Overview:
The Cisco Virtual Wireless LAN Controller (vWLC) is available with two types of software images: small scale image (supports up to 200 access points and 6000 clients) and large scale image (supports up to 3000 access points and 32000 clients). The Virtual Controller supports secure guest access, rogue detection for Payment Card Industry (PCI) compliance, and in-branch (locally switched) Wi-Fi voice and video.
The Cisco Virtual Wireless Controller provides centralized control, management, and troubleshooting. It supports the Cisco FlexConnect™ solution. Data traffic from the access points are switched locally at the access point.
The Cisco Virtual Wireless Controller automates wireless configuration and management functions and allows network managers to have the visibility and control needed to cost-effectively manage, secure, and optimize the performance of their wireless networks. Cisco Virtual Wireless Controller in central switched mode supports Bonjour Services Directory to enable Bonjour Services to be advertised and utilized in a separate L3 network. Wireless Policy engine is a wireless profiler and policy feature on the wireless controller that enables profiling of wireless devices and enforcement of policies such as VLAN assignment, quality of service (QoS), ACL and time-of-day-based access. As a component of the Cisco Digital Network Architecture (DNA), this controller provides real-time communications between Cisco Aironet® access points, the Cisco Prime Infrastructure, and the Cisco Mobility Services Engine, and is interoperable with other Cisco controllers. With integrated Cisco CleanAir® technology, the Cisco Virtual Wireless Controller provides the industry's only self-healing and self-optimizing wireless network for small and mid-sized businesses as well as large enterprises.
Features & Benefits:
Feature |
Benefits |
Scalability |
Small Scale Image:
- Supports 200 access points
- Supports 6000 clients
Large Scale Image:
- Supports 3000 access points
- Supports 32,000 clients
|
RF Management |
- Provides both real-time and historical information about RF interference impacting network performance across controllers, through systemwideCisco CleanAir technology integration
|
Cisco FlexConnect |
- Supports up to 200 Cisco FlexConnect groups and 100 access points in each FlexConnect group
- Centralized control, management, and client troubleshooting
- Seamless Layer 2 roaming within a Cisco FlexConnect group of 100 access points
- Seamless client access in the event of a WAN link failure (local data switching)
- Local RADIUS server support to enable new clients to access wireless services without depending on the central RADIUS servers
- Support for high-latency WAN links
- Secure guest access
- Efficient access point upgrade that optimizes the WAN link utilization for downloading access point images
- Integrated and enhanced security with a wireless intrusion prevention system (wIPS)
- Rogue detection for PCI compliance
- Local split tunneling for improved WAN bandwidth utilization
- Workgroup bridge/universal workgroup bridge (WGB/uWGB) support for local switching simplifies deployment of wired-only devices in remote locations
|
Comprehensive End-to-End Security |
- Offers control and provisioning of wireless access points (CAPWAP)-compliant Datagram Transport Layer Security (DTLS) encryption on the control plane between access points and controllers across remote WAN links
|
End-to-End Voice |
- SupportsCisco Unified Communications for improved collaboration through messaging, presence, and conferencing
- Supports allCisco Unified IP Phones for cost-effective, real-time voice services
|
Fault Tolerance |
- Access points continue to provide seamless services when a controller fails; provides failover to another backup controller for centralized control and management
- Redundant power supply helps to ensure maximum availability
|
Environmentally Responsible |
- Organizations may choose to turn off access point radios to reduce power consumption during off- peak hours
|
Technical Specifications:
Item |
Specifications |
Wireless |
IEEE 802.11a, 802.11ac, 802.11b, 802.11g, 802.11d, WMM/802.11e, 802.11h, 802.11k, 802.11n, 802.11r, 802.11u, 802.11w |
Wired/Switching/Routing |
IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX specification, 1000BASE-T. 1000BASE-SX, 1000‑BASE-LH, IEEE 802.1Q VLAN tagging |
Data Request For Comments (RFC) |
- RFC 768 UDP
- RFC 791 IP
- RFC 2460 IPv6 (pass through Bridging mode only)
- RFC 792 ICMP
- RFC 793 TCP
- RFC 826 ARP
- RFC 1122 Requirements for Internet Hosts
- RFC 1519 CIDR
- RFC 1542 BOOTP
- RFC 2131 DHCP
- RFC 5415 CAPWAP Protocol Specification
|
Security Standards |
- WPA
- IEEE 802.11i (WPA2, RSN)
- RFC 1321 MD5 Message-Digest Algorithm
- RFC 1851 The ESP Triple DES Transform
- RFC 2104 HMAC: Keyed Hashing for Message Authentication
- RFC 2246 TLS Protocol Version 1.0
- RFC 2401 Security Architecture for the Internet Protocol
- RFC 2403 HMAC-MD5-96 within ESP and AH
- RFC 2404 HMAC-SHA-1-96 within ESP and AH
- RFC 2405 ESP DES-CBC Cipher Algorithm with Explicit IV
- RFC 2407 Interpretation for ISAKMP
- RFC 2408 ISAKMP
- RFC 2409 IKE
- RFC 2451 ESP CBC-Mode Cipher Algorithms
- RFC 3280 Internet X.509 PKI Certificate and CRL Profile
- RFC 4347 Datagram Transport Layer Security
- RFC 4346 TLS Protocol Version 1.1
|
Encryption |
- Wired Equivalent Privacy (WEP) and Temporal Key Integrity Protocol-Message Integrity Check (TKIP-MIC): RC4 40, 104 and 128 bits (both static and shared keys)
- Advanced Encryption Standard (AES): Cipher Block Chaining (CBC), Counter with CBC-MAC (CCM), Counter with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
- Data Encryption Standard (DES): DES-CBC, 3DES
- Secure Sockets Layer (SSL) and Transport Layer Security (TLS): RC4 128-bit and RSA 1024- and 2048-bit
- IPsec: DES-CBC, 3DES, AES-CBC
|
Authentication, Authorization, and Accounting (AAA) |
- IEEE 802.1X
- RFC 2548 Microsoft Vendor-Specific RADIUS Attributes
- RFC 2716 PPP EAP-TLS
- RFC 2865 RADIUS Authentication
- RFC 2866 RADIUS Accounting
- RFC 2867 RADIUS Tunnel Accounting
- RFC 3576 Dynamic Authorization Extensions to RADIUS
- RFC 3579 RADIUS Support for EAP
- RFC 3580 IEEE 802.1X RADIUS Guidelines
- RFC 3748 Extensible Authentication Protocol
- Web-based authentication
- Terminal Access Controller Access-Control System (TACACS) support for management users
|
Management |
- SNMP v1, v2c, v3
- RFC 854 Telnet
- RFC 1155 Management Information for TCP/IP-Based Internets
- RFC 1156 MIB
- RFC 1157 SNMP
- RFC 1213 SNMP MIB II
- RFC 1350 TFTP
- RFC 1643 Ethernet MIB
- RFC 2030 SNTP
- RFC 2616 HTTP
- RFC 2665 Ethernet-Like Interface types MIB
- RFC 2674 Definitions of Managed Objects for Bridges with Traffic Classes, Multicast Filtering, and Virtual Extensions
- RFC 2819 RMON MIB
- RFC 2863 Interfaces Group MIB
- RFC 3164 Syslog
- RFC 3414 User-Based Security Model (USM) for SNMPv3
- RFC 3418 MIB for SNMP
- RFC 3636 Definitions of Managed Objects for IEEE 802.3 MAUs
- Cisco private MIBs
|
Management Interfaces |
- Web-based: HTTP/HTTPS
- Command-line interface: Telnet, Secure Shell (SSH) Protocol, serial port
- Prime Infrastructure
|
Regulatory Compliance |
CE Mark
Safety:
- UL 60950-1:2003
- EN 60950:2000
- EMI and susceptibility (Class A):
- U.S.: FCC Part 15.107 and 15.109
- Canada: ICES-003
- Japan: VCCI
- Europe: EN 55022, EN 55024
|
Virtual Machine Specifications |
Cisco Virtual Wireless Controller can run on any x86 server that supports HyperV, VMware ESXi 4.x, 5.x, and 6.x and KVM Linux based systems. The resource requirements from the virtualized server hardware:
Small-scale image:
- CPU: 1 virtual CPU
- Memory: 2 GB
- Disk space: 8 GB
- Network interfaces: 2 (vNICs)
Large-scale image:
- CPU: 2 virtual CPU
- Memory: 8 GB
- Disk space: 8 GB
- Network interfaces: 2 (vNICs)
|