H3C WX1804H-PWR Series Access Controller

H3C WX1804H-PWR Series Access Controller

H3C WX1800H wireless access controllers are designed and designed specifically for small and medium enterprise networks. They combine the functions of a gateway and an access controller, reducing the number of devices on the network and reducing the total cost of ownership. The devices operate on the innovative Comware V7 platform (hereinafter referred to simply as V7). V7 offers a standard set of granular user management features, comprehensive RF resource management, 24/7 wireless security, fast Layer 2 and Layer 3 roaming, powerful Quality of Service (QoS) capabilities, and a dual IPv4/IPv6 protocol stack. V7 additionally supports the latest wireless networking technologies such as multi-core control plane, Bonjour and Hotspot 2.0. In addition, the platform can be used in networks of various configurations, such as cloud-managed networks or networks with a hierarchy of access controllers.

The H3C WX1800H series of access controllers is represented by four models: WX1804H-PWR, WX1810H-PWR, WX1820H and WX1840H. When combined with H3C dependent access points, they create the ideal wireless access control solution for small and medium-sized businesses.

All-Inclusive Access Point License

WX1800H Series access controllers include licenses for the following maximum number of access points by default protects customers’ investments while also providing SMBs with an excellent ability to add new access points as they expand their wireless network without incurring additional costs. The access point license includes access point management, performance management, and RF resource management functions. An access point license allows the access controller to independently manage all dependent H3C access points, including performance management, access point configuration, and RF resource management. All licenses purchased (hotspot licenses and public cloud licenses) are priced for the lifetime.

n


Model Default access point licenses
WX1804H -PWR 4
WX1810H-PWR 10
WX1820H 20
WX1840H 20

All-in-one gateway

WX1800H series access controllers combine into Power over twisted pair (WX1804H-PWR and WX1810H-PWR), gateway and access controller capabilities in one device, ideal for small office, home office, and small to medium sized enterprise networks. The WX1800H Series access controllers provide a full range of enterprise controller features, in addition to which the WX1800H Series access controllers can act as a gateway, offering capabilities such as PPPOE, Network Address Translation (NAT), dynamic and static IP address assignment. The devices can also act as a Bonjour gateway, helping businesses easily manage and monitor Apple devices such as AirPrint printers, Apple TVs, iPads and more.

Native support PoE+

The WX1800H series access controllers (WX1804H-PWR and WX1810H-PWR) support power over twisted pair (PoE) function on all LAN ports according to 802.3af/802.3at which significantly reduces the total cost of ownership for the customer when installed in the current environment and reduces the number of critical elements whose failure can lead to failure of the entire system. Each port can supply a maximum of 30 W of power to powered devices such as IP phones, wireless access points, and high-power cameras.

802.11ax Access Point Management

n

In addition to managing 802.11a/b/g/ac/ac wave2 access points, the WX1800H series access controllers can work with H3C 802.11ax access points, providing wireless access at speeds , several times faster than traditional 802.11a/b/g/ac/ac wave2 networks. The increasing proliferation of 802.11ax devices will make the functionality of multimedia applications on wireless networks a reality.

A completely new operating system

The WX1800H series access controllers are based on the latest H3C V7 platform. The new system demonstrates significantly improved performance and reliability compared to the previous version and is capable of supporting increasingly complex network applications in enterprise networks. The V7 platform has the following advantages:

Multi-core control: The V7 platform allows you to adjust the ratio between the number of processor cores allocated to control functions and the number of cores allocated to functions forwarding to maximize the use of processor resources and achieve the desired balance between control and forwarding functions, providing powerful parallel multiprocessing capabilities.

Multitasking at the user level: in the platform V7 introduces a completely new software privilege management system in which most network applications are executed at the user level, allowing each application to run as a separate task. Each task is allocated its own resources, and failures in the execution of a task are isolated at the level of a separate space for this task, without affecting the execution of other tasks. This significantly increases the security and reliability of the system.

User task monitoring: The V7 platform provides a task monitoring function that allows you to track the execution of all tasks. If a user task fails, the system reboots it to restore the application as quickly as possible.

New independent application update mechanism: The V7 platform supports independent application update, thanks to which it is possible to update a separate application module, and not the entire operating system. This significantly reduces the number of required system reboots compared to the previous version, without compromising the security of updates and maintaining network stability.

Flexible forwarding modes

In a wireless network with a centralized forwarding mode, all wireless network traffic is directed to the access controller for processing, and therefore the forwarding performance of the access controller may become a bottleneck. This is especially true in wireless network configurations in which access points are installed in branch offices and access controllers are installed in headquarters, while the connection between access points and access controllers is carried out over a distributed WAN network. In this configuration, distributed forwarding mode is better suited. The WX1800H series access controllers support both distributed and centralized forwarding modes, and can perform SSID-based forwarding as needed.

Carrier-grade wireless user access management and control functions

User-level access control is one of the main functions of the WX1800H series access controllers. The WX1800H series access controllers provide user profiles that can serve as configuration templates for predefined settings. Depending on the applications used, you can configure various settings in the user profile, such as guaranteed access rate (CAR) and quality of service (QoS) management policy.

During the authentication process, the authentication server assigns a user profile to the device. If the user is authenticated, the values ​​set in the profile settings restrict the user’s access to resources. When a user is disconnected, the device locks the user profile. Thus, user profiles are applied to active connected users, rather than to disconnected users and users who are not authenticated.

In addition, WX1800H series access controllers support MAC address-based access control, which allows you to configure and change access rights for groups of users or an individual user on the Authentication, Authorization, and Accounting (AAA) server. Fine-grained user access rights settings provide enhanced options for assigning access rights to the wireless network and its resources.

Another powerful feature of the WX1800H series access controllers is VLAN binding based on MAC addresses. An administrator can group users (or MAC addresses) with the same attributes into one VLAN and assign a security policy to that VLAN on the access controller. This simplifies system configuration and allows user rights to be managed down to the individual user.

For security or accounting purposes, the administrator may need to control the physical location of wireless clients. The WX1800H series controllers solve this problem. During the authentication process, the access controller receives a list of allowed access points from the authentication server and then selects an access point for the connecting wireless client. Thus, the wireless client will be able to connect only to such an access point, which allows you to control its location.

Intelligent roaming functions

Supports roaming within an access controller, between access controllers and between Layer 3 VLANs

Information synchronization function when roaming through the portal: access controllers and access points provide portal users with seamless roaming between access controllers in large networks without involving a portal server that is triggered by MAC address. The wireless access controller can independently act as a server, triggered by MAC address. This reduces the load on the portal server so that it does not become a performance bottleneck. After the portal server has been processed, the connected terminal can roam without additional authentication between at least ten access controllers.

802.1X roaming information synchronization function: access controllers and access points provide 802.1X users with fast roaming between access controllers in large networks. Supports .1x authentication for fast roaming between access controllers. Terminals are not required to re-authenticate when roaming to another access controller. Reduced server load and fast access for terminals with support for fast roaming between more than 10 access controllers.

Support for 802.11k/v/r fast roaming protocols< /p>

Hierarchical Access Controller Architecture

Hierarchical Access Controller Architecture is a new network configuration scheme developed by H3C engineers to solve the problem creating multi-level networks that are in demand on the market. The access controller hierarchy scheme uses a centralized management hierarchy similar to that used by large enterprises, when one access controller at the core network level communicates with several local access controllers at the access network level, which in turn communicate directly with access points. Access controllers at the access network level serve primarily real-time applications, such as access to an access point and forwarding data, while access controllers at the core network level primarily perform non-real-time tasks, such as control plane control and centralized authentication, but can still perform the typical access point connectivity and data forwarding functions of standard access controllers. Core layer access controllers are high-performance access controllers that are located at the convergence layer; Access network level access controllers can include standard access controllers, all-in-one access controllers (combining router and deep packet analysis functions), and wired and wireless access controllers installed in parallel with the existing network. The hierarchical access controller model takes the integration of wired and wireless networks to a new level and can be used to create large wireless networks. The hierarchical access controller model is a natural fit for the headquarters-branch deployment design, with core network throughput and core access controller forwarding performance no longer being the bottleneck. The centralized management functions of core network layer access controller, access network layer access controllers and low-level access points can be conveniently updated and automatically synchronized, greatly simplifying system upgrades. Access network layer access controllers are responsible for switching access points and significantly improve roaming performance.

Intelligent channel switching

B wireless LAN, neighboring access points must operate on different channels to avoid channel interference. However, channels are a very scarce resource in wireless networks. There are very few channels for access points that do not overlap with each other. For example, in the 2.4 GHz band there are only three non-overlapping channels. Thus, the operation of wireless applications depends on the ability of access points to intelligently assign channels.

At the same time, there are many possible sources of interference that can disrupt the normal operation of access points in a wireless network such as rogue access points, radars, and microwave ovens. Intelligent channel switching technology ensures that each access point is assigned the optimal channel, minimizing interference between channels. At the same time, real-time interference detection allows you to isolate access points from sources of interference, such as radars and microwave ovens.

Intelligent load distribution on access points

In accordance with the IEEE 802.11 standard, roaming in wireless local area networks is controlled by wireless clients. Typically, a wireless client selects an access point based on its received signal strength (Received Signal Strength Indication, RSSI). Because of this, many clients will choose the same access point with the highest RSSI value. Since all clients use a common wireless data transmission medium, the channel throughput to each client will be significantly reduced.

The function of intelligent load balancing on access points allows Analyze the location of wireless clients in real time, dynamically identify access points that can share the load between them in a specific location, and share the load between these access points. In addition to load distribution by the number of active sessions, the system also allows for load distribution by the volume of traffic of wireless clients.

Support for automatic SSID hiding function depending on the use of frequency resources . When radio resource utilization approaches or exceeds a preset threshold, the SSID is automatically hidden to provide users with stable and reliable wireless network services.

In-depth packet analysis at layers 4-7

The WX1800H Series Access Controllers allow you to identify and apply control policies to multiple applications, including prioritization, scheduling, blocking, and rate limiting to efficiently utilize bandwidth resources and improve network quality.

Wireless intrusion detection and prevention systems (WIDS/WIPS) at level 7

Controllers The WX1800H Series supports blacklisting, whitelisting, anti-spoofing, corrupted packet detection, user disconnect protection, and media access attack detection with an updated signature database (denial of service attacks, packet flooding and man-in-the-middle attacks with countermeasures in place.

With the built-in knowledge base in the WX1800H Series controllers, administrators can make timely and accurate decisions regarding wireless network security. For source-local attacks, such as rogue access points or terminals, you can visually determine the physical location and physically disable ports on switches.

When using H3C firewalls/intrusion prevention systems, you can also implement Layer 7 security in the wireless network of a group of buildings, which will cover both wired (802.11) and wireless (802.3) secure connections throughout their entire length.

Real-time spectrum protection

Real-Time Spectrum Security (RTSG) is H3C’s innovative professional health monitoring software solution for the wireless spectrum. All access controller models support built-in radio spectrum data collection from sensor access points, which enables the construction of tightly integrated monitoring and protection systems spectrum in real time.

Thanks to this, you can monitor the quality of the wireless network signal, track trends and generate notifications about unauthorized interventions 24×7. With active sensor and RF interference detection (WiFi or non-WiFi) in each 2.4GHz/5GHz band, graphical display of real-time spectral density FFT graph, spectrum graph, occupancy map, spectrum event graphs, channel gain is provided and increased interference. In addition, the tool can automatically identify the source of interference to detect the location of rogue wireless equipment, maintaining it in normal operating condition at all times.

Brand

H3C

Additional information

Wireless Bandwidth

500 Mbit/s

Ports

+ 1*USB, LAN: 4*GE (with PoE+), WAN: 1*GE +

power unit

100 .. 240 V AC current, 50/60 Hz

Safety Standards

AS/NZS 60950, CAN/CSA-C22.2 No.60950-1, EN 60825-1, EN 60825-2, EN 60950-1/A11, EN60601-1-2, FDA 21 CFR Subpart J, IEC 60950- 1, UL 60950-1

Electromagnetic compatibility

AS/NZS CISPR 22:2004, EN 55022:2006, EN 55024: 1998+A1: 2001 + A2: 2003, EN 61000-3-2:2000+A1:2001+A2:2005, EN 61000-3-3: 1995+A1:2001+A2:2005, ETSI EN 300 386 V1.3.3:2005, FCC PART 15:2005, GB 9254:1998, GB/T 17618:1998, ICES-003:2004, VCCI V-3:2007

The page is under development

This section is under development.

We apologize for the temporary inconvenience

Let call
Please enable JavaScript in your browser to complete this form.