CLOUD NETWORK MANAGEMENT SYSTEM

iCon

A Product by HFCL Group

FEATURES OF CLOUD NETWORK MANAGEMENT SYSTEM

iCon cloud network management system (cNMS) provides centralized visibility and control over the entire wired and wireless
network, without the cost and complexity of wireless LAN controllers and element management systems. Integrated with the
entire 10 product portfolio, cNMS provides feature rich, scalable and intuitive centralized management for networks of any
size.

FUNCTIONALITIES
IO cNMS combines WLC and EMS functionalities on cloud
Virtual Machine (VM) based modular architecture makes it suitable for cloud deployments

FLEXIBILITY AND SCALABILITY

Easy portability on existing cloud infrastructure like AWS, Microsoft Azure, Google Cloud, etc.
Enables Plug-n-play deployments
Offers massive scalability with practically no limit on number of Access Points and clients supported
Optional integration with DHCP server, AAA server, Captive Portal, Security, Firewall and Big Data analytics tools

CLOUD SECURITY

Resource Level Security: All the servers are kept within a separate VPC (Virtual Private Cloud) enabling resource level security
Application Level Security: Use of latest stable cloud version ensures application level security
Cloud Compliance Certification: Every major cloud service provider is PCI DSS Level 1 and SOC 1/2/3 compliant

TARGET APPLICATIONS

Campus/HQ
Branch Office
Retail Store
Cloud Hosted
Telestore
Management

Cloud
Management
System

Management
Data

A Product by HFCL Group

 TECHNICAL SPECIFICATIONS

PARAMETERS DESCRIPTION

RF Management and Control Auto channel selection and optimization Management

Interference management User-based access control, Port mirroring
Adjusting Transmit Power of Beacon and Probe Response
Multiple SSIDs per Radio 16
Yes
Offline Syslog
Authentication Method Local, POP3, RADIUS, LDAP, Voucher,
Yes
USER-ID, OTP, and EAP-SIM
RF Management
WIDS/WIPS System Rogue AP detection and prevention Proactively identifies and mitigates signal interference
Prevention from MAC spoofing, Man-in-the- within 30 seconds for better performance
middle attack, denial of service attack and RF management can be done through: Country codes,
unauthorized associations manually setting transmit power, manually setting working
channel, automatically setting working channel,
Management Interface Web-based user interface
automatically adjusting transmission rate
Hotspot Features Built-in support for voucher-based Optimal bandwidth utilization with single multicast session
AP load balancing based on traffic and number of users
authentication
Continuously monitors nearby RF environment quality and
Built-in hotspot manager for voucher interference per radio and per channel
creation and guest management
Captive portal and access Captive portal feature for on-boarding clients
Customization of Captive portal to show
LAN
content and ads
802.1Q VLAN
Yes
ACL
SECURITY
Standard IP ACL, Extended IP ACL, MAC extended ACL
IPv4/v6
Web authentication, 802.1x authentication, MAC address authentication,
WAPI authentication SOFTWARE FEATURES
802.11
Smart Fault Management
Multiple SSIDs, SSID hiding, 802.11i-2004
Wireless AP, Ethernet and multi-technology network health
Security and Encryption monitoring
Authentication Compliance: PSK, WEP, WPA, WPA2, Event and fault management by notification which includes wired
WPA - Enterprise/Personal WPA2-Enterprise/Personal, port down, wireless port down, STA abnormal drop, AC master
EAP-TTLS/MSCHAPv2, PEAPv0/EAP-MSCHAPv2,PEAPv1/ EAP-GTC, backup switch, device online and offline, AP online user list, system
EAP-SIM, EAP-AKA, EAP-AKA Prime, EAP-Fast, Protected Management Frames CPU and memory alarms
WAPI, TKIP, CCMP, protection against ARP spoofing Instant alerts of degraded performance and faults
Supports IP/MAC binding via DHCP SNP, supports IP/MAC/WLAN Support for alarm filter, confirmation, clear, delete, etc.
binding via RADIUS server Alarm filtration options for displaying and sorting alarms based on
alarm sources, category, priority, time, etc.
De-authentication and null probe attack detection
Supports rogue AP detection and prevention
Smart Configuration Management
Encryption without deferring the performance Management and provisioning is centralized with an intuitive
AAA Graphical User Interface that visually displays all NIDs on the network
RADIUS client authentication server backup, ESS-based authentication Tasks can be characterized by either single command or scripts that
server selection, Binding of SSID and user account combine a sequence of commands to one compound task
Account and Inventory Management
WLAN One touch provisioning of newly installed NIDs for management
Maintains record of all the NE Resources that are installed in
Roaming
subnetwork
Roaming option for roaming across different Access Points
Forwarding Software Management
Local forwarding, Centralized forwarding, AP-based bandwidth Remote web-based management
control High availability is achieved with both server level redundancy and
database level redundancy
Wireless QoS
NE configuration settings can be backed up and restored on demand
User/SSID-based rate limit (granularity: 8Kbit/s), WMM (802.11e),
or at user defined periodic intervals
Wireless priority to wired priority projection
STA
User-based bandwidth limit

A Product by HFCL Group

 Performance Management Network Management
Performance management of NEs Wi-Fi Hotspot sites Topology generation of network elements to display connected
Load over NEs/Sites/Zones, number of active user connections, sessions, network devices, giving a complete view of the network without
session terminations, Access Point restarts, positioning events, access physically checking each device at remote sites
denied, online site usage monitoring, etc. Graphs are available on dashboard to check the status of all the network
Analysis of captured data and representation through graphs elements. Colored icons are used for Network Element showing their
alarm state, e.g. the red icon displays an alarm
Performance reports by different time cuts (hour, day, week, month, etc.)
Site-based graphical maps represent the topology of the managed
Option to export the reports in Excel, .csv format etc. network, organized in a hierarchical manner
Security Management Device status pooling feature
Daily management, operation, log, browsing, etc. functions for admin user Dynamic status, statistics and comprehensive configuration
Secure Northbound and Southbound interfaces information for managed devices
Access privilege profiles can be assigned and customized for each user
User activities are logged for future inspection

ORDERING INFORMATION
MODEL NUMBER PRODUCT DESCRIPTION
Email: [email protected]
iCon iCon Cloud Network Management System Website: www.hfcl.com
www.ionetworks.in
8, Commercial Complex, Masjid Moth
Greater Kailash-II, New Delhi-110048

A Product by HFCL Group