In addition to describing the settings available for managing SonicPoints in SonicOS, this section contains a best practices guide for deploying SonicPoints in your network. See SonicPoint Deployment Best Practices .
|
•
|
Wider Channels—80 MHz channel bandwidths
|
|
•
|
Up to 4 Spatial Streams—Adding spatial streams increases throughput proportionally. Two streams doubles the throughput of a single stream. Four streams increases the throughput four times.
|
|
•
|
SonicPoint Layer 3 Management Phase I – Provides the DHCP and tunneling solution to support SonicPoint deployment in a Layer 3 network. Dell SonicWALL DHCP-based Discovery Protocol (SDDP) is based on the well known DHCP protocol and allows the Dell SonicWALL gateway and SonicPoint to discover each other automatically across Layer 3 local networks. The remote network management protocol, Dell SonicWALL SSL VPN-based Management Protocol (SSMP), is based on Dell SonicWALL SSL VPN infrastructure to allow SonicPoints to be managed by a Dell SonicWALL SSL VPN enabled network security appliance over the Internet. Supported on SonicPoint AC/N2/N/Ni/Ne/NDR, all SuperMassive, NSA, and TZ firewalls running SonicOS 6.2.
|
|
•
|
Dynamic Frequency Selection (DFS) Support – After a DFS certificate is issued, the SonicPoints support dynamic frequency selection to allow a SonicPoint to be deployed in sensitive channels of the 5GHz frequency band.
|
To view and select from these 5GHz channels, navigate to SonicPoint > SonicPoints and configure a SonicPoint profile or an individual SonicPoint. On the Radio tab, select any 5GHz setting in the Mode field, then select either Standard or Wide as the Radio Band. The Standard Channel or Primary Channel drop-down menus display a choice of sensitive channels.
|
•
|
SonicPoint Wi-Fi Multimedia – SonicPoint access points support Wi-Fi Multimedia (WMM) to provide a better Quality of Service experience on miscellaneous applications, including VoIP on Wi-Fi phones, and multimedia traffic on wireless networks. WMM is a Wi-Fi Alliance interoperability certification based on the IEEE 802.11e standard. It prioritizes traffic according to four access categories: voice, video, best effort, and background.
|
|
•
|
SonicPoint Statistics - The SonicPoint > Station Status page reports the statistics of each SonicPoint. The Station Status table lists entries for each wireless client connected to each SonicPoint. The sections of the Station Status table are divided by SonicPoint.
|
|
•
|
Radio Frequency Security - SonicPoint provides protection for Radio Frequency (RF) devices. RF technology used in wireless networking devices is a target for intruders. SonicPoint uses direct RF monitoring to detect threats without interrupting the current operation of your wireless or wired network.
|
|
•
|
Radio Frequency Analysis - Radio Frequency Analysis (RFA) is a feature that enables the network administrator to understand how wireless channels are utilized by the SonicPoints and other neighboring wireless access points.
|
|
•
|
Retaining SonicPoint Customized Configuration - You can configure SonicPoint profiles so the SonicPoints retain portions of their configuration even after they are deleted or resynchronized.
|
|
•
|
SonicPoint Diagnostics - A SonicPoint can collect critical runtime data and save it into persistent storage. If the SonicPoint fails, the Dell SonicWALL managing appliance retrieves that data when the SonicPoint reboots, and incorporates it into the Tech Support Report (TSR). A subsequent SonicPoint failure overwrites the data.
|
|
•
|
Daisy Chaining – Daisy chaining allows users with a small environment (that is, a low-density switch infrastructure) to deploy several SonicPoints while using as few switch ports as possible. For example, connecting numerous devices scattered throughout the store into the store's switch infrastructure, including multiple APs to cover the entire store even though the infrastructure is small in terms of switch port density/availability. SonicPoints are daisy chained through the LAN2 interface.
|
The SonicPoint > Wi-Fi Multimedia page provides a way to configure WMM profiles, including parameters and priority mappings.
You can also create a WMM profile or select an existing WMM profile when configuring a SonicPoint or a SonicPoint profile from the SonicPoint > SonicPoints page. The configuration window provides a WMM (Wi-Fi Multimedia) drop-down menu on the Advanced tab with these options.
You can map priority levels to DSCP values. The default DSCP values are as same as the ones in Firewall > Access Rules, QoS mapping.
|
•
|
SonicPoint RADIUS Server Failover – Provides round-robin algorithm and more flexibility to manage primary and secondary RADIUS servers of SonicPoint.
|
|
•
|
SonicPoint WPA TKIP Countermeasures and MIC Failure Flooding Detection and Protection – Wi-Fi Protected Access (WPA) TKIP countermeasures lock down the entire Wireless LAN network in situations where an intruder launches a WPA passphrase dictionary attack to generate a Message Integrity Check (MIC) failure flood in an attempt to impact the WLAN functionality and performance. This Dell SonicWALL solution can detect a TKIP MIC failure flood and take action with TKIP countermeasures against the source to automatically block them by adding them to the runtime blacklist, protecting the overall system.
|
|
•
|
SonicPoint FairNet Support – After optimizing the system resources, SonicPoint FairNet provides network administrators with a simple method to control the bandwidth of wireless clients and ensure the bandwidth is distributed fairly across all access points. Administrators can configure the SonicPoint FairNet bandwidth limits for all wireless clients, specific IP address ranges, or individual clients to provide fairness and network efficiency.
|
|
•
|
SonicPoint Auto Provisioning – A SonicPoint can be re-provisioned automatically according to a wireless zone profile. This increases management efficiency and ease of use, as previously a SonicPoint had to be deleted and re-added to be re-provisioned with a modified profile.
|
|
•
|
SonicPoint Diagnostics – A SonicPoint can collect critical runtime data and save it into persistent storage. If the SonicPoint has a failure, the Dell SonicWALL managing appliance retrieves that data when the SonicPoint reboots, and incorporates it into the Tech Support Report (TSR). A subsequent SonicPoint failure overwrites the data.
|
|
•
|
Intrusion Detection Services - Intrusion Detection Services (IDS) enables the Dell SonicWALL network security appliance to recognize and take countermeasures against this common type of illicit wireless activity. IDS reports on all access points that the firewall can find by scanning the 802.11a/b/g/n/ac radio bands on the SonicPoints.
|
|
•
|
Advanced Intrusion Detection and Prevention - Advanced Intrusion Detection and Prevention (IDP) monitors the radio spectrum for the presence of unauthorized access points (intrusion detection) and automatically takes countermeasures (intrusion prevention). When Advanced IDP is enabled on a SonicPoint, the SonicPoint radio functions as a dedicated IDP sensor.
|
|
•
|
Rogue Device Detection and Prevention – A SonicPoint can be configured in dedicated sensor mode to focus on rogue device detection and prevention, either passively or proactively on both the 2.4GHz and 5GHz bands. Both bands can be scanned even if only one is in use. The rogue device can be analyzed to report whether it is connected to the network and if it is blocked by a wired or wireless mechanism.
|
|
•
|
Built-in Wireless Radio Scan Schedule – SonicPoints can now be scheduled to perform Intrusion Detection/Prevention scanning with granular scheduling options to cover up to 24 hours a day, 7 days a week. The scheduling options are available on the 802.11n Radio tab (or comparable tab) when editing SonicPoint profiles for all SonicPoint models.
|
|
•
|
Virtual Access Point Schedule Support – Each Virtual Access Point schedule can be individually enabled or disabled, for ease of use.
|
|
•
|
Virtual Access Point Layer 2 Bridging – Each Virtual Access Point can be bridged to a corresponding VLAN interface on the LAN zone, providing better flexibility.
|
|
•
|
Virtual Access Point ACL Support – Each Virtual Access Point can support an individual Access Control List (ACL) to provide more effective authentication control.
|
|
•
|
Virtual Access Point Group Sharing on SonicPoint N Dual Radios – The same Virtual Access Point/VLAN settings can be applied to dual radios. This allows you to use a unified policy for both radios, and to share a VLAN trunk in the network switch.
|
|
•
|
Traffic Quota Based Guest Server Policy – Guest sessions can be controlled based on traffic quota policy for better usability. This allows you to configure different transmit/receive limits for different guest clients, possibly based on payment.
|
|
•
|
External Guest Service FQDN Support – Fully Qualified Domain Names (FQDN) are supported for Lightweight Hotspot Messaging (LHM) server configuration.
|
|
•
|
External Guest Service Apache Web Server / PHP Support – Apache Web server and PHP scripts are supported for Lightweight Hotspot Messaging infrastructure purposes. This allows support for Linux based Web servers that run Apache and PHP, rather than the Microsoft .Net Framework and ASP scripts.
|
|
•
|
Guest Administrator Support – A Guest Administrator privileges group is available to provide administrator access only to manage guest accounts and sessions. After logging in, the Guest Administrator can manage guest accounts and sessions, but cannot access any other resources or management interface pages.
|
|
•
|
Internal Radio IDS Scan Scheduling – Wireless Intrusion Detection and Prevention (WIDP) monitors the radio spectrum for the presence of unauthorized access points (intrusion detection) and automatically takes counter measures (intrusion prevention). SonicOS provides a solution that detects rogue access points and takes action according to the administrator settings.
|
|
•
|