Cisco® Unified Wireless Network Software Release 7.3 addresses key challenges driven by industry trends: the explosion of mobile clients in enterprise empowered by bring your own device (BYOD), the virtualization of network infrastructure, the deployment of wireless in mission-critical applications, and the adoption of Wi-Fi in service provider networks to enable new business models. Release 7.3 delivers a new Cisco 8500 Series Wireless Controller with a highly scalable client count, a virtual form-factor controller for medium-sized deployments, a high-availability (HA) feature that minimizes controller downtime by enabling subsecond failover of thousands of access points to a standby controller, and service provider features such as Wi-Fi Certified Passpoint (HS2.0) for secure public connectivity and Proxy Mobile IPv6 (PMIPv6) to ensure seamless mobility between cellular and Wi-Fi. This release also introduces the 2nd Generation 802.11n Cisco Aironet® 2600 Access Points that provide best-in-class features for an uncompromised user experience, directional antennas, and Ethernet Passive Optical Network (EPON) connectivity for Cisco Aironet 1550 Series Outdoor Access Points, as well as FlexConnect features for optimal WAN traffic management and enhanced scale for larger deployments.
A number of new features are included in Cisco Unified Wireless Network Software Release 7.3. The features are supported in the following platforms:
• Cisco Aironet access points running Control and Provisioning of Wireless Access Points (CAPWAP) Protocol
• Cisco 2500 and 5500 Series Wireless LAN Controllers
• Cisco Catalyst® 6500 Series Wireless Services Module 2 (WiSM2)
• Cisco Flex 7500 Series Wireless Controllers
• Cisco 8500 Series Wireless Controller
• Cisco Wireless LAN Controller Module for Integrated Services Routers Generation 2 (WLCM2) (Cisco Wireless LAN Controller on Cisco Services-Ready Engine)
• Cisco 3300 Series Mobility Services Engine (MSE)
• Cisco Prime 1.2
Cisco Wireless LAN Controllers: New Features
In Cisco Unified Wireless Network Software Release 7.3, Cisco Wireless LAN Controllers provide solutions with architectural flexibility to enable wireless as the primary access network and simplify deployments for BYOD. Table 1 describes the new wireless controller features in this release.
Table 1. New Controller Features in Cisco Unified Wireless Network Release 7.3
Virtual wireless LAN controller (vWLC) with FlexConnect
A virtual appliance form factor that enables on-premises virtualized deployments for small to medium-sized deployments.
Customers can enable a virtualized controller solution that is right-sized for medium-sized deployments.
"BYOD your way" enables a fully virtualized BYOD deployment specifically catered to individual customer needs with virtual instances of any of the following wireless BYOD products:
• Virtual wireless controller (vWLC)
• Virtual Identity Services Engine (ISE)
• Virtual Cisco Prime™ Infrastructure
• Virtual Mobility Services Engine (MSE)
Access point stateful switchover (SSO) to a standby high-availability (HA) controller
A controller can be configured as the standby (HA) controller to another controller designated as the primary. The standby controller synchronizes the access point license count, access point roaming keys, and access point CAPWAP state with the primary controller and provides subsecond failover for thousands of access points in case of outage on the primary controller.
Ensures no Service Set Identification (SSID) outage while simultaneously providing customers with a low-cost standby controller.
Cisco 8500 Series Wireless Controller provides service- provider-class scalability in small 1RU form factor.
The 8500 Series is a highly resilient controller scalable to 64,000 clients distributed over 4096 VLANs and 6000 access points.
Consolidate multiple controllers and reduce operational costs with a single point of control and management for up to 64,000 clients across 6000 access points
Right to Use (RTU) licensing on Cisco Flex 7500 and Cisco 8500 Series controllers
Honor-based licensing scheme allows access point licenses to be enabled on supported controllers with End User License Agreement (EULA) acceptance.
RTU license scheme simplifies addition, deletion, or transfer of access point adder licenses in the field by eliminating the need for an additional step, additional tools, or access to Cisco.com for PAK license or return materials authorization (RMA) transfers.
Device profiling with HTTP sensor for local and FlexConnect modes
Controller detects the first HTTP packet from a client and provides user agent data to ISE in a RADIUS accounting message. This information includes hardware type, hardware manufacturer, operating system, browser type and version.
Device profiling makes it possible to determine a device's type from the information received from the device during its connection to the network.
Increased scale on Cisco Flex 7500 Series
Flex 7500 is enhanced to support 100 access points in a FlexConnect group, 2000 Flex groups, 6000 access points, and 64,000 clients
Larger-sized sites and a greater number of sites can be enabled to in a FlexConnect deployment with fewer controllers.
FlexConnect features enabling WAN traffic optimization and flexible deployments
Split tunneling enables optimal traffic management on the WAN based on destination of the traffic.
Traffic from a client in a branch associated to a central switched WLAN can access local resources without traffic traversing the WAN.
VLAN-based routing allows traffic on FlexConnect access points to be both Centrally AND Locally switched on the same WLAN, depending on the presence or absence of the VLAN on the access point.
Enables deployment flexibility of single sign on regardless of which WLAN is used to access the network.
IEEE standard for fast roaming (802.11r) for FlexConnect
Fast roaming with 802.11r can allow clients to move between access points without breaking a session, a critical requirement for many applications.
Workgroup bridge (WGB) and universal workgroup bridge (UWGB) support for FlexConnect local switched mode
WGB acts as bridge between wireless and wired network and provides network connectivity for the wired clients.
Legacy devices with only wired (Ethernet) support are able to gain network access.
Bidirectional rate limit for local mode and FlexConnect
Provides the ability to rate-limit traffic, both downstream and upstream, on either a per-SSID or per-client basis for real-time (UDP) or data (TCP) traffic
Customers can prevent excessive bandwidth usage on certain SSIDs (for example, guest) or by specific users (bandwidth hogging) from affecting other users on the network.
Proxy Mobile Internet Protocol (PMIPv6) Mobile Access Gateway (MAG) functionality on wireless controller
Provides a standardized mechanism for a network-based mobility solution (transparent to client devices) by enabling intersystem handovers between mobile packet core (3GPP) and Wi-Fi.
Seamless mobility between mobile data networks and Wi-Fi in service provider deployments.
Enhancements to access point groups and RF profiles
A new "out-of-box" access point group that disables radios, preventing the new access points from causing any disruption in an already converged network.
RF profiles enhancements for high-density RF environments such as auditoriums and stadiums.
Out of box access point group allows addition of new access points without causing the network fluctuation due to co-channel interference in an existing network.
Additional RF profile configurations are enabled to better control the effects of interference in dense RF environments and minimize coverage holes.
Direct-connect access points on the 2500 Series controller
Local mode access points directly connected to 2500 Series are now supported.
Flexibility to connect access points directly to a 2500 Series controller for smaller deployments
Wi-Fi Certified Passpoint (HS2.0) certification for Release 7.3
Network and client devices implementing Wi-Fi Alliance specifications for Hotspot 2.0 can receive the Passpoint certification from the Wi-Fi Alliance. Cisco Wireless products (Wireless Controllers and Access points) using Release 7.3 will be submitted for Passpoint certification.
Wi-Fi Certified Passpoint (HS2.0) helps to ensure simple and secure connection to public Wi-Fi hotspots for offloading cellular data.
Service provider Wi-Fi features
• SSID/VLAN extensions in support of multiple ISPs per WLAN and access network segmentation (ISP sharing of WLAN and access network)
• RADIUS and Dynamic Host Configuration Protocol (DHCP) extensions for client location awareness
• Additional authentication choices (MAC authentication failover to dot1x authentication)
• Support for general- purpose access network features (Point-to-Point Protocol over Ethernet [PPPoE] and Network Address Translation-Port Address Translation (NAT-PAT)
Provides service providers with flexible design for intelligent Wi-Fi-enabled networks that address emerging business models.
Voice and video features
Quality-of-service (QoS) SIP Video Snooping (SIP CAC) for Facetime and 802.11n Voice CAC for mobile devices
Helps to ensure optimal quality for voice and video while automatically mitigating congestion and roaming challenges.
Enhanced scale for rogue detection and tags on Flex 7500 Series and WiSM2
Flex 7500 Series:
• Scale for Rogue access points detection increased to 18,000 (in Release 7.3) from 12,000 (in Release 7.2)
• Scale for Rogue client detection increased to 23,000 (in Release 7.3) from 15,000 (in Release 7.2)
• Number of tags increased to 50,000 (in Release 7.3) from 5000 (in Release 7.2)
• Scale for Rogue access point detection increased to 3000 (in Release 7.3) from 2000 (in Release 7.2)
• Scale for Rogue client detection increased to 4000 (in Release 7.3) from 2500 (in Release 7.2)
• Number of tags increased to 10,000 (in Release 7.3) from 5000 (in Release 7.2)
Increased scale to align with the growing needs of larger networks.
Cisco Aironet Access Points: New Features
Table 2 describes the new features of Cisco Aironet access points in this software release.
Table 2. New Access Point Features in Cisco Unified Wireless Network Release 7.3
Cisco Aironet 2600 Series Access Point
802.11n Generation 2 access point with rich feature set, including Cisco ClientLink 2.0, Cisco CleanAir™ technology and 3 x 4:3 radio design that enables data rates up to 450 Mbps
The Cisco Aironet 2600 Series Access Point provides an uncompromised user experience with best-in-class features at a competitive price.
Enhancements to the Cisco Aironet 1550 Series Outdoor Access Points
Directional antenna support on 1550 Series.
Directional antennas divert the RF in a particular direction to further distances in outdoor installations.
CleanAir mitigates wireless interference on the 5-GHz radio on the 1550 Series
Additional modes for Cisco 1520 and 1550 Series outdoor wired root access points (RAP)
With this release, the 1520 and 1550 Series support additional modes, including sniffer, monitor and rogue detector mode, in addition to local, bridge, and FlexConnect modes.
Enhances the features and deployment flexibility available for outdoor access points with support for additional non bridged modes.
Additional feature support for standalone access points
Site survey for 3600, 3500 and 2600 Series and outdoor 1550 Series access points
Enables best practices with site survey using the access point type planned for deployment.
Protected Extensible Authentication Protocol (PEAP) support for workgroup bridge (WGB)
Enhanced security with PEAP authentication for autonomous WGB via RADIUS
Roaming improvements on WGB (when used as a client)
Improved roaming experience on autonomous WGB deployments.
Cisco VideoStream support on WGB (when used as a client) converts the VideoStream unicast frame with an IP multicast address, into an Ethernet multicast frame and sends it out to its wired clients
WGB with VideoStream helps to ensure reliable IP muliticast delivery to WGB wired clients.
Cisco Mobility Services Engine (MSE) offers service plane separation for scalable services delivery and a single point of interface to securely expose network intelligence to third-party applications.
Table 3 describes the new features specific to the Cisco Mobility Services Engine with Cisco Unified Wireless Network Software Release 7.3.
Table 3. New Cisco Mobile Services Engine Features in Cisco Unified Wireless Network Release 7.3
• Device count by zone
• Device dwelling time by zone
Provides advanced location- based client metrics
Wireless intrusion prevention system (wIPS) enhancements
• Locate wireless intrusion threats
• Automated switch port tracing
• New wireless intrusion signatures
• User-defined malicious list in Cisco Prime
Enhanced wireless security and intrusion prevention from new threats
Enhancements for Cisco CleanAir with MSE
• Improved location accuracy for interferers identified by Cisco CleanAir
• Notifications by specific interferer device type
• - Filtering interferers by duty cycle
MSE provides advanced intelligence for interference mitigation.
MSE API enhancements
• Network design change notifications
• - API filtering parameters
Enables better network integration with third-party network infrastructure
Cisco Prime Network Infrastructure
Cisco Prime Infrastructure accelerates the rollout of new services, secure access and management of mobile devices, making BYOD a reality for corporate IT. Tightly coupling client awareness with application performance visibility and network control, Cisco Prime Infrastructure helps ensure uncompromised end-user quality of experience. Deep integration with the Cisco Identity Services Engine (ISE) further extends this visibility across security and policy-related problems, presenting a complete view of client access issues with a clear path to solving them.
Cisco Prime Infrastructure provides a single-pane-of-glass, single-console solution for managing the complete lifecycle of switches, routers, wireless controllers, and access points (Figure 1).
Cisco Prime Infrastructure 1.2 with Cisco Unified Wireless Network Software Release 7.3 adds support for additional new features as just described and as summarized in Table 4.
Table 4. New Cisco Prime Features in Cisco Unified Wireless Network Software Release 7.3
Unified Wired and Wireless Lifecycle Management
Ability to manage switches, routers, wireless controllers, and access points from a single, integrated product
Single pane of glass, single console for managing the entire network means that administrators don't have to switch between products or learn new workflows to make changes to the network infrastructure.
New user experience: Design, Deploy, Operate, Report, and Administer
In the new UI, workflows are organized around lifecycle processes: Design, Deploy, Operate, Report and Administer. Device 360 offers quick access to the most relevant device information.
Product functionality is aligned with the way network operators do their jobs rather than with specific network technologies. This enables faster adoption by network IT.
Assurance for application visibility and troubleshooting
Visualize application flow data collected using performance instrumentation and standards like NetFlow, NBAR, MediaNet, Performance Agent, and SNMP.
Network managers can proactively monitor, analyze, and troubleshoot application health and quantify end-to-end user experience.
New maps engine supports high- resolution images with much improved pan and zoom controls. Search within maps is also supported.
New maps combined with search offers a faster and smoother navigation experience with quicker access to information.
Automatic Hierarchy Creation
Automatically create maps and assign access points to maps using regular expressions.
Automates the tedious work of creating campus, building, floor hierarchy and assigning access points to the floor.
Auto-Switch Port Tracing
Ability to automatically identify the Cisco switch and port information for a rogue access point connected to the Cisco switch
"Rogue on wire" threats are identified and mitigated in a short time.
Method to access rich information stored in Cisco Prime Infrastructure database using simple but powerful REST- based API.
Northbound receivers or application developers can access Cisco Prime Infrastructure data using scripts and automation for business intelligence needs and planning.
Ability to discover and monitor third-party switches that support RFC 1213 and wireless controllers/access points from Aruba Networks.
Third-party support enables customers to manage a disparate set of products acquired over time from multiple vendors.
Service and Support
Services from Cisco and our partners can help you assess, design, tune, and operate your wireless LAN to seamlessly integrate mobility services and take advantage of the systemwide capabilities of the Cisco Unified Wireless Network.
Our professional services help you align your interference management, performance, and security needs with your technical requirements to better utilize the self-healing, self-optimizing features built into the chip-level intelligence of Cisco CleanAir technology and the increased performance of the 802.11n standard. These services can enhance deployment and operational efficiencies to reduce the cost and complexities of transitioning to new technologies.
Our technical support services help you maintain network availability and reduce risk. Optimization services provide ongoing assistance with performance, secure access, and maintaining a strong foundation for business evolution and innovation.