© 2008 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.

HP ProCurve Networking

How to Integrate Wired and Wireless LANs

Lars KoelendorfCategory Manager, WirelessHP Networking, EMEAEmail: lars@hp.com

3 April 12, 2023

Agenda

•Mobility Market Highlights•The challenges•WLAN Evolution•Unified wired and wireless

• Integration options• Improved user experience• Advanced security• Simplified management

• Conclusion

4 April 12, 2023

Mobility Market Highlights

Increasing number and diversity of clients

Persistent wireless coverage

Business critical applications via wired or wireless

Dramatic improvements in technology

Reduced cost

5

Collaboration of mobile workforce

Converged voice and data over WiFi

Secure guest access

Physical security

Asset tracking

Access from Anywhere

Business Needs Driving everywhere Wireless Access

Wireless

IMPROVED PRODUCTIVITY

6 April 12, 2023

The business challenge

Business • Reduce

costs• Improve

productivity• Manage risk

intelligently• Flexible

access

IT • Ensure

compliance• Limit disruptions• Protect existing

investments• Monitor network• Do more with

less staff

With access to the network coming from any device you need a centralized approach to wired and wireless management to streamline device configuration and enable network monitoring and response to wired and wireless network threats. Build an agile security aware network that support all types of users and devices – not barriers to entry

The Network Administrator ChallengeNeed a wireless solution that can be managed easily, and integrated with wired infrastructure and existing user policies – not another administrative burden

Wired network

management

Wireless network management

Single management solution

Policy coordination

The Security challenge• What is the activity inside the network ? • How to protect against internal threats ?• How to deal with an increasingly mobile and

fragmented workforce ?• How to meet new regulatory compliance

requirements ?• …….Within the (declining?) IT budget ?

© 2008 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.

WLAN Evolution and unification

WLAN Evolution

10 April 12, 2023

1st Gen.• Standalone

Access Point Architecture

2nd Gen.• Centralized

WLAN Architecture

3rd Gen.• Optimized

WLAN Architecture

NextGenerationConverged

WLANArchitectur

eOpen Standard Connectivity

•Intelligent APs

Central Management

•“Switch” and “Thin” APs

•802.11 a/b/g support

Performance and Scalability

•Central appliance and intelligent APs

•Distributed forwarding option

•Non-blocking 802.11n performance

Wired/Wireless Convergence

•Consistent wired & wireless services

•Unified policy creation and enforcement

11

Network Management

• Unified policy creation

• Event correlation

• Diagnostics

• Client Management

Control Plane

• Unified policy enforcement

• Security at network “edge”

• Consistent user experience

• Improved ROI

Data Plane

• Consistent network services

• Line rate performance

• Reduced network elements

• “Green”

Wired & Wireless Integration Options

12 April 12, 2023

Key Components Development over time

Network Managemen

t

Multiple Applications:

Multiple Policies

Single Application:

Multiple Policies

Single Application:

Unified Policies

Control Plane

Overlay Integrated Switch Fabric

Data Plane Software Hardware Assist ASIC

Time

Unified network:Wired and wireless is just two was of accessing it

Ease of management: Single management platform with common tools, optimization

Increased productivity: Consistent user experience Seamless access to business applications

Security: One user identity, and system for access controlOne system for network threat management

Commandfrom the Center

Internet

EdgeNetwork

Servers

IntelligentSwitches

IntelligentSwitches

WirelessAccess Points

Clients

WirelessClients

Clients

WirelessClients

EdgePortal

IntelligentEDGE

InterconnectFabric

© 2009 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.

Security policies

15 April 12, 2023

External and internal threats

Internal represents 80% of the threat

98% uses Firewall to protect the perimeter

Importance of factors when adding wireless to the network

2008

3,7

3,4

3,4

4,4

3,9

3,5

3,7

0 0,5 1 1,5 2 2,5 3 3,5 4 4,5 5

Cost of initial purchase

Ongoing mantenance/ supportcosts

Time required to deploy

Desire to use new technology tothe full

Management of security acrossnetwork

Ability to define single userbased network security policy

Need to meet increased mobilityrequirements

Ave score out of 5

17 April 12, 2023

Security is a process

Validation and Monitoring

Trusted NetworkInfrastructure

Policies

Users rights policy

Overlay strategy

What’s my policy?

What are the user’s rights?

Same security at any entry point:

• Same policies

• Same password

• Same rights

• Same security solutions

Different security solutions

Wireless

Unified strategy

Wired

Unified wired and wireless

19 April 12, 2023

Policy management – wired and wireless• Use a tool that allows network administrators to efficiently manage the users and devices connecting to their network

• A way to virtualize the network versus the user

Easy creation and management of user policy groups• Dynamically apply security, access and performance settings at port level based on policies

• Network Reports and Logs based on Users for Audit

VLAN BandwidthLimit

User/Group Location

QoS ACLs per user /Packet filtering FW

Device ID

ClientIntegrity Status

Set =>

Based on =>

I/O port

Time

Authenticating and Provisioning

How it works

Internet

Guest

Employee

Employeefinance

Access only to Internetat 2 Mbps

Access to

Internet and corp.

servers

Access to financial

information Finance server

Corporateserver

Accesspolicyserver

Conference room

Networkadministrator

1. Sets up role based access policy groups & assigns rules and access profiles:• Set rules

- Time - Location- Device ID

• To trigger each policy profile- ACL- VLAN- QoS- Bandwith limit

2. Put users in appropriate access policy group

Enterprise WLAN/LAN

20

Client integrity check - The joint solution

21 April 12, 2023

Network Access Protection and HP ProCurve

Policy-based solution that:• Validates whether computers meet

health policies

• Limits access for noncompliant computers

• Automatically remediates noncompliant computers

• Continuously updates compliant computers to maintain health state

• Dynamically allocates network resources

Solution Highlights• Standards-based

• Plug-and-play

• Works with most devices

• Supports multiple antivirus solutions

• based on policies you define

Customers

Partners

Remote Employees

Internet

Regulatory Compliance Assistance

• Central management and monitoring of security policies provides immediate visibility and assistance with regulatory compliance on the unified network

22

• Reports for HIPAA, PCI, Sarbanes-Oxley, Gramm-Leach-Bliley, and DoD Directive 1800.2

• Ability to custom define report content

• Device security history report

• Device access security report

• Port access security report

• Password policy compliance

• Current credentials report

• Security policy action report

• Security events history report

• Security heat map report

• Offenders tracking report

• User unsuccessful login report

• User session history

• User MAC address report

© 2009 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.

Conclusion

One Network

Wired & Wireless

Unified and Secure

Reduced network management

administration costs

Real OPEX Savings

Consistent policies, applied once, removes error

Improved Security

Network follows the user from work site to work site

Improved End-User Experience

25 April 12, 2023

Conclusion

Unified Networking

Equals

10/11/54/100/ 300/ 450/ 600/ 1000/ Mbps10000With

Single management and consistent policy

Technology for better business outcomes