Cisco Virtual Wireless Controller

Cisco Virtual Wireless Controller Data Sheet

Let Us Help

  • Viewing Options

  • PDF (331.6 KB)
  • Feedback

The Cisco® Virtual Wireless Controller is a virtual form-factor controller that enables flexible and cost-effective deployment for small and medium-sized deployments.

Text Box: Deployment Flexibility
●	Virtual form-factor
●	Any x86 server with VMware Hypervisor ESXi4.x -or 5.x
●	On-premises or data-center-hosted deployments
●	Share existing virtualization infrastructure to achieve operational cost savings
●	Co-resides with other virtualized network services: virtual Cisco Prime™ Infrastructure, virtual Cisco Mobility Services Engine (vMSE), virtual Cisco Identity Services Engine (vISE) and others
●	Single access point adder licenses enable a granular “pay as you grow” model
HA and Manageability
●	Common Cisco Prime management for appliance and virtual wireless controller, in addition to the standard virtual machine (VM) tools for monitoring, troubleshooting, and so on
●	Use VM infrastructure features: VMotion, cloning, snapshot, and so on
●	Business agility with on-demand orchestration; enabling new controllers is quick and simple
FlexConnect Solution
●	Intelligent RF control plane, centralized software update, control and management, and troubleshooting
●	With a distributed data plane, deploy On-Prem (locally switched) voice-, video-, and data-intensive applications over wireless
●	Seamless wireless services even when WAN link fails or a controller out-of-service
●	Local RADIUS server for new clients to get on the network and access services
Comprehensive Wired and Wireless Security
●	Full CAPWAP access point to controller encryption
●	Supports detection of rogue access points and denial-of-service attacks
●	Management frame protection detects malicious users and alerts network administrators
Secured Guest Access
●	Deploy simple and secure guest access services
The controller allows IT managers to configure, manage, and troubleshoot up to 200 access points and 6000 clients. The Cisco Virtual Wireless Controller supports secure guest access, rogue detection for Payment Card Industry (PCI) compliance, and in-branch (locally switched) Wi-Fi voice and video.


The Cisco Virtual Wireless Controller provides centralized control, management, and troubleshooting. It supports the Cisco FlexConnect solution. Data traffic from the access points are switched locally at the access point.

The Cisco Virtual Wireless Controller automates wireless configuration and management functions and allows network managers to have the visibility and control needed to cost-effectively manage, secure, and optimize the performance of their wireless networks. Cisco Virtual Wireless Controller in central switched mode supports Bonjour Services Directory to enable Bonjour Services to be advertised and utilized in a separate L3 network. Wireless Policy engine is a wireless profiler and policy feature on the wireless controller that enables profiling of wireless devices and enforcement of policies such as VLAN assignment, quality of service (QoS), ACL and time-of-day-based access. As a component of the Cisco Unified Wireless Network, this controller provides real-time communications between Cisco Aironet® access points, the Cisco Prime Infrastructure, and the Cisco Mobility Services Engine, and is interoperable with other Cisco controllers. With integrated Cisco CleanAir® technology, the Cisco Virtual Wireless Controller provides the industry’s only self-healing and self-optimizing wireless network for small and mid-sized businesses and small campus-like schools.

Table 1 lists the features of Cisco Virtual Wireless Controller.

Table 1. Cisco Virtual Wireless Controller Features




Supports 200 access points
Supports 6000 clients

RF Management

Provides both real-time and historical information about RF interference impacting network performance across controllers, through systemwide Cisco CleanAir technology integration

Cisco FlexConnect

Supports up to 200 Cisco FlexConnect groups and 100 access points in each FlexConnect group
Centralized control, management, and client troubleshooting
Seamless Layer 2 roaming within a Cisco FlexConnect group of 50 access points
Seamless client access in the event of a WAN link failure (local data switching)
Local RADIUS server support to enable new clients to access wireless services without depending on the central RADIUS servers
Support for high-latency WAN links
Secure guest access
Efficient access point upgrade that optimizes the WAN link utilization for downloading access point images
Integrated and enhanced security with a wireless intrusion prevention system (wIPS)
Rogue detection for PCI compliance
Local split tunneling for improved WAN bandwidth utilization
Workgroup bridge/universal workgroup bridge (WGB/uWGB) support for local switching simplifies deployment of wired-only devices in remote locations

Comprehensive End-to-End Security

Offers control and provisioning of wireless access points (CAPWAP)-compliant Datagram Transport Layer Security (DTLS) encryption on the control plane between access points and controllers across remote WAN links

End-to-End Voice

Supports Cisco Unified Communications for improved collaboration through messaging, presence, and conferencing
Supports all Cisco Unified IP Phones for cost-effective, real-time voice services

Fault Tolerance

Access points continue to provide seamless services when a controller fails; provides failover to another backup controller for centralized control and management
Redundant power supply helps to ensure maximum availability

Environmentally Responsible

Organizations may choose to turn off access point radios to reduce power consumption during off- peak hours

Table 2 lists the product specifications for Cisco Virtual Wireless Controller.

Table 2. Product Specifications for Cisco Virtual Wireless Controller




IEEE 802.11a, 802.11b, 802.11g, 802.11d, WMM/802.11e, 802.11h, 802.11k, 802.11n, 802.11r, 802.11u, 802.11w


IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX specification, 1000BASE-T. 1000BASE-SX, 1000-BASE-LH, IEEE 802.1Q VLAN tagging

Data Request For Comments (RFC)[1]

RFC 791 IP
RFC 2460 IPv6 (pass through Bridging mode only)
RFC 1122 Requirements for Internet Hosts
RFC 5415 CAPWAP Protocol Specification [2]

Security Standards

IEEE 802.11i (WPA2, RSN)
RFC 1321 MD5 Message-Digest Algorithm
RFC 1851 The ESP Triple DES Transform
RFC 2104 HMAC: Keyed Hashing for Message Authentication
RFC 2246 TLS Protocol Version 1.0
RFC 2401 Security Architecture for the Internet Protocol
RFC 2403 HMAC-MD5-96 within ESP and AH
RFC 2404 HMAC-SHA-1-96 within ESP and AH
RFC 2405 ESP DES-CBC Cipher Algorithm with Explicit IV
RFC 2407 Interpretation for ISAKMP
RFC 2409 IKE
RFC 2451 ESP CBC-Mode Cipher Algorithms
RFC 3280 Internet X.509 PKI Certificate and CRL Profile
RFC 4347 Datagram Transport Layer Security
RFC 4346 TLS Protocol Version 1.1


Wired Equivalent Privacy (WEP) and Temporal Key Integrity Protocol-Message Integrity Check (TKIP-MIC): RC440, 104 and 128 bits (both static and shared keys)
Advanced Encryption Standard (AES): Cipher Block Chaining (CBC), Counter with CBC-MAC (CCM), Counter with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
Data Encryption Standard (DES): DES-CBC, 3DES
Secure Sockets Layer (SSL) and Transport Layer Security (TLS): RC4 128-bit and RSA 1024- and 2048-bit
Datagram Transport Layer Security (DTLS): AES-CBC

Authentication, Authorization, and Accounting (AAA)

IEEE 802.1X
RFC 2548 Microsoft Vendor-Specific RADIUS Attributes
RFC 2865 RADIUS Authentication
RFC 2866 RADIUS Accounting
RFC 2867 RADIUS Tunnel Accounting
RFC 3576 Dynamic Authorization Extensions to RADIUS
RFC 3579 RADIUS Support for EAP
RFC 3580 IEEE 802.1X RADIUS Guidelines
RFC 3748 Extensible Authentication Protocol
Web-based authentication
Terminal Access Controller Access-Control System (TACACS) support for management users


SNMP v1, v2c, v3
RFC 854 Telnet
RFC 1155 Management Information for TCP/IP-Based Internets
RFC 1156 MIB
RFC 1643 Ethernet MIB
RFC 2665 Ethernet-Like Interface types MIB
RFC 2674 Definitions of Managed Objects for Bridges with Traffic Classes, Multicast Filtering, and Virtual Extensions
RFC 2863 Interfaces Group MIB
RFC 3164 Syslog
RFC 3414 User-Based Security Model (USM) for SNMPv3
RFC 3418 MIB for SNMP
RFC 3636 Definitions of Managed Objects for IEEE 802.3 MAUs
Cisco private MIBs

Management Interfaces

Web-based: HTTP/HTTPS
Command-line interface: Telnet, Secure Shell (SSH) Protocol, serial port
Cisco Wireless Control System (WCS)

Regulatory Compliance

CE Mark


UL 60950-1:2003
EN 60950:2000
EMI and susceptibility (Class A):
U.S.: FCC Part 15.107 and 15.109
Canada: ICES-003
Japan: VCCI
Europe: EN 55022, EN 55024

Virtual Machine Specifications

Cisco Virtual Wireless Controller can run on any x86 server that supports VMware ESXi 4.x and 5.x

The resource requirements from the virtualized server hardware:

CPU: 1 virtual CPU
Memory: 2 GB
Disk Space: 8 GB
Network Interfaces: 2 or more virtual Network Interface cards (vNICs)

Table 3 lists ordering and accessories information for Cisco Virtual Wireless Controller. To place an order, visit the Cisco ordering website:

Table 3. Ordering Information for Cisco Virtual Wireless Controller

Part Number

Product Name

Cisco SMARTnet® Service 8x5xNBD


Cisco Virtual Wireless Controller for up to 5 Cisco access points


Additive Capacity Upgrade Licenses

Table 4 shows the additive capacity upgrade licenses that are available for the Cisco Virtual Wireless Controller.

Table 4. Ordering Information for Cisco Virtual Wireless Controller Additive Capacity Licenses (e-Delivery PAKs)

Part Number

Product Description

SMARTnet 8x5xNBD



Primary upgrade SKU: Pick any number or combination of the following options under this SKU to upgrade one or many controllers under one product authorization key


1 Access Point Adder License for the Virtual Controller (e-Delivery)



5 Access Point Adder License for the Virtual Controller (e-Delivery)



25 Access Point Adder License for the Virtual Controller (e-Delivery)


Service and Support

Realize the full business value of your wireless network and mobility services investments faster with intelligent, customized services from Cisco and our partners. Backed by deep networking expertise and a broad ecosystem of partners, Cisco professional and technical services enable you to successfully plan, build, and run your network as a powerful business platform. Our services can help you successfully deploy the Cisco Virtual Wireless Controller and integrate mobility solutions effectively to lower the total cost of ownership and secure your wireless network.

To learn more about Cisco Wireless LAN service offers, visit:


The Cisco Virtual Wireless Controller is designed to support large-scale branch wireless deployments. It simplifies deployment and operation of wireless networks, helping to ensure smooth performance, enhance security, and maximize network availability. The Cisco Virtual Wireless Controller [[Please check. MDF and list the name as I’ve edited it]] manages all the Cisco access points, eliminating complexity and providing network administrators with visibility and control of their wireless LANs.

For More Information

For more information about Cisco wireless controllers, contact your local account representative or visit:

For more information about the Cisco Unified Wireless Network framework, visit:

For more information about the Cisco Flex 7500 Series Cloud Controller, visit: