SlideShare a Scribd company logo

FortiWLC

A
Ahmed Hashem El Fiky

The document describes the features and configuration of FortiWLC, including: - FortiWLC provides features such as virtual cells, guest captive portal, automatic radio resource provisioning, and spectrum scanning. - It offers various product models to support networks of different sizes. - Basic configuration of FortiWLC involves steps like setting the country, hostname, passwords, IP address, and time zone. - The web UI is used to configure security profiles, ESS profiles, captive portal, and other advanced settings.

1 of 36
Download to read offline
FortiWLC 8.4.0 By Eng. Ahmed Hashem El Fiky Network Security Engineer Malware Analyst
Agenda • FortiWLC Features • FortiWLC Product Offering • FortiWLC Specifications • FortiWLC Configuration
FortiWLC Features • Virtual Cell • Virtual Cell minimizes the complex, time-consuming process of channel planning. • All the APs in a Virtual Cell, whether 10 or 500, are able to operate on the same radio channel, and they all share the same SSID (BSSID). This means that when a client scans for an SSID, it is only presented with 1 or 2 BSSIDs to choose from (typically, this would include one in the 5GHz range and one in the 2.4GHz range.) • Guest Captive Portal • Browser-based authentication for guest users is supported in FortiWLC via captive portal • Automatic Radio Resource Provisioning • this advanced feature continuously monitors the RF environment for interference, noise and signals from neighboring APs, enabling the FortiWLC to determine the optimal RF power levels for each AP on the network. When a new AP is provisioned, ARRP also ensures that it chooses the optimal channel, without administrator intervention.
FortiWLC Features Cont.. • Spectrum Scanning • acting as a software-based spectrum monitoring device, including graphical representations of Channel Availability, Channel Utilization, Spectrogram, Equalizer, and Persistence data. • Time-based ESS • you can schedule the availability of that ESS based on pre-defined time intervals. By adding a timer, you can control the availability of an ESS profile based on pre-defined times during a day or across multiple days. • Hitless Failover/Redundancy • Fortinet’s FortiWLC provides for hitless failover with N+1 redundancy. The optional N+1 redundancy software feature, when implemented, allows a standby N+1 controller in the same subnet to monitor and seamlessly failover more than one master controller, and are considered to be an N+1 cluster.
FortiWLC Features Cont.. • Band Steering • Band steering makes more efficient use of your available wireless network by sending clients to the bands where they are most efficiently served • Service Control • Fortinet’s Service Control feature is designed to allow clients in the enterprise network to access and communicate with devices that are advertising service via a protocol such as Bonjour. • Device Fingerprinting • Device fingerprinting allows collection of various attributes about a device connecting to the network managed by the FortiWLC. The collected attributes can fully or partially identify individual devices, including the client’s OS, device type, and browser being used.
FortiWLC Features Cont.. • Application Visibility • The FortiWLC allows for application visibility with Deep Packet Inspection. Administrators can set policies to monitor and/or block one or more types of application traffic. • Highly Scalable • No matter the size of your network, there’s a FortiWLC solution right for you, and should you need more than one controller, Fortinet’s Wireless Manager platform (FortiWLM) allows you to stack and manage multiple controllers with ease • Rogue AP Detection • Rogue access points pose a serious network security threat by creating a leakage point where sensitive data such as credit card information can be siphoned off the network. The FortiWLC continuously monitors for unknown APs and can suppress connections to any such APs found to prevent information transfer.
FortiWLC Product Offering
FortiWLC Specifications FortiWLC Specifications
FortiWLC Basic Configuration 1- you need a Fortinet Customer Support account. And install The file name is, forti-x.x-xbuild-0-x86_64.ova, where x.x-x is the release version number. 2- Run FortiWLC VM.
FortiWLC Basic Configuration Default Login: admin/admin And Enter “Setup”
FortiWLC Basic Configuration 1- Country setting
FortiWLC Basic Configuration 2- Hostname
FortiWLC Basic Configuration 3- Passwords for admins and guests
FortiWLC Basic Configuration 4- Dynamic IP address or a static IP address and netmask
FortiWLC Basic Configuration 5- DNS server names
FortiWLC Basic Configuration 6- Time zone and Network Time Protocol server 7- Reboot
FortiWLC Basic Configuration 8- Check Network Connectivity
FortiWLC Web UI Configuration
FortiWLC Web UI Configuration Cont..
FortiWLC Web UI Configuration Cont..
FortiWLC Web UI Configuration Cont..
FortiWLC Web UI Configuration Cont..
FortiWLC Web UI Configuration Cont..
FortiWLC Web UI Configuration Cont..
FortiWLC Web UI Configuration Cont..
FortiWLC Web UI Configure Security profile
FortiWLC Configure Security profile Cont..
FortiWLC Web UI Configuration ESS Profile
FortiWLC Configuration ESS Profile Cont..
FortiWLC Configuration ESS Profile Cont..
FortiWLC Configuration Captive Portal
FortiWLC Configuration Captive Portal Cont..
FortiWLC Configuration Captive Portal Cont..
FortiWLC Configuration Captive Portal Cont..
FortiWLC
FortiWLC

More Related Content

FortiWLC

  • 1. FortiWLC 8.4.0 By Eng. Ahmed Hashem El Fiky Network Security Engineer Malware Analyst
  • 2. Agenda • FortiWLC Features • FortiWLC Product Offering • FortiWLC Specifications • FortiWLC Configuration
  • 3. FortiWLC Features • Virtual Cell • Virtual Cell minimizes the complex, time-consuming process of channel planning. • All the APs in a Virtual Cell, whether 10 or 500, are able to operate on the same radio channel, and they all share the same SSID (BSSID). This means that when a client scans for an SSID, it is only presented with 1 or 2 BSSIDs to choose from (typically, this would include one in the 5GHz range and one in the 2.4GHz range.) • Guest Captive Portal • Browser-based authentication for guest users is supported in FortiWLC via captive portal • Automatic Radio Resource Provisioning • this advanced feature continuously monitors the RF environment for interference, noise and signals from neighboring APs, enabling the FortiWLC to determine the optimal RF power levels for each AP on the network. When a new AP is provisioned, ARRP also ensures that it chooses the optimal channel, without administrator intervention.
  • 4. FortiWLC Features Cont.. • Spectrum Scanning • acting as a software-based spectrum monitoring device, including graphical representations of Channel Availability, Channel Utilization, Spectrogram, Equalizer, and Persistence data. • Time-based ESS • you can schedule the availability of that ESS based on pre-defined time intervals. By adding a timer, you can control the availability of an ESS profile based on pre-defined times during a day or across multiple days. • Hitless Failover/Redundancy • Fortinet’s FortiWLC provides for hitless failover with N+1 redundancy. The optional N+1 redundancy software feature, when implemented, allows a standby N+1 controller in the same subnet to monitor and seamlessly failover more than one master controller, and are considered to be an N+1 cluster.
  • 5. FortiWLC Features Cont.. • Band Steering • Band steering makes more efficient use of your available wireless network by sending clients to the bands where they are most efficiently served • Service Control • Fortinet’s Service Control feature is designed to allow clients in the enterprise network to access and communicate with devices that are advertising service via a protocol such as Bonjour. • Device Fingerprinting • Device fingerprinting allows collection of various attributes about a device connecting to the network managed by the FortiWLC. The collected attributes can fully or partially identify individual devices, including the client’s OS, device type, and browser being used.
  • 6. FortiWLC Features Cont.. • Application Visibility • The FortiWLC allows for application visibility with Deep Packet Inspection. Administrators can set policies to monitor and/or block one or more types of application traffic. • Highly Scalable • No matter the size of your network, there’s a FortiWLC solution right for you, and should you need more than one controller, Fortinet’s Wireless Manager platform (FortiWLM) allows you to stack and manage multiple controllers with ease • Rogue AP Detection • Rogue access points pose a serious network security threat by creating a leakage point where sensitive data such as credit card information can be siphoned off the network. The FortiWLC continuously monitors for unknown APs and can suppress connections to any such APs found to prevent information transfer.
  • 9. FortiWLC Basic Configuration 1- you need a Fortinet Customer Support account. And install The file name is, forti-x.x-xbuild-0-x86_64.ova, where x.x-x is the release version number. 2- Run FortiWLC VM.
  • 10. FortiWLC Basic Configuration Default Login: admin/admin And Enter “Setup”
  • 13. FortiWLC Basic Configuration 3- Passwords for admins and guests
  • 14. FortiWLC Basic Configuration 4- Dynamic IP address or a static IP address and netmask
  • 16. FortiWLC Basic Configuration 6- Time zone and Network Time Protocol server 7- Reboot
  • 17. FortiWLC Basic Configuration 8- Check Network Connectivity
  • 18. FortiWLC Web UI Configuration
  • 19. FortiWLC Web UI Configuration Cont..
  • 20. FortiWLC Web UI Configuration Cont..
  • 21. FortiWLC Web UI Configuration Cont..
  • 22. FortiWLC Web UI Configuration Cont..
  • 23. FortiWLC Web UI Configuration Cont..
  • 24. FortiWLC Web UI Configuration Cont..
  • 25. FortiWLC Web UI Configuration Cont..
  • 26. FortiWLC Web UI Configure Security profile
  • 27. FortiWLC Configure Security profile Cont..
  • 28. FortiWLC Web UI Configuration ESS Profile
  • 29. FortiWLC Configuration ESS Profile Cont..
  • 30. FortiWLC Configuration ESS Profile Cont..