H3C Wireless LAN Controller WSG1812X-PWR Wireless Integrated Multi-Service Gateway
The H3C WSG1812X-PWR Wireless Integrated Multi-Service Gateway is well designed and positioned for SMB network. It features gateway, security and AC function integration, reducing the number of devices and TCO in network. It adopts the innovative Comware V7 platform (referred to as V7 hereafter). V7 comes with the standard granular user control management, comprehensive RF resource management, 7x24 wireless security control, fast layer-2 and layer-3 roaming, strong QoS and IPv4/IPv6 dual stack. V7 adds in various novel wireless technologies such as multi-core control plane, Bonjour and Hotspot 2.0. It also supports multiple network configurations such as cloud management. When paired with H3C SMB APs (See ordering information for details), it serves as an ideal access control solution for WLAN access of SMB network.
All Inclusive AP License
The WSG1812X-PWR Wireless Integrated Multi-Service Gateway includes AP license as following by default, which protects customer’s investment to maximum, which also give SMB/SME a great opportunity to add new AP with the wireless network expansion without additional cost. The number of licenses is up to 64, and 32 licenses are built-in by default. Which means WSG1812X-PWR can manage 32 ordinary AP or 64 wall-plate AP by default. Need to purchase extra license to enlarge the ordinary AP number. (Version supported since WSG1800X-CMW710-E5623)
| model | AP license by default |
| WSG1812X-PWR | 32 |
| AC Model | Max AP Qty. | License |
| WA6120/WA6126/WA6120X | WA6120H | Default | Add-on |
| WX1812X-PWR | 64 | 0 | 32 | 32 |
| 0 | 64 | 32 | 0 |
| 32 | 32 | 32 | 16 |
All-in-one Gateway
The WSG1812X-PWR Wireless Integrated Multi-Service Gateway integrates PoE, gateway, security and AC function in one box, which is perfect for SOHO, SMB and SME environment. WSG1812X-PWR supports full enterprise controller feature sets, in addition, WSG1812X-PWR supports gateway function, such as PPPOE, NAT, dynamic IP address, and static IP address setting function.
Embedded PoE+ Capability
The WSG1812X-PWR all LAN ports support 802.3af/802.3at PoE function, which saves TCO to customer’s existing environment and reduce the single points of failure at the same time. Single port can provide maximum 30W (150W in total of whole machine) providing power to connected devices, such as IP phones, wireless APs, and high-power cameras.
802.11ax AP Management
In addition to 802.11a/b/g/ac AP management, the WSG1812X-PWR can work together with H3C 802.11ax based SMB APs (See ordering information for details) to provide wireless access speed several times faster than a traditional 802.11a/b/g/ac/ network.
Flexible Forwarding Modes
In a wireless network of centralized forwarding mode, all wireless traffic is sent to an AC for processing which the forwarding capability of the AC may become a bottleneck. Especially on wireless networks where APs are deployed at branches, ACs are deployed at the headquarters, and APs and ACs are connected over a WAN. In this scenario, Distributed forwarding is more suitable. The WSG1812X-PWR supports both distributed forwarding modes and centralized forwarding mode and it can set SSID based forwarding as needed.
Smart Roaming Features
Supports intra-AC roaming, cross-AC roaming, and cross-VLAN Layer 3 roaming
Portal roaming information synchronization function: AC and AP support Portal users' non-perceived roaming between ACs on a large-scale network, without the Portal mac-trigger server. The wireless controller can independently assume the mac-trigger server function. This reduces the pressure on the portal server and prevents the portal server from becoming a performance bottleneck. When the Portal server is done, the online terminal can still roam without authentication between no less than 10 wireless controllers.
802.1X roaming information synchronization function: AC and AP support 802.1X users for fast roaming between ACs on a large-scale network. Support dot1x authentication for fast roaming between ACs. Terminals do not need to do authentication again after roaming to a new AC. Alleviate server pressure and ensure fast access of terminals, and support fast roaming between more than 10 ACs.
Support 802.11k/v/r fast roaming protocols
Intelligent Channel Switching
In a WLAN, adjacent wireless APs should work in different channels to avoid channel interference. However, channels are very rare resources for a WLAN. There are a small number of non-overlapping channels for APs. For example, there are only three non-overlapping channels for the 2.4GHz network. Therefore, the key to wireless applications is how to allocate channels for APs intelligently
Meanwhile, there are many possible interference sources that can affect the normal operation of APs in a WLAN, such as rogue APs, radars and microwave ovens. The intelligent channel switching technique can ensure the allocation of an optimal channel to each AP, thereby minimizing adjacent channel interference. Besides, the real-time interference detection function can help keep APs away from interference sources such as radars and microwave ovens
Intelligent AP Load Sharing
According to IEEE 802.11, wireless clients control wireless roaming in WLANs. Usually, a wireless client chooses an AP based on the Received Signal Strength Indication (RSSI). Therefore, many clients may choose the same AP with a high RSSI. As these clients share the same wireless medium, the throughput of each client is reduced greatly.
The intelligent AP load sharing function can analyze the locations of wireless clients in real time, dynamically determine which APs at the current location can share load with one another, and implement load sharing among these APs. In addition to load sharing based on the number of online sessions, the system also supports load sharing based on the traffic of online wireless users
Support SSID automatic hiding function based on radio resource utilization. When the radio resource reaches or exceeds the configured threshold, the SSID automatically hides to provide users with stable and reliable wireless services.
Layer 4-7 Deep Packet Inspection
The WSG1812X-PWR can identify variety of applications and policy control can be implemented including priority adjustment, scheduling, blocking, and rate limiting to ensure efficient bandwidth resource and improve the network quality.
Layer 7 Wireless Intrusion Detection and Prevention Systems (WIDS / WIPS)
The WSG1812X-PWR supports the blacklist, whitelist, rogue device defense, bad packet detection, illegal user removal, upgradeable Signature MAC layer attack detection (DoS attack, Flood attack or man-in-the-middle attack) and counter measures
With the built-in knowledge base in WSG1812X-PWR, you can perform timely and accurate wireless security decisions. For determined attack sources such as rogue AP or terminals, you can perform visible physical location monitoring and switch physical port removing
With H3C firewall/IPS device, network infrastructure can also implement layer 7 security defense in wireless campus, covering wired (802.11) and wireless (802.3) secure connections on an end-to-end basis
Comprehensive Network Security Protection Capabilities
The rich feature library can complete the detection of popular viruses. It supports anti-virus to botnets, Trojans, and worms. It can identify 1500+ high-profile applications. With rich attack prevention technology, it can support both IPv4 and IPv6. It can provide effective protection against the following attacks:
1) Abnormal packet attacks (such as illegal TCP packet flags, Land, smurf, WinNuke, Ping of Death, Large ICMP Traffic/Tiny Fragment, etc.);
2) Address spoofing attacks (such as IP address attacks, port attacks, etc.);
3) Abnormal traffic attacks (such as Ack Flood, DNS Flood, Fin Flood, HTTP Flood, HTTPS Flood,ICMP Flood, ICMPV6 Flood, SYNACK Flood, SYN Flood, UDP Flood, etc.);
Security zone—Allows you to configure security zones based on interfaces and VLANs.
Packet filtering—Allows you to apply standard or advanced ACLs between security zones to filter packets based on information contained in the packets, such as UDP and TCP port numbers. You can also configure time ranges during which packet filtering will be performed.
Access control—Supports access control based on users and applications and integrates deep intrusion prevention with access control.
ASPF—Dynamically determines whether to forward or drop a packet by checking its application layer protocol information and state. ASPF supports inspecting FTP, HTTP, SMTP, RTSP, and other TCP/UDP-based application layer protocols.
AAA—Supports authentication based on RADIUS/HWTACACS+, CHAP, and PAP.
Blacklist—Supports static blacklist and dynamic blacklist.
NAT and VRF-aware NAT.
Security logs—Supports operation logs, zone pair policy matching logs, attack protection logs, DS-LITE logs, and NAT444 logs.
Routing—Supports static routing, RIP, OSPF, BGP, routing policies, and application- and URL-based policy-based routing.
Traffic monitoring, statistics, and management.
Next-generation multi-service features
Integrated link load balancing feature—Uses link state inspection and link busy detection technologies, and applies to a network egress to balance traffic among links.
Integrated SSL VPN feature—providing secure access of mobile users to the enterprise network.
Flexible and extensible, integrated and advanced DPI security
Integrated security service processing platform—Highly integrates the basic and advanced security protection measures to a security platform.
Application layer traffic identification and management.Uses the state machine and traffic exchange inspection technologies to detect traffic of P2P, IM, network game, stock, network video, and network multi-media applications. It Uses the deep inspection technology to identify P2P traffic precisely and provides multiple policies to control and manage the P2P traffic flexibly.
Categorized filtering of massive URLs—uses the local+cloud mode to provide basic URL filtering blacklist and whitelist and allows you to query the URL category filtering server on line.
Complete and updated security signature database—H3C has a senior signature database team and professional attack protection labs that can provide a precise and up-to-date signature database.
Hardware Specifications
| Item | WSG1812X-PWR |
| Dimensions (WxDxH) | 440*220*43.6mm |
| Weight | 2.9kg |
| Wireless throughput | 4Gbps |
| Port | LAN:2*SFP Plus + 12*PoE+ WAN:2 GE + 1*USB |
| Power supplies | 100V AC~240V AC:50/60Hz |
| Operating and storage temperature | 0℃~45℃/-40℃~70℃ |
| Operating and storage relative humidity | 5%~95% |
| Safety Compliance | UL 60950-1 CAN/CSA C22.2 No 60950-1 IEC 60950-1 EN 60950-1/A11 AS/NZS 60950 EN 60825-1 EN 60825-2 EN60601-1-2 FDA 21 CFR Subchapter J |
| EMC | ETSI EN 300 386 V1.3.3:2005 EN 55024: 1998+ A1: 2001 + A2: 2003 EN 55022 :2006 VCCI V-3:2007 ICES-003:2004 EN 61000-3-2:2000+A1:2001+A2:2005 EN 61000-3-3:1995+A1:2001+A2:2005 AS/NZS CISPR 22:2004 FCC PART 15:2005 GB 9254:1998 GB/T 17618:1998 |
| MTBF | ≥50000hours |
