Cisco Unified Wireless Location-Based Services

Table Of Contents

Cisco Unified Wireless Location-Based Services


Reference Publications

Cisco Location-Based Services Architecture

Positioning Technologies

What is RF Fingerprinting?

Overall Architecture

Role of the Cisco Wireless Location Appliance

Solution Performance

What Devices Can Be Tracked

Installation and Configuration

Installing and Configuring the Location Appliance and WCS

Deployment Best Practices

Location-Aware WLAN Design Considerations

Traffic Considerations

RFID Tag Considerations

SOAP/XML Application Programming Interface

Cisco Unified Wireless Location-Based Services


With integrated location tracking, enterprise wireless LANs become much more valuable as a corporate business asset. Enterprise network administrators, security personnel, and others directly responsible for the health and well-being of business-class networks have expressed great interest in location-based services to allow them to better address issues in their environments such as the following:

Quickly and efficiently locating valuable assets and key personnel

Improving productivity via effective asset and personnel allocation

Reducing loss because of the unauthorized removal of assets from company premises

Improving customer satisfaction by rapidly locating critical service-impacting assets.

Improving WLAN planning and tuning capabilities.

Coordinating Wi-Fi device location with security policy enforcement

Meeting regulatory requirements for E911 calls

This chapter discusses the Cisco Location-Based Service (LBS) solution and the areas that merit special consideration involving design, configuration, installation, and deployment. Each of these areas is described in brief and reference is made to a comprehensive white paper entitled Wi-Fi Location-Based Services 4.1 Design Guide, which contains in-depth discussion and analysis and is available at the following URL: This chapter addresses the following topics:

The fundamentals of positioning technologies including lateration, angulation, and location patterning approaches.

Cisco RF Fingerprinting and its advantages over traditional positioning techniques

Traffic flow analysis between the Cisco Wireless Location Appliance and other network components

In-depth discussion of various RFID tag technologies including vendor-specific configuration information

How external third-party location client applications can interface with the Cisco Wireless Location Appliance

Reference Publications

This document makes extensive reference to the following white paper, which should be referenced for further detailed information regarding any section in this chapter:

Wi-Fi Location-Based Services 4.1 DesignGuide—

Additionally, review the following supplemental documents:

Release Notes for Cisco Wireless Location Appliance—

Cisco Wireless Location Appliance: Installation Guide—

Cisco Wireless Location Appliance: Deployment Guide—

Cisco Wireless Control System Release Notes, Release 4.0—

Cisco Wireless Control System Configuration Guide, Release 4.0—

In addition, Cisco recommends that you review Chapter 8, "Cisco Unified Wireless Control System," in this design guide.

Cisco Location-Based Services Architecture

Positioning Technologies

Location tracking and positioning systems can be classified by the measurement techniques they employ to determine mobile device location (localization). These approaches differ in terms of the specific technique used to sense and measure the position of the mobile device in the target environment under observation. Typically, Real Time Location Systems (RTLS) can be grouped into four basic categories of systems that determine position on the basis of the following:

Cell of origin (nearest cell)

Distance (lateration)

Angle (angulation)

Location patterning (pattern recognition)

An RTLS system designer can choose to implement one or more of these techniques. This may be clearly seen in some approaches attempting to optimize performance in two or more environments with very different propagation characteristics. An example of this is an RTLS system attempting to yield optimal performance for both indoor and outdoor applications by using two different techniques. It is not unusual to hear arguments supporting the case for a fifth category that encompasses RTLS systems that sense and measure position using a combination of at least two of these methods.

Keep in mind that regardless of the underlying positioning technology, the "real-time" nature of an RTLS is only as real-time as the most current timestamps, signal strengths, or angle-of-incidence measurements. The timing of probe responses, beaconing rates, and location server polling intervals can introduce discrepancies seen between actual and reported device position from one reporting interval to another.

The "Location Tracking Approaches" section of Wi-Fi Location-Based Services 4.1 Design Guide provides a foundation in the technical aspects of traditional location tracking and positioning systems. To better comprehend the differences between traditional approaches and RF Fingerprinting, this section is highly recommended reading, because it thoroughly explains the concepts of cell of origin, time of arrival (ToA), time difference of arrival (TDoA), angle of arrival (AoA), and location patterning.

What is RF Fingerprinting?

Cisco RF Fingerprinting refers to a new and innovative approach that significantly improves the accuracy and precision available with traditional signal strength lateration techniques. Cisco RF Fingerprinting offers the simplicity of an RSSI-based lateration approach with customized calibration capabilities and improved indoor performance.

RF Fingerprinting significantly enhances RSS lateration through the use of RF propagation models developed from data gathered in the target environment or environments very similar to it. RF Fingerprinting offers the ability to calibrate an RF model to a particular environment in a fashion similar to (but more expeditious than) that of location patterning. But unlike location patterning, a unique custom site calibration is not always required, especially in situations where multiple floors of similar construction, contents, and layout are deployed.

Cisco RF fingerprinting offers several other key advantages over the approaches described in the "Location Tracking Approaches" section of Wi-Fi Location-Based Services 4.1 Design Guide:

Uses existing LWAPP-enabled Cisco Unified Networking components—Unlike some other solutions, Cisco LBS with RF Fingerprinting is a 100 percent Wi-Fi RTLS without the need for specialized time-based receivers or other specialized hardware that must be mounted alongside each access point. The Cisco Location Appliance is added to support location and statistics history and serves as a centralized positioning engine for the simultaneous tracking of up to 2500 devices per appliance.

No proprietary client hardware or software required—The Cisco RF Fingerprinting-based RTLS solution is implemented as a network-side model and not client-side. Because of this, Cisco RF Fingerprinting can provide location tracking for a wide variety of industry-standard Wi-Fi clients (not just WinXP/2000/PPC) without the need to load proprietary client tracking software or wireless drivers in each client. This includes popular VoIP handsets such as the Cisco 7920 and other devices for which proprietary location tracking client software is not readily available nor installable.

Supports popular Wi-Fi active RFID asset tags—Because the Cisco LBS solution implements RF Fingerprinting as a network-side model, there is no dependency on proprietary software being resident in RFID asset tags. This enables the Cisco LBS solution to interoperate with active RFID asset tags from popular vendors including AeroScout and PanGo Networks. Cisco also publishes a complete RFID tag specification that is available to Cisco Technology Partners and encourages the development of interoperable active RFID tag hardware. The Cisco LBS solution is capable of tracking other Wi-Fi active RFID tags that can be configured to authenticate/associate to the underlying installed Cisco centralized WLAN infrastructure as a WLAN client.

Better accuracy and precision—The Cisco RF Fingerprinting approach yields significantly better performance than solutions employing pure triangulation or signal strength lateration techniques. These techniques typically do not account for effects of attenuation in the environment, making them highly susceptible to reductions in performance. The advantages of Cisco RF Fingerprinting technology start where these traditional approaches leave off. Cisco RF Fingerprinting begins with a significantly better understanding of RF propagation as it relates specifically to the environment in question. Except for the calibration phase in location patterning approaches, none of the traditional lateration or angulation techniques take environmental considerations directly into account in this manner. RF Fingerprinting then goes a step further and applies statistical analysis techniques to the set of collected calibration data. This allows the Cisco Location Appliance to further refine predicted location possibilities for mobile clients, culling out illogical or improbable data and refining accuracy. The net result of these methods is not only better accuracy but significantly improved precision over traditional solutions.

Reduced calibration effort—Cisco RF Fingerprinting technology offers the key advantages of an indoor location patterning solution but with significantly less effort required for system calibration. While both approaches support on-site calibration, the Cisco RF Fingerprinting approach requires less frequent re-calibration and can operate with larger inter-access point spacing. Cisco RF Fingerprinting can also share RF models among similar types of environments and includes pre-packaged calibration models that can facilitate rapid deployment in typical indoor office environments.

Additional information regarding RF Fingerprinting and all four of these key advantages can be found in the "Location Based Services Architecture" section of Wi-Fi Location-Based Services 4.1 Design Guide.

Overall Architecture

The overall architecture of Cisco LBS is shown in Figure 15-1.

Figure 15-1 Cisco Location-Based Services Solution Architecture

Access points forward received signal strength information to WLAN controllers with regard to the observed signal strength of any Wi-Fi clients, 802.11 active RFID tags, rogue access points, or rogue clients. In normal operation, access points focus their collection activities for this information on their primary channel of operation, going off-channel and scanning the other channels in the regulatory channel set of the access point periodically. The collected information is forwarded to the WLAN controller to which the access point is currently registered. Each controller manages and aggregates all such signal strength information coming from its access points. The location appliance uses SNMP to poll each controller for the latest information regarding each tracked category of devices. In the case of a location tracking system deployed without a location appliance, the Cisco Wireless Control System (WCS) retrieves this information from the appropriate controller(s) directly.

WCS and the location appliance exchange information regarding calibration maps and network designs during a process known as synchronization. During a network design synchronization between WCS and the location appliance, the "up-to-date" partner updates the design and calibration information of the "out-of-date" partner. The location appliance synchronizes with each controller containing access points participating in location tracking during controller synchronization. Synchronization occurs either on-demand or as a scheduled task, the timing of which is determined by the Administration > Scheduled Tasks main menu option under the WCS main menu bar.

Location information is displayed to the end user using a location client application in conjunction with the Cisco Wireless Location Appliance. Typically this role is fulfilled by the Cisco WCS.

Note For important information regarding compatibility between versions of WCS and the Cisco Wireless Location Appliance, see Release Notes for Cisco Wireless Location Appliance at the following URL:

As described in subsequent sections of this document, the WCS is capable of displaying a wide range of information regarding the location of clients, asset tags, rogue access points, and rogue clients. However, location client functionality is not limited to WCS. Other third-party applications may be written in accordance with the Cisco Location Appliance Application Programming Interface (API) as well. Using the Simple Object Access Protocol (SOAP)/Extensible Markup Language (XML) protocol, these applications can also serve as location clients to the Wireless Location Appliance (see Figure 15-1). The Cisco Location Appliance is also capable of issuing notifications to external systems via e-mail (SMTP), Syslog, SNMP traps, or the SOAP/XML protocol.

Note Additional information regarding the overall architecture of the Cisco LBS solution can be found in the "Location-Based Services Architecture" section of Wi-Fi Location-Based Services 4.1Design Guide located at the following URL:

Role of the Cisco Wireless Location Appliance

When a Cisco Location Appliance is added into a Cisco LWAPP-enabled Unified Wireless Network with an appropriately licensed version of WCS, the location appliance assumes responsibility for several important tasks. Key among these are the execution of positioning algorithms, maintenance of calibration information, triggering and dispatch of location notifications, and the ongoing processing of historical location and statistics information. WCS acts in concert with the location appliance by serving as the user interface (UI) for the services the location appliance provides. Although it is possible to access the location appliance directly via SSH or a console session, all end user interaction with the location appliance is typically via WCS or a third-party location client application (except for initial setup of the location appliance and whenever it is necessary to quiesce the appliance).

The integration of a Cisco Location Appliance into a Cisco Unified Wireless Network architecture immediately enables improvements in network location capabilities such as the following:

Scalability—Adding a Cisco Location Appliance greatly increases the scalability of the Cisco LBS solution from on-demand tracking of a single device to a maximum capacity of 2500 devices (WLAN clients, RFID tags, rogue access points, and rogue clients). For deployments requiring support of greater numbers of devices, additional location appliances can be deployed and managed under a common WCS.

Historical and statistics trending—The appliance records and maintains historical location and statistics information, which is available for viewing via WCS.

Location notifications—The Cisco Location Appliance can dispatch location-based event notifications via e-mail, Syslog, SNMP traps, and SOAP/XML directly to specified destinations. These notifications can be triggered simply if the location of a client or asset changes, the client or asset strays beyond set distances from pre-determined marker locations, or the client or asset otherwise becomes missing or enters/leaves coverage areas. Notifications can also be generated for asset tag battery levels (that is, low battery notification).

SOAP/XML Location Application Programming Interface (API)—The Location Appliance API allows customers and partners to create customized location-based programs that interface with the Cisco Wireless Location Appliance. These programs can be developed to support a variety of unique and innovative applications including real-time location-based data retrieval, telemetric device management, workflow automation, enhanced WLAN security, and people or device tracking. The API provides a mechanism for inserting, retrieving, updating, and removing data from the Cisco Wireless Location Appliance configuration database using an XML SOAP interface. Developers can access the Cisco Wireless Location Appliance provisioning services using XML and exchange data in XML format. The location appliance API is available and licensable to the Cisco development community along with tools to facilitate solution development. Integration support is available via the Cisco Developer Services Program. For complete details, see

Solution Performance

When discussing the performance of a positioning system, the metric that is most familiar and significant is accuracy, which typically refers to the quality of the information being received. Location accuracy refers specifically to the quantifiable error distance between the estimated location and the actual location of the mobile device.

In most real-world applications, however, a statement of location accuracy has little value without the ability of the solution to repeatedly and reliably perform at this level. Precision is a direct measure reflecting on the reproducibility of the stated location accuracy. Any indication of location accuracy should therefore include an indication of the confidence interval or percentage of successful location detection as well, otherwise known as the location precision.

When properly deployed, the accuracy and precision of the Cisco LBS solution in indoor deployments is represented in two ways, as follows:

Accuracy of less than or equal to 10 meters, with 90 percent precision

Accuracy of less than or equal to 5 meters, with 50 percent precision

In other words, given proper design and deployment of the system, the error distance between the reported device location and the actual location should, in 90 percent of all reporting instances, be within 10 meters or less. In the remaining 10 percent of all reporting instances, the error distance may be expected to exceed 10 meters. Note that these specifications apply only to solutions using RF Fingerprinting; namely, the use of a WCS licensed for location usage (with or without a location appliance).

For applications that require better performance than an accuracy of 10 meters with 90 percent precision, the Cisco LBS solution can deliver accuracy of 5 meters but with 50 percent precision. Or stated another way, in 50 percent of all reporting instances, it can be reasonably expected that the error distance between the reported and the actual location will exceed 5 meters. In addition, the location inspection tool (a new feature with release 4.0 of WCS and 2.1 of the location appliance) can display various levels of accuracy and precision from 2m to 100m and the areas of your environment that can meet these accuracy targets. Using the location inspection tool in conjunction with new predictive tools (available in WCS release 4.0 and Location Appliance release 2.1), such as the location planner and the location readiness, the network designer now can not only plan for achieving stated performance goals but verify that these targets are indeed being met.

What Devices Can Be Tracked

The Cisco LBS solution can provide position tracking information for the following:

Standard WLAN clients or Wi-Fi 802.11 active RFID tags that are probing, are associated or attempting association with your controller-based location-aware wireless LAN infrastructure. This includes PanGo Locator LAN RFID tags and other RFID tags that are capable of successfully authenticating and associating to the underlying WLAN infrastructure. These types of wireless LAN clients are displayed on the WCS location floor maps using a blue-rectangular icon .

802.11 active RFID asset tags (which communicate via Layer 2 multicasts and do not associate to the WLAN infrastructure) are displayed on WCS floor maps as a yellow tag icon .

Rogue access points are access points that are detected by the wireless LAN infrastructure and determined not to be members of the same mobility group or WLAN system. These are indicated on WCS location floor maps using a skull-and-crossbones within a black circle .

Rogue clients are clients associated to rogue access points. Rogue clients are displayed on the WCS location floor maps using a black rectangle icon with a skull-and-crossbones .

Note Comprehensive information regarding each trackable class of device that can be displayed by the Cisco LBS solution for each is found in the "Location-Based Services Architecture" section of Wi-Fi Location-Based Services 4.1 Design Guide located at

Installation and Configuration

Installing and Configuring the Location Appliance and WCS

Detailed procedures for installing and configuring the Cisco Wireless Location Appliance and WCS can be found via the references mentioned in the "Installation and Configuration" section of Wi-Fi Location-Based Services 4.1 Design Guide.

Configuration of the parameters listed under the WCS Location Server > Administration menu are discussed in the document entitled Cisco Location Appliance Configuration Guide: Editing Location Server Properties at the following URL:

However, there are additional ramifications associated with making changes to the factory defaults that need to be carefully considered. This and other valuable information that a designer of a location-enabled wireless LAN should consider can be found in the "Installation and Configuration" section in Wi-Fi Location-Based Services 4.1 Design Guide, including the following:

History parameters

History archive period

History data pruning

Advanced parameters

Absent data cleanup interval

DB disk memory

Run Java GC

Defragment database

DB free size

Location parameters

Enable calculation time

Enable OW location

Relative RSSI discard time

Absolute RSSI discard time

RSSI cutoff

Location server notification parameters

Location server dual Ethernet operation

Location server time synchronization

Setting passwords for the Wireless Location Appliance

Proper shutdown (quiescing) of the Wireless Location Appliance

Deployment Best Practices

Location-Aware WLAN Design Considerations

The past decade has witnessed the best practice design of enterprise-ready wireless LANs evolve from being centered around the model of maximum coverage using minimum AP count to a new model where coverage uniformity and proper cell-to-cell overlap are the predominant criteria. This has been driven by increasing interest in deploying new wireless applications such as wireless voice with its intolerance for large amounts of dropped packets and high roaming delays. In a similar fashion, deploying location-based applications using a Wi-Fi wireless LAN requires a modification of the current approach, both in how new "location-aware" installations are designed, and also in how an existing deployment is augmented or retrofitted to take advantage of new location-tracking applications. For location tracking to function optimally, the correct number of access points along with proper access point placement is necessary to assure that mobile devices are properly detected as they move about in the WLAN environment.

The "Deployment Best Practices" section of Wi-Fi Location-Based Services 4.1 Design Guide discusses in great detail several best-practice recommendations for location-aware WLAN deployments. These best-practice recommendations are briefly described here:

Minimum detected received signal thresholds—For mobile devices to be tracked properly, it is highly recommended that access points report mobile device RSSI to their respective controllers at levels meeting or exceeding the RSSI cutoff value that is configured in WCS. A minimum of three access points (and preferably four or more for optimum accuracy) should be reporting this level of signal strength or better for any device being localized. Mobile device RSSI reported below this level may be discarded by the location appliance.

Correct access point placement—Proper placement and density of access points is critical to achieving the quoted performance of the Cisco location tracking solution. In many office wireless LANs, access points are distributed throughout interior spaces, thereby providing coverage to the surrounding work areas. These locations are usually selected on the basis of coverage, WLAN bandwidth, channel re-use, cell-to-cell overlap, security, aesthetics, and deployment feasibility. In a location-aware WLAN design, however, access points must not be located based solely on these criteria.

Correct access point density—Access point density also has a significant effect on location tracking performance. Although there is no single steadfast rule that yields the proper density in every environmental situation, a good suggested starting point is to incorporate the signal threshold and placement suggestions made in the "Deployment Best Practices" section of Wi-Fi Location-Based Services 4.1 Design Guide. Chief among these is the adherence to an inter-access point separation of 50 to 70 feet, which often results in one location-aware access point being deployed approximately every 2500 to 4900 square feet.

Minimizing excessive co-channel interference—In many cases, location-based services are added or retrofitted to an existing wireless design, some of which encompass wireless voice handheld devices (such as the Cisco 7920). When designing a location-aware solution that will be used in conjunction with such latency-sensitive application devices, special care needs to be taken to ensure that excessive co-channel interference is not introduced into the environment. The needs of an optimal location-aware design must be carefully balanced against the stringent requirements of a properly designed wireless voice infrastructure.

Avoiding location display "jitter"—At times, devices appear to move on location displays even though they are known to physically be at rest. This is because of a variety of factors, including movement of other objects in the environment and slight changes in the orientation of the client antenna over time. Release 4.0 of WCS and 2.1 of the Location Appliance introduce the concept of location smoothing to assist in counteracting this phenomena and stabilize location jitter for clients that are not in constant motion.

Multi-floor structures—In multi-floor structures such as office buildings, the location appliance must continually analyze all available signal strength data and make determinations as to which floor each mobile device is currently resident. The location appliance does this by comparing the detected signal strength of the client from access points located on each floor, assigning metrics, and then undergoing a series of calculations to determine the best placement. Understanding the mechanics behind how this is done allows the network designer to lower the potential for floor mis-detects.

Multi-domain design considerations—In release 2.1 of the Location Appliance, the capacity of the system has increased from 1500 to 2500 total devices, which includes WLAN clients, asset tags, rogue access points, and clients. When combined with the expanded management capacities available using release 4.0 of WCS, a single location appliance and WCS management system should suffice for the majority of applications. However, in larger networks, it may be necessary to use either a single WCS server with multiple location appliances or multiple WCS servers with one or more location appliances, each to address the largest of deployments.

Antenna considerations—A listing of the supported access point and antenna combinations for use with the Cisco LBS solution, tips on third party antennas, and antenna orientation best practices.

Site calibration—Important tips on performing site calibrations, calibration validity, choosing a calibration client, and improving overall calibration performance.

Traffic Considerations

The Cisco Wireless Location Appliance and the Cisco WCS are part of the Cisco Unified Wireless Network with each deployed as a separate hardware component for optimum scalability and maximum flexibility. Generally speaking, when all components are deployed in a campus arrangement via a well-designed 10/100/1000 infrastructure wired LAN, bandwidth is typically sufficient for proper operation of the LBS solution. In deployments supporting a large number of geographically distributed locations, further consideration with regard to data traffic load may be required.

The "Deployment Best Practices" section of Wi-Fi Location-Based Services 4.1 Design Guide provides valuable in-depth discussion and traffic flow analysis of the data flows between the location appliance, WLAN controllers, and WCS.

RFID Tag Considerations

The majority of RFID tags currently produced are passive RFID tags, consisting basically of a micro-circuit and an antenna. They are referred to as passive tags because the only time in which they are actively communicating is when they are within the RF field of a passive RFID tag reader or interrogator.

Another type of common RFID tag in the current marketplace is known as the active RFID tag, which usually contains a battery that directly powers RF communication. This onboard power source allows an active RFID tag to transmit information about itself at great range, either by constantly beaconing this information to a RFID tag reader or by transmitting only when it is prompted to do so. Active tags are usually larger in size and can contain substantially more information (because of higher amounts of memory) than do pure passive tag designs.

The "RFID Tag Considerations" section of Wi-Fi Location-Based Services 4.1 Design Guide provides readers who are new to RFID with a foundation in both active and passive tag technologies. Among other areas, this section comprehensively discusses the following:

Passive RFID technology—Passive and semi-passive RFID tags

Active RFID technology—Beaconing, transponder and 802.11 (Wi-Fi) RFID tags

Using RFID tags with the Location Appliance—Compatible RFID tags, enabling asset tag tracking, configuring asset tags, and using 802.11b tags on 802.11g networks. This section includes a detailed examination of 802.11 active RFID tags from both various suppliers.

SOAP/XML Application Programming Interface

To facilitate the deployment of location-based applications in the enterprise, the Cisco Wireless Location Appliance is equipped with a rich SOAP/XML API. Applications can make use of the location information contained within the location appliance by importing components via the API such as entire network maps including buildings, floors, access points, coverage areas, and device lists. Actionable data can also be imported, such as recent and historical location as well as statistical device information. Location-based alarms and notifications can be triggered in applications through area boundary definitions, allowed areas and allowed distances. All of these capabilities allow the SOAP/XML API interface to the Cisco Wireless Location Appliance API to be used for integration with external software applications such as E911, asset management, enterprise-resource-planning (ERP) tools, and workflow automation systems that are location-enabled.

From a high-level perspective, a third-party application system can use the SOAP/XML API to participate as a member of a system consisting of the following four basic components:

Location client—The location client is the recipient of location data that is processed and stored by the location server.

Control client—The control client administers the location server as well as having the capability to write/read all location data contained on the server.

Location server—The location server provides the location services for a network or part of a network.

Wireless LAN system—All the monitored mobile devices (tags, mobile stations, rogue clients, and access points) serving as key components of the wireless network as well as the embedded software contained within WLAN controllers.

The "SOAP/XML Application Programming Interface" section of Wi-Fi Location-Based Services 4.1 Design Guide describes all four of these basic components in much further detail and briefly examines a Cisco Technology Partner location client implementation.