® Unified Wireless Network Software Release 5.2, Cisco is delivering critical features for its industry-leading indoor and outdoor WLAN architecture. This release is now supported on the Cisco 3310 Mobility Services Engine, which is a new hardware platform that has been added to the Cisco 3300 Series Mobility Services Engine family. The Cisco Mobility Services Engine is an effective appliance for delivering applications and innovative mobility services, including Context-Aware Mobility, Adaptive Wireless Intrusion Prevention, and Mobile Intelligent Roaming. Some of the important infrastructure features included in Cisco Unified Wireless Network Software Release 5.2 are:
• Coverage hole detection per WLAN provides a more consistent and reliable performance by allowing select clients to be excluded from radio resource management policies.
• Organizations can improve network control by creating, defining and managing policies for locally significant certificates (LSC) on the access points and controllers.
• Service providers or organizations with multiple-tenant building solutions can configure up to 512 wireless LANs on one controller to ease management.
• Organizations can now implement high availability for Cisco Wireless Control System (WCS) servers to help ensure maximum uptime for delivery of services, minimize wireless network downtime, and maximize operational efficiency.
• The new Cisco WCS Plus license provides organizations with a bundle of value-added Cisco WCS features through a single license PAK.
The following new features are included in Cisco Unified Wireless Network Software Release 5.2. These features are supported by the following devices:
• Cisco Wireless LAN Controller Module (WLCM) and Cisco Wireless LAN Controller Module Enhanced (WLCM-E) for integrated services routers
• Cisco Catalyst 3750G Integrated Wireless LAN Controller
• Cisco 3300 Series Mobility Services Engine
• Cisco 2700 Series Wireless Location Appliance
• Cisco WCS and Cisco WCS Navigator
Cisco Aironet Access Points
Introducing the Cisco Aironet 1140 Series, a business-class 802.11n indoor access point that offers six times the performance of 802.11a/g networks for reliable connections to Wi-Fi voice, streaming video and business applications. The sleek design of the 1140 Series is powerful and efficient-it blends into enterprise environments and can be powered with standard 802.3af Power over Ethernet (PoE). Table 1 describes the new Cisco Aironet access point features available with Cisco Unified Wireless Network Software Release 5.2.
Table 1. New Cisco Aironet Access Point Features
Cisco Aironet 1140 Series Access Point
Business-ready 802.11n access point designed for simple deployment and energy efficiency
The Cisco Aironet 1140 Series offers many new features, including:
• Six times the throughput of existing 802.11a/g networks
• A sleek industrial design that blends into any enterprise environment
• 802.11n performance from standard 802.3af Power over Ethernet
• Intel Connect with Centrino Certified and 802.11n compliant for guaranteed interoperability with a variety of client devices
Environmentally friendly multi-unit Eco-Packs and EnergyStar certified power supplies
Coverage Hole Detection Per WLAN
A Cisco Radio Resource Manager feature that allows the network administrator to enable or disable coverage hole detection for each WLAN. Previously coverage hole detection was only configurable per client radio type (for example, 802.11a or 802.11b/g) for a given controller. This feature offers more granular control of groups of WLANs.
This feature provides a more consistent and reliable performance by allowing select clients to be excluded from radio resource management policies. It prevents the excluded clients from triggering access point radio power-level changes to mitigate coverage holes. Note that precoverage hole warning events will still be generated by access points for the clients that are excluded (with additional information such as WLAN name and coverage hole status of the WLAN).
Locally Significant Certificates
Cisco unified access points use either a manufactured installed certificate (MIC) or a self-signed certificate (SSC) to mutually authenticate the controller. With this feature, customers who choose to control public key infrastructure (PKI) can generate locally significant certificates (LSC) on the access points and controllers.
This feature provides improved network control so that IT professionals can:
• Create authentication certificates
• Manage certificates
• Set usage policies
• Define end use dates
Regulatory Compliance Update
Additional support for the following regulatory domains: Brazil, Chile, Puerto Rico, Egypt, Qatar, Montenegro, Serbia, Iraq, Dominican Republic, Uruguay, Macedonia
Organizations in the listed countries can deploy Cisco Aironet 1130, 1140, 1240, and 1250 Series Access Points running LWAPP. Customers are responsible for verifying approval for use in their individual countries. To verify approval and to identify the regulatory domain that corresponds to a particular country, visit: http://www.cisco.com/go/aironet/compliance
Cisco Mesh Access Points
Table 2 describes the new Cisco Aironet mesh access point features available with Cisco Unified Wireless Network Software Release 5.2.
Table 2. New Cisco Aironet Mesh Access Point Features
Cisco Aironet mesh access points are supported in the Cisco Unified Wireless Network Software Release 5.2.
Customers can manage both indoor and outdoor mesh and nonmesh access points with the same software release. This helps to centralize management and improve operational efficiency.
Ethernet VLAN Tagging
Administrators can use a global setting to determine the behavior of the access point with respect to the VLAN tags on Ethernet bridged traffic (VLAN transparent and nonVLAN transparent). Ethernet ports can be configured in one of the three modes: normal mode, access mode, and trunk mode.
Ethernet VLAN tagging allows Ethernet ports to be configured as access or trunk, and works both in indoor and outdoor mesh access points.
Voice is supported with enterprise mesh in indoor environments. Class of service enables voice traffic to be transmitted with control traffic in the platinum queue. Static Call Admission Control (CAC) is implemented when a single controller is used for the whole sector.
Organizations can take advantage of improved voice quality when mesh is deployed in an indoor setting. This is especially applicable in the retail, education, and healthcare industries.
Cisco Wireless LAN Controllers
Table 3 describes the new Cisco Wireless LAN Controller features available with Cisco Unified Wireless Network Software Release 5.2. These features are supported by Cisco 2100 and 4400 Series Wireless LAN Controllers; Cisco Catalyst 6500 Series/7600 Router Series WiSM; Cisco WLCM and WLCM-E for integrated services routers; and the Cisco Catalyst 3750G Integrated Wireless LAN Controllers.
Note: Cisco Unified Wireless Network Software Release 5.2 for Cisco Wireless LAN Controllers does not support Cisco Aironet 1510 or 1505 Mesh Access Points. These access points are supported by Cisco Unified Wireless Network Software Release 184.108.40.206M. Cisco Unified Wireless Network Software Release 220.127.116.11M is part of a specialized release train that supports mesh access points.
Note: Cisco WCS can simultaneously manage multiple Cisco Wireless LAN Controllers running different software versions. Cisco WCS running Software Release 5.2 can simultaneously manage Cisco Wireless LAN Controllers running Release 5.2 to support Cisco Aironet access points and Cisco Wireless LAN Controllers running Release 18.104.22.168M to support Cisco Aironet mesh access points. A single Cisco WCS can manage these wireless LAN controllers up to the maximum number of controllers and access points supported by Cisco WCS.
Table 3. New Cisco Wireless LAN Controller Features
Increased Number of WLANs Supported Per Controller
Organizations can support multiple Secure Set Identifiers (SSIDs) to segregate different administrative domains and classes of traffic.
IT managers can configure up to 512 wireless LANs on one controller. It is possible to allocate 16 of the WLANs for each access point or access point group. IT managers can then create an access point profile that can be assigned to an access point or access point group.
Supporting different groups of customers within the same controller provides ease of management. It also provides granular policy control by advertising WLANs relevant to an area. This feature is applicable for service providers or multiple-tenant solutions in airports and high-rise buildings to separate networks.
Anonymous and Authenticated Bind Transactions for LDAP
This feature supports two types of bind transaction Lightweight Directory Access Protocol (LDAP) requests: anonymous and authenticated. Credentials are provided to the LDAP server at the beginning of the bind transaction. IT managers can then configure an admin user and password.
Organizations experience enhanced security since the LDAP server allows database access only after authentication.
Client Credentials on H-REAP
Each Hybrid Remote Edge Access Point (H-REAP) can be configured with up to 100 user credentials for local authentication when the H-REAP is in standalone mode. Administrators can configure the same set of users over a group of access points in WCS.
This feature Increases the number of clients in remote locations and branch offices that will stay connected even when the WAN link to the wireless LAN controller is down. It also prevents IT from having to manually enter the same user credentials on multiple access points.
Cisco Wireless Control System
Table 4 presents the new Cisco WCS failover, management, auditing, and ease-of-use features available with Cisco Unified Wireless Network Software Release 5.2.
Table 4. New Cisco WCS Failover, Management, Auditing, and Ease-of-Use Features
Cisco WCS supports software-based high availability for failover from primary (active) to secondary (standby) servers. Each active server can be backed up by a standby server. Automatic and manual failover modes are supported. See the Cisco WCS Deployment Guide for more information about failover times between servers.
Note: Customers with a Cisco WCS license that supports location services must upgrade to Software Release 5.2 or later in order to enable high availability.
Organizations can implement high availability for Cisco WCS servers to help ensure maximum uptime for services delivery, minimize wireless network downtime, and maximize operational efficiency.
Cisco WCS Plus License
A Cisco WCS Plus license is now available to support Cisco WCS base license features and the following capabilities:
• Location services of one device, tag, or rouge access point
• Mobility services enablement
• High availability
A Cisco WCS Plus license is backward compatible with existing Cisco WCS location and enterprise licenses.
The process to provision a Cisco WCS Plus license is the same as provisioning a current Cisco WCS license.
Organizations can use a single license PAK to receive a bundle of value-added Cisco WCS features. Organizations needing bundled features now have simplified license provisioning with the Cisco WCS Plus license.
Flexible Configuration Audit
Cisco WCS supports the ability to selectively audit the configuration parameters of wireless devices.
Flexible configuration auditing compares the global audit set configurations against the configurations on individual controllers or across controllers in the entire Cisco Unified Wireless Network. A global audit is a set of attributes that can be used to perform selective configuration auditing.
Organizations can reduce the time required to perform configuration audits by specifying key configuration attributes to audit. IT administrators can detect device configuration errors more quickly, which results in reduced security or compliance breaches.
Template Additions and Enhancements
Three new template enhancements are now available:
• Standalone (autonomous) access point configuration template: Cisco Aironet standalone (Cisco IOS
® Software-based) access points can be configured using the command-line interface (CLI) commands template in Cisco WCS. Templates can be applied to selected access points. The status of a scheduled configuration is indicated in Cisco WCS.
• Controller CLI template: Cisco WLAN controllers can be configured using the CLI commands template in Cisco WCS. Templates can be applied to selected controllers. The status of a scheduled configuration is indicated in Cisco WCS.
• Access point power injector setting in access point template: The access point power injector settings have been added to the access point configuration page and access point templates.
Organizations can more easily configure standalone (autonomous) access points from Cisco WCS using the CLI template. They also have the flexibility to configure Cisco WLAN controllers using the CLI commands.
Higher operational efficiency can now be attained by configuring access point power injector settings from Cisco WCS rather than individual WLAN controllers.
Enhancements to Autonomous to Unified Migration Tool
The embedded Cisco WCS migration tool (for migration of standalone or Cisco IOS Software-based access points to operate as LWAPP access points) has been enhanced to support these new features:
• Analysis of the standalone access points to be migrated to LWAPP
• Ability to upgrade the standalone access points to a minimum Cisco IOS Software version using a pre- bundled image available with Cisco WCS or an external software image
• Ability to upgrade single-radio standalone access points to run LWAPP
Organizations have more features within the embedded Cisco WCS migration tool to assist them with migrating standalone access points to run LWAPP and operate in the Cisco Unified Wireless Network.
Enhanced Client Details Report
The Cisco WCS Client Details report is further enhanced to provide information about client session time, session length, session throughput, VLAN, signal-to-noise ratio (SNR), received signal strength indication (RSSI), and other information as listed in the release notes.
IT administrators can troubleshoot client device problems more easily using additional client session information now available in the Cisco WCS Client Retails report.
Mobility Services Engine
Table 5 displays the features of the new Mobility Services Engine available with Cisco Unified Wireless Network Software Release 5.2.
Table 5. New Cisco Mobility Services Products and Features
Mobility Services Engine
Cisco 3310 Mobility Services Engine
The Cisco 3310 Mobility Services Engine is the new hardware platform to add to the 3300 Series Mobility Services Engine family. The 3310 Mobility Services Engine is a cost- effective appliance for the delivery of mobility services and applications. A combination of hardware and software, the Mobility Services Engine is an appliance-based solution that supports a suite of software services to provide centralized and scalable service delivery.
A cost-effective platform for consistent, centralized, and scalable delivery of mobility services for the Cisco Unified Wireless Network.
Table 6 presents the new services available with Cisco Unified Wireless Network Software Release 5.2.
Table 6. Mobility Services Features
Adaptive Wireless Intrusion Prevention Software
Adaptive Wireless Intrusion Prevention Software
The Cisco Adaptive Wireless Intrusion Prevention Software (IPS) employs network analysis and signature-based techniques to deliver protection against rogue devices, known and unknown wireless attacks, as well as to perform network vulnerability and performance monitoring.
Cisco Adaptive Wireless IPS is integrated in the Cisco Unified Wireless Network infrastructure, enabling more accurate detection, proactive threat prevention, and streamlined management and security reporting using WCS. Adaptive Wireless IPS uses the power of the Cisco Mobility Services Engine to provide scalability, centralize network intelligence, and accelerate the deployment of new features and services.
Cisco Adaptive Wireless IPS protects your wireless network against rogue devices, network reconnaissance, eavesdropping, authentication and encryption cracking, man-in-the-middle attacks, wireless denial-of-service attacks, and Day-Zero unknown attacks.
Cisco Adaptive Wireless enables more accurate detection, proactive threat prevention, and enhanced ability to control wireless threats, while easing deployment and operations. Comprehensive Adaptive Wireless IPS configuration management, event aggregation, forensics, and reporting simplify workflows and help companies meet their compliance goals.
Mobile Intelligent Roaming
Mobile Intelligent Roaming
This feature enables dual-mode phones to roam between cellular and Wi-Fi networks.
Mobile Intelligent Roaming takes advantage of real-time network intelligence (for example, RSSI, quality of service (QoS), CAC, network loading, and spectrum intelligence) to generate network-assisted triggers to initiate call handoff.
Mobile Intelligent Roaming for dual-mode phones enables users to seamlessly roam between cellular and Wi-Fi networks, offering business continuity across networks while reducing costs by using the WLAN for on campus calls. End user productivity is further enhanced by extending unified communications features to dual-mode phones.
Mobile Intelligent Voice Call Roaming provides a more predictable and reliable enterprise handoff by using WLAN network intelligence to initiate the handoff by client software or mobile gateway (GW) client.
Context-Aware Mobility Service can now be deployed with the Cisco Mobility Services Engine 3350 or 3310.
The Context-Aware Mobility Service has the capability to gather Wi-Fi tag information either from the Cisco Unified Wireless Network using a RSSI algorithm or using time difference of arrival (TDoA) receviers for outdoor or high-ceiling environments or RF- challenging environments (both indoor and outdoor environments can be RF challenging).
The context-aware engine for tags can run standalone or simultaneously with the context-aware engine for clients.
Having multiple platforms provides the flexiblity for customers to meet various deployment and scalability needs.
Both the MSE 3310 and the 3350 platform offer the advantage of running mobility services within the Cisco WLAN infrastructure and using a common API for third-party application integration.
Scalability for MSE 3310 is a combination of up to 2000 Wi-Fi tags or Wi-Fi clients.
Guest User and Sponsor Audit Enhancements
Introduces new guest user and provisioning personnel (sponsor) audit fields and reporting capabilities
Guest user and sponsor audit enhancements provides enterprise-class, real-time, and historical trend reporting functionality. This feature also enhances overall network security through granular guest user audit trails and improves guest user provisioning and management.
Service and Support
Cisco offers a wide range of services programs to accelerate customer success. These innovative programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, visit
Cisco Technical Support Services or
Cisco Advanced Services.
Cisco Wireless LAN Services
Cisco and our Cisco Advanced Wireless LAN Specialized Partners offer a broad portfolio of end-to-end services based on proven methodologies for planning, designing, implementing, operating, and optimizing the performance of a variety of secure voice and data wireless network solutions, technologies, and strategies. Cisco Advanced Wireless LAN Specialized Partners bring application expertise to help deliver a secure enterprise mobility solution with a low total cost of ownership. For more information about Cisco services, refer to
Cisco Technical Support Services or
Cisco Advanced Services.
Download the New Software for This Release
Download Cisco Unified Wireless Network Software Release 5.1 from the
Cisco Wireless Software Display Tables (login required). Separate software release files are available for Cisco Wireless LAN Controllers, Cisco WCS, Cisco WCS Navigator, and the Cisco Wireless Location Appliance.