Luka Markota

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1

Luka Markota [email protected]

October 2011


Components

Access Points

• Security Policies

• QoS Policies

• RF Management

• Mobility Management

• Comprehensive

Knowledge of path loss

and SNR of each AP

• MAC Layer Encryption

• Air monitoring

• Each AP is effectively

a remote interface on

the controller

Switch/Routed

Network

Cisco WLAN Controller

Cisco Prime NCS

SNMP v3

Web

Browser

Cisco Mobility

Services

Engine

CAPWAP: Control And Provisioning of Wireless Access Points, runs over UDP - 5247 Data port, 5246 control port)

SOAP / XML

Cisco Confidential © 2011 Cisco and/or its affiliates. All rights reserved. 3

Product Overview


Carp

ete

d

11abg

AP1130

AP1240 AP1260 AP3500e

AP3500i AP1140

Performance & Functionality

AP1250 Ruggediz

ed

11n

AP1040

Current models

Hom

e

Off

ice

OEAP600


Ou

tdo

or o

r

Ou

tdo

or-

like

Indo

or

11bg Bridge

BR1300 ExtendAir

r5005

(SolutionPlus Product)

Indoor AP with

Enclosures

High-Speed Bridge

Mesh APs

AP1522 AP1524

3rd Party Vendors

ie. Terrawave

Overview

AP1550


How it looked like till 2011

# of APs 100 25

WiSM-300

12 50 300 6

Perf

orm

ance &

Scale

5508-12

250 500

5508-12, 25, 50, 100, 250, 500 (LICENSE-BASED)

5508-25 5508-50 5508-100 5508-250

WLCME-6, 8, 12, 25

3750G-25, 50

4404-100

4402-12, 25, 50

2106, 12, 25

5508-500

EoS announced per 13. June 2011


New models extending the existing family

Lean Branch

Campus and

Full Service Branch

2500

WLCM2

5500

WiSM2

7500

Scale

Featu

res/P

erf

orm

an

ce

NEW

NEW

NEW

NEW


Real-time Mobile Data Services

ROI Analysis for Contractor Access

ROI for Asset Tracking: 328%

Payback period: 6 months

Total 3 year savings: $161,785

Guest networks for customers,

partners and auditors

Vendor replenishment networks

Public access networks

ROI Analysis for wIPS & 802.1X




•Automatic, 24 x 7 security and

compliance monitoring for

breaches via wireless medium

•Network access control

based on user location

ROI Analysis for VoWLAN



Total 3 year savings: $1,878,648

Real-time mobile voice

communication

Improved collaboration

via mobile unified communications

Faster customer service response

ROI Analysis for Asset Tracking




Asset management

Location based content

distribution

Streamlined workflow

using historical location data

•Quickly locates any Wi-Fi device to support enhanced network security, management, and troubleshooting as well as enable location-based applications through a rich, open API.

Mobility Services – more than just data connectivity

LOCATION

GUEST

Wirelessly extending resources to individuals irrespective of time or location

SECURITY

VOICE Extends IP communications to the enterprise wireless network enabling toll-quality voice, voice services and call connectivity between networks by diverse client support, QoS and integration with the enterprise telephony system

•Unifies wired and wireless security and ensures network information integrity by enabling location-based authentication and precise detection, identification and prevention of wireless threats.

•Allows customers, vendors, and other non-employees to wirelessly access network resources, with privileges based on user-type and physical location, without compromising the enterprise security.


New HW Products


5508 Controller

Internet

Corporate Network

Non-corporate Assets e.g. Wii, DVR

Corporate Asset

Router

e.g. Linksys

Corp. WLAN

Locally defined WLAN

DTLS VPN

Office Extend AP

Extend office wireless work environment to remote sites:

corporate SSIDs available in remote site

managed by IT

Create locally significant SSID directly on OfficeExtend AP;

unique SSID can be created for each location

not managed by IT

Ideal for telecommuting, home-sourcing, outsourcing applications


Dual band 802.11n AP for the homes

Proven hardware design

Validated OEAP Features / Function

Supported by 5508, WiSM2, 2500

7.67” x 6.92” x 1.45”

Available worldwide (all reg domains)

Target FCS: Q1CY11


Supports up to 2 corporate SSIDs

Supports up to 15 wireless clients

User-configured personal SSID

Control and data plane encryption

RF channel / power are set automatically at power up

Corporate client cannot access personal / local resources (i.e. home printer)

No RRM, wIPS, Rogue Detection, Location, Guest Services


4 Additional Ethernet ports

Dedicated Ethernet port for corporate-bound device

Remaining 3-ports are for personal use

USB port is disabled initially, under consideration:

External hard drive

Printers / Projectors

3G back-haul modem

Cradle for vertical placement

On/Off Switch

No PoE support


Setting existing APs into OEAP mode requires multiple reboots

OEAP 600 will be preset into OEAP mode during manufacturing

IT first sets MAC addresses of the allowed OEAP 600 into controller

Employees takes unopened OEAP home and connects a computer into Ethernet port. Splash screen prompts user to enter controller IP address

OEAP 600 is then provisioned automatically


Features

Outdoor 802.11n Access Point Up to 6x higher throughput than 1520

Dual-Radio 2.4 and 5 GHz

(Universal Access) CleanAir and ClientLink

Dual-band Antennas

Integrated, Low-Profile

Backhaul

Fiber, Ethernet, Mesh 8x4 HFC DOCSIS 3.0

Benefits

RF Excellence: Increased client coverage, range and throughput; detect and mitigate RF interference Unified Mode:

Authentication, Security, Mobility,.. Flexible Deployment:

Access or mesh network, extension of an Ethernet network, Fiber, Wireless or Cable backhaul High Performance:

Multipurpose network with low CAPEX & OPEX


1552I

Lightweight, Low power

& energy efficient

Designed to blend in

with the surrounding

environment

FCS in May-Jun

1552E

Standard and flexible model

with dual-radio system

Targeting municipal & campus

deployments, video

surveillance apps, mining

environments, & data offload

FCS in April

1552C

Integrated cable modem

interface with DOCSIS

3.0

Targeted for 3G data

offload applications &

public Wi-Fi

FCS in April

1552H

Class 1, Div 2/Zone 2

hazardous location certified

Targeted hazardous

environments like Oil & Gas

refineries, chemical plants,

mining pits, & mfg factories

FCS in May-Jun 1- Integrated Antenna replaces multiple

single-band antennas list up to $950

2- *The prices above do NOT include the

External antennas for the E/H

versions


1552E 1552H 1552C 1552I

802.11 b/g/n

802.11 a/n

Standard

External

802.11b/g/n

802.11a/n

Hazardous Loc.

External

802.11b/g/n

802. 11a/n

Cable Modem

Integrated

802.11b/g/n

802.11a/n

Standard

Integrated

2.4 GHz

5 GHz

Type

Antenna

2 Radios 2.4/5 GHz

2 Tx, 3 Rx

MIMO, 2 SS

3x Dual-Band Ant.

MIMO Multiple-In, Multiple-Out

SS Spatial Streams


Features

• Feature compatibility with WLC2100 with enhancements

• 1RU Appliance, same form factor as WLC2100

• Supports 50 access points

• 4 GigE Ports – Two Non-POE and Two POE ports

• Handles up to 500 wireless devices & 250 tags

• Supports Triple play – Data, Voice & Video

• Control plane scalability

• Supports OfficeExtend Solution and DTLS Encryption

• Supports Cisco M-Drive technology including BandSelect and ClientLink


• Feature Rich Entry level Controller

802.11n Ready

Guest Access

Wireless IPS

• Unsurpassed Performance & Scale for Entry level Controller

Support high end RF Excellence (CleanAir APs)

5500 Style Licensing

Specifications At-a-Glance

Access Points 5 – 50

Devices 500

Throughput 300Mbps

Form Factor Desktop w/ optional Rack Mount

I/O 2x1GE; 2x1GE PoE


At-A-Glance 2100 2500

Interfaces 8xEthernet (2 PoE) 4xGE (2 PoE)

# of APs 6, 12, 25 5 - 50

# of Devices 256 500

AP Licensing Fix Scale as you grow

Built-In Licenses: 5, 15, 25 and 50 Adder Licenses (5 and 25)

Throughput 100Mbps 300Mbps

Concurrent AP

Upgrade/Join 10 50

Data Encryption

(Data DTLS) Not Supported Licensed (Optional)

Teleworker Support

(OEAP) Not Supported

Supported (w/ Data DTLS License)

Note: Wired Guest Access and Guest Access Anchor is NOT supported


• Serial Console Ports

Provides command line interface

RJ45 Serial options

4 Gigabit Ethernet Ports

3&4 – POE Enabled Serial Console Port (RJ45)

Status

LEDs

4 Gigabit Ethernet Ports

Port 3 & 4 – Power over Ethernet


• Cisco2504 wireless controller will support up to 50 AP’s and 500 clients

• Cisco2504 wireless controllers can be used in a mixed environment supporting roaming between other controllers

• Cisco2504 wireless controller is designed to support latest 802.11n AP’s (CAP3500, LAP1260, LAP1040, LAP1250 LAP1140) and legacy Cisco Aironet AP’s (LAP1130, LAP1240 LAP1230, LAP1500)

• Cisco2504 supports faster roaming due to higher backplane capacity

• Cisco2504 supports Advanced technologies like Band Select and Client Link

• Cisco2504 Supports as a Foreign Controller


Limitations

• CISCO2504 Wireless Controller has no LAG support

• CISCO2504 Wireless Controller does NOT route

• Cisco Wireless LAN Controller does support multiple VLANs and 802.1Q tagging

• Network infrastructure must provide routing mechanism between VLANs

• CISCO2504 Wireless Controller is not a Firewall

• Cisco Wireless LAN Controller does provide ACL

user based

port based


SKUs and AP Licensing Counts

Built-In (5, 15, 25,

& 50)

Adder (5, 25)

Scale as you grow Licensing

Scheme

(Up to 50 APs)

AIR-CT2504-5-K9

AIR-CT2504-15-K9

AIR-CT2504-25-K9

AIR-CT2504-50-K9

LIC-CT2504-UPG

• LIC-CT2504-5A

• LIC-CT2504-25A

L-LIC-CT2504-UPG (e-Delivery)

• L-LIC-CT2504-5A

• L-LIC-CT2504-25A


Key Features Key Benefits

Supports 10 access points Supports 50 access points

Small physical, energy and carbon

footprint

Save on energy bills and protect environment

High-performance, high-capacity

hardware

Deploy performance demanding and high

availability applications

On-demand, remote application

provisioning

Improve flexibility of branch infrastructure

Integrated management and

troubleshooting

Simplify administration and reduce costs

SRE-ISM-300-K9 SRE-SM-700-K9 SRE-SM-900-K9


Based on SRE for ISR G2



Devices 500

Throughput 300Mbps

Form Factor SRE Module on ISR G2

I/O ISR backplane

Maximize on ISR G2 Investment

Lower Cap-Ex/Op-Ex

Wired/Wireless solution

• Wireless Entry level Controller Performance on ISR platform

802.11n Ready

Support high end RF Excellence (CleanAir APs)

5500 Style Licensing


For Catalyst 6500

10G Backplane Channels

Serial Console

Port

Status LEDs

Dedicated Control

Processor

Dedicated Data

Processor

• Reduced Operational Costs

• Scale 500 Access Points 10,000 Clients

• Centralized Maintenance Simultaneous AP Upgrade Troubleshooting

• Mobility 36,000 AP in Mobility Domain Fast Roaming

• Performance 10 Gbps

• Modular Service Module for the Catalyst 6500

• Simplified Licensing 100, 200 AP Adder licenses

• Flexible Architecture

• Control & Data Planes

• Centralized & Distributed deployment




Clients 10,000

I/O 10G

Chassis Level Scale 3,500 APs & 70,000 Clients

Concurrent AP Joins 500

No. of Phy Controller 1

Power 225 W

• Enhanced Operational Savings

Higher Scale

Reduced downtime during upgrades

Single Controller

• Higher Performance

Throughput

Concurrent Rich Media application flows

• Maximize Catalyst 6K Investment

Supervisor & Service Module Refresh


5500 WiSM WiSM2

# of Access Points 12 – 500 300 100 – 500

Throughput Up to 8 Gbps Up to 8 Gbps Up to 10 Gbps

Clients Up to 7,000 Up to 10,000 Up to 10,000

Concurrent AP upgrades/joins

Up to 500 Up to 20 Up to 500

Network I/O Up to 8, 1 Gbps

SFPs Cat6k back plane Cat6k back plane

Mobility domain size Up to 36,000 Aps Up to 10,800 APs Up to 36,000 APs

# of controllers per physical device

1 2 1

Power Consumption 125W 164W 225W

AP count and feature upgrade via licensing

Yes No Yes

Encrypted data link between AP and controller

Yes No Yes

OfficeExtend Solution Yes No Yes


Scalability Numbers WiSM-2

Max number of APs 500

Max number of clients 10,000

Max number of RFID Tags 5000

Max number of AP-Group 500

Number of APs in a mobility group 12000

Number of APs in a mobility domain 36000

Max number of HREAP groups 100

Max number of APs per HREAP group 50

Max number of rogue APs 2,000

Max number of rogue clients 2,500


• Cisco Flex 7500 Series Controller is designed to meet the scaling requirements for FlexConnect solution in branch networks

• Cisco Flex 7500 Series Controller aims at delivering cost effective FlexConnect solution at a much higher scale


• Game Changing Branch Solution

Lower Cap-Ex – leverage fewer

controllers across branches

Decreased Op-Ex through centralized management

• Enhanced Scalability & Flexibility

Higher Scale

AP Groups

5500 Style Licensing Specifications At-a-Glance

Access Points 500– 2,000

Devices 20,000

Deployment Model FlexConnect

Form Factor 1RU Appliance

I/O 2x10GE Interfaces

No. of AP’s / Group 50

No. AP Groups 1,500


Features Overview

Scale : 2000 HREAPs/20K Clients

Scale : 100 CCKM clients/Group

Scale : 1000 AP download

Scale : 200 AP pre-image download

Central Switching for mainly Guest traffic : Capped to 250Mbps throughput

I/O Ports: 2x10GE

Licensing: 250, 500,1000,2000 AP SKUs

Licensing: 100, 500, 1000 Additive SKUs

WCS (7.0MR1) / WebGUI support for Configuration & Management


HREAP Features

Scale: Increase # of HREAP Groups to 500 per Controller

Scale: Increase # of APs/group to 50

Support Guest Access (Central/Local Switched/Anchor) Solution – WebAuth

Fault Tolerance (HA) : Seamless access to wireless services when an AP

connects/disconnects to a controller

Support Spectrum Intelligence, Adaptive wIPS & Rogue AP Location

H-REAP local-authentication in the AP in connected mode


• Except for the base and upgrade counts, the entire licensing procedure covering ordering, installation, viewing etc. is similar to our existing WLC 5508

AP Base Count SKUs 300 500 1000 2000

AP Upgrade SKUs 100 200 500 1000


Comparison

Data Sheet 7500 5508

Total Number of AP 2000 500

Total Clients 20,000 7,000

Max HREAP Groups 500 20

Max AP’s per HREAP Group 50 25

Max AP Groups 500 500

Max WLAN 512 512

Max WLAN Per AP Group 16 16

Max Rogue AP 8,000 2,000

Max Rogue Clients 10,000 2,500

Max APs per RRM Group 2,000 1,000

Max Number of AP Joins 1,000 500

Max Number of AP Image downloads 1,000 500

Luka Markota

Documents

Transcript of Luka Markota