Wireless LAN Access Points: Wireless access points must meet the flowing minimum requirements: 1. Support the ETSI regulatory domain. 2. Have both 5GHz and 2.4 GHz radios to support both IEEE 802.11b/g/n and 802.11a/n standards simultaneously. 3. Certified by the Wi-Fi Alliance as IEEE802.11n compliant. 4. The access point radios in 2.4 and 5-GHz must be able to scan the operating channels for interference (both WiFi and non-WiFi) while simultaneously serving clients with no CPU or performance impact. 5. Remembers persistent interference and avoids placing the AP back on the same channel. 6. Ability to detect off-channel and inverted rogue exploits. 7. Ability to detect and locate WiFi jammers for 2.4 and 5 GHz. 8. Include high-resolution spectral analyzer with resolution of as low as 156 kHz. 9. Ability to correlate interference events across APs. 10. Ability to locate interferences on a floor map automatically displaying the zone of impact. 11. Support 4x4 MIMO with three spatial streams per radio (both 5 and 2.4 GHz.). 12. Support open IETF communication standard between Controllers and APs. 13. Support dual band antennas. 14. Support data rates up to 450 Mbps. 15. The APs must support 11n indoor mesh. 16. The APs should allow client connectivity while also providing full wireless IPS (wIPS) and RF monitoring capabilities with little or no performance degradation to user traffic. 17. Ability to identify and classify Rogue Access points and detect whether they are connected to the network. 18. Identify and shut down unauthorized ad-hoc (peer-to-peer) networks. 19. The system should provide automatic MTU discovery between the APs and the controller in a remote location. 20. The AP must support dynamic VLAN assignment to a client-based authentication, through RADIUS attributes. 21. The solution should support grouping of APs into zones, across multiple controllers, for administration. 22. The wireless vendor shall have a framework for interoperability testing between the wireless clients and the infrastructure to ensure the widespread availability of client devices and take advantage of innovations for enhanced security, mobility, quality of service and network management. 23. The APs shall provide fast roaming for data and voice clients. There will be no deterioration of voice for clients roaming from one AP to another, roaming from one controller to another (Layer 2 or Layer 3). 24. Support redundancy by associating to secondary and tertiary controllers in case of primary controller failure. Failback to primary controller once it’s up. 25. The controller and the AP must support a strong mutual authentication mechanism during the join process. 26. The AP must include physical security lock options. 27. The AP must support implicit beam-forming to 11a/g/n clients requiring no special support or supplicant on them, hence it should work with all 802.11a/g/n clients. 28. APs must support the ability to convert multicast traffic into unicast and only deliver it to clients requesting it. No conversion on the controller should occur as it’ll be inefficient to the network. 29. The APs shall have call admission control capabilities for both voice and video traffic. Maximum load and bandwidth for voice and video traffic should be a configurable parameter. 30. APs must be provisioned with locally significant X.509 digital certificates for a secure PKI deployment. 31. APs must include built-in hardware encryption acceleration to help prevent performance degradation when traffic is being encrypted. 32. Indoor access points with external antenna should have both 5GHz and 2.4 GHz radios to support both IEEE 802.11b/g/n and 802.11a/n standards simultaneously and both radios should have the flexible choice of antennas to cater for the different site requirements. Wireless LAN Controllers: 1. Must support at least 1000 access points per controller. 2. AES encrypted throughput of at least 16 Gbps per controller. 3. Maximum AP-to-controller oversubscription of 10:1 assuming all supported access points’ throughput is 200Mbps each. 4. Must support at least 1000 clients per controller. 5. Support open standard between Controllers and APs to carry both data and control traffic. Proprietary communications protocols are not accepted. 6. Ability to make use of QoS prioritization starting from access point. 7. Provide distributed 802.11i encryption involving the access points to take part of the process. 8. Ability to handle 1000 simultaneous access point joins and access point image downloads. 9. Must support IEEE 802.11u amendment (HotSpot 2.0). 10. Must provide the following features: a. Data link layer (Layer 2) encryption algorithms such as AES-CBC-256. b. SIP voice management (e.g. Call quality tracking, Call admission control). c. Rogue AP detection, classification, location and automatic containment. 11. Support advanced Radio Frequency Management features including (but not limited to): a. Assign RF channels dynamically. b. Detect and avoid Interference and Noise. c. Detect and correct coverage holes. d. Perform automatic load balancing of users across multiple access points. e. Control output power dynamically. 12. Ability to assign different RF profiles to different AP groups under the same controller (including the selection of data rates). 13. Support controller auto-provisioning, where the controller can get its configuration from the management system during boot-up 14. Support storing boot-up configuration in ASCII XML format. 15. DHCP Option 82 information in ASCII format. 16. Support running both IPv4 and IPv6 on the same WLAN. 17. Support RFC 2869. 18. Support seamless layer 2 and layer 3 roaming for both dual stack and IPv6 only clients. 19. IPv6 First-hop security features, including RA Guard, Source Guard, DHCPv6 Server guard and IPv6 Access Control List 20. Supports visibility and control of workgroup bridges. 21. Assign stream prioritization to any stream at up to 8 priority levels 22. Support ethernet over ip (EoIP) between controllers for SSID/VLAN forwarding 23. Allow different priorities be set for different access points, so that in the case of a controller failure, a higher priority AP can disjoin a lower priority AP off another controller that is full. 24. Support IGMP snooping (Internet Group Management Protocol) with both L2 and L3 roaming. 25. For SIP based Wireless IP Phones, the wireless network must detect call establishment, termination and failure to provide reports of usage and failures in the wireless management. 26. Ability to push new software to APs while they’re operating, resulting in reduced downtime. WLAN Management: The management solution of the WLAN should be able to be a professional easy to use tool that will help manage the network across different remote sites in a scalable manner. The management solution must manage all access points and controllers. It must be able to meet all the following minimum requirements: 1. Monitor and troubleshoot wireless and wired users. 2. Ability to troubleshoot both wired and wireless users using a single dashboard. 3. Troubleshooting a client shall provide a suggested fix action. 4. Provide a WLAN design and planning tool that helps in creating a WLAN detailed design even before visiting the site. 5. Provide network monitoring and troubleshooting by visualizing the coverage on the layout of the building. 6. Ability to provide enhanced security functionality including customizable attack signatures files, rouge locations and containment. 7. Ability to configure controller ACL’s 8. Includes a radio resource management dashboard displaying access points with most channel changes, access points running at maximum power, access points with coverage of whole events and top channel change reasons. 9. Must provide the following features: a. Automatically detect and locate unauthorized access points. b. Automatically generates a map of the RF environment and the underlying wired topology. 10. Ability to configure local EAP server. 11. Ability to configure Telnet and SSH. 12. IPv6 addresses visibility on a per client basis, system-wide IP version distribution and trends. 13. Support access point configuration template and template scheduling. 14. Provide security index, attack encyclopedia and forensics. 15. Ability to import all the planning and site survey data collected from 3rd party software. 16. Ability to centrally design, monitor, software upgrade, control and troubleshoot 802.11a/b/g/n access points and controllers. 17. WLAN planning and design, RF management, location tracking, intrusion protection systems. 18. Ability to manage several controllers and software versions at the same time. 19. Virtual domains, where different administrators can be given different authorization levels for each controller or AP: administrative groups manage different geographical areas of the network, such as multiple buildings. Geographical areas, such as buildings, shall be divided and managed by different groups. 20. AP Power saving, where the management system can be set to turn off access points at periodically configured times. 21. Configuration auditing of controllers to verify that it matches configuration contained on the management system. 22. Provide voice configuration audit and voice traffic steam metrics. 23. Detect and disable the access Ethernet port of a rogue access points. 24. Should support an out-of-band/non-IP channel with clients for diagnostics and troubleshooting. 25. Detailed trend and analysis reports for WLAN operations. 26. Include an embedded database. 27. Integrated RF planning tool including access point placement, configuration and coverage estimates. 28. Ability to detect non-Wi-Fi interferences. 29. Ability to detect coverage holes and adjust power of the access points accordingly. 30. Dynamic power control of the access points. 31. Client troubleshooting to display specific wireless client problems and the suggested actions to resolve these problems. 32. Provide secure guest access. 33. Ability to provide an assessment of the readiness for VoWLAN deployment or 802.11n networks. 34. Ability to provide voice troubleshooting. 35. Ability to change WLAN parameters to allow both data and voice to run on the wireless network without any voice degradation. 36. Ability to create virtual LAN (VLAN), RF, quality of service (QoS), and security policies. a. The following requirements that must be met for the Wireless LAN deployment in the project. 37. Have a professional site survey done to support the all applications such as Voice, Data, Video and location tracking solutions. The survey should use the needed advanced tools to have the proper RF coverage details and all the information needed in the survey). 38. The survey should be done by using the RF WLAN surveyor tools. 39. The survey should take into consideration the applications to be used which are data, voice and location for this project. 40. Proper channel overlap is needed (e.g., 15-20%) to provide enough RF coverage for roaming of delay-sensitive clients while minimizing the interference between adjacent cells. 41. The survey and the deployment should be done by using a lower than maximum transmission power on the AP’s. This will enable the neighboring AP’s to compensate for the radio coverage of an AP that failed. 42. Unicast, Multicast traffic and QoS configuration for data, voice and video traffic.