Guest

Cisco 8500 Series Wireless Controllers

Cisco 8500 Series Wireless Controller Data Sheet

Let Us Help

  • Viewing Options

  • PDF (368.4 KB)
  • Feedback

The Cisco® 8500 Series Wireless Controllers are a highly scalable and flexible platform that enables mission-critical wireless networking for enterprise and service provider deployments.

Designed for 802.11n performance and maximum scalability, the 8500 Series offers enhanced uptime for high-scale deployments with support for:

6000 access points and 64,000 clients in a 1RU form factor

4096 VLANs for large-scale deployments

Sub-second access point and client failover for Service Set Identifier (SSID) high availability

Dual-redundant power supplies installed (AC or DC)

Dual-redundant 10 Gigabit Ethernet connectivity

Text Box: Lower CapEx and OpEx
●	Consolidate multiple controllers into one controller with support for up to 6000 access points, and save on rack space with a 1RU platform.
●	Deploy fewer controllers in a data center by consolidating many controllers into one controller that supports centralized deployments and Cisco FlexConnect™ and mesh access point deployments.
●	Gain significant savings in operations by configuring, managing, and troubleshooting up to 6000 access points and 64,000 clients with a single point of touch.
Multilayer High Availability (HA)
●	Service Set Identifier (SSID) HA with sub-second access point and client failover.
●	Dual-redundant power supplies installed.
●	Dual-redundant 10 Gigabit Ethernet connectivity.
Service Provider Wi-Fi
●	Wi-Fi Certified Passpoint (Hotspot 2.0) for mobile data offload.
●	Network-based mobility management with Proxy Mobile IPv6 Mobility Access Gateway (MAG) support for integration with cellular data networks.
Licensing Flexibility and Investment Protection
●	Additional access point capacity licenses can be added over time.
●	Right-to-use licensing (with EULA acceptance) for faster and easier license enablement.
FlexConnect, Centralized, and Mesh Deployment Flexibility in a Single Controller
●	Intelligent RF control plane, centralized software update, control and management, and troubleshooting.
●	Mesh access point support for deployments where full Ethernet cabling is not available.
●	Deploy Cisco FlexConnect in sites with up to 100 access points in up to 2000 groups.
Comprehensive Wired and Wireless Security
●	Full access point-to-controller encryption via the Control and Provisioning of Wireless Access Points (CAPWAP) protocol.
●	Supports rogue access point detection and detection of denial-of-service attacks.
●	Management frame protection detects malicious users and alerts network administrators.
Secured Guest Access
●	Deploy simple and secure guest access services across 6000 sites.
Figure 1. Cisco 8500 Series Wireless Controller

Features

The Cisco 8500 Series Wireless Controllers (Figure 1) provide centralized control, management, and troubleshooting for enterprise and service provider deployments. The 8500 Series offers flexibility to support multiple deployment modes in the same controller: for example, centralized mode for campus, Cisco FlexConnect mode for lean branches managed over the WAN, and mesh (bridge) mode for deployments where full Ethernet cabling is unavailable.

The Cisco 8500 Series Wireless Controllers support Cisco Application Visibility and Control (AVC). Cisco AVC includes the Network-Based Application Recognition 2 (NBAR-2) engine, Cisco’s deep packet inspection (DPI) capability, which classifies applications, applies quality of service (QoS) settings to either drop or mark the traffic, and prioritizes business-critical applications in the network. Cisco AVC uses NetFlow Version 9 to export the flows to Cisco Prime Infrastructure or a third-party NetFlow collector.

The Cisco 8500 Series also supports Bonjour Services Directory to enable Bonjour Services to be advertised and utilized in a separate Layer 3 network. A wireless policy engine on the Cisco 8500 Series enables profiling of wireless devices and enforcement of policies such as VLAN assignment, QoS, access control lists (ACLs), and time-of-day- based access.

Cisco 8500 Series Wireless Controllers automate wireless configuration and management functions and allow network managers to have the visibility and control needed to cost-effectively manage, secure, and optimize the performance of their branch networks. As a component of the Cisco Unified Wireless Network, this controller provides real-time communications between Cisco Aironet® access points, Cisco Prime Infrastructure, and the Cisco Mobility Services Engine, and is interoperable with other Cisco controllers.

The Cisco 8500 Series has integrated Cisco CleanAir® technology, providing the industry’s only self-healing and self-optimizing wireless network for branches.

Software Licensing Flexibility

Cisco 8500 Series Wireless Controllers provide right-to-use license enablement (with EULA agreement) for faster time to deployment, with the flexibility to add additional access points (up to 6000 access points) as business needs grow. Table 1 lists the features and benefits of the Cisco 8500 Series Wireless Controllers.

Table 1. Features and Benefits

Feature

Benefits

Scalability

Supports 100,300, 500, 1000, 3000, or 6000 access points
Supports 64,000 clients
Supports up to 6000 branch locations (up to 2000 Cisco FlexConnect groups) with 100 access points per branch
Supports up to 4096 VLANs

RF management

Provides both real-time and historical information about RF interference affecting network performance across controllers, through systemwide integration of Cisco CleanAir technology

Cisco FlexConnect, centralized switching, and mesh access point support

Centralized control, management, and client troubleshooting
Seamless client access in the event of a WAN link failure (local data switching)
Highly secure guest access
Indoor and outdoor mesh access point support
Efficient access point upgrade that optimizes the WAN link utilization for downloading access point images
Cisco OfficeExtend technology that supports corporate wireless service for mobile and remote workers with secure wired tunnels to Cisco Aironet Access Points
Rogue detection for Payment Card Industry (PCI) compliance

Service provider Wi-Fi

Wi-Fi Certified Passpoint (Hotspot 2.0), facilitating hotspot operation for mobile data offloads
Network-based mobility management with Proxy Mobile IPv6 Mobility Access Gateway (MAG) support for integration with cellular data networks

Comprehensive end-to-end security

Offers CAPWAP-compliant Datagram Transport Layer Security (DTLS) encryption on the control plane between access points and controllers across remote WAN links

End-to-end voice

Supports Cisco Unified Communications for improved collaboration through messaging, presence, and conferencing
Supports all Cisco Unified IP Phones for cost-effective, real-time voice services

Fault tolerance and high availability

Access points continue to provide seamless services when a controller fails; provides failover to another backup controller for centralized control and management
SSID high availability with sub-second access point and client failover from the primary to standby controller
Redundant power supply helps ensure maximum availability
10 Gigabit Ethernet connectivity: Two 10 Gigabit Ethernet ports for redundancy

Enterprise Wireless Mesh

Allows access points to dynamically establish wireless connections without the need for a physical connection to the wired network
Available on select Cisco Aironet access points, Enterprise Wireless Mesh is ideal for warehouses, manufacturing floors, shopping centers, and any other location where extending a wired connection may prove difficult or aesthetically unappealing

High-performance video

Integrates Cisco VideoStream technology as part of the medianet framework to optimize the delivery of video applications across the WLAN

Mobility, security, and management for IPv6 and dual-stack clients

Highly secure, reliable wireless connectivity and consistent end-user experience
Increased network availability through proactive blocking of known threat s
Equips administrators for IPv6 planning, troubleshooting, and client traceability from Cisco Prime Infrastructure

Environmentally responsible

Organizations may choose to turn off access point radios to reduce power consumption during off-peak hours

Table 2 lists the product specifications for the Cisco 8500 Series Wireless Controllers.

Table 2. Product Specifications

Item

Specifications

Wireless

IEEE 802.11a, 802.11b, 802.11g, 802.11d, WMM/802.11e, 802.11h, 802.11n, 802.11k, 802.11r, 802.11u, 802.11w, 802.11ac

Wired/switching/routing

IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX, 1000BASE-T. 1000BASE-SX, 1000-BASE-LH, IEEE 802.1Q VLAN tagging, IEEE 802.1AX Link Aggregation

Data RFCs

RFC 768 UDP
RFC 791 IP
RFC 2460 IPv6 (pass-through Bridging mode only)
RFC 792 ICMP
RFC 793 TCP
RFC 826 ARP
RFC 1122 Requirements for Internet Hosts
RFC 1519 CIDR
RFC 1542 BOOTP
RFC 2131 DHCP
RFC 5415 CAPWAP Protocol Specification

Security standards

Wi-Fi Protected Access (WPA)
IEEE 802.11i (WPA2, RSN)
RFC 1321 MD5 Message-Digest Algorithm
RFC 1851 ESP Triple DES Transform
RFC 2104 HMAC: Keyed Hashing for Message Authentication
RFC 2246 TLS Protocol Version 1.0
RFC 2401 Security Architecture for the Internet Protocol
RFC 2403 HMAC-MD5-96 within ESP and AH
RFC 2404 HMAC-SHA-1-96 within ESP and AH
RFC 2405 ESP DES-CBC Cipher Algorithm with Explicit IV
RFC 2407 Interpretation for ISAKMP
RFC 2408 ISAKMP
RFC 2409 IKE
RFC 2451 ESP CBC-Mode Cipher Algorithms
RFC 3280 Internet X.509 PKI Certificate and CRL Profile
RFC 4347 Datagram Transport Layer Security
RFC 4346 TLS Protocol Version 1.1

Encryption

Wired Equivalent Privacy (WEP) and Temporal Key Integrity Protocol-Message Integrity Check (TKIP-MIC): RC440, 104 and 128 bits (both static and shared keys)
Advanced Encryption Standard (AES): Cipher Block Chaining (CBC), Counter with CBC-MAC (CCM), Counter with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
Data Encryption Standard (DES): DES-CBC, 3DES
Secure Sockets Layer (SSL) and Transport Layer Security (TLS): RC4 128-bit and RSA 1024- and 2048-bit
Datagram Transport Layer Security (DTLS): AES-CBC
IPsec: DES-CBC, 3DES, AES-CBC

Authentication, authorization, and accounting (AAA)

IEEE 802.1X
RFC 2548 Microsoft Vendor-Specific RADIUS Attributes
RFC 2716 PPP EAP-TLS
RFC 2865 RADIUS Authentication
RFC 2866 RADIUS Accounting
RFC 2867 RADIUS Tunnel Accounting
RFC 3576 Dynamic Authorization Extensions to RADIUS
RFC 3579 RADIUS Support for EAP
RFC 3580 IEEE 802.1X RADIUS Guidelines
RFC 3748 Extensible Authentication Protocol
Web-based authentication
TACACS support for management users

Management

Simple Network Management Protocol (SNMP) v1, v2c, v3
RFC 854 Telnet
RFC 1155 Management Information for TCP/IP-Based Internets
RFC 1156 MIB
RFC 1157 SNMP
RFC 1213 SNMP MIB II
RFC 1350 TFTP
RFC 1643 Ethernet MIB
RFC 2030 SNTP
RFC 2616 HTTP
RFC 2665 Ethernet-Like Interface types MIB
RFC 2674 Definitions of Managed Objects for Bridges with Traffic Classes, Multicast Filtering, and Virtual Extensions
RFC 2819 RMON MIB
RFC 2863 Interfaces Group MIB
RFC 3164 Syslog
RFC 3414 User-Based Security Model (USM) for SNMPv3
RFC 3418 MIB for SNMP
RFC 3636 Definitions of Managed Objects for IEEE 802.3 MAUs
Cisco private MIBs

Management interfaces

Web-based: HTTP/HTTPS
Command-line interface: Telnet, Secure Shell (SSH) Protocol, serial port
Cisco Prime Infrastructure

Interfaces and Indicators

2 10 Gigabit Ethernet interfaces
Small Form-Factor Pluggable (SFP) options (only Cisco SFPs supported): SFP-10G-SR, SFP-10G-LR
LED indicators: Network Link, Diagnostics
1 service port: 10/100/1000 Mbps Ethernet (RJ-45)

Physical dimensions

Dimensions (WxDxH): 17.30 x 28.00 x 1.69 in. (440.0 x 711.4 x 43.0 mm)
Weight: 35.1 lb (15.9 kg) with 2 power supplies

Environmental conditions

Air temperature:

Appliance on: 10° to 35°C (50° to 95°F); altitude: 0 to 914.4 m (3000 ft), decrease system temperature by 1.8°F (1.0°C) for every 1000-foot (305-m) increase in altitude
Appliance off: 5° to 45°C (41° to 113°F); maximum altitude: 3048 m (10,000 ft)
Storage: -40° to 60°C (-40° to 140°F); maximum altitude: 3048 m (10,000 ft)

Humidity:

Appliance on: 20% to 80%; maximum dew point: 70°F (21°C); maximum rate of change: 9°F (5°C)/hr
Appliance off: 8% to 80%; maximum dew point: 80°F (27°C)

Electrical input:

Sine-wave input (47 - 63 Hz) required
Input voltage range (DC):
Minimum: -40 VDC
Maximum: -75 VDC
Input voltage low range:
Minimum: 100 VAC
Maximum: 127 VAC
Input voltage high range:
Minimum: 200 VAC
Maximum: 240 VAC
Input kilovolt-amperes (kVA), approximately:
Minimum: 0.090 kVA
Maximum: 0.700 kVA
Heat output (maximum) 2302 Btu per hour (675 watts)
Acoustical noise emissions:
Sound power, idling: 6.1 bels maximum
Sound power, operating: 6.1 bels maximum

Regulatory compliance

CE Mark

Safety:

UL 60950-1:2003
EN 60950:2000
EMI and susceptibility (Class A)
U.S.: FCC Part 15.107 and 15.109
Canada: ICES-003
Japan: VCCI
Europe: EN 55022, EN 55024

Table 3 lists ordering and accessories information for the Cisco 8500 Series Wireless Controllers.

To place an order, visit the Cisco ordering website: http://www.cisco.com/en/US/ordering/index.shtml.

Table 3. Ordering Information

Part Number

Product Name

Cisco SMARTnet® Service 8x5xNBD

AIR-CT8510-100-K9

8500 Series Controller for up to 100 Cisco access points

CON-SNT-AIRC8510

AIR-CT8510-300-K9

8500 Series Controller for up to 300 Cisco access points

CON-SNT-AIRCT853

AIR-CT8510-500-K9

8500 Series Controller for up to 500 Cisco access points

CON-SNT-AIRCT855

AIR-CT8510-1K-K9

8500 Series Controller for up to 1000 Cisco access points

CON-SNT-AIRCT85Z

AIR-CT8510-3K-K9

8500 Series Controller for up to 3000 Cisco access points

CON-SNT-AIRCT85K

AIR-CT8510-6K-K9

8500 Series Controller for up to 6000 Cisco access points

CON-SNT-AIRCT856

AIR-CT8510-HA-K9

8500 Series Controller for High Availability

CON-SNT-AIRCT85

AIR-CT8510-SP-K9

8500 Series Wireless Controller with 0 APs included, Dual AC PSU

CON-SNT-AIRCT85B

AIR-CT85DC-SP-K9

8500 Series Wireless Controller with 0 APs included, Dual DC PSU

CON-SNT-AIRCT85A

Additive Capacity Upgrade Licenses

Tables 4 and 5 show the additive capacity upgrade licenses that are available for the Cisco 8500 Series Wireless Controller.

Table 4. Ordering Information for Additive Capacity Licenses (e-Delivery PAKs)

Part Number

Product Description

SMARTnet® 8x5xNBD

e-License

L-LIC-CT8500-UPG

Primary upgrade SKU: Pick any number or combination of the following options under this SKU to upgrade one or many controllers under one product authorization key

CON-SNT-CT8500UP

L-LIC-CT8500-100A

100 Access Point Adder License for the 8510 Controller (e-Delivery)

CON-SNT-LICCT851

L-LIC-CT8500-500A

500 Access Point Adder License for the 8510 Controller (e-Delivery)

CON-SNT-LICCT855

L-LIC-CT8500-1000A

1000 Access Point Adder License for the 8510 Controller (e-Delivery)

CON-SNT-CT851KA

Table 5. Ordering Information for Additive Capacity Licenses (Paper PAKs)

Part Number

Product Description

SMARTnet 8x5xNBD

Paper License

LIC-CT8500-UPG

Primary upgrade SKU: Pick any number or combination of the following options under this SKU, to upgrade one or many controllers under one product authorization key

CON-SNT-CT8500UP

LIC-CT8500-100A

100 Access Point Adder License for the 8510 Controller

CON-SNT-LICCT851

LIC-CT8500-500A

500 Access Point Adder License for the 8510 Controller

CON-SNT-LICCT855

LIC-CT8500-1000A

1000 Access Point Adder License for the 8510 Controller

CON-SNT-CT851KA

Table 6 shows the optional DTLS license for the Cisco 8500 Series Wireless Controllers.

Datagram Transport Layer Security (DTLS) is required for all Cisco OfficeExtend deployments to encrypt the data plane traffic. To enable this functionality, you must obtain a $0 DTLS license. Customers planning to install this device physically in Russia must obtain a paper PAK in order to enable a DTLS license and should not download the license from Cisco.com. Please consult your local government regulations to ensure that data DTLS encryption is permitted.

The DTLS paper PAK license is designated for customers who purchase a controller with DTLS disabled due to import restrictions but get permission to add DTLS support after initial purchase. This optional DTLS license is required for Cisco OfficeExtend deployment.

Table 6. Optional Licensing (PAKs) and Accessories

Part Number

Description

LIC-CT8500-UPG

Primary upgrade SKU: Pick any number or combination of the following options under this SKU to upgrade one or many controllers under one product authorization key

LIC-CT8510-DTLS-K9

Cisco 8500 Series Controller DTLS License (paper Certificate - U.S. Mail)

L-LIC-CT8500-UPG

Primary upgrade SKU: Pick any number or combination of the following options under this SKU to upgrade one or many controllers under one product authorization key

L-LIC-CT85-DTLS-K9

Cisco 8500 Series Controller DTLS License (electronic certificate - must not be ordered by Russian customers)

AIR-SRVR-PWR=

Field replaceable AC power supply for wireless appliances

AIR-SVR-PWR-DC=

Field replaceable DC Power Supply for 8510DC (AIR-CT85DC-K9)

AIR-SRVR-300GB-HD=

Field replaceable 300GB HD for wireless/management servers

Service and Support

Realize the full business value of your wireless network and mobility services investments faster with intelligent, customized services from Cisco and our partners. Backed by deep networking expertise and a broad ecosystem of partners, Cisco professional and technical services enable you to successfully plan, build, and run your network as a powerful business platform. Our services can help you successfully deploy the Cisco 8500 Series Wireless Controller and integrate mobility solutions effectively to lower the total cost of ownership and secure your wireless network.

To learn more about Cisco Wireless LAN service offers, visit: http://www.cisco.com/go/wirelesslanservices.

Summary

The Cisco 8500 Series Wireless Controllers are designed to support large-scale service provider and large-campus deployments. They simplify deployment and operation of wireless networks, helping to ensure smooth performance, enhance security, and maximize network availability. The Cisco 8500 Series manages all the Cisco access points within campus, service provider, and branch locations, eliminating complexity and providing network administrators with visibility and control of their wireless LANs.

For More Information

For more information about Cisco wireless controllers, contact your local account representative or visit: http://www.cisco.com/en/US/products/ps6302/Products_Sub_Category_Home.html.

For more information about the Cisco Unified Wireless Network framework, visit: http://www.cisco.com/go/unifiedwireless.