WLAN Technical Proposal
Uploaded by
Flavio Correia RodriguesWLAN Technical Proposal
Uploaded by
Flavio Correia RodriguesWLAN Technical Proposal
Issue 01
Date
HUAWEI TECHNOLOGIES CO., LTD.
Copyright © Huawei Technologies Co., Ltd. 2020. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior
written consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees
or representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.
Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: https://www.huawei.com/
Email: [email protected]
Issue 01 () Copyright © Huawei Technologies Co., Ltd. i
Mobile Office WLAN Technical Proposal Change History
Change History
Date Version Description Revised
2014-05-20 1.0 Drafted the mobile office WLAN Zhang Jun
technical proposal. Sun Shengbai
2015-11-02 1.1 1. Changed the recommended indoor Sun Shengbai
AP from 802.11n-compliant AP6010
to 802.11ac-compliant AP5030DN
and AP4030DN.
Changed the recommended outdoor
AP from 802.11n-compliant AP6510
to 802.11ac-compliant AP8130DN.
2. Changed TSM to Agile Controller
2020-07-13 2.0 1. Updated the recommended APs to Wan
Wi-Fi 6 APs. Yunfei/Lin
2. Added Wi-Fi technologies, such as Jian/Yan
HQoS and smart antenna. Liang/Chen
Quanwu
3. Changed eSight and Agile Controller
to iMaster NCE-Campus and added
CampusInsight.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. ii
Mobile Office WLAN Technical Proposal Contents
Contents
Change History...................................................................................................................ii
1 Project Background and Requirements........................................................................1
1.1 Overview of Office Mobility......................................................................................................................... 1
1.2 Project Background.................................................................................................................................... 2
1.3 Mobile Office Application Requirements..................................................................................................... 3
2 Basic WLAN Design........................................................................................................4
2.1 WLAN Design Principles............................................................................................................................. 4
2.2 Overall Network Architecture...................................................................................................................... 4
2.3 WLAN Coverage Design............................................................................................................................. 5
2.3.1 Wireless Network Deployment Solution................................................................................................... 6
2.3.2 Channel Planning.................................................................................................................................. 10
2.3.3 Planning Tools....................................................................................................................................... 10
2.3.4 SSID and Roaming Planning................................................................................................................. 11
2.4 RRM......................................................................................................................................................... 13
2.4.1 Radio Calibration................................................................................................................................... 13
2.4.2 Load Balancing...................................................................................................................................... 14
2.4.3 5 GHz-Prior Access............................................................................................................................... 14
2.4.4 Restricting Access from Weak-Signal or Low-Speed Terminals.............................................................15
2.4.5 Compelling Weak-Signal or Low-Speed Terminals to Log Out..............................................................15
2.4.6 Smart Antenna....................................................................................................................................... 15
2.4.7 Software-Defined Radio (SDR).............................................................................................................. 16
2.4.8 Spectrum Analysis................................................................................................................................. 16
2.4.9 Per-Packet Power Adjustment............................................................................................................... 16
2.5 QoS Design.............................................................................................................................................. 16
2.5.1 WMM and Priority Mapping................................................................................................................... 17
2.5.2 WLAN HQoS.......................................................................................................................................... 18
2.6 Reliability Design...................................................................................................................................... 20
2.6.1 1+1 Backup of ACs................................................................................................................................ 20
2.6.2 Service Holding Upon CAPWAP Link Disconnection.............................................................................20
2.6.3 Channel Switching Without Service Interruption....................................................................................21
2.6.4 AP Reliability.......................................................................................................................................... 21
2.7 Security Planning...................................................................................................................................... 21
Issue 01 () Copyright © Huawei Technologies Co., Ltd. iii
Mobile Office WLAN Technical Proposal Contents
2.7.1 WIDS/WIPS........................................................................................................................................... 22
2.7.2 Security Policy....................................................................................................................................... 23
2.7.3 Terminal Blacklist and Whitelist.............................................................................................................. 23
2.7.4 User Isolation......................................................................................................................................... 23
2.8 Access Authentication and Guest Management........................................................................................ 24
2.8.1 User Access Authentication................................................................................................................... 24
2.8.2 Authentication Mode Selection............................................................................................................... 24
2.8.3 Guest Management............................................................................................................................... 27
3 WLAN Management Solution.......................................................................................29
3.1 Network O&M, Management, and Control by iMaster NCE-Campus........................................................29
3.1.1 Administrator Management.................................................................................................................... 29
3.1.2 Device Alarm.......................................................................................................................................... 32
3.1.3 Monitoring Dashboard........................................................................................................................... 35
3.1.4 Single-Site Device Monitoring................................................................................................................ 37
3.1.5 Site Monitoring....................................................................................................................................... 39
3.1.6 Statistics Analysis.................................................................................................................................. 40
3.1.7 Terminal Behavior Analysis.................................................................................................................... 43
3.1.8 Agile Report........................................................................................................................................... 46
3.1.9 File Management................................................................................................................................... 52
3.1.10 Device PMI.......................................................................................................................................... 52
3.1.11 Device Upgrade................................................................................................................................... 53
3.1.12 New Function Notification.................................................................................................................... 55
3.2 Intelligent O&M by CampusInsight............................................................................................................ 55
3.2.1 Dashboard............................................................................................................................................. 55
3.2.2 Intelligent Radio Calibration................................................................................................................... 56
3.2.3 Protocol Trace........................................................................................................................................ 57
3.2.4 Client Journey........................................................................................................................................ 57
3.2.5 Proactive O&M....................................................................................................................................... 58
4 Solution Design Highlights.......................................................................................... 60
5 Device Selection and Configuration Suggestions.....................................................62
5.1 Product Overview..................................................................................................................................... 62
5.1.1 AirEngine 8760-X1-PRO........................................................................................................................ 62
5.1.2 AirEngine 8760R-X1 and AirEngine 8760R-X1E....................................................................................63
5.1.3 AP7060DN............................................................................................................................................. 65
5.1.4 AirEngine 6760-X1 and AirEngine 6760-X1E......................................................................................... 66
5.1.5 AirEngine 6760R-51 and AirEngine 6760R-51E....................................................................................67
5.1.6 AirEngine 5760-51................................................................................................................................. 68
5.1.7 AirEngine 5760-10................................................................................................................................. 69
5.1.8 AirEngine 5760-22W.............................................................................................................................. 70
5.1.9 AirEngine 5760-22WD........................................................................................................................... 71
5.1.10 AirEngine 9700D-M.............................................................................................................................. 72
Issue 01 () Copyright © Huawei Technologies Co., Ltd. iv
Mobile Office WLAN Technical Proposal Contents
5.1.11 AC6800V.............................................................................................................................................. 73
5.1.12 AC6805................................................................................................................................................ 74
5.1.13 AirEngine 9700-M................................................................................................................................ 74
5.1.14 AC6508................................................................................................................................................ 75
5.1.15 CloudEngine S12700E........................................................................................................................ 76
5.1.16 CloudEngine S12700........................................................................................................................... 78
Issue 01 () Copyright © Huawei Technologies Co., Ltd. v
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
1 Project Background and Requirements
1.1 Overview of Office Mobility
With the advent of the mobile Internet era, wireless networks bring great convenience
to people's work, study, and life. Internet access anytime and anywhere has become
a basic requirement of people. Wi-Fi networks have become as basic a facility as
water and electricity. In addition, Wi-Fi networks will be integrated with real-time big
data analysis, cloud computing, and artificial intelligence (AI), revolutionizing the
industry and constructing a fully connected, intelligent world.
Wi-Fi networks are key to enterprise digital transformation. Wi-Fi enables networks to
move with users, so that enterprise employees can work collaboratively on mobile
devices or through mobile apps. According to IDC's report, 70% of enterprises have
implemented wireless office, significantly improving work efficiency.
As office and IoT terminals are evolving towards fully wireless, an increasing number
of delay-sensitive, bandwidth-hungry applications need to be carried on the same
network at the same time. Conventional campus networks cannot ensure either the
per-user bandwidth or the quality of key services. In addition, the conventional
campus networks cannot rapidly locate user and application experience faults, which
severely hinders the networks' pace towards digitalization. Considering this, the
future-oriented campus network must have the characteristics as below:
Super capacity: gigabit-wireless speeds and beyond, enabling high-quality
access for everyone from anywhere
Evolving campus terminals towards fully wireless is no longer a trend but a common
choice in the industry. This choice will boost office efficiency. In addition, as
bandwidth-hungry, low-latency applications, such as 4K, VR, AR, cloud storage, VD,
and cloud collaboration, are becoming increasingly popular, constructing a fully
wireless campus network with a bandwidth of 100 Mbps to 1 Gbps anytime,
anywhere will become a new criteria. High-bandwidth and high-performance wired
and wireless network devices are used to build a continuous self-organizing campus
network, granting each terminal gigabit-wireless speeds and beyond.
High-throughput Wi-Fi 6 APs are deployed at the wireless access layer to meet
network access requirements in high-density and bandwidth-hungry scenarios,
such as teaching and scientific research.
GE/2.5GE/5GE/10GE network access speeds are provided at the wired access
layer to meet the high-speed switching requirements of Wi-Fi 6 networks.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 1
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Hierarchical quality of service (HQoS) is deployed at the aggregation and core
layers to ensure experience of key users and applications.
Intelligent experience: continuous self-organizing networking, ensuring
experience for key applications at any time
As an increasing number of key services are carried on campus networks, the
network experience of users and services directly affects the operation and
collaboration efficiency of enterprises. Introducing AI technology to school campus
networks can implement:
Intelligently learn network environment changes, automatically optimize and
reduce co-channel interference on wireless networks, and improve wireless
network performance.
Intelligently and automatically detect terminal roaming and implement device-
pipe synergy to reduce the packet loss rate to nearly zero and improve service
experience.
Intelligently detect application types, dynamically adjust network-wide resources,
and reserve resources for key users and applications, ensuring that key
applications are not affected in the case of network congestion due to traffic
burst.
Autonomous driving: service provisioning and fault rectification in minutes
Conventionally, it takes several weeks or even months to deploy a campus network
through hundreds of Wi-Fi 6 APs and campus switches.
AI-boosted network and service provisioning in minutes: School campus
networks are built on the ADN architecture to uniformly unify the entire network.
In this manner, new campus networks, multi-campus management, and level-2
college networks can be automatically deployed and services can be rapidly
provisioned regardless of the network size and distance.
Fault rectification in minutes: The AI-powered intelligent O&M system
continuously analyzes the network experience of each user and application at
each moment on the entire campus network so as to proactively identify root
causes and automatically locate and rectify faults before users get aware of the
faults.
1.2 Project Background
Thanks to its high bandwidth, wide signal coverage, and large capacity, the wireless
network can meet the high-speed wireless Internet access requirements of xxx,
achieve the "3A" goal of mobile office, implement comprehensive awareness and
high-speed transmission in wireless manner, and gradually change the way xxx
employees work and live. All these reflect the concept of enabling everyone to
participate in development and innovation in the Internet era.
Based on the principle of "overall planning, phased implementation, pilot first, point-
to-point, scientific network deployment, security-oriented, enterprise application-
oriented, and civil use-assisted", construct the xxx wireless network, establish a Wi-
Fi & IoT converged network infrastructure, and use the features of the wireless
network architecture, such as convenience, fast speed, flexibility, and wide coverage,
to promote the development of the xxx production and office towards automation,
digitalization, and informatization, meeting the requirements of increasingly
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 2
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
enhanced mobile office and production automation as well as the requirements of
resource sharing among multiple services and platforms.
1.3 Mobile Office Application Requirements
Mobile office enables employees to access enterprise networks through any terminal
anytime, anywhere. These changes require high bandwidth, high security, and high
reliability of the entire network as well as seamless integration of wired and wireless
networks, ensuring consistent wired and wireless access experience.
1. Wireless network access: Users can access the Internet at record speed
anytime, anywhere through Wi-Fi-capable smart terminals, such as laptops,
tablets, and mobile phones.
2. Wireless office: Authorized users can access LANs and use mobile office
applications, such as information browsing, event approving, as well as email
receiving and sending, through LANs. This frees users from wired cables,
enabling networks to move with users and improve production and office
efficiency.
3. Unified authentication: Wired and wireless users use the same account. Portal
authentication is enabled for wireless users, and 802.1X authentication is
deployed for wired users. The authentication points of wired and wireless users
are the same to simplify network management.
4. Stable and reliable: ACs work in 1+1 or N+1 backup mode, ensuring high device
reliability. Radio calibration and coverage hole compensation are deployed to
minimize impacts of a single AC AP failure on the network and enhance network
reliability.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 3
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
2 Basic WLAN Design
2.1 WLAN Design Principles
The mobile office network design must be simple, reliable, easy to deploy, and easy
to maintain. Typically, the design must comply with the principles as below:
Secure: User security and network security must be considered during WLAN
planning since WLANs are open.
Reliable: WLANs require high-quality network signals, stable device running,
and single-point failure avoidance to provide customers with reliable wireless
access services.
Easy to maintain: Devices on the WLAN should be easily managed,
maintained, and configured. Users can uniformly monitor device parameters,
data traffic, and system performance. Additionally, users can remotely manage
devices and diagnose faults.
Scalable: In addition to the current requirements, devices on the WLAN should
address predictable network expansion requirements, such as expansion of
bandwidths, devices, applications, and locations. The constructed network
should maximize existing investments while evolving towards new technologies.
2.2 Overall Network Architecture
It is recommended that the centralized forwarding mode be used to build a Wi-Fi
network based on the actual project situation. ACs are uniformly deployed in the HQ
equipment room, and APs are deployed in each signal coverage scenario. The
centralized forwarding mode is used on the campus network. Wireless data flows are
authenticated, controlled, and forwarded on the AC. The local forwarding mode is
used on campus branch networks. APs and users on branch networks are uniformly
authenticated at the HQ, and wireless data flows of branch networks are directly
transmitted to the Internet through the local egress. Logically, a WLAN consists of the
terminal access side, data communication network, and wireless O&M, management,
and control platform, as shown in the figure as below.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 4
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
1. Terminal access side: Fit APs are deployed at this side. You can select Huawei
indoor settled APs that comply with the Wi-Fi 6 standard and support automatic
radio calibration to meet the requirements of full signal coverage and seamless
roaming, minimize co-channel interference, and improve network experience of
wireless users.
2. Data communication network: Multi-GE or GE access switches are deployed to
supply power to APs in PoE mode. Access switches connect to convergence
switches through 10GE or 25GE optical fibers. Aggregation switches connect to
core switches through 10GE, 40GE, or 100GE optical ports.
3. O&M, management, and control platform: Huawei's independent AC or native
AC works with iMaster NCE-Campus to implement unified management and
security access control, such as automated configuration delivery, radio
management, and channel allocation for network-wide APs. This simplifies
wireless network management in office buildings.
4. iMaster NCE-Campus is recommended for security policy control to provide a
multitude of functions, such as user management, access control, and guest
management. This implements user group-based management and
authorization, and supports multiple access control solutions, such as MAC
address, Portal, 802.1X, and PPPoE authentication.
2.3 WLAN Coverage Design
As the spatial layouts of campus buildings are diverse, the user capacity and signal
coverage need to be considered in WLAN coverage planning. In the early phases of
network planning, you need to clarify the information based on the mobile office
network construction objectives: coverage areas, user distribution in the WLAN
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 5
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
coverage areas, service types, and bandwidth requirements. Based on such
information, you can plan the number of APs, AP deployment locations, AP transmit
power, and channels.
2.3.1 WLAN Deployment Solution
A mobile office network can cover all functional zones in a campus, including the
office zone, conference room, rest and reception zone, and outdoor public zone. A
campus can also be divided into user-intensive areas and user-sparse areas based
on the user density.
Common Offices and Conference Rooms
Coverage requirements:
2 Mbps downlink bandwidth and 1 Mbps uplink bandwidth
Semi-open indoor environment where rooms with unfixed structures are closely
adjacent to each other
Low user concurrency, with network access purposes dominated by information
query and requiring 2 Mbps bandwidth
Device model: AP 6760-X1 and AP 5760-51 (Wi-Fi 6)
Deployment solution:
APs are ceiling-mounted.
Each AP provides wireless access services for up to 60 concurrent users (dual-
band) and ensures 1.5 to 2 Mbps bandwidth for each user.
The spacing between APs is about 15 m (± 3 m).
Signals can cover adjacent rooms (by passing through only one wall).
Portal authentication is typically enabled to authenticate the user name and
password.
Video Conferencing
Coverage requirements:
30 Mbps bandwidth for 4K video services
Burst traffic volume: 3x to 5x the average traffic volume
Latency-sensitive audio and video services
Device model: AirEngine 8760-X1-PRO (Wi-Fi 6)
Deployment solution:
Triple-radio technology: provides 100+ channels of 4K high-precision (HD)
videos, with 30 Mbps bandwidth for each channel.
Dynamic Turbo for intelligent application acceleration: Huawei Wi-Fi 6 reduces
the latency of industry-standard Wi-Fi 6 by 50% from 20 ms to just 10 ms,
boosting video office experience.
CampusInsight: rapidly locates audio and video quality issues through the AI-
powered analysis system.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 6
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Densely-Distributed Offices
Coverage requirements:
Web page browsing and material download; ≥ -65 dBm received signal level in 100%
of wireless coverage areas; 4 to 8 Mbps downlink bandwidth and 2 to 4 Mbps uplink
bandwidth; able to carry 60% of concurrent network access requirements during
peak hours
Scenario characteristics:
Scenarios with a unified room structure, densely distributed walls, and severe
signal attenuation
4 to 8 employees in a single office room and 1 in a single manager's office
Iron doors and file cabinets in some office rooms
60% to 70% user concurrency rate during peak hours
Interference from the existing wireless network
Costly cable re-routing
Scenario characteristics:
Densely distributed coverage areas and high-density office rooms
High user concurrency rate (60% or higher)
Management requirements:
The AP must have the anti-theft capability to prevent theft from third parties.
Each user can have two or three terminals connected to the network.
Unauthorized wireless access users can be forcibly logged out.
Information about wireless access users, such as the user MAC address,
account, and online/offline time, is recorded for auditing.
Device model:
Agile distributed AP: AirEngine 9700D-M (central AP) + AirEngine 5760-22WD (smart
RU)
Deployment solution 1: agile distributed coverage solution
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 7
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Higher service reliability: A central AP supports link disconnection survival.
That is, a link disconnection between the AP and AC does not affect wireless
users.
Easier management: One central AP covers 24 rooms, and the number of
signal-covered rooms can be extended to 48. Compared with common APs,
fewer central APs and management nodes are required to maintain the same
coverage scope.
Higher return on investment (ROI): The number of central APs is small, and
RUs do not occupy the controller license, reducing management licenses.
Central APs uniformly control RUs, ensuring smooth and rapid roaming.
RUs connect to a central AP through Ethernet cables to avoid signal attenuation
faced by feeder extension of smart distributed APs. The coverage distance
reaches up to 100 m.
Deployment solution 2: wall plate AP coverage solution
The existing wired network ports in each office are fully utilized to replace the original
wired 86-mm junction boxes with Huawei APs.
One wall plate AP for two rooms
High performance: 1167 Mbps per radio module, supporting dual-band radios
(2.4 GHz and 5 GHz)
Wi-Fi + Ethernet cable + telephone cable (4 x FE ports + 1 x RJ11 ports);
bypass-capable wired port, ensuring that wireless module exceptions do not
affect wired communication
Aesthetic, flexible deployment: multiple deployment modes, such as 86-mm
junction box, ceiling-mounting, and wall-mounting
Strong WLAN signals, higher access performance than that of smart distributed
APs
No need to drill holes on the wall (lossless cabling) or re-cabling, leading to low
installation and deployment costs
Large Conference Rooms and Lecture Halls
Coverage requirements:
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 8
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Signal coverage requirements in high-density scenarios such as lecture halls,
stadiums, canteens, and auditoriums:
Stable and smooth network access, ensuring that users can log in to external
websites through personal terminals (laptops, tablets, and mobile phones) and
experience high-quality network access
More than 200 users in a conference room or lecture hall accessing the wireless
network simultaneously
Scenario characteristics:
Limited space with high user density and high user concurrency
At least 1 Mbps bandwidth
Complex installation
Device model:
Indoor: AirEngine 6760-X1E + small-angle antenna
Outdoor: AirEngine 8760R-X1E + small-angle antenna
Outdoor Campus Coverage
Coverage requirements:
Outdoor environments are harsher than indoor environments, and outdoor APs may
experience scorching summer and freezing winter, be exposed to wind and rain, and
encounter lightning disasters. Signal coverage requirements of exemplary outdoor
stadiums, rest areas, and squares are as below:
Network access anytime, anywhere within coverage areas
> -65 dBm signal strength in key coverage areas including outdoor stadiums,
rest areas, and squares
Wi-Fi coverage for 70% of non-key outdoor areas
Scenario characteristics:
Open space with obstacles such as trees and buildings
No densely distributed buildings
High user mobility and low bandwidth requirement
Device model:
Dustproof, rainproof, and lightning-proof AP with IP68 protection level and a built-in
surge protector:
AirEngine 8760R-X1/X1E or AirEngine 6760R-51/51E
Antenna Selection
Outdoor APs are typically configured with outdoor directional or omnidirectional
antennas. The omnidirectional coverage radius of a single AP can reach 60 to 75 m.
Directional antennas are used to cover key areas. Specific antennas can be flexibly
selected based on the horizontal angle, vertical angle, and gain of antennas.
Coverage plan:
Outdoor APs can be installed on poles such as street lamp poles and power
poles.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 9
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Outdoor APs with directional antennas can also be installed on building walls
(with 4 to 6 floors) to cover key areas.
2.3.2 Channel Planning
In large mobile offices, WLAN channels must be allocated uniformly to prevent
interference between channels. WLAN systems mainly work on the 2.4 GHz and 5.0
GHz frequency bands. Channels 1 to 14 work in the continuous spectrum 2.4 GHz to
2.4835 GHz. The three non-overlapping channels 1, 6, and 11 are typically used. The
5 GHz frequency band is further divided into three non-contiguous frequency bands:
5.1 GHz to 5.3 GHz, 5.4 GHz to 5.7 GHz, and 5.7 GHz to 5.8 GHz. You must select
the corresponding non-overlapping channels in compliance with local laws and
regulations. WLAN channel design must comply with two principles: cellular coverage
and cross-multiplexing, as shown the figures as below.
2.4G cellular coverage 5G cellular coverage Dual-band cellular coverage
2.3.3 Planning Tools
Fine-tuned signal coverage for indoor and outdoor scenarios is challenging.
Experience-dependent WLAN design cannot well adapt to the actual environment,
leading to low accuracy and efficiency, more complex network O&M and optimization,
and higher costs.
Huawei provides a specified WLAN planning tool (WLAN Planner) for planning,
construction, and optimization, significantly improving coverage design accuracy and
efficiency.
You can log in to https://serviceturbo-cloud.huawei.com using your W3 or Uniportal
account through Google Chrome. After login, choose WLAN Planner from Tool
Application Market. You can export network planning simulation reports, simulation
images, material details, and CAD drawings containing AP positions from WLAN
Planner.
2.3.4 SSID and Roaming Planning
SSID Planning
On a wireless network for mobile office, different service set identifications (SSIDs)
can be assigned by user type and service type to perform differentiated management
of terminals and services. Huawei single-band AP supports 16 SSIDs, and dual-band
AP supports 32 SSIDs.
The SSIDs listed in the table are assigned by user type.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 10
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
SSID Authorized Access User
Staff All internal employees
Management Company managers and IT personnel
Guest Guests
SSID-VLAN Mapping
Management VLANs and service VLANs are usually isolated on the Ethernet.
Service VLANs are assigned by service type or user group. On a WLAN, SSIDs are
assigned in a similar way. As such, SSID-VLAN mappings must be determined during
SSID design. The mapping can be 1:1, 1:N, N:1, or N:N.
Roaming Design
Roaming allows a terminal to move from the coverage area of one AP to that of
another AP within the WLAN without repeating the login or authentication process.
Note these considerations when WLAN roaming design: 1. The SSID and security
settings must be the same during roaming. 2. The terminal determines which AP to
connect to. The switchover duration depends on the chip and settings of the terminal.
Therefore, the roaming performance varies with terminals. Huawei WLAN solution
supports PMK caching and key negotiation between terminals and APs to shorten the
roaming handover duration to 50 ms, ensuring smooth service transition in Layer 2
roaming mode (in the same VLAN) or Layer 3 roaming mode (across VLANs).
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 11
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Smart Roaming
A terminal proactively roams in real time based on the signal strength and
environment, and roams only when the signals of two neighboring APs overlap.
When the signal strength of a terminal becomes lower than the lower threshold
configured for the terminal, the terminal re-associates with an AP that provides better
signal quality.
Roaming is initiated by terminals. In the preceding figure, after a sticky terminal
moves, its signal strength is not lower than the lower threshold configured for it.
Therefore, it cannot trigger roaming, still associates with AP1, and operates at a low
speed. This adversely affects user experience. Subsequently, the terminal cannot
connect to AP3 that can provide better signal quality. Smart roaming technology can
solve this problem. Both APs and terminals support 802.11k and 802.11v. When a
terminal moves, the wireless system detects signal strength of the APs neighboring
to the AP that the terminal associates with so as to determine whether an AP that
provides better signal quality is available. In this example, it is found that AP3
provides better signal quality. The system then steers the terminal to AP3. This
approach improves user experience and wireless network performance.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 12
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
2.4 RRM
Radio resource management (RRM) enables APs to check the surrounding radio
environment, dynamically adjust working channels and transmit power, and evenly
distribute access users. This helps mitigate radio signal interference, adjust radio
coverage, and enable a wireless network to quickly adapt to changes in the radio
environment. With the RRM function, the wireless network can provide high service
quality for wireless users and maintain an optimal radio resource utilization.
2.4.1 Radio Calibration
On a WLAN, operating status of APs is affected by the radio environment. For
example, a high-power AP can interfere with adjacent APs if they work on
overlapping channels. The radio calibration function can dynamically adjust channels
and power of APs managed by the same AC to ensure that the APs work at their
optimal performance. Depending on the scope of radio calibration, two radio
calibration modes are available:
Global radio calibration: The AC dynamically allocates channels and power to
all the APs in an AP region. Typically, this calibration mode is used on a newly
deployed WLAN or a WLAN where the radio environment deteriorates in most
areas.
Partial radio calibration: The AC dynamically allocates channels and power to
specified APs. Typically, this calibration mode is used when new APs are added
to the network or the radio environment deteriorates in some areas.
2.4.2 Load Balancing
Load balancing can evenly distribute AP traffic loads to ensure high bandwidth for
each terminal. The load balancing function applies to wireless networks with high
user densities to ensure proper access of terminals. After load balancing is enabled
on an AC, the AC uses a load balancing algorithm to determine whether a new
terminal (STA6 in figure 1) can associate with an AP. The load balancing algorithm
prevents new terminals from associating with heavily-loaded APs.
As shown in the figure as below, AP1 and AP2 associate with an AC. Four users
(STA1 to STA4) associate with AP1, and one user (STA5) associates with AP2. AP1
is overloaded because too many users connect to the Internet through AP1, whereas
resources on AP2 are not used.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 13
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
2.4.3 5 GHz-Prior Access
When an AP and a terminal support both 5 GHz and 2.4 GHz frequency bands, the
AP can request the terminal to associate with the 5 GHz frequency band first.
Most terminals support both 5 GHz and 2.4 GHz frequency bands and the terminals
usually associate with the 2.4 GHz frequency band by default when connecting to the
Internet. To enable the terminals to associate with the 5 GHz frequency band, users
need to manually select the 5 GHz frequency band. When the 2.4 GHz frequency
band is overloaded or has severe interference, the 5 GHz frequency band can
provide better wireless services for terminals. The 5G-prior access function enables
terminals to preferentially associate with the 5 GHz frequency band.
2.4.4 Restricting Access from Weak-Signal or Low-Speed
Terminals
On a WLAN, an AP may receive weak radio signals from some terminals. After
associating with the AP, these terminals work at a low speed, affecting network
throughput. The function of restricting access from weak-signal or low-speed
terminals can prevent these terminals from accessing the WLAN, reducing the impact
of these terminals on other terminals and improving WLAN performance.
2.4.5 Compelling Weak-Signal or Low-Speed Terminals to Log
Out
On a WLAN, signals received by an AP from a terminal become weaker as the
terminal moves farther from the AP. However, the terminal is still connected with the
AP without re-initiating a connection with the AP or roaming to another AP. After the
function of compelling weak-signal or low-speed terminals to log out is configured, an
AP sends a Disassociation packet to a terminal when detecting that the signal
strength or access speed of the terminal is lower than the threshold. The terminal
then can reinitiate a connection with the AP or roam to another AP. As such, this
function helps mitigate the impacts of weak-signal or low-speed terminals on wireless
network performance.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 14
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
2.4.6 Smart Antenna
Huawei smart antenna technology is implemented through antenna arrays, involving
two parts: smart antenna array (antenna array hardware design) and antenna
selection algorithm (how to select an antenna in an antenna array). Huawei is one of
the few vendors in the industry that can combine TxBF and antenna arrays. The
antenna selection algorithm selects different combinations of antenna elements for
terminals at different locations to transmit packets. In addition, TxBF is deployed to
optimize beams. This combination provides better beams than just antenna arrays,
and better signal direction than just TxBF. This approach enhances reliability and
signal coverage, suppresses interference, and improves network throughput and
user experience.
Better coverage:
Smart antennas provide better coverage in the target area. The four-sector design of
antennas provides higher coverage strength. Combinations of directional antennas
intended for different directions provide longer-distance coverage than
omnidirectional antennas, and are more flexible than directional antennas intended
for one direction. In a complex radio environment, for example, when the multipath
effect is obvious or signal attenuation is obvious due to obstacles or distance
increase, smart antennas can be used to improve coverage. Compared with common
omnidirectional antennas, smart antennas provide a 20% larger coverage radius.
Thanks to smart antennas, fewer APs are required to meet the same signal strength
requirements, saving customer investment.
Higher throughput:
By selecting proper antenna combinations, smart antennas can improve signal
coverage effect of the target area and improve network throughput for terminals. The
combination of the antenna selection algorithm and MU-MIMO enables terminals in
the same direction to use the same directional beam for data transmission. This
boosts network throughput and minimizes interference between terminals.
Higher reliability:
The smart antenna algorithm can detect performance changes of antennas. If the
performance changes frequently, the air interface environment has deteriorated. In
addition, the algorithm can quickly select an optimal antenna combination in such an
environment through training, ensuring stable throughput in any environment and
providing better user experience.
2.4.7 Software-Defined Radio (SDR)
Huawei launches Wi-Fi 6 solutions and APs ideal for high-density scenarios. These
solutions and APs adopt the industry-leading triple-radio design and SDR technology,
providing higher service performance and bandwidth for users. In particular, 90 to
100 users can connect to a single AP concurrently, with more than 6 Mbps bandwidth
for each user. In contrast, conventional APs work in dual-radio mode. When 90 to
100 users connect to a single AP, the per-user bandwidth is less than 1 Mbps. When
60 users connect to a single AP, the per-user bandwidth is less than 2 Mbps.
2.4.8 Spectrum Analysis
WLAN devices work in industrial, scientific, and medical (ISM) frequency bands,
which are also used by non-WLAN devices such as Bluetooth devices, infrared
devices, and microwave ovens, causing severe interference on WLANs.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 15
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
In spectrum analysis, the spectrum analysis server analyzes characteristics of
collected radio signals to identify and locate non-WLAN devices so that radio
calibration can be implemented on the WLAN. The spectrum analysis function can
detect non-WLAN interference on the WLAN in a timely manner, improving user
experience.
2.4.9 Per-Packet Power Adjustment
The conventional radio power control function sets the power of an AP to a fixed
value to keep the power of all terminals connecting to the AP the same. The per-
packet power adjustment function enables an AP to detect signal strength of a
terminal in a timely manner. If the AP detects that signal strength of the terminal is
strong (for example, when the terminal is near the AP), the AP reduces the transmit
power when transmitting radio signals. If the AP detects that signal strength of the
terminal is weak (for example, when the terminal is far from the AP), the AP uses the
normal transmit power to transmit radio signals. This function minimizes the
interference between APs and between APs and terminals, implementing high-
density, power-efficient coverage.
2.5 QoS Design
In addition to common data, WLAN traffic also includes delay-sensitive multimedia
data, such as voice and video data. This chapter describes how to configure WLAN
QoS to enable network administrators to plan and allocate network resources based
on service characteristics, meeting user requirements and improving network usage.
Enabling QoS on a WLAN can:
Improve the radio channel utilization. The Wi-Fi multimedia (WMM) standard
enables high-priority users to preferentially occupy wireless channels.
Improve the network bandwidth utilization. Priority mapping preferentially
transmits data of high-priority users.
Minimize network congestion. Traffic policing limits users' transmission speed,
preventing network congestion.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 16
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
As shown in the preceding figure, enterprise campus networks support WMM
scheduling on wireless air interfaces and priority mapping on wired interfaces. In
addition, DiffServ scheduling is deployed on such networks to optimize the quality of
core services and VIP services during network congestion.
2.5.1 WMM and Priority Mapping
On a conventional WLAN, all terminals have the same chance to occupy a radio
channel. As such, the 802.11 standard provides the same QoS level for all wireless
applications. However, in actual wireless applications, different applications have
different QoS requirements. The WMM function is implemented by configuring WMM
profiles. This function identifies high-priority packets and enables high-priority
packets to preferentially occupy radio channels, meeting different service
requirements.
A set of Enhanced Distributed Channel Access (EDCA) parameters is set for each
AC queue. These parameters determine the capabilities of an AC queue to occupy a
radio channel. By default, WMM prioritizes Voice, Video, Best Effort, and Background
service types in descending order.
802.3 and 802.11 packets use different fields to identify their priorities. For example,
an 802.11 packet carries the user priority, an 802.3 VLAN packet carries the 802.1p
priority, and an IP packet carries the IP precedence or DSCP priority. Priority
mapping must be configured on network devices to retain the priorities of packets
that traverse different networks. The figure shows the end-to-end (E2E) solution for
video streams.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 17
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
The video server sends broadcast packets to the AC over the IP network and
adds a priority to the packets.
When the AC sends packets to APs over the CAPWAP tunnel, the AC needs to
map the Ethernet priority to the tunnel priority.
To ensure efficiency and improve stability, the AP converts multicast packets into
unicast packets and maps the priority on the wired network to that on the
wireless network.
Different services enter different queues on the air interface and obtain different
EDCA parameters to implement differentiated scheduling and ensure QoS.
To make full use of limited network resources, you can configure traffic policing for
special service flows to limit the traffic speed for all users or a specified user
connected to an SSID.
2.5.2 WLAN HQoS
The HQoS solution provides E2E QoS services for campus networks through
hierarchical scheduling based on the identification of users and applications as well
as the forwarding chip. The benefits of the solution include:
Refined service identification: Services and users can be identified to prioritize
the mission-critical services of key users.
User-based service scheduling model: Differentiated service assurance levels
can be provided.
Multiple application identification technologies are supported to meet diversified
requirements of campus services.
Huawei WLAN HQoS implements multi-level service scheduling through air interface
resource reservation and air interface slicing to ensure optimal user experience.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 18
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Spectrum resources can be reserved to ensure that VIP users can obtain spectrum
resources when needed.
VIP air interface reservation and HQoS (weight of different users and services)
determine the priority of spectrum allocation.
VIP users have a higher priority than common users.
Critical services (such as VR, mobile gaming, and payment) of VIP users have a
higher priority than common services (such as common audio and video) of VIP
users.
The required spectrum resources of users can be estimated in real time based on the
buffered data volume and packet transmission speed over the air interface. However,
excessive reservation is a waste. Therefore, the reservation must be optimal.
HQoS Queue Planning
The table provides the mapping between HQoS queues and user services.
Queue Service Scenario Description
FQ User's service Each FQ corresponds to a user service, such as voice,
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 19
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Queue Service Scenario Description
flow video, and data.
SQ User An SQ corresponds to a user.
CQ PQ Each CQ corresponds to a port queue.
TP Port A TP corresponds to a physical port.
The Huawei CloudCampus HQoS solution uses the SDN controller to automatically
map queues to services without manual planning.
2.6 Reliability Design
How to ensure network reliability is key to mobile office network design. ACs should
be able to implement user-unaware session-level backup after service switchover,
and outdoor APs should be able to adapt to harsh environments.
2.6.1 1+1 Backup of ACs
Typically, the scale of a mobile office WLAN is large. To prevent network issues
caused by a single AC failure, you are advised to deploy ACs in 1+1 backup mode to
improve network reliability, as shown in the figure as below.
2.6.2 Service Holding Upon CAPWAP Link Disconnection
With this function enabled, new users can access network resources according to the
usual process when a disconnected CAPWAP link recovers. However, previously
connected terminals are kicked off so that they can re-associate with the APs, and
logs are generated to report terminal information.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 20
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
This function takes effect only when the open system authentication, pre-shared key
authentication, or WPA/WPA2–PSK authentication is used.
2.6.3 Channel Switching Without Service Interruption
In some WLAN scenarios, the AP channel needs to be changed. For example, when
radio calibration for the AP is implemented, the AP channel may be changed. When
the AP channel is changed, the services of users connected to the AP are
interrupted. After this function is enabled, the services of users connected to the AP
are not interrupted when the AP channel is switched.
2.6.4 AP Reliability
Outdoor APs on a campus network must work properly when they experience
scorching summer and freezing winter, are exposed to wind and rain, and encounter
lightning disasters. Huawei outdoor AP6760R-X1, AP6760R-X1E, AP8760R-X1, and
AP8760R-X1E are dustproof, waterproof, and windproof, and provide high surge
protection capabilities.
2.7 Security Planning
WLAN security technology allows only authorized users to securely associate with
APs, encrypts user data, monitors and prevents access from unauthorized users or
APs, and isolates users to facilitate centralized user management and protect radio
channel resources.
Huawei WLAN security solution provides the mechanisms to comprehensively
safeguard networks and users:
WIDS and WIPS mechanisms that detect and defend against intrusion from
unauthorized users or APs
Security policy mechanism for wireless users, including link authentication,
access authentication, and data encryption
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 21
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Terminal blacklist and whitelist to control access of wireless users
User isolation to implement centralized management of wireless users
Terminal type identification, which enables employees to connect to enterprise
networks through their own terminals
2.7.1 WIDS/WIPS
WLANs are vulnerable to threats from unauthorized APs, users, and ad-hoc
networks. To cope with these threats, the WIDS/WIPS devices support the
mechanisms:
The wireless intrusion detection system (WIDS) detects rogue APs, bridges,
terminals, ad-hoc devices, and APs with overlapping channels.
The wireless intrusion prevention system (WIPS) disconnects authorized users
from rogue APs and disconnects unauthorized terminals and ad-hoc devices
from the WLAN.
To detect and defend against unauthorized devices, three AP working modes are
defined in WIDS and WIPS:
Access mode: An AP transmits data of wireless users and does not monitor
wireless devices on the network.
Monitor mode: An AP scans wireless devices on the network and listens on all
802.11 frames on wireless channels. In this mode, all WLAN services on the AP
are disabled and the AP cannot transmit data of wireless users.
Hybrid mode: An AP can monitor wireless devices while transmitting data of
wireless users.
An AP can implement the WIDS or WIPS function only when it works in monitor or
hybrid mode. The monitor AP scans channels to monitor neighboring wireless
devices by inspecting 802.11 management frames and data frames sent by
neighboring wireless devices, and periodically reports collected information to the
AC.
After an AC identifies a rogue AP, it sends rogue AP information to a monitor AP.
The monitor AP uses the rogue AP's identity information to broadcast or unicast
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 22
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
a Deauthentication frame. After terminals associating with the rogue AP receive
the Deauthentication frame, they disassociate from the rogue AP. This
containment mechanism prevents terminals from associating with rogue APs.
When the AC identifies unauthorized terminals or ad-hoc devices, the monitor
AP uses the BSSIDs or MAC addresses of the unauthorized terminals to unicast
a Deauthentication frame to disconnect the unauthorized devices.
WIDS also detects attacks such as flood, weak IV, spoofing, WPA/WPA2/WAPI pre-
shared key cracking, and WEP shared key cracking. WIDS records logs, statistics,
and alarms to notify network administrators of attacks. An AC or AP adds devices that
perform flood attacks and brute key cracking to a blacklist and rejects packets from
these devices.
2.7.2 Security Policy
Four security policies are available to safeguard WLANs: Wired Equivalent Privacy
(WEP), Wi-Fi Protected Access (WPA), WPA2, and WLAN Authentication and Privacy
Infrastructure (WAPI). Each security policy has a series of security mechanisms,
including link authentication used to establish a wireless link, user authentication
used when users attempt to connect to a wireless network, and data encryption used
during data transmission.
2.7.3 Terminal Blacklist and Whitelist
Terminal blacklist or whitelist allows authorized terminals to connect to the WLAN and
rejects access from unauthorized terminals.
A whitelist contains MAC addresses of terminals that are allowed to connect to a
WLAN. After the terminal whitelist function is enabled, only the terminals matching
the whitelist can connect to the WLAN.
A blacklist contains MAC addresses of terminals that are not allowed to connect to a
WLAN. After the terminal blacklist function is enabled, terminals matching the
blacklist cannot connect to the WLAN.
If the terminal whitelist or blacklist function is enabled but the whitelist or blacklist is
empty, all terminals can connect to the WLAN.
2.7.4 User Isolation
The user isolation function prevents wireless users associated with the same VAP
from forwarding Layer 2 packets to each other. These users cannot directly
communicate, ensuring user data security and facilitating accounting management.
On a campus network, some users need to access the Internet in wireless mode in
public areas. If users cannot be authenticated in a precise and reliable manner,
unauthorized users can access network resources at will. This occupies wireless
channel resources, increases bandwidth costs, degrades the security and service
quality of authorized users, and brings unacceptable loss to wireless access service
providers. Layer 2 user isolation, together with IEEE 802.11i and RADIUS
authentication & accounting, safeguard users.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 23
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
2.8 Access Authentication and Guest Management
2.8.1 User Access Authentication
User access authentication can authenticate user identities. Only authorized users
can access the network, and users of different roles can access different resources.
The network administrator can divide users into groups, define different user roles,
and configure different resources for users so that users can only access specified
network resources.
There are three authentication modes based on the user roles on the WLAN as
below: Ordinary employees need to enter their user names and passwords for web
Portal authentication every time when they go online. Leaders only need to enter
their user names and passwords on their handhold terminals for the first time when
they go online. Guests are authenticated based on accounts and passwords with a
validity period. The guest management system needs to solve the core security
issues as below:
Implement unified management on the account application.
Restrict guests' network access permission to safeguard enterprise information.
Audit guests' online behavior to avoid legal risks.
Huawei iMaster NCE-Campus provides the same access control system for
employees and guests to implement united authentication and authorization for
network-wide users, restrict guests' network bandwidth and traffic volume, and
realize self-service guest account application and management. The process of the
guest management system is as below:
System administrators or receptionists apply for temporary guest accounts
based on information submitted by the receptionists.
System administrators approve temporary account applications and send the
accounts to receptionists through short messages or emails.
Guests log in to the network through the temporary accounts, and iMaster NCE-
Campus authenticates guests and records guest information.
iMaster NCE-Campus periodically cleans redundant temporary accounts to
simplify management.
2.8.2 Authentication Mode Selection
WLAN authentication can be classified into three modes based on service
requirements: local forwarding + local authentication, centralized forwarding +
centralized authentication, and local forwarding + centralized authentication.
The figure mentioned next shows the service process of local forwarding + local
authentication mode. In local forwarding mode, the uplink switch of the AP functions
as the authentication control point. Only the control packets between the AC and AP
are delivered through the CAPWAP tunnel. Terminal authentication packets, such as
802.1X and Portal authentication packets, and service data packets of authenticated
terminals are forwarded through the AP. In this mode, Dot1x authentication is based
on the EAP protocol, a Layer 2 application protocol. As such, the network between
terminals and authentication point must be a Layer 2 network. Authentication control
points are usually deployed on the APs' uplink switches. Dispersed distribution of
control points causes high device costs and complicated management and
maintenance. In addition, the AC cannot implement centralized control of access
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 24
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
users, such as resource access permission control, user isolation, and speed limit. In
this mode, mutual access traffic in a local site is directly forwarded by APs, saving the
APs' uplink bandwidth. Service data flows and authentication protocol packets are
not forwarded through the CAPWAP tunnel, saving the AP's uplink bandwidth. The
service VLAN configuration of the wireless network can be the same as that on the
wired network, so that VLANs do not need to be re-planned and re-configured.
Typically, this mode applies to campus HQ.
The figure mentioned next shows the service process of the centralized forwarding +
centralized authentication mode. In this mode, the ACs function as authentication
control points. The control packets between the AC and AP, terminal authentication
packets (such as 802.1X and Portal authentication packets), and service data
packets of authenticated terminals are forwarded through the CAPWAP tunnel. Dot1x
and other access control points can be deployed on ACs. All data is forwarded
through the tunnel and data packets in local mutual access are also forwarded by the
ACs. This mode ensures high security. The ACs can implement centralized control of
wireless access users. You can plan and configure VLANs for the wireless network
independently to facilitate operation and maintenance. Typically, this mode applies to
campus HQ.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 25
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
The figure mentioned next shows the service process of the local forwarding +
centralized authentication mode. In the local forwarding mode, terminal
authentication packets, such as 802.1X and Portal authentication packets, are
forwarded through the CAPWAP tunnel, but not the ACs. The ACs function as
authentication control points. Service data packets of authenticated terminals are not
forwarded by the APs but not through the CAPWAP tunnel. In this mode, the AC
implements centralized control of wireless access users, including user isolation,
speed limit, and ACL. RADIUS authorization configuration is delivered to the APs
through the CAPWAP tunnel to improve network security. In this mode, the AC
implements centralized control of wireless access users. Permission authorization is
delivered to the APs through the CAPWAP tunnel to improve network security. Local
mutual access flows are forwarded through the APs rather than the AC, saving the
APs' uplink bandwidth. This authentication mode applies when ACs are deployed in
the HQ and APs are deployed in every branch.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 26
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
The local forwarding + centralized authentication mode implements centralized
control of wireless access users and realizes inter-VLAN Layer 3 roaming. This
implements unified user management and local forwarding of service data in campus
and branch scenarios.
2.8.3 Guest Management
As enterprises interact with the outside more often than before, deploying WLAN for
mobile office can flexibly meet customers' requirements for network access during
customer visits and communications, and allow customers to access enterprises'
public resources or the Internet. An enterprise provides a guest management system
to facilitate customer communications, improve enterprise image, and implement
fine-tuned management and control of guests' network access permission. The guest
management system needs to solve the core security issues as below:
Implement unified management over accounts applied by customers.
Restrict guests' network access permission to safeguard enterprise information.
Audit guests' online behavior to avoid legal risks.
Huawei iMaster NCE-Campus provides the same access control system for
employees and guests to implement united authentication and authorization for
network-wide users, restrict guests' network bandwidth and traffic volume, and
realize self-service guest account application and management. The process of the
guest management system is as below:
System administrators or receptionists apply for temporary guest accounts
based on information submitted by the receptionists.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 27
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
System administrators approve temporary account applications and send the
accounts to receptionists through short messages or emails.
Guests log in to the network through the temporary accounts, and iMaster NCE-
Campus authenticates guests and records guest information.
iMaster NCE-Campus periodically cleans redundant temporary accounts to
simplify management.
Figure 2-1 Huawei's guest management system
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 28
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
3 WLAN Management Solution
3.1 Network O&M, Management, and Control by iMaster
NCE-Campus
3.1.1 Administrator Management
Login Security
Huawei iMaster NCE-Campus can interconnect with third-party identity platforms,
such as Microsoft Active Directory (AD) and mainstream Lightweight Directory
Access Protocol (LDAP) servers. After they are successfully interconnected,
enterprise employees can log in to iMaster NCE-Campus through their own AD
domain accounts or LDAP accounts to perform service configuration and O&M over
manageable network devices as tenant administrators.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 29
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Rights- and Domain-based Management
The tenant administrator creates a sub-administrator and binds a site and role to the
sub-administrator. The sub-administrator can manage the site after successful login.
Network management permission is classified into query and modification
permission.
Customize a role and assign query permission to the role.
Customize a sub-administrator and bind a role to the sub-administrator.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 30
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Customize an administrator and bind a site to the sub-administrator.
After logging in to the system, the new administrator can only manage the preset site.
After login, service management permission of the new administrator is restricted by
the preset role.
3.1.2 Device Alarm
Alarm Dashboard
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 31
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Currently, alarm statistics are collected by the alarm name, duration, source
device, and severity.
Current Alarms
The Current Alarms page displays all current alarms, including critical, major,
minor, and warning alarms.
Click an alarm. The alarm details then are displayed, including the alarm name,
site, device name, device IP address, device MAC address, alarm generation
time, alarm location information, and root cause.
Historical Alarms
After a current alarm is acknowledged, the alarm is archived in the historical
alarm list by default.
Alarm Masking Rule
You can set alarm masking rules to mask duplicate alarms.
Alarm Notification
An alarm notification mechanism can be set for critical alarms. The system then
prompts specific administrators by email when critical alarms are generated.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 32
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
3.1.3 Monitoring Dashboard
Customizing Dashboard Display
Information displayed on the homepage can be customized. You can also cancel
your previous customization.
You can customize information to be displayed in the dark-colored area, such as
the site status, packet loss rate of terminals, and application quality distribution.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 33
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
You can customize information to be displayed in the light-colored area, such as
the map, online trend of wireless users, cloud-managed device status, top 5
worst applications, top 5 worst links, top 5 applications with the heaviest traffic,
top 5 sites with the heaviest traffic, list of abnormal cloud-managed devices,
alarm information, task information, and site subscription information.
Terminal Monitoring
iMaster NCE-Campus can collect statistics on terminals associated with a site,
including the online duration, application traffic, and current online terminals. In
addition, iMaster NCE-Campus can display online terminal information of the last
seven days.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 34
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
3.1.4 Single-Site Device Monitoring
Viewing All Devices at a Site
Viewing Details About a Device at a Site
Single-device details: name, model, version, IP address, MAC address, ESN,
and online time of the device. Device indicator can blink for device locating,
devices can restart, and configurations can be delivered through the CLI.
Event logs: device login and logout logs.
Location: location of a device on the GIS map. You can set the location of a
device on the GIS map in the Device Management menu.
Issue: iMaster NCE-Campus provides an online fault locating tool to locate faults
of a single-site device. The fault locating methods are available: ping, trace,
radio ping, virtual cable detection, and neighbor signal detection.
Resource: iMaster NCE-Campus provides alerts for CPU and memory usage
exceptions. It can display the network speeds, number of connected terminals,
and list of all connected terminals in WLAN scenarios.
Fault alarm: current alarms that have not been processed by the device.
Entry query: Both APs and switches support MAC address, DHCP, and ARP
entries. Switches also support STP and routing entries.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 35
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
iMaster NCE-Campus can display radios, serial port cards, and network port
cards on APs.
Radio: includes details about the 2.4 GHz and 5 GHz radios, such as the
channel, bandwidth, power, noise strength, channel utilization, packet loss rate,
and retransmission rate.
Serial port card and network port card: information about cards installed on
the serial port and network port.
Disk File Management for a Single Device
The system software package may fail to be downloaded to upgrade a device
due to insufficient disk files. To resolve this issue, iMaster NCE-Campus provides
disk file management to clear unnecessary software packages and upgrade
packages.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 36
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
3.1.5 Site Monitoring
Radio
iMaster NCE-Campus displays all radio metrics of APs at a site, including the
channel utilization, interference rate, noise, packet loss rate, and retransmission
rate.
iMaster NCE-Campus displays the radio health trend at a site as well as KPI
changes of APs.
iMaster NCE-Campus displays a list of AP radios at a site.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 37
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
AC and Fit AP Monitoring
After ACs are registered with the iMaster NCE-Campus management platform,
administrators can remotely manage the ACs and APs deployed on the
enterprise network, implementing automated deployment, monitoring, and O&M
of wireless networks.
Monitoring capabilities:
Monitoring Navigation Description
Item Path
Radio WAC (Fit AP) Provides a GUI for radio monitoring to help
> Radio tenants and other network O&M personnel
evaluate the network quality.
Security WAC (Fit AP) Provide a GUI for attack detection and risky
> Security device detection to help network O&M
personnel of tenants promptly avoid network
security issues.
3.1.6 Statistics Analysis
Site Statistics Collection
iMaster NCE-Campus can collect statistics on service data at a site, such as Top
N terminals and Top N traffic volumes.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 38
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Terminal Statistics Collection
iMaster NCE-Campus can collect terminal statistics at a site.
Device Statistics Collection
iMaster NCE-Campus collects traffic statistics on terminals at a site, such as the
top N terminals with the heaviest traffic, total traffic volume, uplink traffic, and
downlink traffic.
iMaster NCE-Campus can also collect statistics on the network speeds, top N
terminals with the heaviest traffic, top N SSIDs with the most online users, and
top N authenticated users with the heaviest traffic.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 39
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Applications and Attacks
iMaster NCE-Campus can display protocol traffic, application traffic, and attack
statistics.
3.1.7 Terminal Behavior Analysis
Customer Flow Statistics Collection
iMaster NCE-Campus can collect customer flow statistics, including statistics on
online terminal changes and trends.
Customer Flow Analysis
iMaster NCE-Campus can collect and display terminal statistics from three
dimensions: customer flow identification, guest dwell duration, and regular guest.
Customer flow identification: The controller can collect and display statistics
on terminal connections and connection durations.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 40
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Passers-by: visitors who dwell for a short period of time. Guests: visitors who
dwell for more than 5 minutes but less than half an hour, and show certain
purchasing or consuming intention. Access users: visitors who access the
wireless network and purchase something.
Guest dwell duration: iMaster NCE-Campus collects statistics on guest dwell
durations and classifies the statistics into three parts: < 1 hour, ≥ 1 hour and ≤ 6
hours, and > 6 hours.
Regular guest: The controller collects statistics on Wi-Fi connections of new
and original terminals.
Statistical Item Statistical Index
Customer flow
Guest: A visitor that is detected for five consecutive minutes
identification within 1 hour is identified as a guest, indicating that the
visitor dwells for at least 5 minutes.
Passer-by: A user that is not detected for five consecutive
minutes within 1 hour is identified as a passer-by, indicating
that the user dwells for less than 5 minutes.
Access user: A user that has been associated with an AP or
has been authenticated is identified as an access user. An
access user can be either a guest or a passer-by.
Guest Percentage of guests to the total number of users.
percentage
Guest dwell Guest quantity distribution by time
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 41
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Statistical Item Statistical Index
duration
Average dwell Average guest dwell duration
duration
Regular guest
First visit: a visitor who has no visit record within half a year
Occasional visit: a visitor who has visit records within half a
year
Frequent visit: a visitor who visits the system for more than
seven days in the last month
Regular visit: a visitor who visits the system for more than 15
days in the last month
Repeated Ratio of visitors who accesses the system not for the first time
access ratio to the total number of visitors
3.1.8 Agile Report
iMaster NCE-Campus provides report capabilities for the WLAN network and
provides agile report capabilities for terminals. Agile reports are classified into four
types: alarm statistics, access permission statistics, basic service, and terminal
identification.
Alarm Statistics Collection
iMaster NCE-Campus can collect statistics on six types of information, including
Current Alarm-TOPN Alarm Source Table, Current Alarm-Total Alarm Source
Table, Current Alarm-Total Alarm Source Diagram, Total Alarm-TOPN Alarm
Source Diagram, Total Alarm-Total Alarm Source Table, Total Alarm-Total Alarm
Source Diagram
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 42
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
The Current Alarm-TOPN Alarm Source Table statistics report can be exported in
.xls or .pdf format.
Current Alarm-Total Alarm Source Table statistics chart
Access Permission Statistics Collection
iMaster NCE-Campus provides Radius authentication failure log statistics
and User Report.
Authentication Failure Log Statistics and Failure Cause Statistics are
displayed on the Radius authentication failure port page.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 43
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Online user report and Authen station report are displayed on the User
Report page.
Network Device Statistics Report
Device vendor statistics collection, such as Huawei
Device type statistics collection, such as switch and AP
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 44
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Device model percentage statistics collection, such as the percentage of S5735
or AP7052 at a site
Terminal Identification Report
Terminal identification statistics report of the last month
Terminal statistics report
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 45
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
3.1.9 File Management
The collected device diagnosis information or network fault information will be stored
on the file server of FusionInsight. Users can view, download, or delete such
information through iMaster NCE-Campus.
In addition, users can use iMaster NCE-Campus to manage device files and
download files smaller than 20 MB to a local directory.
The exported user, user group, and guest files are saved on iMaster NCE-Campus.
Users can export such files to a local directory through iMaster NCE-Campus.
3.1.10 Device PMI
Preventive maintenance inspection (PMI) can be performed over tenant devices
managed through NETCONF. The MSP administrator periodically checks the tenant
network and integrates Huawei's years of expertise in data communication network
PMI to detect and handle network, device, or service exceptions. After the PMI
completes, iMaster NCE-Campus generates a report in PDF format and sends the
report to a specified email address.
Contents of the PMI report
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 46
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
3.1.11 Device Upgrade
The system administrator, MSP administrator, or tenant administrator can use the file
upload tool to upload device software packages or patch files to the built-in file server
of iMaster NCE-Campus.
The upgrade file server can be provided by iMaster NCE-Campus or a third-party
SFTP server. iMaster NCE-Campus can synchronize upgrade patch files to a third-
party SFTP server.
A tenant administrator can customize an upgrade or downgrade policy to upgrade or
downgrade devices manually or automatically.
You can upgrade all devices or some devices at a time in either of the methods as
below:
By device model: All devices of the same model at a site are upgraded in a
batch.
By device name: All devices are displayed, and you can select the devices to
be upgraded.
The tenant administrator needs to create an upgrade task (upgrade policy). Devices
then are upgraded with the upgrade policy. The controller also displays the upgrade
process.
Creating an Upgrade Task
iMaster NCE-Campus provides device upgrade policies, including policies for
downloading upgrade files (device software packages or device patches) and device
restart policies.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 47
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
When an upgrade task is executed, iMaster NCE-Campus provides a dashboard to
display the task execution process.
3.1.12 New Function Notification
iMaster NCE-Campus will notify users every time a new function is added. As such,
users can learn about the new functions in real time and determine whether to enable
the new functions.
When the tenant administrator logs in to the controller next time, New Function
Push can be displayed.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 48
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
3.2 Intelligent O&M by CampusInsight
3.2.1 Dashboard
The quality evaluation system displays the overall experience quality evaluation
result of campus users based on the access success rate, access time consuming,
roaming, signal and interference, capacity, and throughput. CampusInsight can
analyze the distribution of metrics and objects in depth to clearly determine the
network quality. It can also provide comparison and analysis of different time and
areas and send quality evaluation reports in real time or periodically through emails,
helping administrators proactively optimize networks. As such, CampusInsight
continuously optimizes user experience.
3.2.2 Intelligent Radio Calibration
Based on historical big data, CampusInsight can identify high-load APs and edge
APs using the AI algorithm, drive devices to perform radio calibration based on big
data analytics results, and intuitively display all calibration records (intelligent radio
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 49
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
calibration and local device calibration) as well as calibration effects. As verified by
Tolly, intelligent radio calibration improves the average physical-layer bandwidth of
terminals by more than 50%, reduces the average interference rate by 49%, and
reduces the average channel utilization by 36%. In particular, the interference rate
and channel utilization are expected to be as low as possible. CampusInsight will
compare key network metrics before and after the calibration each time intelligent
radio calibration is performed. The key metrics include the average physical-layer
bandwidth of terminals, average interference rate, and average channel utilization. In
addition, CampusInsight displays the APs involved in each calibration as well as the
differences in channel, power, and frequency bandwidth for each AP before and after
the calibration.
3.2.3 Protocol Trace
With protocol trace enabled, CampusInsight can identify individual access faults in a
fine-tuned manner, display the user access process in three phases (association,
authentication, and DHCP), and display the protocol interaction result and duration
by session. If the interaction fails, the failure cause and rectification suggestions are
displayed, helping O&M personnel accurately determine whether the fault occurs in
the request or response phase and analyze the user access process in a refined
manner.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 50
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
3.2.4 Client Journey
Full-client journey experience visualization guarantees network experience for each
client at each moment. In addition, administrators can draw a profile of a client to
display basic client information, metric overview, connectivity issue distribution, and
experience trend. Administrators can draw the client journey based on the client
access history. By playing back the client journey on the network, administrators can
check client experience (who, when, which AP is connected, what is the experience,
and what issues occur) on a profound basis. This helps the administrators perceive
network experience from the client perspective.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 51
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
3.2.5 Proactive O&M
Powered by big data analytics and machine learning algorithms, CampusInsight can
automatically identify network issues in terms of connectivity, air interface
performance, and roaming, including typical network issues, such as authentication
failure, weak signal coverage, high interference, and non-5 GHz-prior access. In
addition, CampusInsight can display the overall network issue trends as well as
network issue distributions from different dimensions. As such, administrators can
view the issue status attribute (active/inactive) and number of affected clients,
facilitating the evaluation of issue timeliness and impact scope. Administrators can
also view details of a network issue, including the duration, activeness, distribution
trend, and impact scope of the issue, and infer the issue scenario based on the issue
knowledge base. In addition, CampusInsight can precisely identify the root cause and
provide rectification suggestions, implementing closed-loop network issue
management.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 52
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
4 Solution Design Highlights
Huawei is a leading IP network solutions and equipment provider. Huawei has
deployed IP networks that serve 1/3 of the world's population in more than 140
countries and regions. Huawei mobile office WLAN solution provides efficient,
consistent network experience and all-round network security in terms of high-
performance and high-reliability network backbone, high-coverage and high-load
wireless access, network security protection, and intelligent management. Based on
Huawei's years of ICT expertise, this solution will help enterprises build a best-in-
class, formidable mobile office WLAN that enables any terminal to get connected
anytime, anywhere in a convenient and secure manner.
To address new challenges and requirements of campus networks, Huawei has
developed a competitive WLAN solution in terms of the network infrastructure, WLAN
coverage, wired and wireless convergence, as well as operation, administration, and
maintenance (OAM). In a word, Huawei mobile office WLAN solution has eight
highlights:
Super capacity: gigabit speeds and beyond
In the fully-wireless era, bandwidth-hungry applications, such as HD video
conferencing, VR, AR, and VDI, are mushrooming. Huawei CloudCampus 2.0 is
ideal for meeting network requirements of such applications. It provides Gigabit-
wireless access for each user and ultra-long-distance PoE++ power supply for
IoT terminals, and enables connectivity of everything anytime, anywhere through
short-distance IoT protocols. These implement unified user management.
Intelligent experience: continuous self-organizing networking (CSON)
In the fully-wireless office and production era, experience determines efficiency.
Huawei CloudCampus 2.0 guarantees consistent network experience for key
users and applications anytime, anywhere. Huawei CloudCampus 2.0 enables a
cellular-like continuous network that can dynamically perceive key applications
to guarantee their network experience, intelligently detect terminal roaming to
ensure smooth roaming with no packet loss, and intelligently more the wireless
network coverage with users.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 53
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Autonomous driving: service provisioning and fault rectification in minutes
Huawei CloudCampus 2.0 enables faster service provisioning and automated
network deployment and configuration, and grants intuitive insights into
application and user experience. This is why Huawei CloudCampus 2.0 is ideal
for building a fully-wireless campus network. In addition, Huawei CloudCampus
2.0 provides enterprises with a simplified network management platform
spanning WLANs, LANs, and WANs, implementing automated network planning,
construction, O&M, and construction throughout the network lifecycle, as well as
service provisioning and fault rectification in minutes.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 54
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
5 Device Selection and Configuration
Suggestions
5.1 Product Overview
5.1.1 AirEngine 8760-X1-PRO
Huawei AirEngine 8760-X1-PRO is a next-generation flagship indoor access point
(AP) that complies with the Wi-Fi 6 (802.11ax) standard. This high-performance AP
supports flexible switching among three radio modes: dual-radio, triple-radio, and
dual-radio + one scanning radio, achieving a device speed of up to 10.75 Gbps. The
AP uses built-in smart antennas to move Wi-Fi signals with users, significantly
enhancing users' wireless network experience. The AP also provides 10GE
electrical/optical uplink ports. These strengths make the AirEngine 8760-X1-PRO
ideal for various scenarios, such as enterprise office, government, higher education,
and primary/secondary education.
Product features:
Flexible switching among three radio modes: dual-radio, triple-radio, and dual-
radio + one scanning radio, up to 16 spatial streams, achieving a device speed
of up to 10.75 Gbps
2 x 10GE electrical ports + 1 x 10GE SFP + port
Uplink/Downlink Orthogonal Frequency Division Multiple Access (UL/DL
OFDMA), reducing latency and improving network efficiency
Uplink/Downlink Multi-User Multiple-Input Multiple-Output (UL/DL MU-MIMO) on
both the 2.4 GHz and 5 GHz frequency bands, allowing an AP to transmit data to
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 55
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
and receive data from multiple terminals simultaneously and multiplying the
utilization of radio spectrum resources
Spatial multiplexing technology, minimizing co-channel interference
Built-in smart antennas that automatically adjust the coverage direction and
signal strength based on the intelligent switchover algorithm, providing accurate
and stable signal coverage as terminals move
Built-in independent scanning radio, achieving real-time detection for
interference and rogue devices and timely network optimization
High Density Boost technology (SmartRadio for air interface optimization and 5
GHz-prior access)
Automatic radio calibration
Smart Application Control (SAC)
Lossless roaming
WEP, WPA/WPA2-PSK, WPA3-SAE, WPA/WPA2-PPSK, WPA/WPA2/WPA3-
802.1X, and WAPI authentication/encryption modes, safeguarding wireless
networks
WIDS/WIPS
USB port for storage, external power supply, and IoT expansion
Built-in IoT slot, supporting IoT expansion such as BLE 5.0, ZigBee, RFID, and
Thread
Leader AP
Working modes: Fit, Fat, and cloud management
802.3at/bt compliance, simplifying device installation
5.1.2 AirEngine 8760R-X1 and AirEngine 8760R-X1E
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 56
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
AirEngine 8760R-X1 and AirEngine 8760R-X1E are Huawei's next-generation
flagship outdoor APs that support Wi-Fi 6 (802.11ax) and provide a speed of up to
10.75 Gbps. These outdoor APs stand out with excellent outdoor coverage
performance, IP68 waterproof and dustproof design, and strong surge protection
capability. The AirEngine 8760R-X1 uses built-in smart antennas to move Wi-Fi
signals with users, significantly enhancing users' wireless network experience. The
AirEngine 8760R-X1 and AirEngine 8760R-X1E provide 10GE optical/electrical uplink
ports, allowing customers to select different deployment modes. These strengths
make the APs ideal for high-density scenarios such as stadiums, squares, pedestrian
streets, and amusement parks.
Product features:
AirEngine 8760R-X1: flexible switching among three radio modes: long-distance
coverage, dual-radio, and dual-radio + one scanning radio, and a maximum of
16 spatial streams, achieving a device speed of up to 10.75 Gbps
AirEngine 8760R-X1E: flexible switching among three radio modes: long-
distance coverage, triple-radio, and dual-radio + one scanning radio, and a
maximum of 16 spatial streams, achieving a device speed of up to 10.75 Gbps
1 x 10GE electrical port + 1 x GE electrical port + 1 x 10GE optical port
UL/DL MU-MIMO on both the 2.4 GHz and 5 GHz frequency bands, allowing an
AP to transmit data to and receive data from multiple terminals simultaneously
and multiplying the utilization of radio spectrum resources
UL/DL OFDMA, reducing latency and improving network efficiency
Spatial multiplexing technology, minimizing co-channel interference
Industry's unique 8T8R at 2.4 GHz, improving the transmit performance,
increasing the receive gain, improving the coverage distance by 40% in outdoor
scenarios requiring wide coverage, and saving customer investment
6 kA/6 kV surge protection for Ethernet ports, IP68 waterproof and dustproof
design, and extended operating temperature range of –40°C to +65°C, meeting
industrial-grade requirements
AirEngine 8760R-X1: built-in smart antennas, providing precise coverage for
terminals, reducing interference, and improving signal quality
AirEngine 8760R-X1E: 5 kA surge protection for the external antenna port,
eliminating the need to install an external surge protector, simplifying installation,
and minimizing the overall cost
Built-in independent scanning radio, achieving real-time detection for
interference and rogue devices and timely network optimization
High Density Boost technology (SmartRadio for air interface optimization and 5
GHz-prior access)
Automatic radio calibration
SAC
WEP, WPA/WPA2-PSK, WPA3-SAE, WPA/WPA2-PPSK, WPA/WPA2/WPA3-
802.1X, and WAPI authentication/encryption modes, safeguarding wireless
networks
WIDS/WIPS
Working modes: Fit, Fat, and cloud management
802.3at/bt compliance, simplifying device installation
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 57
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
5.1.3 AP7060DN
Huawei AP7060DN is a next-generation 802.11ax AP with built-in omnidirectional
antennas, achieving a device speed of up to 5.95 Gbps. On the 2.4 GHz frequency
band, the AP supports 4x4 MIMO and four spatial streams, achieving a speed of 1.15
Gbps. On the 5 GHz frequency band, the AP supports 8x8 MIMO and eight spatial
streams, achieving a speed of 4.8 Gbps. With its 10GE uplink ports, the AP7060DN
can easily eliminate the uplink bandwidth bottleneck of common APs and delivers
industry-leading performance. The AP7060DN supports bandwidth-hungry services
such as VR/AR interactive teaching, HD video streaming, multimedia, and desktop
cloud, and provides high-quality wireless services for enterprises.
Product features:
Providing services simultaneously on both the 2.4 GHz and 5 GHz frequency
bands and a maximum of 12 spatial streams, at a speed of up to 1.15 Gbps at
2.4 GHz, 4.8 Gbps at 5 GHz, and 5.95 Gbps for the device
10GE uplink port that supports 100M/1000M/2.5G/5G auto-sensing
High Density Boost technology (SmartRadio for air interface optimization and 5
GHz-prior access)
Automatic radio calibration
SAC
Lossless roaming
WEP, WPA/WPA2-PSK, WPA3-SAE, WPA/WPA2-PPSK, WPA/WPA2/WPA3-
802.1X, and WAPI authentication/encryption modes, safeguarding wireless
networks
WIDS/WIPS
USB port for storage, external power supply, and IoT expansion
One IoT slot for connecting to an external IoT module such as a ZigBee or RFID
module, implementing short-distance, lower-power consumption IoT applications
Working modes: Fit, Fat, and cloud management
802.3at/bt compliance, simplifying device installation
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 58
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
5.1.4 AirEngine 6760-X1 and AirEngine 6760-X1E
Huawei AirEngine 6760-X1 and AirEngine 6760-X1E are indoor APs in compliance
with Wi-Fi 6 (802.11ax). These APs can simultaneously provide services on the 2.4
GHz (4x4 MIMO) and 5 GHz (6x6 MIMO) frequency bands, achieving a device speed
of up to 8.35 Gbps and even to 10.75 Gbps with an RTU license loaded. The
AirEngine 6760-X1 uses built-in smart antennas to move Wi-Fi signals with users,
significantly enhancing users' wireless network experience. The AirEngine 6760-X1
and AirEngine 6760-X1E provide 10GE optical/electrical uplink ports, allowing
customers to select different deployment modes and saving customers' investment.
These strengths make the APs ideal for scenarios such as enterprise office and
education.
Product features:
Dual-radio mode and up to 10 spatial streams, achieving a maximum device
speed of 8.35 Gbps. After an upgrade via an RTU license: flexible switching
among the dual-radio mode, triple-radio mode, and dual-radio + one scanning
radio mode and up to 12 spatial streams, achieving a maximum device speed of
10.75 Gbps
1 x 10GE electrical port + 1 x GE electrical port + 1 x 10GE SFP+ port
UL/DL MU-MIMO on both the 2.4 GHz and 5 GHz frequency bands, allowing an
AP to transmit data to and receive data from multiple terminals simultaneously
and multiplying the utilization of radio spectrum resources
UL/DL OFDMA, reducing latency and improving network efficiency
Spatial multiplexing technology, minimizing co-channel interference
AirEngine 6760-X1: built-in smart antennas that automatically adjust the
coverage direction and signal strength based on the intelligent switchover
algorithm, providing accurate and stable signal coverage as terminals move
AirEngine 6760-X1E: external antenna, facilitating adaptation to different
antennas based on application scenarios for better signal coverage
High Density Boost technology (SmartRadio for air interface optimization and 5
GHz-prior access)
Automatic radio calibration
SAC
WEP, WPA/WPA2-PSK, WPA3-SAE, WPA/WPA2-PPSK, WPA/WPA2/WPA3-
802.1X, and WAPI authentication/encryption modes, safeguarding wireless
networks
WIDS/WIPS
USB port for storage, external power supply, and IoT expansion
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 59
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Built-in IoT slot, supporting IoT expansion such as BLE 5.0, ZigBee, RFID, and
Thread
Leader AP
Working modes: Fit, Fat, and cloud management
802.3at/bt compliance, simplifying device installation
5.1.5 AirEngine 6760R-51 and AirEngine 6760R-51E
Huawei AirEngine 6760R-51 and AirEngine 6760R-51E are outdoor APs in
compliance with Wi-Fi 6 (802.11ax). These APs can simultaneously provide services
on the 2.4 GHz (4x4 MIMO) and 5 GHz (4x4 MIMO) frequency bands, achieving a
device speed of up to 5.95 Gbps. These outdoor APs stand out with excellent outdoor
coverage performance, IP68 waterproof and dustproof design, and strong surge
protection capability. The AirEngine 6760R-51 uses built-in smart antennas to move
Wi-Fi signals with users, significantly enhancing users' wireless network experience.
The AirEngine 6760R-51 and AirEngine 6760R-51E provide uplink optical and
electrical ports, allowing customers to select different deployment modes and saving
customers' investment. These strengths make Huawei's Wi-Fi 6 outdoor APs ideal for
high-density scenarios such as stadiums, squares, pedestrian streets, and
amusement parks.
Product features:
Providing services simultaneously on the two frequency bands, at a speed of up
to 1.15 Gbps at 2.4 GHz, 4.8 Gbps at 5 GHz, and 5.95 Gbps for the device
1 x 5GE electrical port + 1 x GE electrical port + 1 x 10GE optical port
UL/DL MU-MIMO on both the 2.4 GHz and 5 GHz frequency bands, allowing an
AP to transmit data to and receive data from multiple terminals simultaneously
and multiplying the utilization of radio spectrum resources
UL/DL OFDMA, reducing latency and improving network efficiency
Spatial multiplexing technology, minimizing co-channel interference
Extended temperature range of –40°C to +65°C with a metal shell and an overall
heat dissipation design, IP68 waterproof and dustproof design, and 6 kA/6 kV
surge protection for Ethernet ports, meeting industrial-grade requirements
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 60
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
AirEngine 6760R-51: built-in smart antennas, providing precise coverage for
terminals, reducing interference, and improving signal quality
AirEngine 6760R-51E: 5 kA surge protection for the external antenna port,
eliminating the need to install an external surge protector, simplifying installation,
and minimizing the overall cost
High Density Boost technology (SmartRadio for air interface optimization and 5
GHz-prior access)
Automatic radio calibration
SAC
WEP, WPA/WPA2-PSK, WPA3-SAE, WPA/WPA2-PPSK, WPA/WPA2/WPA3-
802.1X, and WAPI authentication/encryption modes, safeguarding wireless
networks
WIDS/WIPS
Working modes: Fit, Fat, and cloud management
802.3at/bt compliance, simplifying device installation
5.1.6 AirEngine 5760-51
Huawei AirEngine 5760-51 is a next-generation indoor AP that complies with the Wi-
Fi 6 (802.11ax) standard. It supports flexible switching between the dual-radio and
triple-radio modes, providing better adaptation to different customers and traffic
types. The AP achieves a device speed of up to 5.37 Gbps and even to 5.95 Gbps
with an RTU license loaded. The AP uses built-in smart antennas to move Wi-Fi
signals with users, significantly enhancing users' wireless network experience. These
strengths make the AirEngine 5760-51 ideal for various scenarios such as enterprise
offices, cafes, and leisure centers.
Product features:
Flexible switching between dual-radio and triple-radio modes and up to 6 spatial
streams, achieving a maximum device speed of 5.37 Gbps. After an upgrade via
an RTU license: flexible switching among the dual-radio mode, triple-radio mode,
and dual-radio + one scanning radio mode and up to 8 spatial streams,
achieving a maximum device speed of 5.95 Gbps
1 x 5GE electrical port + 1 x GE electrical port
UL/DL MU-MIMO on both the 2.4 GHz and 5 GHz frequency bands, allowing an
AP to transmit data to and receive data from multiple terminals simultaneously
and multiplying the utilization of radio spectrum resources
UL/DL OFDMA, reducing latency and improving network efficiency
Spatial multiplexing technology, minimizing co-channel interference
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 61
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Built-in smart antennas that automatically adjust the coverage direction and
signal strength based on the intelligent switchover algorithm, providing accurate
and stable signal coverage as terminals move
High Density Boost technology (SmartRadio for air interface optimization and 5
GHz-prior access)
Automatic radio calibration
SAC
WEP, WPA/WPA2-PSK, WPA3-SAE, WPA/WPA2-PPSK, WPA/WPA2/WPA3-
802.1X, and WAPI authentication/encryption modes, safeguarding wireless
networks
WIDS/WIPS
USB port for storage, external power supply, and IoT expansion
Built-in IoT slot, supporting IoT expansion such as BLE 5.0, ZigBee, RFID, and
Thread
Leader AP
Working modes: Fit, Fat, and cloud management
802.3at/bt compliance, simplifying device installation
5.1.7 AirEngine 5760-10
Huawei AirEngine 5760-10 is an AP in compliance with the Wi-Fi 6 (802.11ax)
standard. It supports 2x2 MIMO, provides services simultaneously on the 2.4 GHz
and 5 GHz frequency bands, and achieves a device speed of up to 1.774 Gbps. The
AirEngine 5760-10 has built-in smart antennas, supports 802.11n, 802.11ac, and
802.11ax, and provides gigabit access for terminals, significantly enhancing users'
wireless network experience. These strengths make it ideal for small and midsize
enterprises, airports and stations, sports mediums, cafes, and entertainment centers.
Product features:
2x2 MIMO and up to four spatial streams, achieving a device speed of up to
1.774 Gbps
1 x GE electrical port
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 62
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Built-in smart antennas that automatically adjust the coverage direction and
signal strength based on the intelligent switchover algorithm, providing accurate
and stable signal coverage as terminals move
High Density Boost technology (SmartRadio for air interface optimization and 5
GHz-prior access)
Automatic radio calibration
SAC
WEP, WPA/WPA2-PSK, WPA3-SAE, WPA/WPA2-PPSK, WPA/WPA2/WPA3-
802.1X, and WAPI authentication/encryption modes, safeguarding wireless
networks
WIDS/WIPS
USB port for external power supply, storage, and external IoT modules,
implementing flexible IoT application expansion
Working modes: Fit, Fat, and cloud management
802.3at compliance, simplifying device installation
5.1.8 AirEngine 5760-22W
Huawei AirEngine 5760-22W is a wall plate AP in compliance with the Wi-Fi 6
(802.11ax) standard. It can simultaneously provide services on 2.4 GHz (2x2 MIMO)
and 5 GHz (4x4 MIMO) frequency bands, achieving a device speed of up to 5.37
Gbps. With mounting brackets, the AP can be easily adapted to junction boxes
(86/118/120 mm) and wall-mounting scenarios. The AP uses built-in smart antennas
to move Wi-Fi signals with users, significantly enhancing users' wireless network
experience. The AP provides uplink optical and electrical ports, allowing customers to
select different deployment modes and saving customers' investment. These
strengths make AirEngine 5760-22W ideal for scenarios with high-density rooms
such as hotel guest rooms, dormitory rooms, and hospital wards.
Product features:
Dual-radio mode and up to six spatial streams, achieving a device speed of up to
5.37 Gbps
Uplink: 1 x 2.5GE electrical port + 1 x 10GE optical port; downlink: 4 x GE
electrical port + 2 x RJ45 passthrough port
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 63
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Various installation modes for easy deployment, including wall-mounting and
plate-mounting
PoE OUT, supplying power to terminals such as IP phones and external IoT
devices
UL/DL MU-MIMO on both the 2.4 GHz and 5 GHz frequency bands, allowing an
AP to transmit data to and receive data from multiple terminals simultaneously
and multiplying the utilization of radio spectrum resources
UL/DL OFDMA, reducing latency and improving network efficiency
Spatial multiplexing technology, minimizing co-channel interference
Built-in smart antennas that automatically adjust the coverage direction and
signal strength based on the intelligent switchover algorithm, providing accurate
and stable signal coverage as terminals move
High Density Boost technology (SmartRadio for air interface optimization and 5
GHz-prior access)
Automatic radio calibration
SAC
WEP, WPA/WPA2-PSK, WPA3-SAE, WPA/WPA2-PPSK, WPA/WPA2/WPA3-
802.1X, and WAPI authentication/encryption modes, safeguarding wireless
networks
WIDS/WIPS
USB port for storage, external power supply, and IoT expansion
USB port or PoE OUT port for connecting to an external IoT module such as a
Bluetooth, ZigBee, or RFID module, implementing short-distance, lower-power
consumption IoT applications
Working modes: Fit, Fat, and cloud management
802.3at/bt compliance, simplifying device installation
5.1.9 AirEngine 5760-22WD
Huawei AirEngine 5760-22WD is a remote unit (RU) in compliance with the Wi-Fi 6
(802.11ax) standard. It can simultaneously provide services on 2.4 GHz (2x2 MIMO)
and 5 GHz (4x4 MIMO) frequency bands, achieving a device speed of up to 5.37
Gbps. With mounting brackets, the RU can be easily adapted to junction boxes
(86/118/120 mm) and wall-mounting scenarios. The RU uses built-in smart antennas
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 64
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
to move Wi-Fi signals with users, significantly enhancing users' wireless network
experience. These highlights make the RU suitable for environments with densely
distributed rooms, such as hotel guest rooms, student dormitories, and hospital
wards.
Product features:
Dual-radio mode and up to six spatial streams, achieving a device speed of up to
5.37 Gbps
Uplink: 1 x 2.5GE electrical port + 1 x 10GE optical port; downlink: 4 x GE
electrical port + 2 x RJ45 passthrough port
Various installation modes for easy deployment, including wall-mounting and
plate-mounting
PoE OUT, supplying power to terminals such as IP phones and external IoT
devices
UL/DL MU-MIMO on both the 2.4 GHz and 5 GHz frequency bands, allowing an
AP to transmit data to and receive data from multiple terminals simultaneously
and multiplying the utilization of radio spectrum resources
UL/DL OFDMA, reducing latency and improving network efficiency
Spatial multiplexing technology, minimizing co-channel interference
Built-in smart antennas that automatically adjust the coverage direction and
signal strength based on the intelligent switchover algorithm, providing accurate
and stable signal coverage as terminals move
High Density Boost technology (SmartRadio for air interface optimization and 5
GHz-prior access)
SAC
WEP, WPA/WPA2-PSK, WPA3-SAE, WPA/WPA2-PPSK, WPA/WPA2/WPA3-
802.1X, and WAPI authentication/encryption modes, safeguarding wireless
networks
WIDS/WIPS
USB port for storage, external power supply, and IoT expansion
USB port or PoE OUT port for connecting to an external IoT module such as a
Bluetooth, ZigBee, or RFID module, implementing short-distance, lower-power
consumption IoT applications
Working with a central AP to support cloud-based management
802.3at/bt compliance, simplifying device installation
5.1.10 AirEngine 9700D-M
The AirEngine 9700D-M is a central AP launched by Huawei, and has four 10GE
uplink ports and twenty-four GE downlink ports. It can connect to a maximum of 48
RUs in compliance with Wi-Fi 6 through Ethernet cables to centrally process and
forward services. Such a wireless network built on the central AP and RUs can fully
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 65
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
utilize the RU throughput. Additionally, only one AP license is required, reducing
customer investment. The AirEngine 9700D-M can be deployed in an equipment
room, weak-current well, or corridor, and RUs are deployed in rooms. Such an
architecture is ideal for environments with high-density rooms and complex wall
structure, such as schools, hotels, hospitals, and office meeting rooms.
Product features:
Maximum number of managed RUs: 24; expanded to 48 through a switch
Connection to indoor RUs through network cables without wall penetration loss
and feeder loss, implementing high-quality signal coverage. The RUs can be
plate-mounted or wall-mounted.
Ultra-long-distance coverage of over 100 m
Ultra-large seamless roaming domain for smooth service switchover
Service holding upon link disconnection
Hierarchical processing technology, providing higher wireless forwarding
capability
Cloud-based management
5.1.11 AC6800V
The AC6800V is a high-end access controller (AC) for large enterprise campuses,
enterprise branches, and school campuses. Working with the Huawei-developed
server platform, the AC6800V can manage up to 10K APs and provide 60 Gbps
forwarding performance. It features high scalability and offers users considerable
flexibility in configuring the number of managed APs. When used with Huawei's full
series 802.11ax, 802.11ac, and 802.11n APs, the AC6800V delivers an adaptable
solution for large campus networks, enterprise office networks, wireless Metropolitan
Area Networks (MANs), and hotspot coverage networks.
Product features:
Capable of managing up to 10K APs, ideal for large and midsize campuses
6 x 10GE optical ports + 6 x GE electrical ports, achieving up to 60 Gbps
forwarding performance
SmartRadio for air interface optimization
Built-in Portal/AAA server to perform Portal/802.1X authentications for users,
protecting customer investment
Layer 4 to Layer 7 application identification, capable of identifying over 6000
applications; application-based policy control technologies, including traffic
blocking, traffic limiting, and priority adjustment policies
Dual redundant AC power supplies that are hot swappable
1+1 hot standby (HSB) and N+1 backup, ensuring service continuity
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 66
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Port backup based on the Link Aggregation Control Protocol (LACP) or Multiple
Spanning Tree Protocol (MSTP)
WAN authentication escape
Built-in visualized network management platform, implementing Health-centric
one-page monitoring, AP group-based profile configuration, and one-click
diagnosis
5.1.12 AC6805
The AC6805 is a high-end AC for large and midsize enterprise campuses, enterprise
branches, and school campuses. The AC6805 can manage up to 6K APs and provide
40 Gbps forwarding performance. It features high scalability and offers users
considerable flexibility in configuring the number of managed APs. When used with
Huawei's full series 802.11ax, 802.11ac, and 802.11n APs, the AC6805 delivers an
adaptable solution for large and midsize campus networks, enterprise office
networks, wireless MANs, and hotspot coverage networks.
Product features:
Capable of managing up to 6K APs, ideal for large and midsize campuses
Two 40GE optical ports (one 40GE port is mutually exclusive with four 10GE
ports), 12 10GE optical ports, and 12 GE electrical ports, providing up to 40
Gbps forwarding performance
SmartRadio for air interface optimization
Built-in Portal/AAA server to perform Portal/802.1X authentications for users,
protecting customer investment
Layer 4 to Layer 7 application identification, capable of identifying over 6000
applications; application-based policy control technologies, including traffic
blocking, traffic limiting, and priority adjustment policies
1+1 hot standby (HSB) and N+1 backup, ensuring service continuity
Port backup based on the Link Aggregation Control Protocol (LACP) or Multiple
Spanning Tree Protocol (MSTP)
WAN authentication escape
Built-in visualized network management platform, implementing Health-centric
one-page monitoring, AP group-based profile configuration, and one-click
diagnosis
5.1.13 AirEngine 9700-M
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 67
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
The AirEngine 9700-M is a high-specification AC for midsize and large enterprise
campuses, enterprise branches, and school campuses. The AirEngine 9700-M can
manage up to 2K APs and provides up to 120 Gbps forwarding performance. It
features high scalability and offers users considerable flexibility in configuring the
number of managed APs. When used with Huawei's full series 802.11ax, 802.11ac,
and 802.11n APs, the AirEngine 9700-M delivers an adaptable solution for medium
and large campus networks, enterprise office networks, wireless MANs, and hotspot
coverage networks.
Product features:
Capable of managing up to 2K APs, ideal for large and midsize campuses
Two 40GE optical ports (one 40GE port is mutually exclusive with four 10GE
ports), 12 10GE optical ports, and 16 GE electrical ports, providing up to 120
Gbps forwarding performance
SmartRadio for air interface optimization
Built-in Portal/AAA server to perform Portal/802.1X authentications for users,
protecting customer investment
Layer 4 to Layer 7 application identification, capable of identifying over 6000
applications; application-based policy control technologies, including traffic
blocking, traffic limiting, and priority adjustment policies
Dual redundant AC power supplies that are hot swappable
1+1 HSB and N+1 backup, ensuring service continuity
Port backup based on the LACP or MSTP
WAN authentication escape
Built-in visualized network management platform, implementing Health-centric
one-page monitoring, AP group-based profile configuration, and one-click
diagnosis
5.1.14 AC6508
The AC6508 is a small-capacity box AC for small and midsize enterprises. It can
manage up to 256 APs. In addition, it integrates the GE Ethernet switch function,
achieving integrated access for wired and wireless users. The AC6508 features high
scalability and offers users considerable flexibility in configuring the number of
managed APs. When used with Huawei's full series 802.11ax, 802.11ac, and 802.11n
APs, the AC6508 delivers an adaptable solution for small and midsize campus
networks, enterprise office networks, wireless MANs, and hotspot coverage
networks.
Product features:
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 68
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
Capable of managing up to 256 APs, ideal for large and midsize campuses
2 x 10GE optical ports + 10 x GE electrical ports, achieving up to 6 Gbps
forwarding performance
SmartRadio for air interface optimization
Built-in Portal/AAA server to perform Portal/802.1X authentications for users,
protecting customer investment
Layer 4 to Layer 7 application identification, capable of identifying over 6000
applications; application-based policy control technologies, including traffic
blocking, traffic limiting, and priority adjustment policies
1+1 HSB and N+1 backup, ensuring service continuity
Port backup based on the LACP or MSTP
WAN authentication escape
Built-in visualized network management platform, implementing Health-centric
one-page monitoring, AP group-based profile configuration, and one-click
diagnosis
5.1.15 CloudEngine S12700E
Product features:
Fully programmable architecture
Fully programmable architecture chip: When protocol evolution and technology
updates require changes of the forwarding process, the hardware does not need
to be replaced, and software updates are enough. As such, services can be
rapidly and flexibly provisioned, protecting customer investments.
Flagship performance
− Up to 57.6 Tbps device switching capacity, six times the industry average
− 288 x 100GE ports, industry-leading 100GE port density (Tolly-certified)
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 69
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
− Managing 10K APs and 50K concurrent users (the number of managed APs
is two times that of an independent AC)
Wired and wireless convergence
Built-in native AC: Eliminates the need to purchase additional ACs, can manage
up to 10,000 APs, and provides up to 4 Tbps forwarding performance, breaking
the processing performance bottleneck of the external AC and accelerating the
pace towards the high-speed, wireless era.
Flexible and reliable architecture
− Forwarding-control separation: Provides 99.999% or higher carrier-grade
service reliability, and enables on-demand SFU configuration as well as
flexible capacity expansion.
− Independent fan module design: Supports redundancy backup and intelligent
speed adjustment (a single fan module failure does not affect proper running
of the device).
Service experience guarantee
− 4 GB buffer: Ideal for coping with burst data traffic generated when a large
number of users access the network concurrently
− Industry-leading HQoS: Implements hierarchical scheduling over network-
wide data traffic on the core node, and provides differentiated services based
on users and applications to guarantee service quality of key users and
applications.
Precise network management
− iPCA: Measures network quality for any service flow at any time, detects
intermittent service interruptions in a short period of time, and accurately
locates faulty ports, implementing the future-proof transformation from
coarse-tuned O&M to fine-tuned O&M.
− SVF2.0: Virtualizes fixed switches into line cards of modular switches, APs
into ports of modular switches, and network architecture into a device,
simplifying device management.
− ZTP for access switches and APs: Access switches and APs can be deployed
in ZTP mode.
System openness
− NETCONF/YANG: Can be deployed to achieve automated configuration.
− Built-in open programmability system (OPS) based on the Python language
Interoperability competence
Interoperability with more than 10 proprietary protocols, more than 400 network
devices, and more than 30 authentication or network management systems from
mainstream vendors, facilitating smooth network upgrade.
Network-level reliability
− Link detection technologies (Eth-OAM and BFD) and link switching
technologies (G.8032, and SEP: Realize 50 ms E2E, hardware-based link
switching, and help build a campus network that quickly responds to topology
changes and provides the most reliable services.
− High-Speed Self Recovery (HSR): Innovatively implements 50 ms E2E
protection switching for IP MPLS transport networks, further improving
network reliability.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 70
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
5.1.16 CloudEngine S12700
Product features:
Fully programmable architecture
Fully programmable architecture chip: When protocol evolution and technology
updates require changes of the forwarding process, the hardware does not need
to be replaced, and software updates are enough. As such, services can be
rapidly and flexibly provisioned, protecting customer investments.
Flagship performance
− Up to 44.96 Tbps device switching capacity
− 96 x 100GE ports, industry-leading 100GE port density
− Managing 10K APs and 50K concurrent users (the number of managed APs
is two times that of an independent AC)
Wired and wireless convergence
Built-in native AC: Eliminates the need to purchase additional ACs, can manage
up to 10,000 APs, and provides up to 4 Tbps forwarding performance, breaking
the processing performance bottleneck of the external AC and accelerating the
pace towards the high-speed, wireless era.
Flexible and reliable architecture
− Forwarding-control separation: Provides 99.999% or higher carrier-grade
service reliability, and enables on-demand SFU configuration as well as
flexible capacity expansion.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 71
WLAN Technical Proposal 5 Device Selection and Configuration Suggestions
− Independent fan module design: Supports redundancy backup and intelligent
speed adjustment (a single fan module failure does not affect proper running
of the device).
Service experience guarantee
− 4 GB buffer: Ideal for coping with burst data traffic generated when a large
number of users access the network concurrently
− Industry-leading HQoS: Implements hierarchical scheduling over network-
wide data traffic on the core node, and provides differentiated services based
on users and applications to guarantee service quality of key users and
applications.
Precise network management
− iPCA: Measures network quality for any service flow at any time, detects
intermittent service interruptions in a short period of time, and accurately
locates faulty ports, implementing the future-proof transformation from
coarse-tuned O&M to fine-tuned O&M.
− SVF2.0: Virtualizes fixed switches into line cards of modular switches, APs
into ports of modular switches, and network architecture into a device,
simplifying device management.
− ZTP for access switches and APs: Access switches and APs can be deployed
in ZTP mode.
System openness
− NETCONF/YANG: Can be deployed to achieve automated configuration.
− Built-in open programmability system (OPS) based on the Python language
Interoperability competence
Interoperability with more than 10 proprietary protocols, more than 400 network
devices, and more than 30 authentication or network management systems from
mainstream vendors, facilitating smooth network upgrade.
Network-level reliability
− Link detection technologies (Eth-OAM and BFD) and link switching
technologies (G.8032, and SEP: Realize 50 ms E2E, hardware-based link
switching, and help build a campus network that quickly responds to topology
changes and provides the most reliable services.
− High-Speed Self Recovery (HSR): Innovatively implements 50 ms E2E
protection switching for IP MPLS transport networks, further improving
network reliability.
Issue 01 () Copyright © Huawei Technologies Co., Ltd. 72
You might also like
- Implementing and Administering Cisco Solutions (CCNA) v2.0: What You'll LearnNo ratings yetImplementing and Administering Cisco Solutions (CCNA) v2.0: What You'll Learn5 pages
- 3 Steps To Tuning A Cisco WLAN Controller From Default SettingsNo ratings yet3 Steps To Tuning A Cisco WLAN Controller From Default Settings19 pages
- The Restless Heart, No Rest Since BirthNo ratings yetThe Restless Heart, No Rest Since Birth11 pages
- Wireless LAN - WLAN: Mohamed Mokdad Ecole D'ingénieurs de BienneNo ratings yetWireless LAN - WLAN: Mohamed Mokdad Ecole D'ingénieurs de Bienne58 pages
- Fawad Ahmad-Senior Network & Security SpecialistNo ratings yetFawad Ahmad-Senior Network & Security Specialist5 pages
- H12-891 - V1.0-ENU HCIE-Datacom V1.0 Updated DumpsNo ratings yetH12-891 - V1.0-ENU HCIE-Datacom V1.0 Updated Dumps37 pages
- Cisco Unified Wireless Network Solution OverviewNo ratings yetCisco Unified Wireless Network Solution Overview20 pages
- AOS-CX Simulator Lab - Multicast PIM Dense Mode Lab GuideNo ratings yetAOS-CX Simulator Lab - Multicast PIM Dense Mode Lab Guide15 pages
- BRKEWN - Cisco - Live - Understanding RF Fundamentals-2017No ratings yetBRKEWN - Cisco - Live - Understanding RF Fundamentals-2017170 pages
- 06 - WLAN Survey Solution Design For Indoor and Outdoor Scenarios - IINo ratings yet06 - WLAN Survey Solution Design For Indoor and Outdoor Scenarios - II49 pages
- Deploying A Secure Wireless Lan: Day OneNo ratings yetDeploying A Secure Wireless Lan: Day One72 pages
- B Cisco APIC Layer 2 Configuration GuideNo ratings yetB Cisco APIC Layer 2 Configuration Guide256 pages
- Aruba - Practicetest.acma 6 1.v2013!07!23.by - DrummerkyleNo ratings yetAruba - Practicetest.acma 6 1.v2013!07!23.by - Drummerkyle16 pages
- 300-420 ENSLD Designing Cisco EnterpriseNo ratings yet300-420 ENSLD Designing Cisco Enterprise3 pages
- Deploying Ipv6 in Branch Networks: Last Updated: April 8, 2011No ratings yetDeploying Ipv6 in Branch Networks: Last Updated: April 8, 201140 pages
- Technical Note - How To Use BGP and SD-WAN For Advertising Routes and Path Selection in FortiGateNo ratings yetTechnical Note - How To Use BGP and SD-WAN For Advertising Routes and Path Selection in FortiGate13 pages
- How To Setup Cisco Meraki WiFi Access Point DevicesNo ratings yetHow To Setup Cisco Meraki WiFi Access Point Devices13 pages
- 2019 Virtualized CPE Services Have Finally Arrived Via Service Delivery PlatformsNo ratings yet2019 Virtualized CPE Services Have Finally Arrived Via Service Delivery Platforms34 pages
- 209 Arista Campus Architectures ATA 2024No ratings yet209 Arista Campus Architectures ATA 202471 pages
- Cisco DNA Center Assurance 1.3 - Instant DemoNo ratings yetCisco DNA Center Assurance 1.3 - Instant Demo33 pages
- IT NE 2005 LAB 4 - Securing Administrative Access Using AAA and RADIUS.No ratings yetIT NE 2005 LAB 4 - Securing Administrative Access Using AAA and RADIUS.16 pages
- Aruba Os Switch and Aruba Os CX Transceiver GuideNo ratings yetAruba Os Switch and Aruba Os CX Transceiver Guide62 pages
- Huawei CloudCampus Solution Design Guide For Small and Medium Sized Campus Networks ScenarioNo ratings yetHuawei CloudCampus Solution Design Guide For Small and Medium Sized Campus Networks Scenario169 pages
- SD-WAN V100R023C10 Solution Technology ProposalNo ratings yetSD-WAN V100R023C10 Solution Technology Proposal174 pages
- IP National Network Technical Proposal For XX ProjectNo ratings yetIP National Network Technical Proposal For XX Project58 pages
- Huawei AirEngine 5761-21 Access Point DatasheetNo ratings yetHuawei AirEngine 5761-21 Access Point Datasheet17 pages
- FY23H2 - PVT - DAY 1 - DNAC NetOps & AIOpsNo ratings yetFY23H2 - PVT - DAY 1 - DNAC NetOps & AIOps40 pages
- EUPoP-Solo and Bot Rules-1.2-Single PagesNo ratings yetEUPoP-Solo and Bot Rules-1.2-Single Pages16 pages
- Journal of Oral Health and Dentistry Research (ISSN: 2583-522X) Case Report The in Uence of The Pulp On The Periodontium: A ViewpointNo ratings yetJournal of Oral Health and Dentistry Research (ISSN: 2583-522X) Case Report The in Uence of The Pulp On The Periodontium: A Viewpoint11 pages
- H2S Drill Procedure - WJO & NDSC - English VersionNo ratings yetH2S Drill Procedure - WJO & NDSC - English Version1 page
- MODULE 9&10 F: E M A E M I T S C O L L E G E P H I L I P P I N E SNo ratings yetMODULE 9&10 F: E M A E M I T S C O L L E G E P H I L I P P I N E S12 pages
- Catatonia and ECT Across The Lifespan - 2024 - Schizophrenia ResearchNo ratings yetCatatonia and ECT Across The Lifespan - 2024 - Schizophrenia Research6 pages
- Advisory: Region11.Davaodelsur@Tesda - Gov.Ph, Ftbarretejr@Tesda - Gov.Ph. Dz4Oxerkpthbyig-Kddmfjhdt4Iefefkhy/Edit#Gid 0No ratings yetAdvisory: Region11.Davaodelsur@Tesda - Gov.Ph, Ftbarretejr@Tesda - Gov.Ph. Dz4Oxerkpthbyig-Kddmfjhdt4Iefefkhy/Edit#Gid 02 pages
- 2018-1 - Classifications in Brief Tonnis Classification of Hip OsteoarthritisNo ratings yet2018-1 - Classifications in Brief Tonnis Classification of Hip Osteoarthritis5 pages
