Guest

Cisco 5500 Series Wireless Controllers

Cisco Unified Wireless Network Software Release 7.2

  • Viewing Options

  • PDF (156.5 KB)
  • Feedback

PB698734

Overview

Cisco ® Unified Wireless Network Software Release 7.2 and Cisco Aironet ® 3600 Series access points address critical enterprise IT challenges related to bring-your-own-device (BYOD) deployments, wireless as the primary access technology, and architectural complexity. Cisco Unified Wireless Network Software Release 7.2 delivers the industry's most scalable and high-performing wireless controller solution, unique network security and optimization for IPv6-enabled mobile clients, and next-generation hotspot capabilities.
A recently published global survey about tablet form-factor mobile devices in the enterprise revealed that three-quarters of IT managers feel that email and document sharing are "must haves". In addition, about half agreed that the following enterprise applications are desirable: video conferencing, instant messaging, and access to company databases (source: ciscopress). These business requirements related to BYOD are underpinning the need for a better user experience, network access control for IPv4 and IPv6 clients, and enterprise-class voice-video connectivity with transparent roaming.

New Features

The new features discussed here are included in Cisco Unified Wireless Network Software Release 7.2. The features are supported in the following platforms:

• Cisco Aironet access points running the Control and Provisioning of Wireless Access Point (CAPWAP) Protocol

• Cisco 2500 and 5500 Series Wireless Controllers

• Cisco Flex 7500 Series Wireless LAN Controllers (WLCs)

• Cisco Catalyst® 6500 Series Wireless Services Module 2 (WiSM2)

• Cisco 3300 Series Mobility Services Engine (MSE)

• Cisco Prime Network Control System (NCS) 1.1

Cisco Aironet Access Points: New Features

Table 1 summarizes the new features of the Cisco Aironet 3600 Series access points.

Table 1. New Cisco Unified Wireless Network Software Release 7.2 Access Point Features

Feature

Description

Benefit

AP Groups and RF profiles

Capability to segment and form virtual subgroup of access points

Capability to apply different RF configurations for different access point groups

Capability to customize the wireless network to business needs and locations, providing increased reliability and faster remediation

Centralized configuration from the WLC makes it simple for customer to create and manage multiple groups

Cisco CleanAir Technology enhancements

• Persistent device avoidance: Reduced use of channels affected by persistence interference; persistent device detected by local and monitor mode access point propagated to both Cisco CleanAir Technology and other access points
• Custom event-based radio resource management (RRM) threshold: Capability for the radio to change channel in reaction to strong interference reported in the form of the air-quality index
• Air-quality unclassified: New alarm triggered by the severity of the unclassified category exceeding a configured threshold

Flexibility to configure policies to address certain conditions of interference and unknown devices unique to customer's environment

Enhanced quality-of-service (QoS) prioritization

Increased flexibility in how customers can apply QoS priority against their unicast and multicast traffic on a per-wireless LAN (WLAN) basis within the access point

Capability to deploy a diverse set of user devices and support high-bandwidth, latency-sensitive applications, including voice and video streaming, in the wireless network

Video client scaling

Enhanced scaling of client devices streaming video along with mixed voice and data client traffic concurrently over the access point

• Gives companies the foundation and freedom to continue expanding their use of video within their businesses to service both internal corporate users and end customers
• Helps businesses address the changes in the network: as more mobile devices enter the corporate network, they increase demand for real-time multimedia applications, particularly video and voice, as well as traditional data applications

Multicast

Multicast enhancements to increase the scale, prioritization, and overall throughput of multicast sessions supported

Builds on existing video support, to allow high-density deployments such as auditoriums, classrooms, and stadiums to scale their multicast video content distribution at events and reach more client devices: smartphones, tablets, and other wireless mobile devices

Indoor wireless mesh

Capability to enable indoor wireless mesh support on the Cisco Aironet 3600 Series access point

Extends indoor mesh (bridge mode) capability to the recently released Cisco Aironet 3600 Series access points with 4x4:3SS 802.11n support.

Support for CAPWAP (secure enterprise access) on a second wired port on the Cisco Aironet 600 Series OfficeExtend Access Point (OEAP)

Extends support to two ports; previously, only one port was supported

Enables customers to support more scenarios in home and branch-office environments

Cisco Wireless LAN Controllers: New Features

In Cisco Unified Wireless Network Software Release 7.2, Cisco WLCs continue to lead the market in scale and performance, with specific enhancements in Cisco Catalyst 6500 Series WiSM2 and Cisco Flex 7500 Series controllers. Tables 2 and 3 list the new scale and performance numbers for these controllers. Table 4 lists the Cisco Unified Wireless Network Software Release 7.2 features.

Table 2. Cisco Unified Wireless Network Software Release 7.2 Scale and Performance Attributes for Cisco Catalyst 6500 Series WiSM2 Controllers

Attribute

Release 7.0

Release 7.2

Maximum number of access points in a controller

500

1,000

Maximum number of access points in a Cisco Catalyst 6500 Series Switch chassis

2,100

7,000

Maximum number of clients in a controller

10,000

15,000

Maximum number of clients in a chassis

70,000

105,000

Throughput

10 Gbps

20 Gbps

Table 3. Cisco Unified Wireless Network Software Release 7.2 Scale and Performance Attributes for Cisco Flex 7500 Series Controllers

Attribute

Release 7.0

Release 7.2

Maximum number of access points

2,000

3,000

Maximum number of clients

20,000

30,000

Maximum number of Cisco Flex groups

500

1,000

Maximum number of Cisco Aironet 600 Series OEAPs

-

3,000

Throughput

250 Mbps

1 Gbps

Datagram Transport Layer Security (DTLS) support for management of Cisco Aironet 600 Series OEAP

-

Yes

Table 4. Cisco Unified Wireless Network Software Release 7.2 Controller Features

Feature

Description

Benefit

IPv6 dual-stack client mobility

Intelligent IPv6 packet processing to enable transparent Layer 3 roaming for IPv6 and dual-stack clients

Provides reliable connectivity while roaming

IPv6 security

First-hop security features including router advertisement guard, which automatically blocks rogue router announcements from the access point; source guard; and Dynamic Host Configuration Protocol (DHCP) guard

Increases network availability and lowers operating costs through proactive blocking of known threats

IPv6 client management

IPv6 addresses visibility on a per-client basis; systemwide IP version distribution and trending from Cisco Prime NCS

Equips administrators for IPv6 troubleshooting and addresses planning, client traceability, etc. from a common wired and wireless management system

IPv6 packet optimization

Intelligent packet processing through Neighbor Discovery Protocol (NDP) proxy and rate limiting of chatty IPv6 packets

Increases radio efficiency and reduces CPU utilization in the router

Cisco TrustSec® Security Exchange Protocol (SXP) support

SXP enables security group-based access control, which abstracts network topology from policy, reducing the number of rules to be implemented and managed

Provides simplified management and centralized distribution of policy from a management server to meet the various business requirements, using the current access layer design; increases scalability and agility to adapt to business growth and changes

Cisco FlexConnect: Efficient access point image upgrade

One Cisco FlexConnect access point per branch location acts as a master and downloads the image from the controller; other access points in the branch location predownload the access point image from the master

Provides local distribution of the image from the master to other access points in a branch office, speeding up the upgrade process and thereby reducing traffic over the WAN and providing increased reliability

Cisco FlexConnect: Access control lists (ACLs)

Allows filtering of client traffic that is locally switched on the Cisco FlexConnect access point

Enhances protection and integrity of locally switched data traffic at the Cisco FlexConnect access point

Cisco FlexConnect: Authentication, authorization, and accounting (AAA) override for dynamic VLAN assignment

Allows overriding of AAA mapping for dynamic VLAN assignment on the Cisco FlexConnect access point

Provides deployment flexibility for VLAN assignments for locally switched clients

Cisco FlexConnect: Fast roaming for voice clients in a Cisco FlexConnect group

Removes WAN link dependency by handling mobility events at the Cisco FlexConnect access point

Reduces roaming delay for fast roaming clients

Cisco FlexConnect: Layer 2 security for centrally switched users on Cisco Flex 7500 Series controller

Provides a full range of authentication mechanisms with IEEE 802.1x for centrally switched users

With the Cisco Flex 7500 Series controller, can support IEEE 802.1x authentication for centrally switched users

Cisco FlexConnect: Context-aware support on Cisco Flex 7500 Series controller

Provides comprehensive location information through Cisco 3300 Series MSE and context-aware software

Provides enhanced security to track thousands of mobile devices with alerts, notifications for rogue devices, and deployment optimization for Wi-Fi clients and tagged assets

Cisco FlexConnect: Peer-to-peer (P2P) blocking

A per-WLAN P2P configuration is pushed to the Cisco FlexConnect access point. After the access point is enabled, P2P communication on the WLAN is blocked

Limits vulnerabilities from insecure P2P client communication

Rogue enhancements

Capability to configure minimum received signal strength indication (RSSI) value for rogue clients, report after a minimum time, ignore transient rogue clients, and not track friendly rogue clients

Provides advanced controls for rogue-client monitoring, detection, and management

Wi-Fi Direct client management

Per-WLAN configuration to allow or block a Wi-Fi Direct client from joining the WLAN

Provides flexible architecture to support and detect Wi-Fi Direct clients, thereby decreasing enterprise vulnerability from this new technology

Next-generation hotspot (Hotspot 2.0)

Support for features described in the IEEE 802.1u Interworking with External Networks amendment; the interworking service enables a WLAN to assist mobile clients in automatic network discovery and selection by providing information about the network to the clients prior to association

• Supports interworking services, enabling equipment manufacturers and operators to provide standardized, interoperable components and thereby simplifying connectivity and improving services to Wi-Fi customers within the enterprise as well as public access and service provider (including residential) markets for hotspot access (whether subscription based or free)
• Lays the foundation for future Wi-Fi passpoint certification

Cisco ISE 1.1 enhancements

Support for central web authentication (CWA), in addition to local mode authentication and posture assessment for guest with device registration

Simplifies BYOD deployment with the introduction of automated device registration and posture assessment for guest access

Adder licenses without reboot

Capability to apply adder licenses without rebooting the WLC

Dynamically increases the scale of the controllers to meet network growth requirements with no service disruption

Fast-roaming solution using sticky-key caching

Fast roaming is a technique used to reduce client association time when it roams across access points. This feature allows a client to cache multiple Pairwise Master Key Security Association (PMKSA) instances in the hope that it can reuse an instance to associate with an access point

Avoids costly IEEE 802.1x authentication, which can be accomplished using Lightweight Extensible Authentication Protocol (LEAP), Protected EAP (PEAP), EAP Transport Layer Security (EAP-TLS), etc., benefiting customers with selected client models from vendors such as Apple and Motorola that do not support standards-based roaming

Mobility Services

Cisco MSE offers service-plane separation for scalable services delivery and a single interface point to securely expose network intelligence to third-party applications. In Cisco Unified Wireless Network Software Release 7.2, these capabilities are enhanced through the introduction of virtual appliances and high availability.
Table 5 describes the new features specific to Cisco MSE with Cisco Unified Wireless Network Software Release 7.2.

Table 5. Cisco Unified Wireless Network Software Release 7.2 and Cisco MSE Features

Feature

Description

Benefit

High availability

• High availability for all services supported
• Automatic and manual failure supported
• Both 1:1 and 2:1 configuration supported

Failover time of less than 1 minute enhances the redundancy and availability of the mobile services with no incremental license cost

Virtual appliance

• Supported in the VMware ESX and ESXi 4.1 hypervisor and distributed as an OVA image
• Scaling up to 50,000 endpoints or 10,000 Cisco MSE Adaptive wIPS instances in a single virtual Cisco MSE instance

Cisco MSE virtual appliance provides flexible deployment options and scalability without requiring dedicated physical appliances

Cisco MSE Adaptive Wireless Intrusion Prevention System (wIPS) alarm enhancements

Addition of nine new security penetration and denial-of-service (DoS) alarms

Provides additional threat protection, thus enhancing security for the wireless infrastructure

Context-aware support for Cisco FlexConnect

Provides comprehensive location information through Cisco 3300 Series MSE and context-aware software

Provides enhanced security to track thousands of mobile devices with alerts, notifications for rogue devices, and deployment optimization for Wi-Fi clients and tagged assets

Support for GPS coordinates

Provides x,y and GPS locations for all elements that are being tracked by Cisco MSE

 

Configuration wizard

Makes adding and configuring Cisco MSE a simple one-step process

Simplifies Cisco MSE configuration

Cisco Prime Network Control System

Cisco Prime NCS is a critical component of the Cisco Prime portfolio of management products. The Cisco Prime portfolio of management products has a service-centric foundation and supports integrated lifecycle management of Cisco architectures and technologies. Cisco Prime products are built on an intuitive workflow-oriented user experience.
Benefits of Cisco Prime products include:

• Simplified and predictable network management through a set of common attributes that deliver operational advantages and control across architectures, networks, and services

• Increased operating efficiency through reduced network errors, faster troubleshooting, and improved delivery of services

• Lower total cost of ownership (TCO) by getting the most value from the existing network investment and integrating with existing operation systems and processes

Cisco Prime NCS provides a single-pane view of converged user and access management for wired and wireless networks, with complete wireless lifecycle management.
Table 6 describes the new features specific to Cisco Prime NCS 1.1 with Cisco Unified Wireless Network Software Release 7.2.

Table 6. Cisco Unified Wireless Network Software Release 7.2 and Cisco Prime NCS Features

Feature

Description

Benefit

IPv6 client management

View IPv6 (wired and wireless client) addresses on a per-client basis; see systemwide IP version distribution and trending from Cisco Prime NCS

Equip administrators for IPv6 troubleshooting and address planning, client traceability, etc. from a common wired and wireless management system

Rogue rules customization

Customize rogue rules

Customize rogue rules on the controller based on SSID, RSSI, and other parameters for better filtering of false positives; associated Cisco Prime NCS support for this feature

Rogue access point alarm severity customization

Customize rogue access point alarm severity

Customize rogue access point alarm severity so it can be tied to email notifications in Cisco Prime NCS; you can choose to get alerted for malicious rogues only or for any rogue

Multilevel filters in client reports

Use more than one filter in reports: floor plus SSID, for example

Focus only on clients of interest

Advance filters: Client list page

Support advance filters on the client list page; similar to the alarms page

Focus only on clients of interest

Graphical display of historical clients

View graphical display of historical client counts on access point pages

Show graphical charts to trend client counts on access point detail pages

Batch reports and templates

Create batch report and templates

Create a report template at the root domain and turn it into a template for all member domains so that a report can be created and populated for all domains under it

Branch-location and WAN management

Manage Cisco Integrated Services Routers and Aggregation Services Routers (ASRs):

• Cisco 800, 1800, 1900, 2800, 2900, 3800, and 3900 Series ISRs
• Cisco ASR 1001, 1002, 1004, 1006, and 1013

Simplify large-scale deployment of branch networks

Limited Lifetime Hardware Warranty

Cisco Aironet 1260, 3500, and 3600 Series access points come with a Limited Lifetime Warranty that provides 10-day advance hardware replacement and helps ensure that software media is free of defects for 90 days. For comprehensive support that can help increase network performance and efficiency, Cisco offers a range of services from which you can choose support capabilities that meet your needs, including direct, anytime access to Cisco engineers, flexible device-by-device coverage, and premium OS software updates. For more information, visit http://www.cisco.com/go/warranty.

Service and Support

Services from Cisco and our partners can help you assess, design, tune, and operate your wireless LAN to transparently integrate mobility services and take advantage of the systemwide capabilities of the Cisco Unified Wireless Network.
Our professional services help you align your interference management, performance, and security needs with your technical requirements to better utilize the self-healing, self-optimizing features built into the silicon-level intelligence of Cisco CleanAir Technology and the increased performance of the IEEE 802.11n standard. These services can enhance deployment and operation efficiency to reduce the cost and complexities of transitioning to new technologies.
Our technical support services help you maintain network availability and reduce risk. Optimization services provide ongoing assistance with performance and secure access and help you maintain a strong foundation for business evolution and innovation.
For more information about planning, building, and run services for Cisco CleanAir Technology, Cisco IEEE 802.11n, and the Cisco Unified Wireless Network, visit Cisco Technical Support Services or Cisco Professional Services.

For More Information

• For more information about Cisco wireless products, visit http://www.cisco.com/go/wireless.

• For more information about the Cisco Unified Wireless Network, visit http://www.cisco.com/go/unifiedwireless.