Communication channels allow you to create logical groupings of your Extreme Access Control appliance groups in order to segment data and limit network traffic between geographical or customer sensitive locations.
This is an advanced NAC Manager feature and is only appropriate in certain network scenarios. Here are two scenarios where using communication channels could be beneficial.
- A large enterprise with remote offices.
Sending unnecessary traffic over WAN resources can cause strain on the Extreme Management Center server and possibly increase data transmission costs. Communication channels allow you to limit network communications to each geographic location reducing the amount of data that is broadcast over the slower and more expensive WAN lines. - A Service Provider with multiple customers, clients, or organizations that do not share Extreme Access Control appliances.
In this scenario, each service provider customer has their own Extreme Access Control appliance groups, and the data from one customer's appliance groups must not cross to another customer's appliance groups. The appliances may be located on the customer site or in the service provider’s cloud. Communication channels can be created for each customer, to restrict data shared between customers and protect sensitive information.
Communication channels are not appropriate in scenarios where a service provider has multiple customer data located on the same appliance. In this type of scenario the Extreme Access Control appliance would need to be hosted in the cloud and physical access to the appliance would never be granted to the customer.
Communication channels are also not appropriate for large university networks where students and faculty move between different portions of the network, and thus move between Extreme Access Control appliances in different appliance groups. Because mobility is a requirement in this scenario, communication channels should not be implemented.
| NOTES: |
In order to enable this feature, both the Extreme Management Center server and all the Extreme Access Control appliances must be running Extreme Management Center version 4.4 or higher. This feature is not supported if there are any appliances on the network running older versions. When enabling communication channels on a network that also uses Application Analytics, the communication channels must also be configured in Application Analytics. For more information, please see the Enabling Extreme Access Control integration section of the Application Analytics Application Data Collection help topic. |
Configuring Communication Channels
Use the following steps in NAC Manager to configure communication channels for the appliance groups in your network. An appliance group can only have one communication channel, but multiple appliance groups can use the same communication channel.
- Open the NAC Manager Options window (Tools > Options).
- In the NAC Manager Advanced Settings options panel, select the Enable Communication Channels for Appliance Groups option.
- In the left panel tree, select an appliance group where you want to configure a communication channel. A communication channel configuration setting is displayed on the appliance group's right-panel Configuration tab. You can add new channels using the configuration menu button
to the right of the field. Any channels you create will be available for all appliance groups.
- After you have created your communication channels, use the drop-down menu to select the appropriate communication channel for the appliance group. When you first enable communication channels, appliance groups will be members of the Default channel until you change the selection.
- Repeat steps 3 and 4 to configure communication channels for all your appliance groups.
- Click the Enforce toolbar button to enforce the new settings to your appliance groups. The communication channels are not active until you perform the enforce.
- If you have enabled the Distributed End-Systems Cache option (Tools > Options > Advanced Settings), a new cache configuration must be reloaded on the Extreme Management Center server by pressing the Reload button in the options panel. This redistributes the end-system information to the new channels. The Reload operation may take some time and network communication may be temporarily disrupted.
Following the Enforce and Reload (if required), the traffic for each appliance group is restricted to its assigned communication channel. Disabling the Communication Channel option in the NAC Manager Options resets all channels for each appliance group back to Default.
For information on related windows:
