Access Controller RFS4000
The RFS 4000 802.11n Integrated Services Controller is designed to provide any branch office or remote facility with high performance, comprehensive, cost-effective and secure wireless and wired networking services. No matter what the networking needs are in your branch offices, the RFS 4000 delivers rich voice support including Voice over WLAN (VoWLAN) now, Fixed Mobile Convergence (FMC) and IP PBX in the future; rich video support including video conferencing and video surveillance; multiple locationing technologies such as Wi-Fi and RFID; plus support for multiple RF technologies, including future technologies such as Wi-MAX. The RFS4000 is the only product in its class that offers dual band access concurrent with Mesh services as well as gap free security with 24x7 Wireless Intrusion Protection System (IPS).
Download Attached File:
A converged platform of features & functionality
The RFS4000 is a fully integrated 802.11n wireless services controller, 802.11n access point, wired switch with 5 POE ports rolled into one, with IPSEC VPN/firewall/WIPS security, RADIUS & DHCP server, location & RFID engines, 3G failover, and more.
Wi-NG Operating System: delivering a unified voice, data and RF management platform
Improve business process flow with one platform for wireless voice, video, data and multiple RF technologies - such as RFID, Wi-Fi (including 802.11n) and future technologies such as Wi-MAX; rich enterprise class functionality includes seamless roaming across L2/L3 deployments, resilient failover capabilities, comprehensive security, toll-quality voice and other value-added services, such as multi-RF locationing.
Wireless Intrusion Detection/Protection System
The integrated IDS/IPS provides defense against over-the-air attacks by leveraging the sensing capabilities of AP300/ AP51x1/AP7131.
Real Time Locationing System (RTLS)
Provides rich locationing services to enable real-time enterprise asset-tracking through support for 802.11, RFID and third party locationing solutions - including industry leaders such as AeroScout, Ekahau, and Newbury Networks. Standards-based support for: EPC Global ALE interface for processing and filtering data from all active and passive tags; and EPC Global LLRP interface for passive RFID tag support.
Role-based wired/wireless firewall
Secures and protects the wired and wireless network against attacks and unauthorized access at Layer 2 and Layer 3 with stateful inspection; ability to create identity and location-based policies provides granular control of network access.
3G Wireless for WAN Backhaul
Support for 3G wireless cards to backhaul WAN traffic when the primary WAN Link fails.
Enhanced End-to-End Quality of Service (QoS)
Enhances voice and video capabilities; prioritizes network traffic to minimize latency and provide optimal quality of experience; SIP Call Admission Control and Wi-Fi Multimedia Extensions (WMM-Power Save) with Admission Control enhances multimedia application support and improves battery life and capacity.
HIGH AVAILABILITY | |
1:many redundancy | Yes |
Active:Active failover | Yes |
Active:Standby failover | Yes |
Automatic load balancing | Yes |
Clustering | Yes |
Critical resource monitoring | Yes |
Dual firmware storage for hitless failover | Yes |
Mobile Unit load balancing | Yes |
Pre-emptive roaming | Yes |
SMART RF for neighbor recovery and interference avoidance | Yes |
Virtual IP in Cluster (one per VLAN) | Yes |
LOCATIONING | |
RFID support | Compliant with LLRP protocol. Built-in support for the following Motorola RFID readers: fixed (XR440, XR450, XR480; mobile (RD5000); and handheld (MC9090-G RFID) |
RSSI based triangulation for Wi-Fi assets | Yes |
Tags supported | Ekahau, Aeroscout, Gen 2 Tags |
MANAGEMENT | |
Auto-update with DHCP | Yes |
CLI (serial, telnet, SSHv2) | Yes |
DHCP client | Yes |
DHCP relay | Yes |
DHCP server | Yes |
Email notification for critical alarms | Yes |
Friendly names for mobile devices | Yes |
MIBS | Yes |
Multiple user roles | Yes |
SNMP (v1, v2, v3) | Yes |
SNTP (Secure Network Time Protocol) | Yes |
Secure web-based GUI (HTTP, HTTPS, SSL) | Yes |
Syslogs | Yes |
TFTP client | Yes |
Text-based switch configuration files | Yes |
NETWORK SECURITY | |
802.11w | Yes |
Access control lists | L2/3/4 ACLs |
Anomaly analysis | Source Media Access Control (MAC) = Destination MAC; illegal frame sizes; Source MAC is multicast; TKIP countermeasures; all zero addresses |
Authentication | Pre-shared keys (PSK);: 802.1x/EAP — transport layer security (TLS), tunneled transport layer security (TTLS), protected EAP(PEAP); Kerberos Integrated AAA/RADIUS Server with native support for EAP-TTLS, EAP-PEAP (includes a built-in user name/password database; supports LDAP) and EAP-SIM |
Geofencing | Add location of users as a parameter that defines access control to the network |
IPSec VPN gateway | Supports DES, 3DES, AES-128 and AES-256 encryption, with site-to-site and client-to-site VPN capabilities. Supports 256 concurrent IPSEC tunnels per switch; |
NAC support with third party systems from Microsoft and Sygate | Yes |
Network address translation (NAT) support | Yes |
RADIUS support (standard and Motorola vendor specific attributes) | Allowed ESSIDs (Motorola VSA), Location-based authentication (Motorola VSA), MAC-based authentication (standard), User-based QoS (Motorola VSA), User-based VLANs (standard) |
Role-based wired/wireless firewall (L2-L7) with stateful inspection | Protects against attacks between: Wired and Wired; Wired and Wireless; Wireless and Wired; Wireless and Wireless. |
Secure guest access (Hotspot provisioning) | Customizable login/welcome pages, Local web-based authentication, Support for external authentication/billing systems, URL redirection for user login, Usage based charging |
Transport encryption | KeyGuard, WEP 40/128 (RC4), WPA2-CCMP (AES), WPA-TKIP |
WIPS sensor conversion | Yes. Supported on the AP300 and the Adaptive AP-5131 and AP-7131 |
Wireless IDS/IPS | Multi-mode rogue AP detection and Rogue AP Containment,802.11n Rogue Detection, Ad-Hoc Network Detection, Denial of Service Protection against wireless attacks, detect de-auth from Broadcast Source MAC, detect frames with invalid sequence number, client blacklisting, excessive authentication,/associations; excessive probes; excessive disassociation/deauthentications; excessive decryption errors; excessive authentication failures; excessive 802.11 replay; excessive crypto IV failures( TKIP/CCMP replay), Suspicious AP, Authorized device in Adhoc mode, Unauthorized AP using authorized SSID, EAP flood, Fake AP flood, ID theft, Adhoc advertising authorized SSID. |
OPTIMISED WIRELESS QOS | |
802.11k | Yes |
Classification and packet marking | 802.1p VLAN Priority, DiffServ/TOS, Layer 1-4 packet classification |
IGMP snooping | Ensures optimized network performance by preventing flooding of the broadcast domain. |
RF priority | 802.11 traffic prioritisation and precedence |
SIP call admission control | Controls the number of active SIP sessions that are initiated by a wireless VoIP phone |
Wi-Fi multimedia extensions | WMM-power save with TSPEC Admission Control, WMM U-APSD for voice over Wi-Fi applications |
PACKET FORWARDING | |
802.11-802.3 bridging | Yes |
802.1D-1999 Ethernet bridging | Yes |
802.1q-VLAN tagging and trunking | Yes |
IP packet steering - redirection | Yes |
Proxy ARP | Yes |
PHYSICAL CHARACTERISTICS | |
Dimensions (HxWxD) | 44.45mm H x 304.8mm W x 254.0 mm D |
Form factor | Standard 1RU |
MTBF | ≥65,000 Hours |
Part numbers | RFS-4010-00010-WR: 6 Port RFS4000 |
Physical interfaces | 1 X Gig E Uplink – Cu/SFP Interface |
Weight | 4.75lbs / 2.15kg |
POWER REQUIREMENTS | |
AC input voltage | 100 – 240 VAC |
Input frequency | 47 Hz to 63 Hz |
Max AC input current | 3A |
REGULATORY SPECIFICATIONS | |
Electrical safety | UL / cUL 60950-1, IEC / EN60950-1 |
Environmental | RoHS Directive 2002/95/EEC |
USER ENVIRONMENT | |
Operating humidity | 5% to 85% (w/o condensation) |
Operating temperature | 0º C to 40º C |
Storage humidity | 5% to 85% (w/o condensation) |
Storage temperature | -40º C to 70º C |
WIRELESS NETWORKING | |
802.11 a/b/g/n support | Supports 6 AP300 802.11 a/b/g for L2 or L3 Deployments per switch and 72 802.11a/b/g AP300s per cluster. |
Adaptive AP support | Supports 6 AP-5131 802.11 a/b/g or AP-7131 802.11 a/b/g/n Adaptive Access Points per Switch and 72 per cluster. |
Bandwidth management | Congestion control per WLAN; per user bandwidth contracts based on user count or bandwidth utilization; dynamic load balancing of AP300s in a cluster |
Layer 2 adoption | Yes |
Layer 3 adoption | Yes |
Layer 3 mobility (intersubnet roaming) | Yes |
RF management | Yes; Dynamic Frequency Selection and Transmit Power Control (TPC); Country Code based RF Configuration; SMART RF for Neighbor Recovery and Interference Avoidance as well as dynamic RF Optimization based on client load and RF traffic; Automatic Channel Selection capability |
Roaming | Supports Hyper fast Secure roaming with Opportunistic Channel Scan; Power Save Protocol; pre-emptive Roaming and Credential Caching |
VLAN support | Wireless LAN to VLAN mapping; auto-assignment of VLANs based on user authentication |
Wireless LAN | Supports 24 WLANs; multi-ESS/BSSID traffic segmentation; VLAN to ESSID mapping; Auto Assignment of VLANs (on RADIUS authentication); Power Save Protocol Polling; pre-emptive roaming; congestion control with Bandwidth Management; Multiple WLANs per VLAN |
