User's Manual
Table Of Contents
- Chapter 1 Introduction
- Chapter 2 Mesh Point CLI and Administrative Access
- Chapter 3 Networking and Radio Configuration
- 3.1 Network Interfaces
- 3.2 Network Bridging
- 3.2.1 Bridging Configuration
- 3.2.2 FastPath Mesh Bridging
- 3.2.3 Fine-tuning FastPath Mesh Network Performance
- 3.2.3.1 Selecting the FastPath Mesh Multicast Transmit Mode
- 3.2.3.2 Setting the FastPath Mesh Packet Interval
- 3.2.3.3 Setting the FastPath Mesh Transmit Control Level
- 3.2.3.4 Setting Multicast Video Clamping Thresholds
- 3.2.3.5 Setting Mesh Routing Reactivity
- 3.2.3.6 Setting Mesh Packet Time To Live
- 3.2.3.7 Viewing Current Mesh Performance Parameters
- 3.2.3.8 Frame Processor Parameters
- 3.2.4 STP Bridging
- 3.3 Global Radio Settings
- 3.4 Individual Radio Settings
- 3.4.1 Radio Band, Short Preamble, Guard Interval
- 3.4.2 Channel Selection
- 3.4.3 Distance, Beacon Interval, Noise Immunity
- 3.4.4 Network Type, Antenna Gain, Tx Power
- 3.4.5 MIMO
- 3.4.6 STBC
- 3.4.7 Channel Lock and Other Channel Selection Features
- 3.4.8 DFS, TDWR, and Channel Exclusion
- 3.4.9 Radio BSS Settings
- 3.4.9.1 BSS Radio, BSS Name and SSID
- 3.4.9.2 WDS Bridging or AP Infrastructure Configuration
- 3.4.9.3 BSS State, SSID Advertising and Drop Probe Requests
- 3.4.9.4 BSS STA Idle Timeout and 802.11g-Only Settings
- 3.4.9.5 BSS Unicast Transmission Rate Settings
- 3.4.9.6 BSS WMM QoS Setting
- 3.4.9.7 BSS Fragmentation and RTS Thresholds
- 3.4.9.8 BSS DTIM Beacon Countdown
- 3.4.9.9 BSS VLANs Settings
- 3.4.9.10 BSS Fortress Security Zone
- 3.4.9.11 FastPath Mesh BSS Cost Offset
- 3.4.9.12 BSS Multicast Settings
- 3.4.9.13 Bridging MTU and Beacon Encryption
- 3.4.9.14 BSS Description
- 3.4.9.15 BSS Wi-Fi Security Configuration
- 3.4.10 Antenna Tracking / Rate Monitoring
- 3.4.11 ES210 Mesh Point STA Settings and Operation
- 3.4.11.1 STA Radio, Name, SSID and SSID Roaming
- 3.4.11.2 STA State
- 3.4.11.3 STA Unicast Transmission Rate Settings
- 3.4.11.4 STA Background Scanning
- 3.4.11.5 STA WMM QoS Setting
- 3.4.11.6 STA Fragmentation and RTS Thresholds
- 3.4.11.7 STA Multicast Rate
- 3.4.11.8 STA Description
- 3.4.11.9 STA Wi-Fi Security Configuration
- 3.4.11.10 Editing or Deleting a STA Interface Connection
- 3.4.11.11 Establishing a STA Interface Connection
- 3.4.11.12 ES210 Station Access Control Lists
- 3.5 Local Area Network Configuration
- 3.6 Time and Location Configuration
- 3.7 GPS and Location Configuration
- 3.8 DHCP and DNS Services
- 3.9 Ethernet Interfaces
- 3.10 Quality of Service
- 3.11 VLANs Implementation
- 3.12 ES210 Mesh Point Serial Port Settings
- 3.13 Mesh Viewer Protocol Settings
- Chapter 4 Network Security, Authentication and Auditing
- 4.1 Fortress Security Settings
- 4.1.1 Operating Mode
- 4.1.2 FIPS Settings
- 4.1.3 MSP Encryption Algorithm
- 4.1.4 Encrypted Data Compression
- 4.1.5 MSP Key Establishment
- 4.1.6 MSP Re-Key Interval
- 4.1.7 Key Beacon Interval
- 4.1.8 Fortress Legacy Devices
- 4.1.9 Encrypted Zone Cleartext Traffic
- 4.1.10 Encrypted Zone Management Settings
- 4.1.11 Authorized Wireless Client Management Settings
- 4.1.12 Turning Mesh Point GUI Access Off and On
- 4.1.13 SSH Access to the Mesh Point CLI
- 4.1.14 Blackout Mode
- 4.1.15 Allow Cached Credentials
- 4.1.16 Fortress Access ID
- 4.2 Digital Certificates
- 4.3 Access Control Entries
- 4.4 Internet Protocol Security
- 4.5 Authentication and Timeouts
- 4.5.1 Authentication Servers
- 4.5.2 Internal Authentication Server
- 4.5.2.1 Basic Internal Authentication Server Settings
- 4.5.2.2 Certificate Authority Settings
- 4.5.2.3 Global User and Device Authentication Settings
- 4.5.2.4 Local 802.1X Authentication Settings
- 4.5.2.5 OCSP Authentication Server Settings
- 4.5.2.6 OCSP Cache Settings and Management
- 4.5.2.7 Internal Authentication Server Access Control Lists
- 4.5.3 User Authentication
- 4.5.4 Client Device Authentication
- 4.5.5 Session Idle Timeouts
- 4.6 ACLs and Cleartext Devices
- 4.7 Remote Audit Logging
- 4.8 Wireless Schedules
- 4.1 Fortress Security Settings
- Chapter 5 System Options, Maintenance and Licensing
- Chapter 6 System and Network Monitoring
- Index
- Glossary
Fortress ES-Series CLI Guide: Glossary
XVII
ITU-T
International Telecommunications Union-Telecommunication, Geneva-based interna-
tional organization for telecommunications standards, formerly CCITT.
key establishment
An transaction through which two parties with no prior knowledge of one another can
agree upon a shared secret key for symmetric key encryption of data over an insecure
channel. Sometimes, key exchange.
L2TP
Layer 2 Tunnel Protocol—an emerging IETF extension to PPP that supports VPNs by
facilitating the tunneling of PPP packets across an intervening network.
LAN
Local Area Network—a collection of computers located within a small area (such as an
office building) that shares a common communications infrastructure and network
resources (i.e., printers, servers, etc.).
Layer 2
or
OSI Layer 2
—the second lowest network layer in the OSI Model, also referred to as
Data Link Control
(DLC) or the
Data Link Layer
. Layer 2 contains two sublayers: the
MAC and LLC layers.
LDAP
Lightweight Directory Access Protocol—a protocol used to access directories on a net-
work, including the Internet. LDAP makes it possible to search compliant directories to
locate information and resources on a network. LDAP is a streamlined version of the
Directory Access Protocol, part of the X.500 standard for network directory services.
LLC
Logical Link Control—one of two sublayers of OSI Layer 2 (refer to
DLC
), in which frame
synchronization, flow control and error checking takes place.
MAC
Media Access Control—one of two sublayers of the OSI Model’s DLC, at which data
access and transmission permissions are controlled.
MAC address
Media Access Control address—a unique number that identifies a device, used to prop-
erly direct network traffic to the device.
MAN
Metropolitan Area Network—a collection of interconnected computers within a town or
city.
MIB
Management Information Base—SNMP-compliant information that an SNMP agent
stores about itself and sends in response to SNMP server requests (PDUs).
MIMO
Multiple-Input Multiple-Output—as defined by the 802.11n amendment to IEEE 802.11
standard set, the use of multiple antennas at both transmitter and receiver to improve
radio connection performance.
MITM
Man in the Middle attack—a network security breach in which an attacker is able to
intercept, read, insert and modify messages between two parties without their knowing
that the link between them has been compromised.
MLD
Multicast Listener Discovery—a means, defined in the IPv6 ICMPv6 protocol, of discov-
ering multicast listeners on a directly attached link (analogous to IGMP in IPv4).
MobileLink™
In GE Medical Systems
Information Technologies
, a proprietary method for wireless
transmission of serial output.
MRD
Multicast Router Discovery—a mechanism, defined in IETF RFC 4286, for identifying
multicast routers independent of the multicast routing protocol they use.
MRP
Mesh Radio Port—in Fortress Mesh Points, a pair-wise network link formed between
bridging-enabled BSSs configured on the Mesh Points.
MSI The Microsoft installer system written by Microsoft for Windows platforms.
MSP
Mobile Security Protocol—The Fortress protocol that provides authentication and
encryption at the Media Access Control (MAC) sublayer, within the Data Link Layer
(Layer 2) of the Open System Interconnection (OSI) networking model.