Cisco Services Modules

Cisco Wireless Services Module 2 Controller for Cisco Catalyst 6500 Series Switches Data Sheet

  • Viewing Options

  • PDF (454.6 KB)
  • Feedback

Text Box: Maximum Performance and Scalability
●	Support for up to 1000 access points and 15,000 clients
●	Designed for line-rate performance with Datagram Transport Layer Security (DTLS) encryption and access control list (ACL) security enabled
●	802.11ac and 802.11n-optimized for up to nine times the performance of 802.11a/g networks
●	Enhanced uptime with the ability to simultaneously configure, upgrade, and manage 1000 access points per controller
●	Reduced down time with the ability to predownload access point images during upgrades
●	Requires Sup720 or Sup2T with -E chassis or a non-E chassis with high speed fan
●	Requires Sup720 software 12.2(33)SXJ or later
●	Requires Sup2T software 15.0(1)SY
●	Controller software or later
Improved Mobility and Services
●	Larger mobility domain for more simultaneous client associations
●	Faster radio resource management updates for uninterrupted network access when roaming
●	Intelligent RF control plane for self-configuration, self-healing, and self-optimization
●	Efficient roaming improves application performance such as toll-quality voice and consistent streaming video and data backup
Licensing Flexibility and Investment Protection
●	Additional access point and feature licenses may be added over time
Comprehensive Wired and Wireless Security
●	Full control and provisioning of wireless access points (CAPWAP) access-point-to-controller encryption
●	Supports detect of rogue access point and denial-of-service attacks
●	Management frame protection detects malicious users and alerts network administrators
Cisco OfficeExtend Solution
●	Secure, simple, cost-effective mobile teleworker solution
●	Up to 1000 remote access points per controller
●	Supports Cisco® Unified IP Phones for reduced cell phone charges
Enterprise Wireless Mesh
●	Dynamic wireless mesh networks support indoor and outdoor connectivity for areas that are difficult to wire
Environmentally Responsible
●	Support for adaptive power management to turn off access point radios during off-peak hours to reduce power consumption
●	Cisco OfficeExtend solution reduces costs and supports green best practices by reducing commuting time and saving on gas, vehicle mileage, and insurance costs
The Cisco® Wireless Service Module 2 (WiSM2) Controller for Cisco Catalyst® 6500 Series Switches, shown in Figure 1, is a highly scalable and flexible platform that enables systemwide services for mission-critical wireless networking in medium-sized to large enterprises and campus environments. Designed for 802.11ac and 802.11n performance and maximum scalability, the Cisco WiSM2 Controller supports a higher density of clients and delivers more efficient roaming, with at least nine times the throughput of existing 802.11a/g networks. The WiSM2 controller offers:

   Enhanced uptime with the ability to simultaneously manage up to 1000 access points

   Superior performance for reliable streaming video and toll-quality voice

   Sub-second stateful failover of all access points and clients from the primary to standby controller

Figure 1.      Cisco Catalyst 6500 Series WiSM2 Controller


As a component of the Cisco Unified Wireless Network, this controller provides real-time communication between Cisco Aironet® access points, the Cisco Wireless Control System (WCS), the Cisco Network Control System (NCS), and the Cisco Mobility Services Engine to deliver centralized security policies, wireless intrusion prevention system (wIPS) capabilities, award-winning RF management, and quality of service (QoS). With Cisco CleanAir® technology, the WiSM2 protects 802.11ac and 802.11n performance by providing cross-network access to real-time and historic RF interference information for quick troubleshooting and resolution.

The Cisco WiSM2 Controller supports Cisco Application Visibility and Control (AVC), the technology that includes the Network-Based Application Recognition 2 (NBAR-2) engine, Cisco’s deep packet inspection (DPI) capability that can classify applications, apply quality of service (QoS) to either drop or mark the traffic, and prioritize business-critical applications in the network. Cisco AVC uses NetFlow Version 9 to export the flows to Cisco Prime Infrastructure or a third-party NetFlow Collector. The Cisco WiSM2 Controller also supports Bonjour Services Directory to enable Bonjour Services to be advertised and utilized in a separate Layer 3 network. Wireless Policy engine is a wireless profiler and policy feature on the Cisco WISM2 controller that enables profiling of wireless devices and enforcement of policies such as VLAN assignment, quality-of-service (QoS), ACL and time of day-based access.

With this integrated approach to large-scale wireless networking, customers can realize significant total cost of ownership (TCO) benefits by streamlining support costs and reducing planned and unplanned network downtime.

Software Licensing Flexibility

Cisco WiSM2 Controller software licensing offers the flexibility to add additional access points (up to 1000 access points) as business needs grow.

As part of its basic feature set, the Cisco WiSM2 Controller supports a variety of business mobility needs, including the Cisco OfficeExtend solution for secure, mobile teleworking and Cisco Enterprise Wireless Mesh, which allows access points to dynamically establish wireless connections in locations where it may be difficult or impossible to physically connect to the wired network.

Table 1 lists the features and benefits of the Cisco Wireless Service Module 2 (WiSM2) Controller.

Table 1.       Cisco WiSM2 Controller Features and Benefits




High Performance

RF Management

  Provides both real-time and historical information about RF interference impacting network performance across controllers, through systemwide Cisco CleanAir technology integration

High-Performance Video

  Integrates Cisco VideoStream technology as part of the Cisco medianet framework to optimize the delivery of video applications across the WLAN

End-to-End Voice

  Supports Unified Communications for improved collaboration through messaging, presence, and conferencing
  Supports all Cisco Unified IP Phones for cost-effective, real-time voice services

Comprehensive End-to-End Security

  Offers control and provisioning of wireless access points (CAPWAP)-compliant Datagram Transport Layer Security (DTLS) encryption to help ensure full-line-rate encryption between access points and controllers across remote WAN/LAN links

Cisco OfficeExtend

  Supports corporate wireless services for mobile and remote workers with secure wired tunnels to the Cisco Aironet 600, 1130, or 1140, 3500, 3600 Series Access Points
  Extends the corporate network to remote locations with minimal setup and maintenance requirements (zero‑touch deployment)
  Improves productivity and collaboration at remote site locations
  Separate service set identifier (SSID) tunnels allow both corporate and personal Internet access
  Reduced carbon dioxide emissions from a decrease in commuting
  Higher employee job satisfaction from ability to work at home
  Improves business resiliency by providing continuous, secure connectivity in the event of disasters, pandemics, or inclement weather

Cisco Enterprise Wireless Mesh

  Allows access points to dynamically establish wireless connections without the need for a physical connection to the wired network
  Available on select Cisco Aironet access points, Cisco Enterprise Wireless Mesh is ideal for warehouses, manufacturing floors, shopping centers, and any other location where extending a wired connection may prove difficult or aesthetically unappealing

PCI Integration

  Part of Payment Card Industry (PCI) certified architecture, and well-suited for retail customers who deploy transactional data applications such as scanners and kiosks

Environmentally Responsible

  Organizations may choose to turn off access point radios to reduce power consumption during off-peak hours

Mobility, Security, and Management for IPv6 and Dual-Stack Clients

  Secure, reliable wireless connectivity and consistent end-user experience
  Increased network availability through proactive blocking of known threats
  Equips administrators for IPv6 troubleshooting, planning, and client traceability from a common wired and wireless management system

Note:    The minimum software version of the supervisor must be 12.2(33)SXJ2 or 15.0(1)SY1 to support the features listed in Table 1.

Table 2 lists the product specifications for Cisco WiSM2 Wireless Controller.

Table 2.       Product Specifications for Cisco WiSM2 Controller




  IEEE 802.11a, 802.11b, 802.11g, 802.11d, WMM/802.11e, 802.11h, 802.11k,802.11n, 802.11r,802.11u, 802.11w, 802.11ac


  IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX specification, 1000BASE-T. 1000BASE-SX, 1000‑BASE‑LH, IEEE 802.1Q Vtagging, and IEEE 802.1AX Link Aggregation

Data Request for Comments (RFC)

  RFC 768 UDP
  RFC 791 IP
  RFC 2460 IPv6 (pass through Bridging mode only)
  RFC 792 ICMP
  RFC 793 TCP
  RFC 826 ARP
  RFC 1122 Requirements for Internet Hosts
  RFC 1519 CIDR
  RFC 1542 BOOTP
  RFC 2131 DHCP
  RFC 5415 CAPWAP Protocol Specification

Security Standards

  IEEE 802.11i (WPA2, RSN)
  RFC 1321 MD5 Message-Digest Algorithm
  RFC 1851 The ESP Triple DES Transform
  RFC 2104 HMAC: Keyed Hashing for Message Authentication
  RFC 2246 TLS Protocol Version 1.0
  RFC 2401 Security Architecture for the Internet Protocol
  RFC 2403 HMAC-MD5-96 within ESP and AH
  RFC 2404 HMAC-SHA-1-96 within ESP and AH
  RFC 2405 ESP DES-CBC Cipher Algorithm with Explicit IV
  RFC 2407 Interpretation for ISAKMP
  RFC 2409 IKE
  RFC 2451 ESP CBC-Mode Cipher Algorithms
  RFC 3280 Internet X.509 PKI Certificate and CRL Profile
  RFC 3602 The AES-CBC Cipher Algorithm and Its Use with IPsec
  RFC 3686 Using AES Counter Mode with IPsec ESP
  RFC 4347 Datagram Transport Layer Security
  RFC 4346 TLS Protocol Version 1.1


  WEP and TKIP-MIC: RC4 40, 104 and 128 bits (both static and shared keys)
  SSL and TLS: RC4 128-bit and RSA 1024- and 2048-bit

Authentication, Authorization, and Accounting (AAA)

  IEEE 802.1X
  RFC 2548 Microsoft Vendor-Specific RADIUS Attributes
  RFC 2865 RADIUS Authentication
  RFC 2866 RADIUS Accounting
  RFC 2867 RADIUS Tunnel Accounting
  RFC 3576 Dynamic Authorization Extensions to RADIUS
  RFC 3579 RADIUS Support for EAP
  RFC 3580 IEEE 802.1X RADIUS Guidelines
  RFC 3748 Extensible Authentication Protocol
  Web-based authentication
  TACACS support for management users


  SNMP v1, v2c, v3
  RFC 854 Telnet
  RFC 1155 Management Information for TCP/IP-Based Internets
  RFC 1156 MIB
  RFC 1157 SNMP
  RFC 1350 TFTP
  RFC 1643 Ethernet MIB
  RFC 2030 SNTP
  RFC 2616 HTTP
  RFC 2665 Ethernet-Like Interface types MIB
  RFC 2674 Definitions of Managed Objects for Bridges with Traffic Classes, Multicast Filtering, and Virtual Extensions
  RFC 2863 Interfaces Group MIB
  RFC 3164 Syslog
  RFC 3414 User-Based Security Model (USM) for SNMPv3
  RFC 3418 MIB for SNMP
  RFC 3636 Definitions of Managed Objects for IEEE 802.3 MAUs
  Cisco private MIBs

Management Interfaces

  Web-based: HTTP/HTTPS
  Command-line interface: Telnet, Secure Shell (SSH) Protocol, serial port
  Cisco Wireless Control System (WCS)
  Cisco Network Control System (NCS)

Interfaces and Indicators

  Service port: 1000 Mbps Ethernet Internal
  Redundancy port: 1000 Mbps Ethernet Internal
  Console port: RS232 (DB-9 male/RJ-45 connector included), mini-USB
  Status indicators: Power, System, Alarm, Console, USB

Physical and Environmental

  Dimensions (W x D x H): 1.6 x 15.3 x 16.3 in. (4.0 x 37.9 x 40.3 cm)
  Weight: 11 lbs (5 Kg)
  Temperature: Operating temperature: 32 to 104°F (0 to 40°C); Storage temperature: -40 to 167°F (‑40 to 75°C)
  Humidity: Operating humidity: 10 to 95%, noncondensing. Storage humidity: up to 95%
  Input power: 225W maximum; Test conditions: 104°F (40°C), Full TrafficMost deployments and environments would use less power
  Heat Dissipation: 768 Btu/h Maximum; Test Conditions: 104°F (40°C), Full Traffic

Regulatory Compliance

  CE Mark
   UL 60950-1:2003
   EN 60950:2000
   EMI and susceptibility (Class A)
   U.S.: FCC Part 15.107 and 15.109
   Canada: ICES-003
   Japan: VCCI
   Europe: EN 55022, EN 55024

Table 3 lists the ordering information for Cisco WiSM2 Controller.

Table 3.       Ordering Information for Cisco WiSM2 Controller

Part Number


Cisco SMARTnet® Service 8x5xNBD Part Number


Wireless Services Module:WiSM-2: w/ 100 AP Support License



Wireless Services Module:WiSM-2: w/ 300 AP Support License



Wireless Services Module:WiSM-2: w/ 500 AP Support License



Wireless Services Module-WiSM-2 w/ 1000 AP Support License



Wireless Services Module -WISM2 for High Availability



Wireless Services Module -WISM2 for High Availability


Additive Capacity Upgrade Licenses

Tables 4 and 5 show the additive capacity upgrade licenses that are available for the Cisco WiSM2 Controller.

Table 4.       Ordering Information for Cisco WiSM2 Wireless Controller Additive Capacity Licenses (e-Delivery Product Authorization Keys [PAKs])

Part Number


Cisco SMARTnet Service 8x5xNBD Part Number


Primary upgrade SKU: Pick any number or combination of the following options under this SKU to upgrade one or many controllers under one product authorization key



100 AP Adder License for WiSM-2 (e-Delivery)



200 AP Adder License for WiSM-2 (e-Delivery)


Table 5.       Ordering Information for Cisco WiSM2 Wireless Controller Additive Capacity Licenses (Paper PAKs)

Part Number


Cisco SMARTnet Service 8x5xNBD Part Number


Primary upgrade SKU: Pick any number or combination of the following options under this SKU to upgrade one or many controllers under one product authorization key



100 AP Adder License for WiSM-2



200 AP Adder License for WiSM-2


Table 6 shows the Optional Paper PAK license to enable DTLS. These licenses are designed for customers who purchase a controller with DTLS disabled due to import restrictions. This optional license will allow you to take advantage of DTLS for Cisco OfficeExtend functionality in the future.

Table 6.       Optional Paper PAK License to Enable DTLS

Part Number



Data DTLS License for WiSM2

Service and Support

Realize the full business value of your wireless network and mobility services investments faster with intelligent, customized services from Cisco and our partners. Backed by deep networking expertise and a broad ecosystem of partners, Cisco professional and technical services enable you to successfully plan, build, and run your network as a powerful business platform. Our services can help you successfully deploy the Cisco Catalyst 6500 Series Wireless Services Module 2 Controller and integrate mobility solutions effectively to lower the total cost of ownership and secure your wireless network.

To learn more about Cisco wireless LAN service offers, visit:

For More Information

For more information about Cisco wireless controllers, contact your local account representative or visit:

For more information about the Cisco Unified Wireless Network framework, visit: