NXC 5500 specification confirmation

Fahrenheit89
Fahrenheit89 Posts: 4
edited May 21 in Wireless
Hello, we will use 200 access points in our construction. We cannot use nebula due to regulations. It will be a build onpremises using the Controller. I am looking for answers to the following questions with this information.


Answer 1: Access points must work in tunneled mode with the controller. How many access points can be connected simultaneously in NXC5500 model in tunneled mode.

Answer 2: What would be the strongest available security policy when access points are tunneled with the controller? What would be the most secure type of encryption?

Answer 3: Does the NXC 5500 have wireless intrusion prevention (WIPS) ?

Answer 4: can it be run as an active-active redundancy by putting multiple NXC5500 in one cluster?

Answer 5: I want to take an access point to my house and set up an L2 tunnel over ADSL to the controller at my company.

All Replies

  • Zyxel_Bella
    Zyxel_Bella Posts: 526  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch 50 Answers

    Hi @Fahrenheit89

     

    Welcome to Zyxel community!

    We’d like know if you already have NXC5500 in hand or we’ll suggest our Security gateway product such as VPN1000/ATP800/USG FLEX 700 which has AP controller capability and is more suitable for you. Below information for your reference:

     

    1.      VPN1000 can manage up to 1032 AP units and tunnel mode maximum number is 258. ATP800/USG FLEX 700 can manage up to 520 AP units but tunnel mode amount only 130.

    2.      If you’re talking about the security method of wireless authentication, our APs support 802.1X WPA3-Enterprise.

    3.      Although we don’t have WIPS but since all traffic will back to wired, we have IPS feature on ATP and USG FLEX series.

    4.      Zyxel Security gateway product is using active/standby mode.

    5.      The scenario is very recommended for using the Remote AP function. Of course, the Security gateway can setup L2 tunnel.

     

    NXC5500 can’t meet your 3-5 items, kindly tell us your applications and we’ll help find out the best practice for you.

     

    Hope the information helps you.

    Thank you

     

    Regards,

    Bella

     


  • Zyxel_Bella, thank you for the replies.

    if i use 400 tunnel mode access points on campus. I do not have the possibility to manage them in a single cluster, I will be able to manage with two independent clusters. have I got it right?
  • Zyxel_Bella
    Zyxel_Bella Posts: 526  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch 50 Answers
    Hi @Fahrenheit89

    Yes, according to spec, it is.
    But in real practice, we don't suggest using that many tunnel numbers because performance will not be good.

    May we know what is the purpose you have to tunnel all traffic to the controller?

    Thank you

    Regards,
    Bella





  • Zyxel_Bella, thank you for the replies.

    if i use 400 tunnel mode access points on campus. I do not have the possibility to manage them in a single cluster, I will be able to manage with two independent clusters. have I got it right?
  • Zyxel_Bella
    Zyxel_Bella Posts: 526  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch 50 Answers
    Hi @Fahrenheit89


    Yes, at least require two VPN1000 to deploy your scenario.


    Bella
  • Hello Bella,

    Thank you very much for the answers.

    We will use at least 512 access points. We want to use these access points in the following ways. We were told we could do it with the USG 2200. Can the following features be used with the USG2200? If not, what solution or device would you recommend?

    A- The cloud solution Nebula will not be used. Internal management will be provided.

    B- We will buy two devices to manage the access points in a redundant manner. That way, we expect redundancy.

    C- Access points must be tunneled to both devices at the same time. If one of the devices is faulty, the access points should be able to continue working on the second device without any interruption.

    D- WIPS feature should be used.

    E- At least 512 access points must operate in a tunneled state.

    F- Devices must work in the same cluster. Then, the access point capacity of the cluster should be increased by adding devices.

    G- 1024 APs should be managed in a single AP group.
  • Zyxel_Bella
    Zyxel_Bella Posts: 526  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch 50 Answers

    Hi @Fahrenheit89

     

    We would like to understand your project through directly contact with you. And provide you with the best solution for your scenario, please confirm the information we need in the PM box, do not hesitate to tell us, thank you

     

    Regards,

    Bella