What is Wi-Fi 6?
Quite simply, Wi-Fi 6 is a new wireless standard. Also called 802.11ax, it is poised to make big waves in network connectivity and user experience improvements. Here’s what you need to know.
It's all about access
Access to applications. Access to data. Access to services. Your network has the power to reliably deliver access to data and applications to the right users across your organization. But what happens when the demand for mobility continues to increase? New advances in technologies such as the Internet of Things (IoT), 5G, and Wi-Fi 6 are addressing the need for more mobile access. As a result, the way we’ve built networks in the past is changing for businesses of every size.
Wi-Fi 6 is leading the charge
Wi-Fi 6 is opening up new possibilities for wireless. Improved speed, capacity, and control will not only support existing applications with greater performance and improved experiences but also drive new innovations that will change the way people work.
Wi-Fi 6 began its ramp-up in 2019, and although the standard was ratified in September of that year, Samsung launched a Wi-Fi 6 device in February. Cisco worked with Samsung behind the scenes to validate that Wi-Fi 6 actually delivers faster connections, more capacity, and longer battery life.
Figure 1 outlines the adoption of Wi-Fi 6 in 2019 and where it is going.
Figure 1. Wi-Fi 6 progression
In order to take advantage of all of the benefits of Wi-Fi 6, you will need a Wi-Fi 6-capable network. This includes both access points and Wi-Fi 6 clients. If it hasn’t already, the market will soon start seeing large numbers of mobile devices that support Wi-Fi 6. Therefore, it is important to prepare your network for the new standard so you will be ready to gain all the benefits that Wi-Fi 6 offers.
What’s the big deal?
Let’s start with two basic facts: we are more dependent on the network than ever before and Wi-Fi 6 gives us more of what we need. It is a more consistent and dependable network connection that will deliver speeds up to four times faster than 802.11ac Wave 2 with four times the capacity. This standard provides a seamless experience for clients and enables next- generation applications such as 4K/8K streaming HD, Augmented Reality (AR) and Virtual Reality (VR) video, and more device and IoT capacity for high-density environments such as university lecture halls, malls, stadiums, and manufacturing facilities.
Wi-Fi 6 also promises reduced latency, greater reliability, and improved power efficiency. With higher performance for mobile devices and the ability to support the IoT on a massive scale (IoT use has been trending trending upward lately and is now also called “the new mobile”), Wi-Fi 6 will improve experiences across the entire wireless landscape. Wi-Fi 6 also offers improved security, with WPA3 and improved interference mitigation providing a better quality of experience.
The last upgrade to 2.4 GHz was over 10 years ago, so if that’s when you last upgraded your network, it’s probably time to make the move to Wi-Fi 6, simply to catch up with the recent technology changes. According to the 2019 Cisco Virtual Networking Index™, there will be higher data rates, with 12.3 billion mobile devices in 2022. IoT will be 50 percent of global connected devices by 2022 (which is why IoT is the “new mobile”). At the same time, there has been a 27.4 percent average increase in security breaches since 2017, so you want to ensure that your protection is up to date.
In addition to these compelling reasons, the following are the more significant benefits you can experience when you move to Wi-Fi 6:
Higher capacity: Four is the new magic number. Attach up to four times more devices than under previous standards through features such as Orthogonal Frequency-Division Multiple Access (OFDMA) and Multiuser Multiple-Input Multiple-Output (MU-MIMO). Wi-Fi 6 communicates in parallel with devices, whereas existing standards communicated with only one device at a time. The increased capacity is essential because the volume of mobile data traffic is expected to grow up to four times in just the next four years alone.
Improved power efficiency. Using Target Wake Time, client devices that support the Wi-Fi 6 standard may consume two-thirds less power. This means that batteries in products such as smartphones, laptops, tablets, and IoT devices can last longer, which makes it the ideal standard.
Reduced data latency by optimizing packet scheduling, which is ideal for voice, video, and gaming applications.
Greater IoT coverage by bringing the benefits of Wi-Fi 6 to the 2.4- GHz band.
Increased speed. Get up to four times the throughput, on average, in congested wireless environments.
Improved security. With an extension of security to the infrastructure, the new security features allow for better interference and rogue detection and enhanced threat detection with Cisco® Encrypted Traffic Analytics (ETA).Wi-Fi Protected Access (WPA3) is certified with Wi-Fi 6 and provides a greater value proposition than WPA2 for enterprise Wi-Fi networks. It offers enhanced security for open Wi-Fi networks with encryption of unauthenticated traffic, robust password protection against brute-force dictionary attacks, and superior data reliability for sensitive information with 192-bit encryption.
What is OFDMA?
Quite simply, OFDMA is a type of frequency-division multiplexing that is able to use subcarriers more efficiently when it comes to transporting data. Previously, when using Orthogonal Frequency-Division Multiplexing (OFDM), each user got one time slot, or a whole bandwidth channel. Users needed to wait in line before they were able to deliver their packets. As more clients joined, it took longer for packets to be delivered, resulting in lag time and people waiting to transport data.
OFDMA provides a more regular and consistent packet delivery, and users don’t have to wait as long.
Here’s another way to put it. With OFDM, any time a user would request a data packet, it would essentially send out one truck to meet each request of that single user, which isn’t very efficient. OFDMA is different, as one truck is used to deliver the packet to individual users in one round. This way is far more efficient and takes less time. Figure 2 illustrates the difference between OFDM and OFDMA.
Figure 2. Comparison of OFDM and OFDMA
All Cisco Wi-Fi 6 products use OFDMA. As a result, your network will be faster, and most importantly, your users will have a better experience.
Cisco Wi-Fi 6 solutions
Cisco RF ASICs
Programmable RF Application-Specific Integrated Circuits (ASICs) are custom-developed to provide you with real-time analytics as well as a platform for future innovation and capabilities. RF ASICs are embedded on mission-critical access points such as the Cisco Catalyst® 9120AX and 9130AX Series and can perform advanced RF spectrum analysis. They can deliver significant features, such as:
Cisco CleanAir® technology to mitigate the impact of wireless interference and protect performance
Cisco Wireless Intrusion Prevention System (wIPS) to detect, locate, mitigate, and contain wired and wireless rogues and threats at Layers 1 through 3.
Dual-filter Dynamic Frequency Selection (DFS) detection to avoid interference for optimal performance.
Combined with Cisco DNA Assurance, this gives you radio frequency visibility and intelligence to help you run your networks better. And that’s not all. More new and exciting features are in development.
IoT gateway support
Cisco offers multilingual support and application hosting of IoT protocols to better support IoT service and expansion.
How are Cisco IoT gateways used best? Here are some use cases to get you thinking:
Safeguard oil and gas pipeline operations.Increase operational efficiency and decrease downtime for natural gas pipelines and processing plants. Highly secure, rugged Cisco IoT gateways simplify connecting and managing remote gas turbines, diesel engines, and sensors. They also offer faster insights to help you solve problems quickly and limit expensive repairs.
Secure financial transactions and manage assets.Reduce the expense of managing thousands of remote ATMs, while enhancing asset and data security and improving the customer experience. Cisco IoT gateways facilitate more secure, reliable cellular connectivity to automate cash management, as well as optimize video surveillance with intelligent data processing at the edge for faster response.
Improve safety and regulate traffic. Optimize traffic management with roadside connectivity for traffic signal controllers, motion sensors, video encoders, and cameras. Cisco IoT gateways provide reliable, real-time insights to regulate traffic flow and conditions, detect violations, and improve motorist and pedestrian safety at intersections.
Cisco intelligent capture
Intelligent Capture is a built-in, enhanced issue detection and root-cause-analysis feature available on Cisco Catalyst 9120AX and 9130AX Series Access Points. It is software that can track more than 240 anomalies and instantaneously review all packets on demand, emulating the onsite network administrator. With this data, administrators can make more informed decisions on their networks. The software “senses” all packets instantaneously and sends the information back to Cisco DNA Center for deep analysis, making it easier to fix the problem. This way, IT can find any issues in record time. Intelligent Capture also provides live and in-service capture of onboarding failures with Packet Capture (PCAP), a spectrum analyzer for analyzing interference sources, and on-demand access point statistics for Wi-Fi troubleshooting.
Cisco DNA Assurance with Active Sensor
One of the challenges of wireless is planning for changing levels of demand. A conference or event can introduce a sudden jump in device density or increase expectations for application performance.
Cisco DNA Assurance with Active Sensor is a compact wireless device that allows you to test real-world client experiences to validate that performance will meet your expectations in any environment.
The Active Sensor can be plugged in anywhere. Other sensor products are often at ceiling level, sometimes providing IT with a less-than-accurate network assessment, since most clients are at eye level. When installed at the level where most mobile devices are apt to be, the Active Sensor allows for a better understanding and a more comprehensive simulation of real clients.
The Active Sensor validates end-user experience and allows for speed tests to check cloud application performance and connectivity. It also provides IP SLA tests for real-time AppX assessment of VoIP applications.
The Aironet Active Sensor reports data to Cisco DNA Center, where it is used along with assurance data from clients. It comes with multiple powering options, including:
Direct AC power plug
Power over Ethernet (PoE)
Micro USB power
The Aironet Active Sensor makes troubleshooting easier and enhances the context shown in Cisco DNA Assurance. Cisco DNA Assurance puts your data to work; provides you with 360-degree contextual insights across users, devices, and applications; and helps ensure better network performance with real-time and historical data analytics to learn, adapt, and even detect problems before they happen.
Flexible Radio Assignment
Cisco Catalyst 9120AX and 9130AX Series Access Points offerFlexible Radio Assignment (FRA).. FRA is a Cisco innovation designed to provide a better mobile user experience for high-density networks by automatically detecting when the coverage in the 2.4-GHz band is oversaturated. Once the detection is made, FRA intelligently determines which access points should change their dual-band radios from 2.4 GHz to 5 GHz. Simply viewed, a single physical access point now acts as two 5-GHz access points, resulting in lower channel utilization and a better user experience. The access point performs this function while still monitoring the network for security threats and RF interference that may affect performance.
FRA has three different modes of operation:
Default operating mode, which serves clients on both 2.4-GHz and 5-GHz bands
Dual 5-GHz mode, which serves clients on both 5-GHz radios
Wireless security monitoring, which scans both 2.4-GHz and 5-GHz modes for security threats while also serving 5-GHz clients
FRA isn’t strictly for workplace environments. It can be used in nearly any instance where a large group of people gather. Whether it’s in an educational setting, a hotel lobby, or a hospital, FRA is a boon to any wireless network.
From Bring-Your-Own-Device (BYOD) to IoT devices, the proliferation of wireless items brings a new host of challenges as bandwidth-intense applications grow. FRA rises to these challenges and augments your wireless network to do more without making your job difficult.
Cisco CleanAir technology
Did you know that 80 percent of companies report problems with Radio Frequency Interference (RFI)? Cisco CleanAir technology provides proactive protection against RFI and takes automatic action to avoid current and future interference. In other words, CleanAir technology uses silicon-level intelligence to create a spectrum-aware, self-healing, and self- optimizing wireless network that mitigates the impact of wireless interference and offers performance protection for your network.
What does CleanAir technology do? It:
Discovers. CleanAir provides continual systemwide discovery without affecting performance.
Decides. It takes automatic action to avoid current and future interference, with full history reporting.
Identifies. CleanAir accurately and quickly identifies the source, location, and scope of the interference.
Secures. It detects rogue access points and other devices that affect security and customizes alerts.
CleanAir technology correlates sources of interference across the network, supporting intelligent decisions and policies for faster troubleshooting and automatic RFI avoidance. CleanAir technology makes it easy for network administrators to assess service disruptions, receive notices about performance degradation, research resolutions, and quickly act to improve network performance. The CleanAir solution is part of the industry’s most adaptive, reliable, and high-performance wireless network—a network that has the ability to adjust automatically to changes in its environment, without the need for time-intensive or costly human intervention.
The network is creating new opportunities for changing the way we work to become more efficient. Forward-thinking organizations are investing in wireless networks to facilitate those opportunities for efficiency, innovation, and growth. As these organizations transition to digital-ready networks, they require advanced features and security.
Mission-critical networks require advanced capabilities
The approach of Wi-Fi 6 is creating anticipation for what’s possible. And we want you to be able to tackle all of the excitement head-on. When you upgrade your wireless network to the latest Cisco solutions, you’ll be prepared for Wi-Fi 6 so you can support more bandwidth-intensive applications, more IoT devices, and more clients. You’ll also be able to offer advanced wireless capabilities that go well beyond traditional networking.
Automated, secure onboarding across the entire network
Cisco Software-Defined Access (SD-Access) gives you a single network fabric from edge to cloud and allows you to set identity-based policy for users, devices, and things. Provide access to any application, without compromising on security, while also gaining insight into any attempt to access your network. Automatic segmentation of users, devices, and applications means you can deploy and secure services faster.
You’re already invested in wireless. Cisco DNA Spaces takes it one step further to combine wireless connectivity with location-based insights. Cisco DNA Spaces provides a simple, scalable, and standardized approach to support wireless users with location analytics, business insights, customer engagement toolkits, asset management, Bluetooth Low Energy (BLE) management, and location data APIs.
Cisco is a founding member of the OpenRoaming consortium. OpenRoaming will let mobile users automatically and seamlessly roam between Wi-Fi and cellular networks, including Wi-Fi 6 and 5G. OpenRoaming is part of efforts by Cisco, together with other industry leaders to break down the barriers between Wi-Fi 6 and 5G to support connection everywhere, seamless onboarding, more choices for access, and more secure connections.
With OpenRoaming, users will be able to get online seamlessly and automatically after signing in just once using a trusted identity provider. The service is secure and fast, and users don’t have to guess which Wi-Fi network to use or suffer through a pop-up captive portal again. They will be connected wherever they go so they can download, stream, video chat, and game to their heart’s desire. Benefits of OpenRoaming include:
Seamless connectivity between Wi-Fi and LTE/5G
Simplified Wi-Fi guest access
Significant increases in your Wi-Fi attach rate onsite
Better engagement with customers through Wi-Fi, Cisco DNA Spaces, and loyalty apps
Ability to take back ownership of your customers’ data through Wi-Fi and drive the power of analytics
Offloading of traffic from cellular to Wi-Fi, reducing operational expenses for service providers
I know what Wi-Fi 6 is, but what is 5G all about?
Think of 5G as the Wi-Fi 6 equivalent in the mobile broadband world. As Wi-Fi 6 is replacing 802.11ac (Wi-Fi 5), 5G is replacing 4G.
However, the most important thing to note is that both 5G and Wi-Fi 6 are built from the same foundation and will coexist to support different use cases. This is not a matter of choosing one over the other. Both 5G and Wi-Fi 6 promise to dramatically improve wireless experiences for mobile workers and the enterprise. They will both provide higher data rates to support new applications and increases in network capacity, as well as offer the ability to connect more devices.
Deployed over wireless devices beginning in 2019, 5G is an advanced way of connecting a wireless device to a network without using Wi-Fi. 5G has a much more massive scale than previous standards of 3G and 4G, allowing for AR/VR.
How does Wi-Fi 6 compare to 5G?
Both Wi-Fi 6 and 5G are critical to the future of wireless, but Wi-Fi 6 will continue to be the preferred and primary wireless access in the enterprise, especially for indoor networks. This is because technologies such as smart buildings, indoor enterprises, industrial organizations, and IoT need varying degrees of network connection sophistication that only Wi-Fi 6 can provide. All of these technologies have a common set of problems: onboarding, lifecycle management, security, and data interpretation that can only be solved via a Wi-Fi 6 solution. In addition, Wi-Fi 6 is a reasonable choice—from a cost standpoint to deploy, maintain, and scale—making it an ideal system for indoor wireless connectivity. This is especially true in areas where access points will serve more users, such as stadiums, concert halls, and convention centers.
On the other hand, 5G might be the designated choice for devices outside an indoor network. With higher speeds and improved capacity, both 5G and Wi-Fi 6 can improve outdoor connectivity. However, certain use cases—such as riding on a bullet train at 200 miles an hour or traveling in a car on the highway—will make 5G the preferred method for outdoor networks.
This is not a binary situation, Wi-Fi 6 and 5G are suitable for many industries. Both Wi-Fi 6 and 5G offer exciting opportunities to connect more devices reliably via wireless. This is important for mission-critical IoT devices being used in manufacturing automation, healthcare, energy, and many other industries. Wi-Fi 6 and 5G will also offer enhanced mobile broadband for immersive experiences via augmented and virtual reality. Although many industries will benefit from the enhanced mobile experience, industries such as hospitality, retail, and education will drive immersive experiences for their business.
Products built for the intent-based network
What is an Intent-Based Network (IBN)? As users, devices, and distributed applications have grown in number, the networking environment has become exponentially more complex. An IBN transforms a hardware-centric, manual network into a controller-led network that captures business intent and translates it into policies that can be automated and applied consistently across the network. The goal is for the network to continuously monitor and adjust network performance to help assure desired business outcomes.
How does it work?
IBN builds on Software-Defined Networking (SDN) by using a network controller that acts as a central control point for the network. Such controllers are crucial for network abstraction that lets IT treat the network as an integrated whole. Controller-led networks in all domains (including access, WAN, data center, and cloud) collaborate and extend their benefits throughout the enterprise and help make digital transformation a reality.
The closed-loop system of an IBN operates with the following functional building blocks to deliver intent— or support—for the business or IT outcomes that your organization needs:
The closed-loop system of IBN operates with the following functional building blocks to deliver intent—or support—for the business or IT outcomes that your organization needs:
Translation: The capture and translation of intent into policies the network can act on
Activation: Installation of these policies across the physical and virtual network infrastructure, using networkwide automation
Assurance: Use of analytics and machine learning to continuously monitor the network to verify that the desired intent has been applied and the business outcomes are being achieved
How does IBN fit in with Wi-Fi 6?
The products that make up the IBN are Wi-Fi 6 products built specifically for the intent-based network. These products make up the next-generation wired and wireless architecture that best address the needs of today’s customers. Released in November 2018, the Cisco Catalyst 9800 Series kicked off this technological revolution as the first controller built from the ground up for intent-based networking. It runs on Cisco IOS® XE and can be deployed anywhere. Cisco has married over 15 years of RF innovation—from our Aironet® portfolio, which offers the most innovative wireless technologies, such as CleanAir, Intelligent Capture, and the most widely deployed controller—with the most powerful networking operating system, which has been modernized with a modular design to give IT higher availability, programmability, and scale.
With the next-generation Wi-Fi 6 wireless products unified under one common OS, Cisco IOS Software, means that the IBN products are:
Resilient, with zero downtime with software updates and upgrades
- Automated macro- and micro-segmentation with Cisco SD-Access
- Threat detection with Cisco Encrypted Traffic Analytics
- Advanced security with WPA3 and trustworthy systems
- Programmable network processor and Cisco IOx infrastructure support
- Multilingual access points to enable IoT
- Can be deployed in the infrastructure and cloud of your choice
- Includes enhanced analytics with Cisco DNA
- Goes beyond the Wi-Fi 6 standard
Where are some of the best places to use Wi-Fi 6?
The use cases for a Wi-Fi 6 network are numerous and varied. Almost any organization could use faster connection, better battery life, and increased capacity, but there are certain places that may need it more than others.
For organizations that need full service provider carrier offload and IT/OT convergence, or where networks run in high-density environments such as classrooms and auditoriums and have a need for real-time applications such as enterprise-grade 4K/8K video or augmented or virtual reality, a Wi-Fi 6 network is paramount.
Figures 3 and 4 outline some Cisco products that run in an IBN using Wi-Fi 6 and common use cases.
Figure 3. Cisco Wi-Fi 6 products in an enterprise workspace
Figure 4. Cisco Wi-Fi 6 products in a high-density environment
Here is what some Cisco customers had to say about their Wi-Fi 6 network:
“Striving toward the commitment of “leading medicine” with state-of-the- art healthcare services, we need technology and infrastructure in place to deliver an always-on network. The Catalyst 9800 and 9100 provide a modular design to wireless configuration, flexibility in the separation of code between wireless LAN controller and access point, and the ability for rolling upgrades on the network. All these capabilities will allow us to securely scale and manage our network as quickly as our needs grow.” – A major U.S. healthcare provider
“We strive to offer a world-class student life experience with state-of-the-art campus facilities built on always-on infrastructure. We’re delighted to pioneer Cisco’s new wireless stack, which includes Cisco Catalyst 9100 access points and Cisco Catalyst 9800 controllers. It allows us to use Cisco’s intent-based networking solution that ensures simplified operations, security, and reliability of our networks at scale – a major U.S. university
“The Cisco Catalyst 9115 and 9117 access points are shaping up to be a worthy successor to the Aironet access points. One customer regularly has over 400 clients connecting to Catalyst access points and they are performing great!” – A Cisco global partner
Cisco DNA Center
How does an intent-based network support mission-critical deployment?Cisco DNA Center is the network management and command center for your IBN— both wired and wireless. Combining management, automation, analytics, and security, Cisco DNA Center simplifies network management and speeds innovation.
Cisco User Defined Network, a feature available in Cisco DNA Center, allows IT staff to give end users oversight of their very own wireless network partition. End users can remotely and securely deploy their devices on their own private portion of the network. Perfect for university dormitories or extended hospital stays, Cisco User Defined Network grants both device security and control, allowing end users the choice of who can connect to their network. They are able to register their devices from their homes before they reach their destinations via an intuitive mobile app. Once they arrive on campus, their devices are connected to their personal network and are ready to be used. UDN available second half of calendar year 2020.
Cisco DNA Assurance
Your network is full of all the data you need to optimize it and manage it better. Cisco DNA Assurance lets you put that data to work without a complete network overhaul. And Cisco DNA Wireless Assurance gives you complete network visibility and troubleshooting, time savings and efficiency, and insights based on real-time and historical data to make predictions and resolve issues.
- Cisco DNA Assurance makes it easy to troubleshoot issues and provides insight into your network through analytics
- Cisco DNA Center provides a single-pane-of-glass command center for both your wired and wireless network
- Encrypted Traffic Analytics provides visibility into the traffic crossing your network—even the encrypted traffic—to spot hidden threats
- Cisco SD-Access provides automated, policy-based segmentation across your access network
The Wi-Fi 6 readiness dashboard is a new dashboard in the Assurance menu of Cisco DNA Center. It will look through the inventory of all devices on the network and verify device, software, and client compatibility with the new Wi-Fi 6 standard. After upgrading, advanced wireless analytics will indicate performance and capacity gains as a result of the Wi-Fi 6 deployment. This is an incredible tool that will help your team define where and how the wireless network should be upgraded. It will also give you insights into the access point distribution by protocol (802.11 ac/n/abg), wireless airtime efficiency by protocol, and granular performance metrics.
Cisco DNA Automation
Cisco DNA Center allows you to automate a variety of network tasks to simplify network management and achieve intent-based networking potential. Some automation capabilities include software upgrades and image management, zero-touch device provisioning, Enterprise Network Functions Virtualization (ENFV), and easy quality of service automation.
The power of the network lies in its infrastructure. When you build a strong infrastructure foundation with the right products, you'll be prepared to innovate and adapt to new capabilities.
Cisco Catalyst 9800 Series Wireless Controllers
Cisco Catalyst 9800 Series Wireless Controllers (Figure 5) combine the best of RF excellence with the benefits of Cisco IOS XE to deliver some of the industry’s most reliable and secure controllers.
The 9800 Series controllers are ready to deploy anywhere: on-premises, in the cloud, or embedded on a Cisco Catalyst access point or switch. They provide high availability to keep services always on during planned and even unplanned events. And they have built-in security and support advanced security features such as Encrypted Traffic Analytics and secure segmentation with Cisco SD Access. On top of that, they’re compatible with the new Cisco Catalyst 9100 Access Points, which support Wi-Fi 6.
The 9800 Series wireless controllers are the next generation of controllers bridging the intent-based networking portfolio and offering deployment flexibility. Powered by Cisco IOS XE, the 9800 Series controllers are always on, secure, and deployable anywhere. Software updates with no disruptions and rolling access point upgrades completely change the definition of “always on.”
Secure means increased threat detection in encrypted traffic and automated macro- and micro-segmentation. Finally, the ability to deploy on-premises, in either a private or public cloud, or embedded in a switch or access point promises a freedom that no other controller currently offers.
Key benefits of Cisco Catalyst 9800 Series controllers:
- Always on - Driven by high availability, the ability to provide limited downtime during upgrades is a significant benefit of the 9800 Series controllers. Bug fixes, access point deployment in multiple sites, network updates, and more can be deployed without impacting the operations of the networks.
With Cisco In Service Software Upgrade (ISSU), network downtime during a software update or upgrade is a thing of the past. ISSU is a complete image upgrade and update while the network is still running. The software image—or patch—is pushed onto the wireless controller while traffic forwarding continues uninterrupted. All access point and client sessions are retained during the upgrade process.
With just a click, your network automatically upgrades to the newest software. Here’s how it works: The backup Cisco Catalyst 9800 Series controller receives the new software that is pushed via the active 9800 Series controller. Then the backup controller becomes active and takes over your network, while your previously active controller turns into the backup controller and processes the software upgrade. Using an intelligent RF-based rolling access point upgrade, all APs get upgraded in a staggered fashion without impacting any wireless session.
The active and redundant pair, running two different versions, still keep the network running.
- Secure - According to a recent poll, nearly one-third of respondents have been victims of cybercrime. Not only that, but the industry average to detect a common threat can be up to 100 days. The 9800 Series controllers are built around the idea that wireless becomes the strongest first line of defense. Thanks to built-in security features, 9800 Series controllers are ready to detect any threat and defend against any compromised infrastructure.
-Can be deployed anywhere: - Deploy anywhere to enable wireless connectivity everywhere. Whether on-premises, in a private or public cloud, or embedded on a switch or access point, 9800 Series controllers offer multiple deployment and scale options to best meet any organization’s needs. It doesn’t matter whether your deployment choice is on a private or a public cloud; the 9800 Series is cloud-agnostic and allows for management and deployment anywhere. The wireless controllers can be deployed on VMware ESXi, KVM, and Cisco Enterprise Network Compute System (ENCS) in a private cloud or on AWS in a public cloud.
Cisco Catalyst 9800-L Wireless Controller: For small and medium-sized businesses, the 9800-L is the ideal choice because it is feature-rich and enterprise-ready to power your business-critical operations and transform end-user experiences. Choose between copper and fiber uplinks. This choice gives you flexibility in your network. The 9800-L supports up to 250 access point and 5000 clients and has 5-GBps throughput.
Cisco Catalyst 9800-40 Wireless Controller: The 9800-40 is a fixed wireless controller with seamless software updates for midsize and large enterprises. It supports up to 2000 access points and 32,000 clients and has 40-GBps throughput.
Cisco Catalyst 9800-80 Wireless Controller: The 9800-80 is a modular wireless controller with optional 100 Gigabit Ethernet (GE) modular uplinks and seamless software updates for large enterprises and campuses. It is feature-rich and enterprise-ready to power your business-critical operations and transform end-customer experiences. The 9800-80 supports up to 6000 access points and 64,000 clients and has 80-GBps throughput.
Cisco Catalyst 9800-CL Wireless Controller for Cloud: The 9800-CL is the next generation of enterprise-class wireless controllers for cloud, with seamless software updates for distributed branches and midsize campuses to large enterprises and service providers. Multiple scale options with a single deployment package are available to best meet your organization’s needs. The 9800-CL is available to deploy on either a private cloud (as a virtual machine) or public cloud.
As opposed to previous virtual WLC offerings from Cisco, the 9800-CL supports Cisco FlexConnect®, as well as central switching, mobility anchor, and SSO. The 9800-CL comes in three sizes:
-Small: Designed for distributed branches and small campuses supporting up to 1000 access points and 10,000 clients
-Medium: Designed for medium-sized campuses supporting up to 3000 access points and 32,000 clients
-Large: Designed for large enterprises and service providers supporting up to 6000 access points and 64,000 clients
Cisco Embedded Wireless Controller on Catalyst Switches (9800-SW): Embedded on a Cisco Catalyst 9000 switch, this wireless controller is exclusively for SD-Access-enabled distributed branches and small campuses. The Embedded Wireless Controller on Catalyst Switches supports up to 200 access points and 4000 clients.
Cisco Embedded Wireless Controller on Catalyst Access Points: The Cisco Embedded Wireless Controller on Catalyst Access Points puts control right on the access point, delivering a cost-effective Wi-Fi 6 network that is easy to deploy and manage, without a dedicated physical appliance. It is best for distributed enterprises or organizations that want to upgrade to Wi-Fi 6 with minimal IT resources. Just answer a few simple questions using the WebUI or mobile application, and your wireless network is up and running. Powered by Cisco IOS XE Software, the embedded wireless controller adds another choice to the Cisco Catalyst 9800 Series deployment options and provides a clear upgrade path as your network needs grow.
Cisco Catalyst 9100 Access Points
Cisco Catalyst 9100 Access Points (Figure 6) prepare your network for the future of supporting, and going beyond, Wi-Fi 6.
With users expecting an immersive experience, coupled with IoT becoming the new mobile, we are now more dependent on Wi-Fi than ever before. Cisco Catalyst 9100 Access Points, powered by Wi-Fi 6 technology and supporting Cisco’s intent-based networking architecture, are ready for the growing user expectations, IoT devices, and next-generation cloud-driven applications.
With the ability to handle increased mobile traffic, as well as support IoT at scale, Cisco’s first Wi-Fi 6 access points have superior RF innovations and will expand wireless access with intelligence to provide a secure, reliable, high-quality wireless experience for all networks.Moving to Wi-Fi 6 will allow your wireless network to support up to four times the capacity of previous standards, consume up to 3x less power on end devices that support the Wi-Fi 6 standard, and experience reduced latency, greater IoT coverage, and improved interference mitigation for better quality of experience. The Catalyst 9100 then goes beyond Wi-Fi 6 with programmable RF ASICs and other advanced capabilities.
Moving to Wi-Fi 6 will allow your wireless network to support up to four times the capacity of previous standards, consume up to two-thirds less power on end devices that support the Wi-Fi 6 standard, and experience reduced latency, greater IoT coverage, and improved interference mitigation for better quality of experience. The Cisco Catalyst 9100 then goes beyond Wi-Fi 6 with programmable RF ASICs and other advanced capabilities.
Key benefits of Catalyst 9100 Access Points:
- Reliability - Always connected, always dependable; a seamless experience.
- Capacity - 8802.11ax sends out more data to more clients than any other version of the 802.11 standard. Latency is reduced by 50 percent with more than 100 devices communicating at the same time. Both access points use OFDMA and MU-MIMO to help dole out resources for applications. For example, OFDMA is ideal for low-bandwidth applications and increases efficiency while reducing latency. For highbandwidth applications, MU-MIMO increases capacity, resulting in higher speeds per user. Look at MU-MIMO as multiple trucks serving users simultaneously, while OFDMA is one truck serving each user.
- Bandwidth - More applications are able to run at speeds up to four times faster than 802.11ac. With Spectrum Intelligence and interference and rogue detection, you can be sure that your network is clear of any issues that could hinder a seamless connection.
- Enhanced features - Cisco RF ASIC delivers Cisco CleanAir technology, wIPS, and DFS detection in addition to Fast Locate, available in the Cisco Catalyst 9120AX and 9130AX Series Access Points. The 9100 access points also support Target Wake Time (TWT), which is a new power-saving mode that allows a client to stay asleep and to wake at prescheduled times to exchange data with the access point. The energy savings over 802.11n and 802.11ac are significant, with up to three to four times the savings provided by older standards. In addition, TWT improves power and battery efficiency in end devices like smartphones, tablets, and IoT devices.
- Supports both PoE+ and PoE - The 9100 access points have a 15.4W PoE mode for efficiency and rarely exceed 30W. If that does happen, Multigigabit provides Universal Power over Ethernet (Cisco UPOE®).
- Secure connections for remote workers or the micro-office. Any Cisco Catalyst access point can function as an OfficeExtend Access Point (OEAP). With an OEAP, an employee at home or in a temporary micro-office will have access to the corporate SSID and the corporate network without the need to set up a VPN or have any advanced technical know-how.
- Addresses the growing IoT explosion - The 9100 access points also offer multilingual support and application hosting of IoT protocols such as Wi-Fi, BLE, and Zigbee.
- Customizable with a programmable RF ASIC - The 9120AX and 9130AX Series access points have a custom RF ASIC and provide real-time analytics, which, when combined with Cisco DNA Assurance, allows you to gain RF intelligence and visibility that can be analyzed and used to run your network more efficiently. The custom RF ASIC also has a dedicated third radio that is automatically enabled during highdensity scenarios. This goes along with delivering other features such as RF interference mitigation and rogue detection.
Cisco Catalyst 9115AX and 9117AX Series Access Points: - These access points can enable your infrastructure to handle increased mobile traffic. Ready for the next generation of wireless, Cisco Catalyst 9115AX and 9117AX Series Access Points are flexible and scalable and support Wi-Fi 6. Perfect for small to medium-sized networks, these access points have higher capacity, greater range, improved security, reduced latency, and better power efficiency.
Cisco Catalyst 9120AX Series Access Points: - The 9120AX Series scales to the growing demands of IoT while fully supporting the latest innovations and new technologies. Not only that, but it is the leader in performance, security, and analytics. The 9120AX Series access points support both OFDMA and MU-MIMO, delivering more predictable performance for advanced applications and IoT. Additionally, with up to 2.5 Gbps with NBASE-T and IEEE 802.3bz Ethernet compatibility, the 9120AX Series can seamlessly offload network traffic without any bottlenecks.
Cisco Catalyst 9130AX Series Access Points - For large enterprise organizations that will see the coming increase in mobile and IoT traffic, the 9130AX Series goes beyond the Wi-Fi 6 standard and employs a host of resilient, secure, and intelligent features. For stellar scale and performance, the 9130AX Series has four radios. It also includes Flexible Radio Assignment, allowing for an automatic frequency change when more devices log on to the network. The 9130AX Series is powered by a programable RF ASIC that provides real-time analytics for a far more efficient network. Other features, such as integrated security, full Intelligent Capture, and more, equip your network to deliver a superior wireless experience. To backhaul the data, the 9130AX Series is equipped with a 5- Gbps Multigigabit IEEE 802.3bz Ethernet port.
Cisco Catalyst 9000 fixed and modular switches
Cisco Catalyst 9000 fixed and modular switches (Figure 7) were built to address the demands of Wi-Fi 6, including Multigigabit speeds and security in a mobile-first, cloud-driven world.
Get an industry-leading security portfolio built on Talos® threat intelligence, Encrypted Traffic Analytics, MACsec encryption, and more. With a multi-domain, intent-based network, you’ll also experience high availability and resiliency, with features like ISSU, Graceful Insertion and Removal (GIR), and hot patching. You also get seamless integration with full-stack programmability from ASIC to OS.
Customers need to procure a campus switch equipped with a robust hardware architecture to satisfy today’s requirements for security, mobility, and agility. The software stack for these switches should complement the hardware’s programmability and offer simple, open, and standards-based mechanisms to allow customers to enable new services without complexity and compromise.
The Cisco Catalyst 9000 switching family is built for the new era of networking. Today’s competitive switches for the campus are no match and are unsuitable for customers in this new era of networking. The Cisco Catalyst 9000 switches form the foundational building block for Cisco SD-Access, Cisco’s lead enterprise architecture. The Cisco Catalyst 9000 is a single family with a coherent set of features and purpose.
Cisco Catalyst 9200 Series Switches extend the power of intent-based networking and Cisco Catalyst 9000 hardware and software innovation to a broader set of deployments. With its family pedigree, the Cisco Catalyst 9200 Series offers simplicity without compromise: they are secure, always on, and IT-simplified.
As foundational building blocks for the Cisco Digital Network Architecture (Cisco DNA), the 9200 Series switches help customers reduce complexity, optimize IT, and lower operational costs by leveraging intelligence, automation, and human expertise that no other vendor can deliver, regardless of where you are in the intent-based networking journey.
The Cisco Catalyst 9200 Series provides security features that protect the integrity of the hardware as well as the software and all data that flows through the switch. These switches provide resiliency that keeps your business up and running seamlessly.
Combine that with the open APIs of Cisco IOS XE and the programmability of the UADP ASIC technology, and you’ll find that the Cisco Catalyst 9200 Series gives you what you need now with investment protection for future innovations.
With full PoE+ capability, power and fan redundancy options, stacking bandwidth up to 160 Gbps, modular uplinks, Layer 3 feature support, Multigigabit support, and cold patching, Cisco Catalyst 9200 Series Switches are an industry-leading solution with differentiated resiliency and progressive architecture for cost-effective branch-office access.
The 9200 Series also supports enhanced security with AES-128 MACsec encryption; policy-based segmentation; trustworthy solutions; Layer 3 capabilities, including Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Intermediate System to Intermediate System (IS-IS), Routing Information Protocol (RIP), and routed access; advanced network monitoring using full Flexible NetFlow; and an ASIC with programmable pipeline and micro-engine capabilities, along with template-based, configurable allocation of Layer 2 and Layer 3 forwarding; ACLs; and Quality-of-Service (QoS) entries. The 9200 Series was designed to replace the Cisco Catalyst 2960-X and 2960-XR Series Switches.
Cisco Catalyst 9300 Series Switches are Cisco’s lead stackable enterprise switching platform built for security, IoT, mobility, and cloud, and are the next generation of the industry’s most widely deployed switching platform.
The 9300 Series is the industry’s first optimized platform for Wi-Fi 6 and 802.11ac Wave2, with support for 2.5 and 5 Gbps and Multigigabit downlinks. They offer support for 90W UPOE+, 60W UPOE, and 30W PoE+. The 9300 Series supports the Cisco Catalyst 9800 embedded wireless controller, wired sensor, AV Bridging (AVB), and the highest density of Wi-Fi 6 and 802.11ac Wave 2 in a single-rack-unit (RU) box. The 9300 Series has an exceptionally flexible fixed and modular uplink architecture, with support for 1 Gbps, Multigigabit, 10 Gbps, 25 Gbps, and 40 Gbps.
The platform offers a choice of Multigigabit, 2.5-Gbps, and 1-Gbps copper and 1-Gbps SFP fiber Ethernet switches with 80-Gbps uplink bandwidth. The 9300 Series is currently the industry’s highest 480-Gbps stacking bandwidth solution. Cisco StackWise virtual technology provides exceptional scale (448 ports per stack) and flexibility of deployment for the platform, with support for the best NSF/SSO resiliency architecture for a stackable solution (sub-50 ms). The 9300 Series is the only switching platform in the industry today with support for front- and back-panel stacking, optimizing it for a variety of deployments.
The Cisco Catalyst 9300 Series also has a highly resilient and efficient power architecture, with StackPower that delivers a high density of UPOE+, UPOE, and PoE+ ports. The 9300 Series provides unmatched PoE resiliency capabilities such as Perpetual and Fast PoE, optimizing it for IoT deployments. It has support for the most efficient power supplies in the industry. The 9300 Series also offers price-optimized options for small to midmarket deployments with the fixed-uplink Cisco Catalyst 9300L models.
Cisco Catalyst 9300L options offer almost all the features of the other 9300 Series models, including double the density of our legacy platforms, such as the Cisco Catalyst 3650 Series Switches and even our Cisco Catalyst 9200 Series Switches. In fact, compared to the 9200 Series, the 9300L models offer a leap forward in scale and features, with just a small 7 percent increase in price. The 9300L models were designed to replace the Cisco Catalyst 3650 and 3850 Series Switches.
Cisco Catalyst 9400 Series Switches are Cisco’s lead modular enterprise switching access platform, built for security, IoT, and cloud. The platform provides exceptional investment protection, with a chassis architecture that is capable of supporting up to 9 Tbps of system bandwidth and outstanding power delivery of 90W UPOE+, 60W UPOE, and 30W PoE+. Redundancy is now a minimum entry requirement across the portfolio, and the Cisco Catalyst 9400 Series delivers state-ofthe- art high availability with capabilities such as ISSU, NSF/SSO, uplink resiliency, N+1/ N+N redundancy for power supplies, Perpetual PoE, and Fast PoE. The platform is enterprise-optimized with an innovative dual serviceable fan-tray design and side-to-side airflow. It is closet-friendly, with a depth of approximately 16 inches. A single system can scale up to 384 access ports (768 with StackWise Virtual) with a choice of Multigigabit, 1 Gbps copper or SFP, 10 Gbps SFP+, UPOE+/UPOE, and PoE+ options.
The platform also supports advanced routing and infrastructure services, SD- Access border capabilities, and network system virtualization with StackWise Virtual technology, enabling optional placement of the platform in the core and aggregation layers of small to midsize campuses. The 9400 Series was designed to replace the Cisco Catalyst 4500-E and 6500 Series Switches.
Cisco Catalyst 9500 Series Switches are Cisco’s lead purpose-built fixed core and aggregation enterprise switching platform, built for security, IoT, and cloud. The 9500 Series is the industry’s first purpose-built 100- Gbps and 40-Gbps switch targeted for the enterprise campus, delivering exceptional table scales (MAC, route, and ACL) and buffering for enterprise applications.
The platform offers nonblocking 40-Gbps (QSFP) and 10-Gbps (SFP+) switches with granular port densities that fit diverse campus needs. The 9500 Series supports advanced routing and infrastructure services, including Multiprotocol Label Switching (MPLS) Layer 2 and Layer3 VPNs, Multicast VPN (MVPN), and Network Address Translation (NAT); SD-Access border capabilities such as a host tracking database, cross-domain connectivity, and VPN Routing and Forwarding (VRF)-aware Cisco Locator/ID Separation Protocol (LISP); and network system virtualization with Cisco StackWise Virtual technology that is critical for its placement in the campus core.
The platform also supports all the foundational high-availability capabilities such as patching, GIR, NSF/SSO, and redundant Platinum-rated power supplies and fans. The 9500 Series was designed to replace Cisco Catalyst 3850 Fiber, 4500-X, and 6880 and 6840 Series Switches.
Cisco Catalyst 9600 Series Switches are purpose-built for resiliency at scale with the industry’s most comprehensive security. The series allows your business to grow at a low total operational cost. Built upon the foundation of the Cisco Catalyst 9000 family, the 9600 Series offers scale and security when always-on is a must.
As the industry’s first purpose-built 40 and 100 Gigabit Ethernet line of modular switches targeted for the enterprise campus, the 9600 Series delivers industry-leading table scale (MAC, route, and ACL) and buffering for enterprise applications. The platform is hardware-ready to support a wired switching capacity of up to 25.6 Tbps, with up to 6.4 Tbps of bandwidth per slot. Cisco Catalyst 9600 Series Switches support granular port densities that fit diverse campus needs, including nonblocking dual-rate 40 and 100 Gigabit Ethernet (GE) Quad Small Form-Factor Pluggable (QSFP+, QSFP28) and multirate 1, 10, and 25 GE SFP, SFP+, and SFP28.
The switches also support advanced routing and infrastructure services, such as MPLS, Layer 2 and Layer 3 VPNs, MVPN, and NAT. The 9600 Series switches also support SD-Access capabilities, such as a host tracking database, cross-domain connectivity, and VRF-aware LISP; and network system virtualization with Cisco StackWise Virtual technology, which is critical for the switches’ placement in the campus core.
Additionally, 9600 Series switches support foundational high-availability capabilities such as patching, GIR, NSF/ SSO, redundant Platinum-rated power supplies, and fans. The 9600 Series was designed to replace the modular Cisco Catalyst 6500 and 6800 Series Switches.
Additionally, all switches in the Cisco Catalyst 9000 family:
- Support advanced security capabilities such as ETA,* MACsec-256,** and trustworthy solutions capabilities such as Plug and Play (PnP) Secure Unique Device Identifier (SUDI), and Trust Anchor
- Deliver IoT convergence with industry-leading scale and capabilities such as AVB/15881, service discovery, and “thing” classification
- Run a modern operating system—open Cisco IOS XE Software—which supports model-driven programmability, streaming telemetry, and patching
- Use x86-based CPUs and pluggable local for third-party container-based app hosting
- Provide outstanding application visibility and control with Cisco Network- Based Application Recognition 2 (NBAR 2)
*ETA is not available on Cisco Catalyst 9200 Series Switches.
**MACsec-128 is available on Cisco Catalyst 9200 Series Switches
Cisco Aironet Active Sensor
One of the challenges of wireless is planning for changing levels of demand. A conference or event can introduce a sudden jump in device density or increase expectations for application performance. The Cisco Aironet Active Sensor (Figure 8) is a compact wireless device that allows you to test real-world client experiences to validate that performance will meet your expectations in any environment.
Software and smart licensing
Cisco Wi-Fi 6 wireless products require Smart Licensing. This is a program that provides ease of use for Cisco software license management, consumption, and tracking.
There are two levels of software licensing managed through Smart Licensing:
Hardware operating system software licenses: These are perpetual licenses and are referred to as Cisco Network Essentials and Cisco Network Advantage licenses. These licenses are purchased for access points and wireless controllers
Cisco DNA software licenses: These are term-based licenses and are referred to as Cisco DNA Essentials, Cisco DNA Advantage, and Cisco DNA Premier licenses. These licenses are purchased for access points but are not required for wireless controllers
Cisco Network Essentials and Network Advantage licenses enable wireless fundamentals such as 802.1X authentication, QoS, PnP, telemetry and visibility, SSO, and security controls. These licenses are perpetual.
Cisco DNA software subscription licenses, mandatory at the time of hardware purchase, unlock Cisco DNA Center functionality, enabling controller-based softwaredefined automation and assurance in your network. The Cisco DNA Center controller is required to activate the Cisco DNA software capabilities. These term licenses are available in 3-, 5-, or 7-year subscriptions. When the Cisco DNA software subscription term expires, the Cisco DNA Center capabilities expire, but the perpetual Cisco Network Essentials or Network Advantage features remain in effect.
Figures 9 through 11 provide detailed information on the capabilities provided in the different licensing tiers of Cisco DNA subscription software.
Figure 9. Details of the Cisco DNA Essentials software license for wireless
Cisco DNA Essentials subscription software, available in 3-, 5-, and 7-year terms, includes:
Basic automation with PnP application, network site design, and device provisioning
Element management with Software and Image Management (SWIM), discovery, network topology, and AVC
Basic assurance with a health dashboard, an AP floor and coverage map, and predefined reports
Basic security and telemetry, including Flexible NetFlow
Cisco Network Essentials perpetual software includes:
Essential wireless capabilities for Wi-Fi 6 authentication, guest access, device onboarding, infrastructure and client IPv6, ACLs, QoS, videostream, smart defaults, Radio Resource Management (RRM), Spectrum Intelligence, BLE, USB, Cisco TrustSec®, SGT Exchange Protocol (SXP), AP and client SSO, dynamic QoS, analytics, ADP, OpenDNS, mDNS, IPsec, and rogue management and detectionEssential wireless capabilities for Wi-Fi 6 authentication, guest access, device onboarding, infra and client IPv6, ACLs, QoS, videostream, smart defaults, RRM, spectrum intelligence, BLE, USB, Cisco TrustSec®, SXP, AP and client SSO, dynamic QoS, analytics, ADP, OpenDNS, mDNS, IPsec, rogue management and detection
Optimized RF, which includes Flexible Radio Assignment (FRA), ClientLink, Cisco CleanAir Advanced, NG-HDX, and predictive and proactive RRM
DevOps integration, which includes PnP agent, NETCONF, and YANG data models
IoT optimized refers to identity PSK and enhanced device profilers
Telemetry and visibility include model-driven telemetry
Figure 10. Details of the Cisco DNA Advantage software license for wireless
Cisco DNA Advantage subscription software, available in 3-, 5-, and 7-year terms, includes:
Advanced automation with SD-Access, location PnP, and automated Identify Services Engine (ISE) integration for guest and third-party API integration
Enhanced security and IoT includes Encrypted Traffic Analytics (ETA)
Policy-based workflows include EasyQoS configuring, and monitoring and policy-based automation
Assurance and analytics includes guided remediation, Apple iOS insights, proactive insight detection such as Aironet Active Sensor tests, Intelligent Capture, client location heatmaps, spectrum analyzer and application performance reports, and element management that shows patch lifecycle management
Cisco Network Advantage perpetual software includes:
High availability and resiliency with ISSU process restart, rolling AP upgrades, CLI patching, and AP service/device pack
Flexible network segmentation includes VXLAN
Figure 11. Details of the Cisco DNA Premier software license for wireless
Cisco DNA Premier subscription software, available in 3-, 5-, and 7-year terms, includes everything offered in the Cisco DNA Advantage license plus the ISE Base and ISE Plus license capabilities in an easy-to-purchase single SKU. Cisco Network Advantage perpetual software includes:
High availability and resiliency with ISSU process restart, rolling AP upgrades, CLI patching, and AP service/device pack
Flexible network segmentation includes VXLAN
As we approach the deployment of Wi-Fi 6 and 5G, get ready to experience a sudden leap in wireless networking capabilities. Cisco is making it easy to refresh your wireless infrastructure to take advantage of everything Wi-Fi 6 has to offer and to go beyond the standards with additional capabilities.
Learn more about Cisco Wi-Fi 6 solutions and products and get started today.