Cisco Wireless Services Module 2 Controller for Cisco

Data Sheet
Cisco Wireless Services Module 2 Controller for
Cisco Catalyst 6500 Series Switches
Maximum Performance and Scalability
● Support for up to 1000 access points and 15,000 clients
● Designed for line-rate performance with Datagram Transport
Layer Security (DTLS) encryption and access control list
(ACL) security enabled
● 802.11ac and 802.11n-optimized for up to nine times the
performance of 802.11a/g networks
● Enhanced uptime with the ability to simultaneously configure,
upgrade, and manage 1000 access points per controller
● Reduced down time with the ability to predownload access
point images during upgrades
Requirements
● Requires Sup720 or Sup2T with -E chassis or a non-E
chassis with high speed fan
● Requires Sup720 software 12.2(33)SXJ or later
The Cisco® Wireless Service Module 2 (WiSM2) Controller
for Cisco Catalyst® 6500 Series Switches, shown in
Figure 1, is a highly scalable and flexible platform that
enables systemwide services for mission-critical wireless
networking in medium-sized to large enterprises and
campus environments. Designed for 802.11ac and 802.11n
performance and maximum scalability, the Cisco WiSM2
Controller supports a higher density of clients and delivers
more efficient roaming, with at least nine times the
throughput of existing 802.11a/g networks. The WiSM2
controller offers:
● Requires Sup2T software 15.0(1)SY
● Controller software 7.0.116.0 or later
Improved Mobility and Services
● Larger mobility domain for more simultaneous client
associations
● Faster radio resource management updates for uninterrupted
network access when roaming
● Intelligent RF control plane for self-configuration, self-healing,
and self-optimization
● Efficient roaming improves application performance such as
toll-quality voice and consistent streaming video and data
backup
●
Enhanced uptime with the ability to simultaneously
manage up to 1000 access points
●
Superior performance for reliable streaming video
and toll-quality voice
●
Sub-second stateful failover of all access points and
clients from the primary to standby controller
Figure 1.
Cisco Catalyst 6500 Series WiSM2 Controller
Licensing Flexibility and Investment Protection
● Additional access point and feature licenses may be added
over time
Comprehensive Wired and Wireless Security
● Full control and provisioning of wireless access points
(CAPWAP) access-point-to-controller encryption
● Supports detect of rogue access point and denial-of-service
attacks
● Management frame protection detects malicious users and
alerts network administrators
Features
Cisco OfficeExtend Solution
● Secure, simple, cost-effective mobile teleworker solution
Aironet® access points, the Cisco Wireless Control System
● Up to 1000 remote access points per controller
● Supports Cisco® Unified IP Phones for reduced cell phone
charges
Enterprise Wireless Mesh
● Dynamic wireless mesh networks support indoor and outdoor
connectivity for areas that are difficult to wire
Environmentally Responsible
● Support for adaptive power management to turn off access
point radios during off-peak hours to reduce power
consumption
● Cisco OfficeExtend solution reduces costs and supports
green best practices by reducing commuting time and saving
on gas, vehicle mileage, and insurance costs
As a component of the Cisco Unified Wireless Network, this
controller provides real-time communication between Cisco
(WCS), the Cisco Network Control System (NCS), and the
Cisco Mobility Services Engine to deliver centralized
security policies, wireless intrusion prevention system
(wIPS) capabilities, award-winning RF management, and
quality of service (QoS). With Cisco CleanAir® technology,
the WiSM2 protects 802.11ac and 802.11n performance by
providing cross-network access to real-time and historic RF
interference information for quick troubleshooting and
resolution.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 6
The Cisco WiSM2 Controller supports Cisco Application Visibility and Control (AVC), the technology that includes
the Network-Based Application Recognition 2 (NBAR-2) engine, Cisco’s deep packet inspection (DPI) capability
that can classify applications, apply quality of service (QoS) to either drop or mark the traffic, and prioritize
business-critical applications in the network. Cisco AVC uses NetFlow Version 9 to export the flows to Cisco
Prime™ Infrastructure or a third-party NetFlow Collector. The Cisco WiSM2 Controller also supports Bonjour
Services Directory to enable Bonjour Services to be advertised and utilized in a separate Layer 3 network. Wireless
Policy engine is a wireless profiler and policy feature on the Cisco WISM2 controller that enables profiling of
wireless devices and enforcement of policies such as VLAN assignment, quality-of-service (QoS), ACL and time of
day-based access.
With this integrated approach to large-scale wireless networking, customers can realize significant total cost of
ownership (TCO) benefits by streamlining support costs and reducing planned and unplanned network downtime.
Software Licensing Flexibility
Cisco WiSM2 Controller software licensing offers the flexibility to add additional access points (up to 1000 access
points) as business needs grow.
As part of its basic feature set, the Cisco WiSM2 Controller supports a variety of business mobility needs, including
the Cisco OfficeExtend solution for secure, mobile teleworking and Cisco Enterprise Wireless Mesh, which allows
access points to dynamically establish wireless connections in locations where it may be difficult or impossible to
physically connect to the wired network.
Table 1 lists the features and benefits of the Cisco Wireless Service Module 2 (WiSM2) Controller.
Table 1.
Cisco WiSM2 Controller Features and Benefits
Feature
Benefits
Scalability
● Supports 100, 300, 500 and 1000 access points for business-critical wireless services at locations of all sizes
High Performance
● Wired-network speed, nonblocking performance for 802.11n and optimized for 802.11ac networks
RF Management
● Provides both real-time and historical information about RF interference impacting network performance
across controllers, through systemwide Cisco CleanAir technology integration
High-Performance Video
● Integrates Cisco VideoStream technology as part of the Cisco medianet framework to optimize the delivery of
video applications across the WLAN
End-to-End Voice
● Supports Unified Communications for improved collaboration through messaging, presence, and conferencing
● Supports all Cisco Unified IP Phones for cost-effective, real-time voice services
Comprehensive End-to-End
Security
● Offers control and provisioning of wireless access points (CAPWAP)-compliant Datagram Transport Layer
Security (DTLS) encryption to help ensure full-line-rate encryption between access points and controllers
across remote WAN/LAN links
Cisco OfficeExtend
● Supports corporate wireless services for mobile and remote workers with secure wired tunnels to the Cisco
Aironet 600, 1130, or 1140, 3500, 3600 Series Access Points
● Extends the corporate network to remote locations with minimal setup and maintenance requirements
(zero-touch deployment)
● Improves productivity and collaboration at remote site locations
● Separate service set identifier (SSID) tunnels allow both corporate and personal Internet access
● Reduced carbon dioxide emissions from a decrease in commuting
● Higher employee job satisfaction from ability to work at home
● Improves business resiliency by providing continuous, secure connectivity in the event of disasters,
pandemics, or inclement weather
Cisco Enterprise Wireless
Mesh
● Allows access points to dynamically establish wireless connections without the need for a physical connection
to the wired network
● Available on select Cisco Aironet access points, Cisco Enterprise Wireless Mesh is ideal for warehouses,
manufacturing floors, shopping centers, and any other location where extending a wired connection may
prove difficult or aesthetically unappealing
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 2 of 6
Feature
Benefits
PCI Integration
● Part of Payment Card Industry (PCI) certified architecture, and well-suited for retail customers who deploy
transactional data applications such as scanners and kiosks
Environmentally
Responsible
● Organizations may choose to turn off access point radios to reduce power consumption during off-peak hours
Mobility, Security, and
Management for IPv6 and
Dual-Stack Clients
● Secure, reliable wireless connectivity and consistent end-user experience
● Increased network availability through proactive blocking of known threats
Note:
● Equips administrators for IPv6 troubleshooting, planning, and client traceability from a common wired and
wireless management system
The minimum software version of the supervisor must be 12.2(33)SXJ2 or 15.0(1)SY1 to support the
features listed in Table 1.
Table 2 lists the product specifications for Cisco WiSM2 Wireless Controller.
Table 2.
Product Specifications for Cisco WiSM2 Controller
Item
Specifications
Wireless
● IEEE 802.11a, 802.11b, 802.11g, 802.11d, WMM/802.11e, 802.11h, 802.11k,802.11n, 802.11r,802.11u,
802.11w, 802.11ac
Wired/Switching/Routing
● IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX specification, 1000BASE-T. 1000BASE-SX,
1000-BASE-LH, IEEE 802.1Q Vtagging, and IEEE 802.1AX Link Aggregation
Data Request for Comments
(RFC)
● RFC 768 UDP
● RFC 791 IP
● RFC 2460 IPv6 (pass through Bridging mode only)
● RFC 792 ICMP
● RFC 793 TCP
● RFC 826 ARP
● RFC 1122 Requirements for Internet Hosts
● RFC 1519 CIDR
● RFC 1542 BOOTP
● RFC 2131 DHCP
● RFC 5415 CAPWAP Protocol Specification
Security Standards
● WPA
● IEEE 802.11i (WPA2, RSN)
● RFC 1321 MD5 Message-Digest Algorithm
● RFC 1851 The ESP Triple DES Transform
● RFC 2104 HMAC: Keyed Hashing for Message Authentication
● RFC 2246 TLS Protocol Version 1.0
● RFC 2401 Security Architecture for the Internet Protocol
● RFC 2403 HMAC-MD5-96 within ESP and AH
● RFC 2404 HMAC-SHA-1-96 within ESP and AH
● RFC 2405 ESP DES-CBC Cipher Algorithm with Explicit IV
● RFC 2407 Interpretation for ISAKMP
● RFC 2408 ISAKMP
● RFC 2409 IKE
● RFC 2451 ESP CBC-Mode Cipher Algorithms
● RFC 3280 Internet X.509 PKI Certificate and CRL Profile
● RFC 3602 The AES-CBC Cipher Algorithm and Its Use with IPsec
● RFC 3686 Using AES Counter Mode with IPsec ESP
● RFC 4347 Datagram Transport Layer Security
● RFC 4346 TLS Protocol Version 1.1
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 3 of 6
Item
Encryption
Specifications
● WEP and TKIP-MIC: RC4 40, 104 and 128 bits (both static and shared keys)
● AES: CBC, CCM, CCMP
● DES: DES-CBC, 3DES
● SSL and TLS: RC4 128-bit and RSA 1024- and 2048-bit
● DTLS: AES-CBC
● IPsec: DES-CBC, 3DES, AES-CBC
Authentication,
Authorization, and
Accounting (AAA)
● IEEE 802.1X
● RFC 2548 Microsoft Vendor-Specific RADIUS Attributes
● RFC 2716 PPP EAP-TLS
● RFC 2865 RADIUS Authentication
● RFC 2866 RADIUS Accounting
● RFC 2867 RADIUS Tunnel Accounting
● RFC 3576 Dynamic Authorization Extensions to RADIUS
● RFC 3579 RADIUS Support for EAP
● RFC 3580 IEEE 802.1X RADIUS Guidelines
● RFC 3748 Extensible Authentication Protocol
● Web-based authentication
● TACACS support for management users
Management
● SNMP v1, v2c, v3
● RFC 854 Telnet
● RFC 1155 Management Information for TCP/IP-Based Internets
● RFC 1156 MIB
● RFC 1157 SNMP
● RFC 1213 SNMP MIB II
● RFC 1350 TFTP
● RFC 1643 Ethernet MIB
● RFC 2030 SNTP
● RFC 2616 HTTP
● RFC 2665 Ethernet-Like Interface types MIB
● RFC 2674 Definitions of Managed Objects for Bridges with Traffic Classes, Multicast Filtering, and
Virtual Extensions
● RFC 2819 RMON MIB
● RFC 2863 Interfaces Group MIB
● RFC 3164 Syslog
● RFC 3414 User-Based Security Model (USM) for SNMPv3
● RFC 3418 MIB for SNMP
● RFC 3636 Definitions of Managed Objects for IEEE 802.3 MAUs
● Cisco private MIBs
Management Interfaces
● Web-based: HTTP/HTTPS
● Command-line interface: Telnet, Secure Shell (SSH) Protocol, serial port
● Cisco Wireless Control System (WCS)
● Cisco Network Control System (NCS)
Interfaces and Indicators
● Service port: 1000 Mbps Ethernet Internal
● Redundancy port: 1000 Mbps Ethernet Internal
● Console port: RS232 (DB-9 male/RJ-45 connector included), mini-USB
● Status indicators: Power, System, Alarm, Console, USB
Physical and Environmental
● Dimensions (W x D x H): 1.6 x 15.3 x 16.3 in. (4.0 x 37.9 x 40.3 cm)
● Weight: 11 lbs (5 Kg)
● Temperature: Operating temperature: 32 to 104°F (0 to 40°C); Storage temperature: -40 to 167°F
(-40 to 75°C)
● Humidity: Operating humidity: 10 to 95%, noncondensing. Storage humidity: up to 95%
● Input power: 225W maximum; Test conditions: 104°F (40°C), Full TrafficMost deployments and environments
would use less power
● Heat Dissipation: 768 Btu/h Maximum; Test Conditions: 104°F (40°C), Full Traffic
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 4 of 6
Item
Specifications
Regulatory Compliance
● CE Mark
● Safety:
◦
◦
◦
◦
◦
◦
◦
UL 60950-1:2003
EN 60950:2000
EMI and susceptibility (Class A)
U.S.: FCC Part 15.107 and 15.109
Canada: ICES-003
Japan: VCCI
Europe: EN 55022, EN 55024
Table 3 lists the ordering information for Cisco WiSM2 Controller.
Table 3.
Ordering Information for Cisco WiSM2 Controller
Part Number
Description
Cisco SMARTnet® Service
8x5xNBD Part Number
WS-SVC-WISM2-1-K9(=)
Wireless Services Module:WiSM-2: w/ 100 AP Support License
CON-SNT-WSM2100
WS-SVC-WISM2-3-K9(=)
Wireless Services Module:WiSM-2: w/ 300 AP Support License
CON-SNT-WSM2300
WS-SVC-WISM2-5-K9(=)
Wireless Services Module:WiSM-2: w/ 500 AP Support License
CON-SNT-WSM2500
WS-SVC-WISM2-K-K9(=)
Wireless Services Module-WiSM-2 w/ 1000 AP Support License
CON-SNT-WSM21K
WS-SVC-WISM2-HA-K9
Wireless Services Module -WISM2 for High Availability
CON-SNT-WSWISMHA
WS-SVC-WISM2HA-K9=
Wireless Services Module -WISM2 for High Availability
CON-SNT-WSWISMHA
Additive Capacity Upgrade Licenses
Tables 4 and 5 show the additive capacity upgrade licenses that are available for the Cisco WiSM2 Controller.
Table 4.
Ordering Information for Cisco WiSM2 Wireless Controller Additive Capacity Licenses (e-Delivery Product
Authorization Keys [PAKs])
Part Number
Description
L-LIC-WISM2-UPG
Primary upgrade SKU: Pick any number or combination of the following options
under this SKU to upgrade one or many controllers under one product
authorization key
L-LIC-WISM2-100A
100 AP Adder License for WiSM-2 (e-Delivery)
CON-SNT-LWSM21A
L-LIC-WISM2-200A
200 AP Adder License for WiSM-2 (e-Delivery)
CON-SNT-LWSM22A
Table 5.
Cisco SMARTnet Service
8x5xNBD Part Number
Ordering Information for Cisco WiSM2 Wireless Controller Additive Capacity Licenses (Paper PAKs)
Part Number
Description
Cisco SMARTnet Service
8x5xNBD Part Number
LIC-WISM2-UPG
Primary upgrade SKU: Pick any number or combination of the following options
under this SKU to upgrade one or many controllers under one product
authorization key
LIC-WISM2-100A
100 AP Adder License for WiSM-2
CON-SNT-LWSM21A
LIC-WISM2-200A
200 AP Adder License for WiSM-2
CON-SNT-LWSM22A
Table 6 shows the Optional Paper PAK license to enable DTLS. These licenses are designed for customers who
purchase a controller with DTLS disabled due to import restrictions. This optional license will allow you to take
advantage of DTLS for Cisco OfficeExtend functionality in the future.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 5 of 6
Table 6.
Optional Paper PAK License to Enable DTLS
Part Number
Description
LIC-WISM2-DTLS-K9=
Data DTLS License for WiSM2
Service and Support
Realize the full business value of your wireless network and mobility services investments faster with intelligent,
customized services from Cisco and our partners. Backed by deep networking expertise and a broad ecosystem of
partners, Cisco professional and technical services enable you to successfully plan, build, and run your network as
a powerful business platform. Our services can help you successfully deploy the Cisco Catalyst 6500 Series
Wireless Services Module 2 Controller and integrate mobility solutions effectively to lower the total cost of
ownership and secure your wireless network.
To learn more about Cisco wireless LAN service offers, visit: http://www.cisco.com/go/wirelesslanservices.
For More Information
For more information about Cisco wireless controllers, contact your local account representative or visit:
http://www.cisco.com/en/US/products/ps6366/index.html.
For more information about the Cisco Unified Wireless Network framework, visit:
http://www.cisco.com/go/unifiedwireless.
Printed in USA
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
C78-645124-07
12/14
Page 6 of 6
Download PDF
Similar pages