® enhances its industry-leading WLAN architecture by delivering new software features with Cisco Unified Wireless Network Software Release 5.0. With this release, Cisco broadens its WLAN platform to deliver important infrastructure enhancements and new innovative features for its portfolio of mobility services, including enhanced security, guest access, voice services, and location services. Cisco Unified Wireless Network Software Release 5.0 includes the following features:
• Cisco WCS can now use Google Earth features and functionality to assist in visualizing and managing Cisco Aironet® outdoor mesh wireless LAN deployments.
• Enhanced high-availability capabilities address critical points of potential failure and reduce client and access point downtime, thus enabling resiliency and survivability at remote locations and branch offices.
• New ease-of-use features for Cisco wireless LAN controllers and Cisco Wireless Control System (WCS) enhance network monitoring and simplify network operations with auto-provisioning of WLAN controllers.
• Increased scalability allows users to roam across a larger mobility space, thus providing a better user experience for voice and data applications.
• WLAN security is enhanced by integrating the Cisco Wireless LAN Controller with Cisco Security Monitoring Analysis and Response System (MARS), an expanded intrusion detection system, and new rogue classification capabilities. The result is increased security on both the wired and wireless networks, reduced false alarms, and more granular control over detection, policies, and reporting.
• Guest user management is improved by the ability to customize a login failure message and a logout verification message Web page, as well as by support for third-party guest access provisioning and reporting solutions. Overall security is enhanced by introducing guest account creation limits. Investment protection is extended through support for LDAP authentication.
• New voice-over-WLAN (VoWLAN) tool provides audit reporting and allows organizations to save time when performing configuration checks of controllers based on the suggested VoWLAN deployment guidelines.
• Increased visibility to issues impacting location accuracy within the RF environment and simplified location troubleshooting.
The following new features are included in Cisco Unified Wireless Network Software Release 5.0. These features are supported by Cisco Aironet access points running Lightweight Access Point Protocol (LWAPP); Cisco 2100 and 4400 Series Wireless LAN Controllers; Cisco Catalyst
® 6500 Series Wireless Services Module (WiSM); Cisco Wireless LAN Controller Module (WLCM) and Cisco Wireless LAN Controller Module Enhanced (WLCM-E) for integrated services routers; Cisco Catalyst 3750G Integrated Wireless LAN Controller; Cisco 2700 Series Wireless Location Appliance; Cisco WCS, and Cisco WCS Navigator.
Cisco Aironet Access Points
Table 1 describes the new Cisco Aironet access point features available with Cisco Unified Wireless Network Software Release 5.0.
Table 1. New Cisco Aironet Access Point Features
Enhanced Radio Resource Management Accuracy
Incorporating actual information measured by the access point and client offers better estimation of receive (Rx), transmit (Tx), and clear channel assessment (CCA) load using physical layer/MAC (PHY/MAC) measurements.
This feature provides a more consistent and reliable Radio Resource Management performance.
Serviceability and Management Enhancement
This management enhancement provides direct access to LWAPP access point command-line interfaces, including Telnet and Secure Shell Protocol (SSH).
Organizations will be able to troubleshoot nonjoining access points easier.
WCS LWAPP Migration Tool Enhancement
The WCS LWAPP migration tool now supports automatic LWAPP migration of a single radio within a dual-mode access point, even when LWAPP migration is not supported on the second radio.
Migrations from standalone to controller-based networks are simplified and offer increased investment protection.
Delivery Traffic Indicator Message (DTIM) per WLAN
The Delivery Traffic Indication Message (DTIM) period can be configured on a per radio basis (either 2.4-GHz or 5-GHz) to support different client and application needs. A flexible DTIM setting allows performance enhancements to certain applications and services, specifically to voice and applications that require low latency.
This configuration improves the performance of voice and data clients.
Regulatory Compliance Update
Additional support for the following country regulatory domains: Bahrain, Costa Rica, Dominican Republic, Ecuador, Egypt, Croatia, Kuwait, Kazakhstan, Oman, Pakistan, Puerto Rico, and Vietnam.
Japan: added support for 5.47-GHz to 5.725-GHz band (11 new channels).
Russia: added support for 802.11a, which is now permitted in Russia.
Organizations can expand their global footprint with an increased support of regulatory domains.
Access Point Monitoring with Enhanced Sniffer Support
Technical support will routinely ask customers to do a sniffer trace for WLAN problem detection. Over-the-air captures of sniffed data can now be sent to Wireshark, a free and increasingly popular open source packet analyzer for WLAN troubleshooting.
Wireshark runs on most computing platforms, including Windows, OS X, Linux, and UNIX, and is used by network professionals, security experts, developers, and educators around the world.
The feature simplifies troubleshooting and maintenance of the WLAN network with a popular and freely available open source network analyzer tool.
Cisco Wireless LAN Controllers
Table 2 describes the new Cisco Wireless LAN Controller features available with Cisco Unified Wireless Network Software Release 5.0. These features are supported by Cisco 2100 and 4400 Series Wireless LAN Controllers; Cisco Catalyst 6500 Series WiSM; Cisco WLCM and WLCM-E for integrated services routers; and the Cisco Catalyst 3750G Integrated Wireless LAN Controllers.
Note: Cisco Unified Wireless Network Software Release 5.0 for Cisco Wireless LAN Controllers does not support Cisco Aironet 1520, 1510, or 1505 Series outdoor mesh access points. These access points are supported by Cisco Unified Wireless Network Software Release 126.96.36.199M (or a later release). Cisco Unified Wireless Network Software Release 188.8.131.52M is part of a specialized release train that supports mesh access points.
Note: Cisco WCS can simultaneously manage multiple Cisco Wireless LAN Controllers running different software versions. Cisco WCS running Cisco Unified Wireless Network Software Release 5.0 can simultaneously manage Cisco Wireless LAN Controllers running Release 5.0 to support Cisco Aironet lightweight access points and Cisco Wireless LAN Controllers running Release 184.108.40.206M to support Cisco Aironet mesh access points. A single Cisco WCS can manage these Wireless LAN Controllers up to the maximum number of Wireless LAN Controllers and access points supported by Cisco WCS.
Table 2. New Cisco Wireless LAN Controller Features
Controller Auto- Provisioning
Network administrators can configure wireless LAN controllers (WLC) during boot-up. Users can connect a new WLC to the network, turn on the new device, and have it configured automatically from a pre-existing configuration file.
The AutoInstall process begins any time a Cisco WLC is turned on and a valid configuration file is not found in nonvolatile random-access memory (NVRAM).
Auto-provisioning simplifies large WLC deployments in multiple branch offices or remote locations where network expertise is not readily available. It also facilitates centralized management of the controller installation.
Access point and client downtime is reduced by shortening the failure detection time, avoiding the restart of Dynamic Host Configuration Protocol (DHCP) process by reusing the same IP address to reinitiate the discovery process, and enhancing the access point discovery process.
This feature reduces client downtime and results in higher network availability. It also helps to maintain better data and voice sessions, and helps to ensure a consistent end-user experience. This is especially beneficial for industries such as financial services and healthcare.
Hybrid Remote Edge Access Point (HREAP) (802.1x authentication on the access point)
This feature will add the ability for the HREAP to perform 802.1 x authentications on the access point when the WAN connection is down. It uses a preconfigured list of usernames and passwords.
HREAP can authenticate users during a WAN outage without additional hardware, thus providing business continuity.
Roaming is now supported across 48 controllers. The controller provides inter-subnet mobility for clients by sending mobility messages to other member controllers.
WLAN controllers expand the mobility space where users can roam across 48 controllers. This provides greater coverage as users roam across a larger network area.
Cisco Wireless Control System
Table 3 presents the new Cisco WCS management, monitoring, and ease-of-use features available with Cisco Unified Wireless Network Software Release 5.0.
Table 3. New Cisco WCS Management, Monitoring, and Ease-of-Use Features
Auto-Provisioning of Wireless LAN Controllers
Cisco WCS can automatically configure a new Cisco Wireless LAN Controller when it is detected on the wireless network.
The wireless LAN controller can be located locally or remotely.
Customers with large WLAN deployments using numerous wireless LAN controllers can reduce their WLAN setup time by using the automatic provisioning feature for wireless LAN controllers available through Cisco WCS. This allows network managers to send wireless LAN controllers to branch offices that do not have IT resources and configure these controllers remotely. This helps reduce operational costs and streamlines operations.
Scheduled Shut Off of WLAN and Access Point Radios
A scheduled configuration change of the operational mode (on/off) for Cisco Aironet lightweight access points can be set by Cisco WCS.
Customers can deactivate the unified wireless LAN as needed to meet their security requirements during business or nonbusiness hours.
Google Earth Integration
Google Earth can be launched and used, from within Cisco WCS, to correlate the location and define the RF coverage area of a Cisco Aironet lightweight outdoor mesh access point using the Google Earth map features.
A variety of Google Earth map features can be used within Cisco WCS, including zoom, pan, and tilt.
Google Earth must be installed to enable this feature. (Google Earth Pro is recommended.)
Google Earth features and functionality can be used by Cisco WCS to assist with visualizing and managing Cisco Aironet outdoor mesh wireless LAN deployments.
Diagnostic Channel Security Enhancements for Cisco Compatible Extensions Version 5 Client Devices
Cisco Compatible Extensions Version 5 client devices can request diagnostic channel association to the client to assist with troubleshooting.
A consolidated summary of the troubleshooting tests that were used on the diagnostic channel in conjunction with Cisco Compatible Version 5 client devices can be generated.
The security of Cisco Compatible Version 5 client devices communicating on the client diagnostic channel is enhanced with new Cisco WCS management capabilities.
Cisco Wireless Control System Navigator
Table 4 presents the new Cisco WCS Navigator features available with Cisco Unified Wireless Network Software Release 5.0.
Cisco WCS Navigator supports partitioning Cisco WCS platforms to restrict selected users to a single Cisco WCS platform or group of Cisco WCS platforms.
This feature will be used by organizations that support several different Cisco WCS platforms, with each platform responsible for a different part of the same or individual networks.
Organizations and service providers can segment the wireless network at the Cisco WCS management platform to support access control based on a variety of criteria including geography, departments, and managed services customers.
Cisco Mobility Services
Table 5 presents the new Cisco WCS mobility services features available with Cisco Unified Wireless Network Software Release 5.0.
Table 5. New Cisco WCS Mobility Services Features
Cisco Wireless LAN Controller Integration with Cisco Security Monitoring, Analysis and Response System v5.3.1 (MARS)
Cisco Security MARS traps and parses events from the Cisco Wireless LAN Controller to create a single view of both wired and wireless security events. Cisco Security MARS then identifies threats, suggests mitigation actions that comply with networkwide policies, and generates reporting of security events.
The integration enables event aggregation and correlation within the Cisco Security MARS environment and suggested mitigation actions. Cisco Security MARS performs incident notification and reporting based on current Cisco Security MARS framework.
The integration provides a consolidated view of both the wired and wireless networks, enhanced visibility into the security and network information, and increased ability to identify, prioritize, and respond to network faults and attacks.
This also delivers increased reporting capabilities, compliance, and adherence to network policies.
Expanded Wireless Intrusion Detection System Detection, False Alarm Reduction, and WCS Tuning
Expanded functionality of the wireless intrusion detection system (wIDS) with new signatures including: ASLEAP (LEAP crack tool), 802.11n-specific protocol attributes, 802.11n authentication flood attacks, honeypot access points, and fake access point detection for high-density access point environments.
wIDS signature tuning and management enhancements in Cisco WCS provide a reduction in false alarms and increased event fidelity. New configurable "interval" keyword for all IDS signatures allows consolidation of reporting and alarms for repeating events within a particular timeframe.
Network security is improved with increased detection capabilities, new signatures and identification of 802.11n threats.
Reduced false alarms make administration and maintenance requirements easier to manage.
Rogue Auto-Classification, Expanded Detection
Rule-based classification simplifies and automates rogue event classification through flexible and admin-customizable detection criteria. Additionally, detection has been expanded to include 802.11n-specific rogue access points and to recognize and mark autonomous access points as friendly or nonrogue.
The increased ability to identify and locate rogue access points and devices and determine their current state (while decreasing number of false alerts) lowers operation costs associated with rogue mitigation. It also provides more granular control over detection, policies, and reporting of rogue activities.
Login Failure Message Web Page Customization
Administrators can customize a login failure message Web page per service set identifier (SSID). The customized message can be easily uploaded to the controller via an HTML file.
A customized login failure message with directions for the guest user can reduce help desk calls associated with a guest user being rejected from the network.
Logout Verification Message Web Page Customization
Administrators can customize a logout verification message Web page per SSID. The customized message can be easily uploaded to the controller via an HTML file.
A logout verification Web page verifies the user has logged off the network. The page is fully customizable and thus important messages can be communicated, enhancing the overall guest-user experience and potentially minimizing help desk calls.
Guest Account Creation Limits
Administrators can limit the number of guest users a sponsor (provisioning personnel) can create during a given time period (hours, days, weeks, months).
Limiting the number of guest users a sponsor can provision provides IT with tighter control over guests accessing the network, and the sponsors who are provisioning them, thereby improving overall security.
LDAP Web Authentication Support for Guest Access
Administrators can now authenticate guest users via Web authentication using their existing LDAP infrastructure.
Organizations that use LDAP as their authentication protocol can use their current authentication infrastructure for guests accessing the network. This feature ultimately improves investment protection as well as ease of management, as administrators no longer need to manage multiple authentication databases.
Support for Proprietary Guest Access Solutions
Administrators can integrate their guest solution (WLC and WCS) with proprietary, third-party guest access provisioning or reporting solutions.
This integration provides proprietary, third-party guest access solutions with improved reporting and visibility into guest user activity, thus improving flexibility. Additionally, the ability to import or export guest user statistics between third-party systems and WCS improves ease of management.
WoWLAN Audit Tool
This tool automates configuration checks by allowing customers to define a set of rules in the WCS to validate the configuration of a group of controllers based on the VoWLAN deployment guide recommendations. Violations of the configuration can be presented in the form of a report or alarm.
This check can be performed periodically or manually.
Organizations save a considerable amount of time when performing configuration checks of the controllers based on suggested VoWLAN deployment guidelines.
Cisco Wireless Location Appliance
Table 6 describes the new Cisco 2700 Series Wireless Location Appliance features available with Cisco Unified Wireless Network Software Release 5.0.
Table 6. New Cisco 2700 Series Wireless Location Appliance Features
Site Survey Calibration Enhancements
Collecting data points to perform a calibration site survey to support location can be more easily and accurately attained through the following enhanced calibration methods:
Point calibration: User clicks a point on the WCS map and rotates or moves a laptop within the surrounding area. The system receives received signal strength indication (RSSI) values from the controller and determines the variations
Linear calibration: Users needing to perform linear calibration along walls or down corridors can collect data between two different points. While moving the client between the points, RSSI data is collected and the distribution path analyzed for accuracy.
Enhancements to the Site Survey Calibration features allow faster, simpler troubleshooting of the RF environment to help ensure improved location accuracy and to reduce the time required to do so by a third.
Location Optimized Monitor Mode
Location Optimized Monitor Mode (LOMM) is a new access point configuration that enables the detection of Wi-Fi tags even if a wireless network is not actively deployed.
LOMM access points can be easily added exactly where they are needed to provide ideal coverage and location accuracy without disrupting existing network configurations.
LOMM access points are well suited for multiservice network environments that support voice or IDS already and want to add location without causing network interference.
Location Optimized Monitor Mode allows organizations to easily implement location to detect mobile assets equipped with Wi-Fi tags, such as wheelchairs or manufacturing parts, without disrupting the existing network.
In a mixed network environment, adding LOMM access points to support location of Wi-Fi tags conserves network resources and maximizes utilization.
Location Accuracy Tool
The Location Accuracy tool improves the usability of current accuracy testing by providing point-and-click test execution and user friendly reports for enhanced accuracy measurement, including basic troubleshooting, inter-floor level accuracy, and alarm notification reports.
The Location Accuracy tool provides network administrators with increased visibility to issues impacting location accuracy within the RF environment.
The tool simplifies location troubleshooting by providing quick access to test results and reports enabling faster problem resolution.
Location History Enhancements
Enhancements to the Location History feature allow location tracking information to be collected and stored based on the occurrence of specific events.
A transition tracking algorithm logs location events triggered by a predefined condition including when a Wi-Fi tag:
• Changes floor location
• Enters or leaves a specified area
• Moves beyond a 30 foot distance
The Location History feature enables more effective management, storage, and reporting of location tracking data by capturing only predefined significant location events.
Service and Support
Cisco offers a wide range of services programs to accelerate customer success. These innovative programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, refer to
Cisco Technical Support Services or
Cisco Advanced Services.
Cisco Wireless LAN Services
Cisco and our Cisco Advanced Wireless LAN Specialized Partners offer a broad portfolio of end-to-end services based on proven methodologies for planning, designing, implementing, operating, and optimizing the performance of a variety of secure voice and data wireless network solutions, technologies, and strategies. Cisco Advanced Wireless LAN Specialized Partners bring application expertise to help deliver a secure enterprise mobility solution with a low total cost of ownership. For more information about Cisco services, refer to Cisco Technical Support Services or Cisco Advanced Services.
Download the New Software for This Release
Download Cisco Unified Wireless Network Software Release 5.0 from the
Cisco Wireless Software Display Tables (login required). Separate software release files are available for Cisco Wireless LAN Controllers, Cisco WCS, Cisco WCS Navigator, and the Cisco Wireless Location Appliance.