© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Luka Markota [email protected]
October 2011
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Components
Access Points
• Security Policies
• QoS Policies
• RF Management
• Mobility Management
• Comprehensive
Knowledge of path loss
and SNR of each AP
• MAC Layer Encryption
• Air monitoring
• Each AP is effectively
a remote interface on
the controller
Switch/Routed
Network
Cisco WLAN Controller
Cisco Prime NCS
SNMP v3
Web
Browser
Cisco Mobility
Services
Engine
CAPWAP: Control And Provisioning of Wireless Access Points, runs over UDP - 5247 Data port, 5246 control port)
SOAP / XML
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Carp
ete
d
11abg
AP1130
AP1240 AP1260 AP3500e
AP3500i AP1140
Performance & Functionality
AP1250 Ruggediz
ed
11n
AP1040
Current models
Hom
e
Off
ice
OEAP600
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Ou
tdo
or o
r
Ou
tdo
or-
like
Indo
or
11bg Bridge
BR1300 ExtendAir
r5005
(SolutionPlus Product)
Indoor AP with
Enclosures
High-Speed Bridge
Mesh APs
AP1522 AP1524
3rd Party Vendors
ie. Terrawave
Overview
AP1550
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
How it looked like till 2011
# of APs 100 25
WiSM-300
12 50 300 6
Perf
orm
ance &
Scale
5508-12
250 500
5508-12, 25, 50, 100, 250, 500 (LICENSE-BASED)
5508-25 5508-50 5508-100 5508-250
WLCME-6, 8, 12, 25
3750G-25, 50
4404-100
4402-12, 25, 50
2106, 12, 25
5508-500
EoS announced per 13. June 2011
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
New models extending the existing family
Lean Branch
Campus and
Full Service Branch
2500
WLCM2
5500
WiSM2
7500
Scale
Featu
res/P
erf
orm
an
ce
NEW
NEW
NEW
NEW
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Real-time Mobile Data Services
ROI Analysis for Contractor Access
ROI for Asset Tracking: 328%
Payback period: 6 months
Total 3 year savings: $161,785
Guest networks for customers,
partners and auditors
Vendor replenishment networks
Public access networks
ROI Analysis for wIPS & 802.1X
ROI for Asset Tracking: 114%
Payback period: 14 months
Total 3 year savings: $761,089
•Automatic, 24 x 7 security and
compliance monitoring for
breaches via wireless medium
•Network access control
based on user location
ROI Analysis for VoWLAN
ROI for Asset Tracking: 157%
Payback period: 9 months
Total 3 year savings: $1,878,648
Real-time mobile voice
communication
Improved collaboration
via mobile unified communications
Faster customer service response
ROI Analysis for Asset Tracking
ROI for Asset Tracking: 55%
Payback period: 16 months
Total 3 year savings: $379,677
Asset management
Location based content
distribution
Streamlined workflow
using historical location data
•Quickly locates any Wi-Fi device to support enhanced network security, management, and troubleshooting as well as enable location-based applications through a rich, open API.
Mobility Services – more than just data connectivity
LOCATION
GUEST
Wirelessly extending resources to individuals irrespective of time or location
SECURITY
VOICE Extends IP communications to the enterprise wireless network enabling toll-quality voice, voice services and call connectivity between networks by diverse client support, QoS and integration with the enterprise telephony system
•Unifies wired and wireless security and ensures network information integrity by enabling location-based authentication and precise detection, identification and prevention of wireless threats.
•Allows customers, vendors, and other non-employees to wirelessly access network resources, with privileges based on user-type and physical location, without compromising the enterprise security.
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
5508 Controller
Internet
Corporate Network
Non-corporate Assets e.g. Wii, DVR
Corporate Asset
Router
e.g. Linksys
Corp. WLAN
Locally defined WLAN
DTLS VPN
Office Extend AP
Extend office wireless work environment to remote sites:
corporate SSIDs available in remote site
managed by IT
Create locally significant SSID directly on OfficeExtend AP;
unique SSID can be created for each location
not managed by IT
Ideal for telecommuting, home-sourcing, outsourcing applications
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Dual band 802.11n AP for the homes
Proven hardware design
Validated OEAP Features / Function
Supported by 5508, WiSM2, 2500
7.67” x 6.92” x 1.45”
Available worldwide (all reg domains)
Target FCS: Q1CY11
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Supports up to 2 corporate SSIDs
Supports up to 15 wireless clients
User-configured personal SSID
Control and data plane encryption
RF channel / power are set automatically at power up
Corporate client cannot access personal / local resources (i.e. home printer)
No RRM, wIPS, Rogue Detection, Location, Guest Services
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
4 Additional Ethernet ports
Dedicated Ethernet port for corporate-bound device
Remaining 3-ports are for personal use
USB port is disabled initially, under consideration:
External hard drive
Printers / Projectors
3G back-haul modem
Cradle for vertical placement
On/Off Switch
No PoE support
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Setting existing APs into OEAP mode requires multiple reboots
OEAP 600 will be preset into OEAP mode during manufacturing
IT first sets MAC addresses of the allowed OEAP 600 into controller
Employees takes unopened OEAP home and connects a computer into Ethernet port. Splash screen prompts user to enter controller IP address
OEAP 600 is then provisioned automatically
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Features
Outdoor 802.11n Access Point Up to 6x higher throughput than 1520
Dual-Radio 2.4 and 5 GHz
(Universal Access) CleanAir and ClientLink
Dual-band Antennas
Integrated, Low-Profile
Backhaul
Fiber, Ethernet, Mesh 8x4 HFC DOCSIS 3.0
Benefits
RF Excellence: Increased client coverage, range and throughput; detect and mitigate RF interference Unified Mode:
Authentication, Security, Mobility,.. Flexible Deployment:
Access or mesh network, extension of an Ethernet network, Fiber, Wireless or Cable backhaul High Performance:
Multipurpose network with low CAPEX & OPEX
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
1552I
Lightweight, Low power
& energy efficient
Designed to blend in
with the surrounding
environment
FCS in May-Jun
1552E
Standard and flexible model
with dual-radio system
Targeting municipal & campus
deployments, video
surveillance apps, mining
environments, & data offload
FCS in April
1552C
Integrated cable modem
interface with DOCSIS
3.0
Targeted for 3G data
offload applications &
public Wi-Fi
FCS in April
1552H
Class 1, Div 2/Zone 2
hazardous location certified
Targeted hazardous
environments like Oil & Gas
refineries, chemical plants,
mining pits, & mfg factories
FCS in May-Jun 1- Integrated Antenna replaces multiple
single-band antennas list up to $950
2- *The prices above do NOT include the
External antennas for the E/H
versions
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
1552E 1552H 1552C 1552I
802.11 b/g/n
802.11 a/n
Standard
External
802.11b/g/n
802.11a/n
Hazardous Loc.
External
802.11b/g/n
802. 11a/n
Cable Modem
Integrated
802.11b/g/n
802.11a/n
Standard
Integrated
2.4 GHz
5 GHz
Type
Antenna
2 Radios 2.4/5 GHz
2 Tx, 3 Rx
MIMO, 2 SS
3x Dual-Band Ant.
MIMO Multiple-In, Multiple-Out
SS Spatial Streams
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Features
• Feature compatibility with WLC2100 with enhancements
• 1RU Appliance, same form factor as WLC2100
• Supports 50 access points
• 4 GigE Ports – Two Non-POE and Two POE ports
• Handles up to 500 wireless devices & 250 tags
• Supports Triple play – Data, Voice & Video
• Control plane scalability
• Supports OfficeExtend Solution and DTLS Encryption
• Supports Cisco M-Drive technology including BandSelect and ClientLink
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
• Feature Rich Entry level Controller
802.11n Ready
Guest Access
Wireless IPS
• Unsurpassed Performance & Scale for Entry level Controller
Support high end RF Excellence (CleanAir APs)
5500 Style Licensing
Specifications At-a-Glance
Access Points 5 – 50
Devices 500
Throughput 300Mbps
Form Factor Desktop w/ optional Rack Mount
I/O 2x1GE; 2x1GE PoE
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
At-A-Glance 2100 2500
Interfaces 8xEthernet (2 PoE) 4xGE (2 PoE)
# of APs 6, 12, 25 5 - 50
# of Devices 256 500
AP Licensing Fix Scale as you grow
Built-In Licenses: 5, 15, 25 and 50 Adder Licenses (5 and 25)
Throughput 100Mbps 300Mbps
Concurrent AP
Upgrade/Join 10 50
Data Encryption
(Data DTLS) Not Supported Licensed (Optional)
Teleworker Support
(OEAP) Not Supported
Supported (w/ Data DTLS License)
Note: Wired Guest Access and Guest Access Anchor is NOT supported
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
• Serial Console Ports
Provides command line interface
RJ45 Serial options
4 Gigabit Ethernet Ports
3&4 – POE Enabled Serial Console Port (RJ45)
Status
LEDs
4 Gigabit Ethernet Ports
Port 3 & 4 – Power over Ethernet
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
• Cisco2504 wireless controller will support up to 50 AP’s and 500 clients
• Cisco2504 wireless controllers can be used in a mixed environment supporting roaming between other controllers
• Cisco2504 wireless controller is designed to support latest 802.11n AP’s (CAP3500, LAP1260, LAP1040, LAP1250 LAP1140) and legacy Cisco Aironet AP’s (LAP1130, LAP1240 LAP1230, LAP1500)
• Cisco2504 supports faster roaming due to higher backplane capacity
• Cisco2504 supports Advanced technologies like Band Select and Client Link
• Cisco2504 Supports as a Foreign Controller
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Limitations
• CISCO2504 Wireless Controller has no LAG support
• CISCO2504 Wireless Controller does NOT route
• Cisco Wireless LAN Controller does support multiple VLANs and 802.1Q tagging
• Network infrastructure must provide routing mechanism between VLANs
• CISCO2504 Wireless Controller is not a Firewall
• Cisco Wireless LAN Controller does provide ACL
user based
port based
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
SKUs and AP Licensing Counts
Built-In (5, 15, 25,
& 50)
Adder (5, 25)
Scale as you grow Licensing
Scheme
(Up to 50 APs)
AIR-CT2504-5-K9
AIR-CT2504-15-K9
AIR-CT2504-25-K9
AIR-CT2504-50-K9
LIC-CT2504-UPG
• LIC-CT2504-5A
• LIC-CT2504-25A
L-LIC-CT2504-UPG (e-Delivery)
• L-LIC-CT2504-5A
• L-LIC-CT2504-25A
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Key Features Key Benefits
Supports 10 access points Supports 50 access points
Small physical, energy and carbon
footprint
Save on energy bills and protect environment
High-performance, high-capacity
hardware
Deploy performance demanding and high
availability applications
On-demand, remote application
provisioning
Improve flexibility of branch infrastructure
Integrated management and
troubleshooting
Simplify administration and reduce costs
SRE-ISM-300-K9 SRE-SM-700-K9 SRE-SM-900-K9
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Based on SRE for ISR G2
Specifications At-a-Glance
Access Points 5 – 50
Devices 500
Throughput 300Mbps
Form Factor SRE Module on ISR G2
I/O ISR backplane
Maximize on ISR G2 Investment
Lower Cap-Ex/Op-Ex
Wired/Wireless solution
• Wireless Entry level Controller Performance on ISR platform
802.11n Ready
Support high end RF Excellence (CleanAir APs)
5500 Style Licensing
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
For Catalyst 6500
10G Backplane Channels
Serial Console
Port
Status LEDs
Dedicated Control
Processor
Dedicated Data
Processor
• Reduced Operational Costs
• Scale 500 Access Points 10,000 Clients
• Centralized Maintenance Simultaneous AP Upgrade Troubleshooting
• Mobility 36,000 AP in Mobility Domain Fast Roaming
• Performance 10 Gbps
• Modular Service Module for the Catalyst 6500
• Simplified Licensing 100, 200 AP Adder licenses
• Flexible Architecture
• Control & Data Planes
• Centralized & Distributed deployment
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
Specifications At-a-Glance
Access Points 100 – 500
Clients 10,000
I/O 10G
Chassis Level Scale 3,500 APs & 70,000 Clients
Concurrent AP Joins 500
No. of Phy Controller 1
Power 225 W
• Enhanced Operational Savings
Higher Scale
Reduced downtime during upgrades
Single Controller
• Higher Performance
Throughput
Concurrent Rich Media application flows
• Maximize Catalyst 6K Investment
Supervisor & Service Module Refresh
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
5500 WiSM WiSM2
# of Access Points 12 – 500 300 100 – 500
Throughput Up to 8 Gbps Up to 8 Gbps Up to 10 Gbps
Clients Up to 7,000 Up to 10,000 Up to 10,000
Concurrent AP upgrades/joins
Up to 500 Up to 20 Up to 500
Network I/O Up to 8, 1 Gbps
SFPs Cat6k back plane Cat6k back plane
Mobility domain size Up to 36,000 Aps Up to 10,800 APs Up to 36,000 APs
# of controllers per physical device
1 2 1
Power Consumption 125W 164W 225W
AP count and feature upgrade via licensing
Yes No Yes
Encrypted data link between AP and controller
Yes No Yes
OfficeExtend Solution Yes No Yes
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
Scalability Numbers WiSM-2
Max number of APs 500
Max number of clients 10,000
Max number of RFID Tags 5000
Max number of AP-Group 500
Number of APs in a mobility group 12000
Number of APs in a mobility domain 36000
Max number of HREAP groups 100
Max number of APs per HREAP group 50
Max number of rogue APs 2,000
Max number of rogue clients 2,500
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
• Cisco Flex 7500 Series Controller is designed to meet the scaling requirements for FlexConnect solution in branch networks
• Cisco Flex 7500 Series Controller aims at delivering cost effective FlexConnect solution at a much higher scale
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
• Game Changing Branch Solution
Lower Cap-Ex – leverage fewer
controllers across branches
Decreased Op-Ex through centralized management
• Enhanced Scalability & Flexibility
Higher Scale
AP Groups
5500 Style Licensing Specifications At-a-Glance
Access Points 500– 2,000
Devices 20,000
Deployment Model FlexConnect
Form Factor 1RU Appliance
I/O 2x10GE Interfaces
No. of AP’s / Group 50
No. AP Groups 1,500
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Features Overview
Scale : 2000 HREAPs/20K Clients
Scale : 100 CCKM clients/Group
Scale : 1000 AP download
Scale : 200 AP pre-image download
Central Switching for mainly Guest traffic : Capped to 250Mbps throughput
I/O Ports: 2x10GE
Licensing: 250, 500,1000,2000 AP SKUs
Licensing: 100, 500, 1000 Additive SKUs
WCS (7.0MR1) / WebGUI support for Configuration & Management
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
HREAP Features
Scale: Increase # of HREAP Groups to 500 per Controller
Scale: Increase # of APs/group to 50
Support Guest Access (Central/Local Switched/Anchor) Solution – WebAuth
Fault Tolerance (HA) : Seamless access to wireless services when an AP
connects/disconnects to a controller
Support Spectrum Intelligence, Adaptive wIPS & Rogue AP Location
H-REAP local-authentication in the AP in connected mode
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
• Except for the base and upgrade counts, the entire licensing procedure covering ordering, installation, viewing etc. is similar to our existing WLC 5508
AP Base Count SKUs 300 500 1000 2000
AP Upgrade SKUs 100 200 500 1000
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
Comparison
Data Sheet 7500 5508
Total Number of AP 2000 500
Total Clients 20,000 7,000
Max HREAP Groups 500 20
Max AP’s per HREAP Group 50 25
Max AP Groups 500 500
Max WLAN 512 512
Max WLAN Per AP Group 16 16
Max Rogue AP 8,000 2,000
Max Rogue Clients 10,000 2,500
Max APs per RRM Group 2,000 1,000
Max Number of AP Joins 1,000 500
Max Number of AP Image downloads 1,000 500