Cisco WLAN Controller Buyer's Guide
Today's market-leading enterprise WLAN products use controllers to supervise access points (APs) deployed throughout coverage areas. In this installment of our WLAN Controller Buyer's Guide, we consider controller products offered by Cisco Systems and how they fit into Cisco's Unified Wireless Network portfolio.
According to Chris Kozup, Director of Mobility and Access Switching Marketing, Cisco's Unified Wireless Network portfolio is designed to address a wide range of indoor and outdoor wireless LAN needs, from teleworkers and branch offices to large enterprises and campuses.
"We focus on meeting broad requirements that customers might have," said Kozup. "Our strategy is to be highly flexible. For example, a retailer may have a head office, many small stores, and a few large distribution centers, each of which require different architectures. We offer a variety of controller and AP options, but everything can be managed by our Wireless Control System (WCS), giving customers one point of control for everything related to infrastructure."
Starting at the top
In fact, Cisco currently offers three WLAN management products: WCS for WLAN planning, configuration, and network-wide management; a WCS Navigator for larger deployments (e.g., up to 750 controllers); and a Wireless Location Appliance to track client devices connected to Cisco APs.
Cisco also sells two Mobility Services Engines (MSEs) which can gather data from an entire WLAN. Any Cisco controller can feed information to an MSE, which uses defined APIs to deliver insight to mobility services apps. "We view the controller as a control plane and sometimes a data plane platform," explained Kozup. "You want controllers to have very fast pass-through when they're in the data plane, so the MSE [offloads tasks] that need computational capabilities -- like locationing or signature detection -- at a central point."
Focusing on 802.11n
Drilling onto Cisco's AP and controller portfolio, the current focus is 802.11n. "The market is at a transition point, moving from abg to n," said Kozup "But not all customer needs are the same, so today we have a tiered indoor 802.11n AP portfolio as well as extensive outdoor portfolio."
On the indoor side, Cisco offers three classes of AP. Aironet 3500 Series are premium, high-end APs with silicon-integrated Clean Air spectrum analysis. Aironet 1260 and 1140 Series APs are high performance APs for locations that don't require Clean Air. Finally, the entry-level Aironet 1040 Series can satisfy WLANs that are too small to need centralized control. In fact, all but the 3500 Series are available in both lightweight and stand-alone versions, letting customers grow into controller-based services.
"We still sell a large number of abg APs, such as the 1130 and 1240, but that's an increasingly smaller part of our portfolio. Most of our customers are looking to 11n APs for mission critical performance -- that's our fastest growing segment," said Kozup. In addition, Cisco sells a portfolio of outdoor APs, from outdoor mesh to point-to-point bridging. Kozup told us to watch for an interesting new outdoor AP to be announced soon.
Two approaches: integrated and stand-alone
Cisco also takes a flexible portfolio approach when it comes to WLAN controllers. "A large portion of our customers have moved toward controller-based architectures due to ease of management and scale," explained Kozup. "There are different ways to implement controller-based architectures, but Cisco supports two main approaches: integrated and stand-alone."
On the integrated side, Cisco offers two products: a Wireless Services Module (WiSM) and a Wireless LAN Controller Module (WLCM). The WiSM is a controller that gets inserted into a Cisco Catalyst 6500/7600 Series switch chassis, supervising up to 300 APs per card. "The WiSM lets customers leverage their existing footprint, with the same level of reliability and performance as any other part of their core switching network," said Kozup.
The WLCM is a controller that gets inserted into Cisco 2800/3800 Series integrated services routers, supervising up to 25 APs. For example, a large enterprise might deploy WiSM inside its core network and WLCMs in every branch office router, providing consolidated control over the entire WLAN, but without adding any new stand-alone controllers.
While integrated controllers are appealing to many Cisco shops, two stand-alone WLAN controllers are also available for customers who prefer that approach. Kozup sees a fairly even split between integrated and stand-alone controller sales.
Large enterprises seeking a stand-alone solution should consider the Cisco 5500 Series Wireless Controller, which starts at just 25 APs but can scale up to 500 APs without hardware upgrade. Small-to-medium businesses (or branch offices without routers) should look to the Cisco 2100 Wireless Controller, which can handle up to 25 APs.
Centralized control, decentralized traffic
When it comes to defining where WLAN controllers sit within each customer's network, Kozup said Cisco's strategy is to do it all. "Does traffic have to be sent back to a central switch or not? We support both," said Kozup. "H-REAP (Hybrid Remote AP) technology, supported by all of our APs, allows organizations to centralize control plane functionality, such as configuration and policy, at the data center while still distributing switching functionality."
For example, a large retailer could centralize control by deploying a 5500 Series Wireless Controller or WiSM at the data center. It might also deploy one or two APs per store, without branch controllers. Those in-store APs maintain links back to the data center for WLAN control. "In event of a WAN outage, those APs can survive," said Kozup. "Over time, functionality degrades -- for example, you can't authenticate new clients -- but for the duration of most outages, those networks are highly survivable."
When customers choose to tunnel traffic back to a controller at the data center, they get to decide whether or not it gets encrypted. "Retail stores might connected using private WAN links that are already secured, but teleworker APs might establish encrypted tunnels back to their enterprise's wireless controller, letting the same enterprise SSID be used at home and office," he said.
Although the controller can participate in the data path, Cisco views the controller primarily as a control plane services platform. "Its primary function is to scale and simplify security, letting one-touch changes made at a management console (WCS) be replicated throughout the network," said Kozup. "We use the now-standard CAPWAP protocol to relay changes made through controllers, out to APs."
Cisco controllers also support security functions, such as guest segmentation and bandwidth policies that limit guest traffic. "They enforce security profiles that determine encryption applied between APs and controller, and QoS handling - for example, applying VideoStream technology to distribute video more effectively across wireless. Our controllers optimize application delivery while maintaining central control and configuration over APs."
According to Kozup, one key advantage of Cisco's controller approach is that customers are not forced to adopt a specific WLAN architecture. "With H-REAP, we have the flexibility to support both distributed and centralized architectures. And our portfolio includes both integrated and stand-alone products that offer the same set of advanced control services." To learn more, visit Cisco's Unified Wireless Networks page.
Lisa Phifer owns Core Competence, a consulting firm focused on business use of emerging network and security technologies. An avid fan of all things wireless and frequent contributor to Wi-Fi Planet, Lisa has reviewed, deployed, and tested 802.11 products for nearly a decade.