, 3rd party
Certified with
Aura CM/SM
5.2.1
> Opção de filial SIP “thin
client” para
implementações
centralizadas Aura
> Também certificado com:
CS 1000 R6.0, CS 2100,
SCS, Microsoft OCS R2
e outros
WAN
AG 2330
Data Center
SIP-based
UC/VoIP server
PSTN
AG 2330
> Fabricante único para
solução de UC central e
filial
> Também soluciona
necessidades de
roteamento da filial
18
Overview de Solução – Gateway de Sobrevivência SIP
Com Avaya Aura™ Communication Manager / Session Manager
HQ
PSTN
CM
100’s of
branches
SM
UC Apps
Mobility
Messaging
Application
Conferencing
Advanced
Gateway
2330
MPLS
WAN
 Nas condições normais todos os telefones
recebem suas funcionalidades do QG
 Durante as falhas na WAN, o gateway SIP da
filial prove conectividade PSTN (troncos
analógicos) e chamadas interna à filial
 Durante as falhas na WAN, o gateway SIP
funciona como um proxy/registrar, possibilitando
que os telefones se registrem nele
Caminho normal
da sinalização
Solução de baixo
custo que habilita
as filiais a
permanecerem
conectadas
Caminho de falha
na WAN
Proposta de Valor do SR 4134
•
Plataforma modular de roteamento
multi-serviço
•
•
•
3 x Medium Module Slots, or 1 x Large Slot (using 2 Medium)
4 x Small Slots
Diminuição de TCO – Consolidação
de filiais e localidades remotas
•
•
•
Integrates Routing, WAN, Voice
Gateway, security and LAN
Switching/ POE
Server module that can host UC or
other applications
Cost savings through reduced
operational expense, maintenance
and facilities
Reduced WAN OPEX through
bandwidth efficiency
Solução de convergência de voz e
dados
•
•
•
•
Extend resilient SIP voice services to
the branch
All-in-one site solution for UC
deployments
Nortel SCS
Microsoft OCS Mediation services
20
4 x Gigabit
Ethernet Ports
2 x PSUs
Capacidade do SR 4134
WAN/LAN
31 x T1/ E1s (physical)
3 x Medium Modules
84 x T1 (logical) through CT3
1 x Large Module
(use 2 Medium Modules)
3 x DS3
4 x Giga
Ethernet
3 x HSSI
7 x serial (V.35/X.21)
72 = 3 x 24-port 10/100 with PoE
34 GbE ports =
3x10-port 10/100/1000 nonblocking module + 4 onboard
4 x Small
Modules
Voice
64 FXO/FXS ports (w/ Voice
Carrier module)
128 DSP channels
21
Overview do Produto - SR 4134
Detalhes da Plataforma
Software e serviços
•IPv4, IPv6 and Multicast routing
•Frame relay (MLFR), PPP (MLPPP),
HDLC
•MPLS L2-VPN (Ethernet, PPP, HDLC)
•L2/3 Ethernet Switching (incl. POE)
•Security services (firewall, IPSec VPNs,
NAT, hardware encryption)
•SIP Gateway and Survivability
Confiabilidade
WAN
LAN
8xT1/E1
2xFXS
4xFXS
1xDS3
1xCh DS3
1xT1/E1/PRI
2xT1/E1/PRI
ADSL2+
PSTN
10x10/100/1000
1xSerial
2xSerial
BRI
24x10/100
24x10/100 POE
2xFXO
4xFXO
1xT1/E1/PRI
2xT1/E1/PRI
BRI
•Port Resiliency (MLPPP, MLFR,
802.1ad)
•Platform Resiliency (VRRP, BGP multihoming)
•Platform Redundancy (power, cooling,
hot-swap_
•MPLS Fast Reroute
•Survivable SIP Gateway
Application hosting
•SCS for up to 250 users
SCS server module
SR4134 – Módulos Internos
PVM e VPN Ipsec Module
Módulo PVM – Habilita Voz
Para habilitar voz, a instalação é necessária !!!
Sobrevivência SIP
• SSM (SIP survivability module)
Media Gateway
• SIP-PSTN
Módulo interno de VPN
Para habilitar VPN, a instalação é necessária !!!
• Capacidade de 1000 túneis
• Suporte ao VPN Client (Contivity)
• Versão 10.2
SR4134 – Power Supply
Power supplies are available in the following wattage:
• 250 W AC
• 660 W AC (410 W available for PoE)
• 250 W DC
Alternativas:
• one or two standard AC input modules
• one or two Power over Ethernet (PoE) AC input modules
• one standard AC and one PoE AC input module
• one or two DC modules
• one AC (standard or PoE) and one DC module
SR 4134 com SCS integrado
• Challenge: Multiple discrete
devices required to deploy a
complete communications
solution
UC + Data + Voice +
Security solution in a single
cost effective platform
• Solution: All-in-one UC, Voice &
Data for SMB or Enterprise
Branches in a single device
• Business Value:
• Complete SMB or
Enterprise Branch solution
for up to 250 users
• Reduced operational
expenses
25
 Fewer devices, less configuration,
less maintenance, increased
reliability
 Reduced facilities costs, reduced
power & cooling requirements
Gateway de Voz Integrado e Resiliente
•
•
•
Integrated PSTN Gateway with
Routing, WAN & Security services
Data Center
PSTN connectivity
•
•
T1/E1 PRI, BRI, FXS & FXO
Up to 64 DSP channels for SR 2330
& up to 128 DSP channels for SR
4134
PSTN
Avaya Communications
Server 1000 or
3rd party SIP call
servers
Optional Office
Communications
Server 2007
Mobile
SIP Survivability
•
•
•
•
•
Phone & call routing services
maintained when SIP Call Server
connectivity is lost
Inbound & outbound calls through
PSTN
Intra-site calls with local services
(e.g. conferencing, transfer)
Supports Nortel & 3rd-party SIP
Phones
Avaya/Nortel 1120E/1140E, LG
Nortel 6800/8800, Polycom 320
26
IP
WAN
Secure Router
2330 / 4134
PSTN
Branch
Mobilização da força de trabalho
 Melhoria da Continuidade de
Secure Portable Office
Negócios & aumento da
produtividade para trabalhadores
móveis
User Access via SPO Token
Fast, simple, secure,
network access
– Acesso remoto customizável
 Acesso simplificado às aplicações
Access from any
PC & location
Home
corporativas com a Aplicação Cliente
pré-carregada
 Aumento da segurança no Desktop
Internet
iCafe
Transit
com “lock-down” & wiping” – nenhum
dado deixado para trás
 Memória portátil flash segura sem
VPN
simples utilização
27
Decouples location
from productivity
Leverages existing
VPN & NAC infrastructure
risco para informação confidencial
– Autenticação de dois fatores de
Integrates with
acceleration technologies
Data Centre
Simplifies provision
of Application access
Enterprise
Network
Campus
Benefícios de um Gateway VPN
Extende o acesso remoto seguro a empregados e não-empregados
Entrega aplicações de serviço para usuários móveis e baseados em casa
Assegura a continuidade do negócio em casos de desastres naturais ou
acasionados pelo homem
Mix of End User and Security Requirements
Information Security Mandates
Multiple User
Communities
Avaya VPN Gateway
Avaya Solution
• Client based and Clientless access
Mobile Users
Sales
Finance
HR
Teleworkers
Multiple
Device Types
Partners
CRM
Sharepoint
Unified Comm
Application Complexity
Mergers
28
• Malware protection
• Information loss prevention
Thin Client
Contractors
• Role based information isolation
• Strong 2-factor authentication
• Corporate, regulatory compliance
• Multiple device support – PC, Mac,
Mobile, Linux
• Secure Portable Office – USB flash
• Extended, secure Unified
Communications
Appliance Virtual otimizado para Vmware
Portfólio VPN
Carregável em qualquer hardware compatível
com VMware ESX or ESXi
10 - 250 concurrent
IPsec/SSL Sessions
Virtual Appliance
3050
VPN Gateways
10 - 500 concurrent
IPsec/SSL Sessions
Virtual Appliance
3070
Sem cobrança para o Virtual Appliance –
apenas faça o download do software
•
Nota: por padrão o Virtual Appliance não
contem nenhuma licença, logo, o produto
precisa ser licenciado para habilitar as
funcionalidades
Simplesmente adquira as licenças desejadas
(SSL & Ipsec, SPO, etc) & habilite as
funcionalidades como em uma versão de
HW
Clientes podem instalar quantos Virtual
Appliances quantos necessários e utilizar
Cluster para atingir a capacidade necessária
29
Secure Portable Office
• Uses USB Drive for portable Client
environment to efficiently deliver personalized
suite of corporate applications on any PC
Corporate
Applications
Voice,
Collaboration,
Multimedia
Intranet
Web-mail
• Protects temporary work environment
• Leaves no trace or presence
• SPO is built around new functions of the VPN
Gateway
Remote PC
30
USB Secure access, Session Control
VPN Gateway
Emergency Remote Access
•
•
•
•
•
•
Solução de baixo custo para capacidade adicional de licenças de acesso VPN
para casos de emergência / calamidade
Uma vez instalada, está pronta para uso, sem intervenção manual
Quando a capacidade licenciada for excedida, as licenças ERA são acionadas
Uma vez ativadas, permanecem válidas por 60 dias
Necessário contato com Avaya para poder reinstalar as licenças para a
proxima emergência
Note 1: Must include a maintenance agreement in order to use the return authorization process for the
ERA license.
Licenciamento
• Licenças de acesso são compartilhadas entre um cluster
redundante
• Licenças são contabilizadas por acessos simultâneos
• SSL / IPSEC
• Emergency Remote Access (ERA)
• Licenças de funcionalidade necessitam ser instaladas
em cada equipamentos
• Secure Portable Office
• Necessário licença para habilitar a função
• Consome 1 licença SSL (IPSEC apenas não serve)
• Licenças por “seat”, não por acesso simultâneo
• Uma licença por pen-drive
• Licença de Application Virtualization (Ceedo).
32
VPN Gateway Summary
Feature/Capabilities
VPN 3050 Virtual Appliance
VPN 3070 Virtual Appliance
Entry-level Virtual
Appliance for VM Systems
Expanded Virtual Appliance
for VM Systems
Supports 1-4 interfaces
Supports 1-4 interfaces
250
500
SSL VPN Users
10 - 250
10 - 500
IPsec VPN Tunnels
10 - 250
10 - 500
Depends on Server
Depends on Server
Deployment
Copper Interfaces
Fiber Interfaces
Maximum concurrent VPN
Tunnels
SSL acceleration (tps)
33
VPN Summary
VPN 3050
Virtual
Appliance
VPN 3070
Virtual
Appliance
SR 2K
SR 4K
250
500
100
1.000
SSL VPN Users
10 - 250
10 - 500
0
0
IPsec VPN Tunnels
10 - 250
10 - 500
100
1.000
Site-Site VPN
Sim
Sim
Sim
Sim
RAS VPN
Sim
Sim
Básico
Básico
Suporte a VPN Client
(ex-Contivity)
Sim
Sim
Sim
Sim
Gratuito (*)
Gratuito (*)
Módulo
Módulo
Funcionalidade/
Capacidade
Maximum concurrent
VPN Tunnels
Modo
* Licenças de acesso IPSec/SSL são pagas. Virtual Appliance não possui nenhuma.
34
Soluções de Dados
Ethernet
Switching
Wireless
Networking
Unified
Branch
Access
Control
Unified
Management
Branch
& Remote
Enterprise
Campus
Data Center
Investimento agressivo no portifólio
35
Wireless LAN em Transição
Na direção da empresa totalmente sem fio
Unified
2010+
Overlay
2005+
Value/Market
Standalone
2000+
Wireless Hot Spot
•
•
On-site Mobility
Convenience
I
36
True 802.11n bandwidth
and performance
•
•
Support for all applications
•
Increased adoption
•
Full Wi-Fi footprint
Unified infrastructure
including management.
•
Primarily data
•
Universal mobility
•
Unwired deployments
Occasional use
Standalone AP‟s
All Wireless Access
Productivity
II
•
TCO/Transformation
III
36
Arquitetura WLAN Atual
 Redes Separadas
Phone
PDA
Laptop
Phone
– Cabeada & Wireless
 Aquitetura Centralizada
– Thin Access Points
– Centralized Dual Function
Wireless Controller
• Control Point (control traffic)
• Switching Point (data traffic)
Wireless Controller
 Desafios
– Inefficiências
– Hardware não-otimizado
– Limitações em escalabildade
37
Descobrindo o potencial das redes Wireless
 Alta capacidade de
recuperação
– Controladores
Wireless virtualizado,
disponível e
protegidos
 Escalabilidade contínua
– Controler e switches
escaláveis de forma
independente e de
diferentes formas
 Redução de custos
– Controladores
wireless virtualizado
sem amarração a
hardware
38
Arquitetura de
Próxima Geração
“Split Plane”
Controle com disponibilidade
Alta performance da rede e
escalável
Switch de acesso
Wireless virtualizado e escalável
Rede de dados e controle
crescendo independentemente
Software de wireless nos
switches
Controladores Virtualizados
Aplicações, hosts e
servidores
Controladores wireless
virtualizados
Introduzindo WLAN 8100 Series
 Uma nova geração de solução wireless LAN que combina os novos padrões
802.11n com uma nova arquitetura unificada wired/wireless
 Atende às necessidades das nova época de “Empresas Sem Fio”,
entregando resiliencia, eficiência e escalabilidades sem precedentes
 Desenvolvido dentro da Avaya beneficiando-se da rica herança de voz e
wireless
 Caminho do futuro para as empresas procurando soluções de WLAN
otimizadas para tráfego de dados e em tempo real como voz, UC e vídeo
39
WLAN 8100 Release 1
WAP 8120
 Complete 802.11n solution
 WLAN Access Point 8120
•802.11n
•Dual radio
WC 8180
WC 8180 -16L
 WLAN Controller 8180
 WLAN Management
Software 8100
•Support for up to 256
APs
•Lower cost option for
small branch deployments
 Unified Management
•Support for 16 APs
 Broad range of wireless
application opportunities
WLAN Management Software 8100
40
* Delivered via software in future release
 Strong VoWLAN support
Overview: WLAN 8100
• A solução WLAN 8100 inclui no mínimo os seguintes
componentes:
•
•
•
WC 8180, WLAN Controller available with 16AP or 64 AP licenses, upgradeable in
increments of 64.
AP 8120, 2 Radio 802.11n Access Points
WMS, WLAN Management System
41
WLAN Controller 8180
Innovative Split Plane architecture
• Escalável
•
Facilitates moving Data plane and/or
Control plane to Core/Edge switches
Additional Module
(data or control)
• Capacidades
•
•
•
•
•
•
•
•
•
•
Support for up to 512 802.11n APs
(256 in Release 1); 10 Gbps
Lower cost option (WC 8180-16L) for
smaller branch deployments (16
licenses)
12F and 12Cu GbE
32 Controllers /Cluster
Dual-Redundant Power Supply
FIPS 140-2 Ready
10Gbps add-on processor capable
L2 & L3 secure seamless roaming
RADIUS/LDAP Integration
WebUI, CLI, SNMPv3
Redundant
Power
Supplies
NPU
Copper/Fiber ports
42
2 10G ports
WLAN Access Point 8120
Dual Radio 802.11n AP
•
Performance
•
•
Industry leading VoWLAN performance
Capabilities
•
•
•
•
•
•
•
•
•
•
•
3 Antenna MIMO, 2 Spatial Streams,
up to 300 Mbps bandwidth
802.11n & Legacy 802.11a/bg
Control plane encryption
802.11e, 802.11r, CAC, 802.1p, DSCP
GigE interface with 802.3af POE
WMM, UAPSD, TSPEC (802.11e)
Certified
802.11i/WPA2 Security
Internal & External MIMO Antenna
arrays
2 Radio version
FIPS 140-2 ready
Capable of Distributed Forwarding
WLAN Access Point 8120
43
Aplicações: Guest Access
Id Engines: Guest Manager
• Convenient network
connectivity for guests and
temporary users
• Front-desk personnel
generate unique user
ID/password for each visitor
• Associated security profile
• Time of day
• Restricted locations
• Unified wireless and wired
guest access manager
• Simplified operations
44
Muito Obrigado!
Rafael Rocha, Sales Engineer | Westcon Convergence
[email protected]
(+55 21) 3535-9314
(+55 21) 9640-3054
Rock Solid Resiliency
• Auto AP load
balancing
• AP & Controller
clustering
• Many to many
redundancy
• Hitless failover
• Wireless Controllers
virtualised
• Availability is
46
Always Secure
WMS Client
AirTight Server
• Authentication &
Encryption
• Supports today‟s
strongest security
standards
• Wireless Intrusion
Detection and
Protection
• Secure Network
Access
47
Intranet
WLAN AP 8120
Alarms
Analysis
Location
Trending
AirTight Sensor
Applications: Voice over WLAN
• Enforced QoS over
wireless link
• Advanced Call
Admission Control
• Scalable
• Low latency & jitter
• Seamless Roaming
• High resiliency
• End to end Solution
48
Avaya 3641
IP Wireless Phone
Avaya 3645
IP Wireless Phone
Applications: Location Services
Application (eg. Locating/Tracking)
“Dr
John
J. Smith
is here”
X
• Find & track assets
in real time
• People, Equipment,
Inventory, Wi-Fi devices
X
Ekahau RTLS
Server
Infusion
pump
• Save money
• Reduce loss/theft
• Overlay tracking
application
• Ekahau client/server
components
communicate over WLAN
8100
• High resolution accuracy
WC 8180
WAP 8120
Asset Tag
Laptop
Asset Tag
PDA
50
802.11a,b/g & n Comparison
802.11b
802.11g
802.11a
802.11n (2H08)
Compatibility
802.11b
802.11b,g
802.11a
Number of
Channels
3 nonoverlapping
3 nonoverlapping
Typical
Indoor Range
100 ft - 300 ft
30,48 mt – 91,44 mt
100 ft - 300 ft
30,48 mt – 91,44 mt
Typical
Outdoor
Range
(Line of
Sight)
400 ft - 1500 ft
121,92mt - 457,2 mt
400 ft - 1500 ft
121,92mt - 457,2 mt
100 ft - 1000 ft
30,48 mt – 304,8 mt
Farther than
802.11a,b/g
54, 48, 36, 24,
18, 12, 9, and 6
Mbps
54, 48, 36, 24,
18, 12, 8, and 6
Mbps
Up to 600 Mbps
Data Rates
11, 5.5, 2 and 1
Mbps
Wireless
Medium
DSSS,
2.4 GHz
OFDM, 2.4 GHz
OFDM, 5 GHz
OFDM, MIMO in
2.4 and/or 5 GHz
802.11a,b,g,n
Same as 802.11
a/b/g using 20
Up to 24 nonMHz channels.
overlapping
to 1 in
channels (country Restricted
2.4 GHz and 3 in
specific)
5GHz using 40
MHz channels
Expected to be
40 ft – 300 ft
12,19 mt – 91,44 mt 2X range of
802.11a/b/g
300 Mbps com 2 spatial
stream – modo mais
usado hoje
802.11n delivers better coverage, throughput and range
51
Unified Branch
Product Roadmap
Q1/10
Q2/10
J F M A M J
Q3/10
Q4/10
Q1/11
Q2/11
J A S O N D J F M A M J
Q3/11
Q4/11
2012
J A S O N D
V10.4
• Aura System Mgr
integration
• IPFix, WCCP, VRF
• Enhanced IPSec
VPN Security &
Performance
SR 4134
SR 2330
AGv11.0
AGv10.3.1
AGv10.2.2
• AG 2330 General
Availability
AG 2330
v9.4
SR 3120
SR 100x
Shipping
52
• Next-gen AG platform
• Integrated PoE/FXS
V9.4.1
• Re-branding
• Maintenance fixes
Plan of Record (POR)
Avaya Confidential – NDA Required
Plan of Intent (POI)
52
SR4134 PVM – SR2330 PVIM
VPN Portfolio - EoS
VPN Routers
5 - 2,000 IPsec Tunnels
VPN Router
1700
50 - 50,000 concurrent
IPsec/SSL Sessions
50 - 2,000 concurrent
IPsec/SSL Sessions
VPN Gateway
3070
VPN Gateway
3050
5 - 500 IPsec Tunnels
VPN Router = Contivity
VPN Router entra em EoS em 1/abril/2011
Único modelo na lista é VPN Router 2750 com
2000 túneis
70
VPN Gateway HW
EoS em 1/dezembro/2010
VPN Gateways
VPN Router
2700/2750
VPN Router – MD - EOS
• Migration Strategy and Discontinued Order Codes
• Migration Strategy
•
•
Avaya offers the following alternative solution(s).
The VPN Router supports two principal VPN applications: 1) secure branch-to-branch (branch office
tunneling) and 2) VPN remote access (or secure access) for VPN clients. Avaya recommends that
VPN Router customers consider the Avaya Secure Router for future secure branch-tobranch deployments and the Avaya VPN Gateway for future VPN remote access
requirements.
•
For secure branch-to-branch deployments, the Secure Router 2330 and 4134 are the
recommended replacement options. The Secure Router 2330/4134 v10.2 feature set includes
interoperability with the VPN Router over routed branch-to-branch VPN connections, which can simplify
migration from an existing VPN Router deployment. The Secure Router 2330 and 4134 also can
terminate the Avaya (previously Contivity/Nortel) VPN Client – even though neither of these platforms is
recommended for large scale remote access applications. The Secure Router 2330 supports up to 100
IPSec VPN tunnels and the Secure Router 4134 supports up to 1000 IPSec VPN tunnels. The Secure
Router 2330 and 4134 VPN option ships with VPN Client v8.01 (XP) and v10.01 (Vista). VPN Client
v10.04 (XP, Vista, Windows 7) can be downloaded from the support portal.
•
The Avaya VPN Gateway 3000 Series is the recommended replacement option for
VPN Router secure access deployments. The VPN Gateway portfolio can act as a secure
remote access concentrator for IPSec VPN clients using the Avaya VPN Client software, as well as
provide support for browser-based SSL connections. The VPN Gateway also supports Avaya Health
Agent (or Tunnel Guard).
71
Introducing VPN Client 10.04
• Version 10.04 is the industry‟s first unified VPN
Client that supports both IPSec and SSL, has the
ability to connect to many termination devices and
Atenção: SR 1k e 3k não suportam
provides support for 32 and 64
Windows
VPNbit
Client
operating systems (XP, Vista, Seven).
VPN Gateway
• General Availability Feb-8th, 2010
IPSec/SSL
VPN Router
IPSec
IPSec
SR 4134
IPSec
SR 2330
IPSec
BCM
73
VPN Client 10.04 Features
 Windows XP through Windows 7 support
 32-bit and 64-bit platform support
 Single Installer
 Automatic Proxy Detection
 Windows XP – Tunnel and Authentication Seperation
 Wireless Mobile Broadband Adapter support
32bit
64bit
32bit
64bit
32bit
64bit
NVC 7.x/8.x
Yes
No
No
No
No
No
NVC 10.01
No
No
Yes
Yes
Limited
Limited
NVC 10.04
7
5
Combined IPSec and SSL
• Create connection
profiles for both
IPSec and SSL VPN
services.
• Failover tunnel within
protocol or across
protocol (ex IPSec to
SSL).
• Client binaries
include necessary
76
SR 2330 Value Proposition
• Entry-level, modular converged
Router
•
•
Routing, Voice, Security, WAN and
LAN in a single platform
Compelling integration – lower TCO
4 x Fast
Ethernet Ports
• Extends resilient VoIP to the
Branch Office
•
•
PSTN connectivity
SIP voice survivability
• Flexible deployment options
•
•
•
UC integrated Branch Router
CPE device for Metro
Ethernet/Ethernet WAN
Access Router for Branch Office
connectivity
80
3 x Small Module Slots
4 x Gigabit
Ethernet Ports
Interoperable with both
Avaya & 3rd party
Voice/Data equipment
SR2330 / SR 4134 Interface
Modules
Small Modules
1xSerial
2xSerial
1xT1/E1
2xT1/E1
2xFXO
4xFXO
2xBRI S/T
2xFXS
4xFXS
2xBRI U
1xADSL2+
(Annex A ou Annex B)
82
SR 4134 – Slot 2 Atenção
Small Modules
83
SR2330 / SR 4134 Interface
Modules
Small Modules
1xSerial
2xSerial
1xT1/E1
2xT1/E1
2xFXO
4xFXO
2xBRI S/T
2xFXS
4xFXS
2xBRI U
1xADSL2+
(Annex A ou Annex B)
84
SR2330 / SR 4134 Interface
Modules
Small Modules
85
SR4134 Interface
Modules
Medium Modules
SR4134 Interface
Modules
SCS Module
Medium Modules
Mediation Services
Module
Zero ou 50 User license
Mesmo custo usuário
8xT1/E1
1xDS3
1xCT3
10x10/100/Gig
2 portas SFP shared
24x10/100
24x10/100 POE
Carrier Voice Module
Para expansão de portas analógicas
FXS, FXO
SR4134 Voice Modules
Large Modules
EOS: 31/março/2011
SR4134 Interface
Modules
Large Modules
44 x10/100/Gig
2 portas SFP shared
EOS: 31/março/2011
SIP Survivability
Normal Mode – WAN UP
Call Server
Head Office
WAN Link
Remote
Branch
Office
SSM
SIP-PSTN
Gateway
SR4134/SR2330
10.2.0
Analog
Phone C
SIP
Phone A
92
SIP
Phone B
PSTN
Trunks
PSTN
SIP Survivability
Survivable/Backup Mode – WAN DOWN
Call Server
Head Office
WAN Link
Remote
Branch
Office
SSM
SIP-PSTN
Gateway
SR4134/SR2330
10.2.0
Analog
Phone C
SIP
Phone A
93
SIP
Phone B
PSTN
Trunks
PSTN
SR4134 PVM – SR2330 PVIM
•SR 4134 – PVM
•SR 2330 – PVIM
•Adiciona funcionalidades:
sobrevivência SIP e media
gateway
•Adiciona funcionalidades:
sobrevivência SIP e media
gateway
•Default
•Default
•Instala 8 licenças DSP (channellicense)
•Instala 25 licenças SSM
(sobrevivência SIP)
•Instala 8 licenças DSP (channellicense)
•Instala 25 licenças SSM
(sobrevivência SIP)
SR4134 PVM – SR2330 PVIM
•SR 4134 – PVM
•SR 2330 – PVIM
•Sobrevivência SIP - SSM
•Sobrevivência SIP – SSM
•Default
•Default
•Instala 25 licenças SSM
•Instala 25 licenças SSM
•Capacidade Máxima
•Capacidade Máxima
•300 licenças SSM
•100 licenças SSM
•Alternativas
•Alternativas
•SSM: 0, 25, 300
•Não existe soma de licenças
•Capacidade total é da última
licença
•SSM: 0, 25, 100
•Não existe soma de licenças
•Capacidade total é da última
licença
SR4134 PVM – SR2330 PVIM
•SR 4134 – PVM
•SR 2330 – PVIM
•Media Gateway
•Media Gateway
•Default
•Default
•Instala 8 licenças DSP
•Instala 8 licenças DSP
•Capacidade Máxima
•Capacidade Máxima
•128 licenças DSP
•64 licenças DSP
•Alternativas
•Alternativas
•DSP: 8, 16, 32, 64, 128
•Não existe soma de licenças
•Capacidade total é da última
licença
•DSP: 8, 16, 32, 64
•Não existe soma de licenças
•Capacidade total é da última
licença
New with Rel. 8.0
Starter Kits
•The new virtual appliance model
enables the creation of very cost
effective „Starter Kits‟ to allow
customers to efficiently and cost
effectively enable advanced VPN
services.
•Includes everything you need to
enable remote access with support
for SSL, SSLVPN, IPSec and
Secure Portable Office.
•Starter kits are discountable using
WPP and VID just like other parts.
•First appearing on the December
2009 price book but orderable now
are two new Starter Kits.
EB0016025
EB0016026
Description
10 User Starter Kit
50 User Starter Kit
MSRP USD
$4,995
$8,995
Appliance
Virtual Appliance
(NVG-3050-VM or
NVG-3070-VM)
Virtual Appliance
(NVG-3050-VM or
NVG-3070-VM)
SSL Users
10
50
IPSec Users
10
50
Secure Portable
Office Users
10
50
Introducing WMS for 8100
Integrated into Avaya‟s UCM
•
•
Provides Complete WLAN Management
• Off-box Element Management
• Provides WC Cluster management support
• RF Tools
– Monitoring, Visualization, Location
• Reports, Trending
• Debugging & Troubleshooting
• Basic Event management
• Standalone Mode or Integrated with UCM
UCM Integration Features
• Discovery/Topology for both WLAN 2300 and WLAN 8100
• Alarms for both WLAN 2300 and WLAN 8100
• Single Sign On
• Punch through to WMS 2300 or WMS 8100
• Push WLAN 2300 configuration parameters to WLAN 8100 for simplified nextgen expansion
101
O que é “Software Communication System”?
A Full Featured SIP Soft PBX + UC System..
Mobility /
FMC
VoIP, Video, Conf,
Web & email
Conference
Server
Call
Center
SCS
SIP Unified
Communications
Core
SCS
Directory
Fully Featured IP sets
Collaboration, VoIP, Presence, etc.
Server
email
Corporate app w/ VoIP
& presence
Server
Media Server
(Voicemail, IVR)
SIP Unified
Communications
Core
Fixed Mobile Convergence
Web page w/ VoIP
& presence
IM / Chat
Speech
Recognition
Multimedia Desktop Applications
Calendar
Runs on off-the-shelf computing platforms
102
“VPN-on-a-Stick”
VPN
Gateway
SPO Session
USB Flash
Memory Client
SPO Session
Local Apps
& Storage
(HA Cluster)
SMO
Session
cycle
SPO Session
Application &
File Servers
PKI
Radius Server
Active Directory / LDAP
SPO Client offers User Experience
•
•
•
•
Plug the SPO USB Drive into any PC with Internet connectivity
Authenticates User and secures the PC
User accesses applications from a menu
Pulling the SPO USB Drives exits sessions, & wipes web cache and encrypted file system
Simple, Secure, Portable
103
Proven Back-Office
Integration
Unleashing the potential of Wireless
 Performance optimization
– Traffic no longer needs to
terminate on Wireless
Controllers
 Improved resiliency
– Wireless Controllers virtualized
Next Generation
Architecture
‘Split-Plane’
Control plane leverages
high-availability
Data plane leverages
high-performance & highavailability
& availability is protected
Access Switch
Wireless scalability
becomes virtualized
 Seamlessly scalability
– Control & Data Planes scale
independently & at different
rates
Distributed Wireless
Switching software
Data & Control planes
scale independently
Wireless Controller is
virtualized & protected
 Reduces costs
– Wireless Controllers become
virtual applications & not linked
to hardware
104
Application
Hosts & V-Servers
Virtualized
Wireless Controller