C I S C O C O M P A T I B L E E X T E N S I O N S : C L I E N T B E N E F I T S O N A C I S C O W L A N

Similar documents
Cisco Aironet 1130G Series IEEE g Access Point

Wireless# Guide to Wireless Communications. Objectives

Cisco Unified Wireless Network Software Release 5.2

PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL

CUA-854 Wireless-G Long Range USB Adapter with Antenna. User s Guide

PrepKing. PrepKing

IP network that supports DHCP or manual assignment of IP address, gateway, and subnet mask

Cisco Wireless LAN Controller Module

CertifyMe. CertifyMe

Wireless technology Principles of Security

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services

Product Brief: SDC-PC22AG a/g PCMCIA Card with Integrated Antenna

Product Brief: SDC-MSD30AG a/g Miniature SDIO Module with Antenna Connectors

ITCertMaster. Safe, simple and fast. 100% Pass guarantee! IT Certification Guaranteed, The Easy Way!

White paper. Optimizing ios and macos Devices on Cisco Wireless Networks

CertifyMe. CertifyMe

Cisco Meraki. Spectralink VIEW Certified Configuration Guide

Hardware Capabilities. Product Brief: SDC-PC20G g PCMCIA Card with Integrated Antenna

Cisco Aironet 1130AG Series IEEE A/B/G Access Point

Per-WLAN Wireless Settings

Wi-Fi: The Importance of Mobility in Industrial Environments

The Value of Cisco Compatible Extensions (CCX) for Mobile Computers

Q&As. Implementing Cisco Unified Wireless Voice Networks (IUWVN) v2.0. Pass Cisco Exam with 100% Guarantee

Wireless Domain Services FAQ

Cisco Exam Questions and Answers (PDF) Cisco Exam Questions BrainDumps

Product Brief: SDC-PC10AG a/g Compact Flash Module with Antenna Connectors

Product Brief: SDC-PE15N n PCIe Module with Antenna Connectors

Product Brief: SDC-EC25N n ExpressCard Card with Integrated Antenna

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

Cisco CISCO Advanced Wireless LAN for Field Engineers (AWLANFE) Practice Test. Version

Product Brief: SDC-MCF10G g Miniature CF Module with Antenna Connectors

Cisco Catalyst 6500 Series/Cisco 7600 Series Wireless Services Module

Exam : PW Title : Certified wireless security professional(cwsp) Version : DEMO

11B/G Wireless Mini PCI Adapter WL533MAM User s Manual

TestsDumps. Latest Test Dumps for IT Exam Certification

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services

Cisco CCIE Wireless Beta Written. Download Full Version :

Viewing Status and Statistics

VIEW Configuration Guide. Cisco. 1131, 1232 and 1242 Autonomous APs. June 2010 Edition Version D

Configuring Hybrid REAP

Cisco Aironet 1130AG Series IEEE A/B/G Access Point

Wireless LAN Overview

CISCO EXAM QUESTIONS & ANSWERS

b/g/n 1T1R Wireless USB Adapter. User s Manual

Index Numerics Cisco Wireless Control System Configuration Guide OL IN-1

Cisco Aironet 1240G Access Point

Configuring Client Roaming

Cisco Aironet 1100 Series Access Point

Cisco EXAM Implementing Cisco Unified Wireless Networking Essentials (IUWNE) Buy Full Product.

Wireless AC2200 Wave 2 Tri-Band Unified Access Point

CWNA Exam PW0-100 certified wireless network administrator(cwna) Version: 5.0 [ Total Questions: 120 ]

Configuring Client Roaming

KillTest 䊾 䞣 催 ࢭ ད ᅌ㖦䊛 ᅌ㖦䊛 NZZV ]]] QORRZKYZ TKZ ϔᑈܡ䊏 ᮄ ࢭ

Models HP ProCurve M110 Access Point WW

Vendor: Cisco. Exam Code: Exam Name: Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0. Version: Demo

Voice over WLAN Introduction

HP ProCurve Mobility Access Point Series

Overview of the VoIP Wireless Network

OptiView Series III. Wireless Suite. Technical Datasheet. As a network manager, it s your task to. support new users, new networks, new

FAQ on Cisco Aironet Wireless Security

Architektura a služby moderní bezdrátové sítě

Wireless LAN Solutions

VIEW Certified Configuration Guide. Cisco

Wireless AC2600 Wave 2 Dual-Band Unified Access Point

Feature Notes LCOS 9.20 RC2.

Cisco Systems, Inc. Aironet Access Point

Cisco Deploying Basic Wireless LANs

The Modern Manufacturer s Guide to. Industrial Wireless Cisco and/or its affiliates. All rights reserved.

Solution Architecture

Cisco Aironet 1240AG Series A/B/G Access Point

Advanced Security and Mobile Networks

Configure n on the WLC

Configuring the Client Adapter

CWNA Exam PW0-250 Certified Wireless Design Professional (CWDP) Version: 6.0 [ Total Questions: 60 ]

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov.

Cisco Wireless LAN Controller Module

SE-WL-PCI-03-11G PCI CARD DRIVERS INSTALLATION. Table of Contents

CiscoWorks Wireless LAN Solution Engine Express 2.13

Configuring Layer2 Security

Configuring Repeater and Standby Access Points and Workgroup Bridge Mode

Specification. Delock industry USB WLAN 144Mbps module. date: ,50 60,00 25,00

Cisco Unified Wireless Network Solution Overview

Implementing X Security Solutions for Wired and Wireless Networks

Wireless LAN, WLAN Security, and VPN

3.1. Introduction to WLAN IEEE

Wireless Challenges and Resolutions

Overview. Product Terminology. Autonomous Access Points. Lightweight Access Points CHAPTER

Intel(R) PRO/Wireless 3945ABG Network Connection User Guide

U S E R M A N U A L b/g PC CARD

PrepKing. PrepKing

Wireless AC1200 Dual-Band Unified Access Point

Cisco Aironet 1240AG Series A/B/G Access Point

Secure Mobility Challenges. Fat APs, Decentralized Risk. Physical Access. Business Requirements

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Vendor: Cisco. Exam Code: Exam Name: Cisco Sales Expert. Version: Demo

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Creates a Feature-Rich, Enterprise-Grade Wireless LAN

Wireless AC1750 Wave 2 Dual-Band PoE Access Point

Cisco Securing Cisco Wireless Enterprise Networks (WISECURE) Download Full Version :

Configuring WLANsWireless Device Access

Transcription:

White Paper C I S C O C O M P A T I B L E E X T E N S I O N S : C L I E N T B E N E F I T S O N A C I S C O W L A N

Overview Some of the most compelling benefits to working under a unified network architecture are the advanced networking capabilities it affords. An all Cisco-compatible architecture allows users to invoke Cisco Certified Extension (CCX) features and capabilities. These features extend beyond basic WLAN capabilities; in fact, there are more than 60 distinct functional improvements that can be grouped into several categories or operational areas of functionality. Within each area of functionality, CCX provides increased system level capabilities and improved implementation of the network attributes, exceeding what can be accomplished with just IEEE 802.11b/g client functionality. Cisco Compatible Extensions benefits are realized in five operational areas: Radio Management Mobility Management Security Management QoS (Quality of Service) Management Network Management Understanding Cisco Compatible Extension Versions Version 1.0 - Captures the minimum specifications that ensure seamless interoperability while providing security and performance improvements. There are 28 features in the first release of Cisco Compatible Extensions. Version 2.1 - Builds off version 1.0 functionality and provides eight additional features, making the number of test points 36. Version 3.1 - Extends the feature set to 46 by expanding the security capabilities of the end to end solution. Anatomy of a CCX-enabled Network Unified Advanced Unified built-in support of leading edge applications - not an after thought. Cisco Wireless Location Appliance. Cisco WCS, SDN, NAC, Wi-Fi phones, and RF firewalls. World-Class Network World-Class NMS that visualizes and helps secure your air space. Cisco Wireless Control System. Network Seamless network infrastructure across a range of platforms. Cisco 4400, 2000 Wireless LAN Controllers. Future Cisco Catalyst 6500 Series WiSM, ISR and 3750 integrations. Mobility Platform APs dynamically configured and managed through LWAPP. Cisco Aironet Access Points: 1500, 1300, 1240AG, 1230AG, 1130AG, and 1000. Bridges: 1400 and 1300. Intermec Devices Secure clients that work out of the box. Cisco Compatible Client Devices 1

Radio Management Client devices equipped with radios that meet CCX requirements are core to the Cisco solution. In addition to standards-based 802.11b/g capabilities, Cisco Compatible client radio enhancements include: 802.11h messages and measurement capabilities across all bands Autonomous periodic message and measurement capability Extension of 802.11 to include beacon time offset and unsynchronized measurement Dynamic transmit power control plus lower RTS threshold These enhancements improve wireless network performance in the following ways. Interference Detection and Mitigation Radio communication is measured at both the client and the access point, so a CCX-enabled network can determine when message failures reach a threshold that requires radio parameters to be changed. This measurement means fewer packets are retried and less time is spent recovering from bad messages that were affected by in band or out of band interference, thus system performance is improved. Additionally, the appropriate context manager can automatically and independently change the radio channel on which the network access points operate, ensuring that messages reach the wired infrastructure. Interference can result from a new cell phone tower in the area, an adjacent wireless network or leaky microwave causing a reduction in wireless signal propagation. In environments with no on-site IT personnel, the problem may persist for days or weeks until a technician can address it. This can prevent wireless communications in a portion or all of the facility until the problem is addressed. The Cisco Compatible Extensions interference mitigation functionality resolves interference problems automatically. Any facility with metal or reflective ceilings and walls, such as in-store environments, can produce multipathing, wherein wireless signals bounce off these surfaces. RTS/CTS support, which stands for Ready to Send and Clear to Send, in the 802.11 standard can help with multi-pathing, but it is an optional feature. RTS/CTS support is required in Cisco Compatible Extensions, as the client must be able to transmit a CTS response, which ensures that the airwaves are clear and that the transmission will be completed. This provides a mechanism to resolve the interference issue caused by multi-pathing. Self Healing Most retail environments operate with high inventory turnover, or Fast Moving Goods, constantly changing the quantity and types of inventory. When inventory changes, the wireless coverage signature will also change, which can create coverage holes. For example, stacking a paper-based product all the way to the ceiling may cause wireless coverage holes in the surrounding area, since the materials absorb the wireless signal. These holes can be intermittent, as the inventory is moved from the back room to store shelves. Cisco Compatible clients using the additional radio management functionality can periodically measure radio signal strength and adjust the appropriate context manager. If a faint radio signal is detected, power from the access point is increased, assuring that all areas affected by this new environmental condition can communicate over the wireless link. Power Saving and Faster Roaming When a client communicates with an access point, the AP sends it an IAPP data frame that is recognized by the Cisco Compatible client. This data frame contains all of the information known to the access point about other access points with the same SSID. This communication eliminates the need for the client to look for an access point to roam to, and saves power. Additionally, it ensures improved performance by proactively deciding to associate with a new access point. Since IAPP is not part of the IEEE 802.11 specification, non-cisco Compatible clients do not recognize the data frame information. 2

Mobility Management The ability to move throughout a facility is a significant benefit of wireless infrastructures. Connectivity is important not only while stationary, but also as the client is moving. Users expect seamless roaming; not having to stop and wait while the client reassociates with an access point and gets the proper security credentials. The basic, standards-based wireless requirements do not address mobility and roaming. An end-to-end wireless solution must address the entire communication scenario. Fast, Secure Roaming Through the implementation of radio parameters and standard security mechanisms, the Cisco infrastructure is able to track Cisco Compatible mobile clients and provide authentication information to surrounding access points. This means that the mobile client does not need to reauthenticate if the wireless connection is lost when roaming from one access point to another, saving a minimum of 1/3 less time per roam. 1. 802.1X authentication in wireless today requires 3 end to end transactions with an overall transaction time of >500ms Cisco ACS AAA server WAN 2. 802.1X authentication in wireless today requires a roaming client to reauthenticate, incurring an additional 500+ ms to the roam 2. 802.1X Re-authentication after roaming AP2 1. 802.1X Initial Authentication Transaction AP1 Security Management While no client parameters are added by the Cisco Compatible Extensions program, parameters provided by radio management can be used in conjunction with industry standard security solutions to result in a robust, security policy. Additionally, the Cisco Compatible Extensions program assures that Cisco Compatible clients can operate with existing standards-based security methods. Cisco Compatible Extensions and Security Standards The integration of an IEEE 802.11 radio does not guarantee that higher layer security is available over the wireless network. In order for clients to be Cisco Compatible Extension-certified they must be able to use the EAP-MD5, EAP-TLS, LEAP, and PEAP authentication protocols. Cisco Compatible clients must also be able to use TKIP with LEAP and PEAP as well as with EAP-TLS. When a network is equipped with all Cisco Compatible certified clients, functionality exceeds the IEEE 802.11 b/g specifications by adding 802.1x and 802.11i functionality. 3

Cost Savings and No Down Time through Local Authentication Combining fast, secure roaming with local authentication saves users the expense of a separate security server, while providing the same functionality as 802.11 clients attached to a RADIUS server. Additionally, a local authentication prevents performance delays associated with multiple access point roaming and the downtime incurred when the WAN link to the security server is unavailable. WAN Local Authentication Service on AP Cisco ACS AAA server AP1 Immunity to Passive Dictionary and Man in the Middle Security Attacks The implementation of EAP-FAST provides an extensible framework that means additional security for Cisco Compatible clients on a Cisco infrastructure. EAP-FAST works similarly to PEAP and TTLS security protocols, but uses a PAC file to create a secure tunnel instead of employing certificates. EAP-FAST ensures users immunity to passive dictionary and man in the middle security attacks. Quality of Service (QoS) Management The Cisco wireless network uniquely allows collaboration between QoS and radio management functions to handle and/or avoid congestion conditions. While the Point Coordination Function (PCF) of the IEEE802.11b/g standard can provide service differentiation, it has been shown to perform badly 1. The coordination between Cisco Compatible Extensions and the Cisco infrastructure allows implementation of two QoS mechanisms, Enhanced Distributed Coordination Function (EDCF) and Hybrid Coordination Function (HCF). EDCF provides a minimum contention window that can be adjusted to provide varying priority classes for data. The HCF is a polled access scheme in which network access points regularly poll each device and grant them exclusive access to the wireless channel, depending on the device s priority in the network. Neither EDCF nor HCF is provided for non-cisco Compatible clients. Load Balancing Load balancing in a Cisco wireless network occurs at two levels -- one at the access point and the other at the client. Both levels require Cisco Compatible Extensions information to perform wireless load balancing. 1 M.A. Visser and M. El Zarki. Voice and data transmissions over an IEEE 802.11 wireless network. In Proceedings of PIMRC 95, Toronto Canada, pages 648-652, September 1995. 4

CCX information allows access points to understand the QoS priority of data packets received and, depending on other APs in the area, may refuse information from a specific client to assure quality of service. CCX information allows clients to receive data from each AP informing it of the current network load. Based on this QoS information, the client can select the best access point with which to communicate. Data Prioritization As described above, different data classes can be created by providing different minimum contention window values as part of the EDCF data element. While competitive products may claim to perform data prioritization or load balancing, they will not be able to do either on the Cisco WLAN without Cisco Compatible Extensions. Network Management An IEEE 802.11 b/g client stores limited information that can be retrieved by a network manager, but additional information is needed for network managers to see entire wireless infrastructure. In addition to the network management functionality required by network standards, Cisco Compatible clients provide enhanced device management features, specifically, the ability to aggregate information that is collected over time. In conjunction with the radio manager, enhanced device management dynamically determines the radio parameters to be assigned to wireless clients, including transmission power, which is not an IEEE 802.11 b/g data element. This feature allows network managers more control over network devices and the way they operate. Conclusion A successful wireless implementation extends beyond the usual radio-to-access point communication supported by the IEEE 802.11 b/g standard. Cisco Compatible Extensions working in conjunction a Cisco wireless network not only provide information vital to the network. Cisco and its partners also test and support every feature. From radio management to security to network management, all the bases of communication from client to host are covered by the advanced level of functionality that IT managers require. 5

CCX Benefits At a Glance Functionality Cisco Compatible Extensions Client Without CCX Customer Benefit Interference mitigation Self healing coverage Active scanning elimination Improved rogue AP detection Fast, secure roaming Local authentication Load balancing Data prioritization CCX clients report any interference issues and communicate with the AP to move the cell radio channel, avoiding interference. CCX clients report radio signal strength or lack of coverage to surrounding APs, which automatically instruct the clients to increase radio power. This cooperation extends coverage and heals the wireless infrastructure Cisco APs provide CCX clients a list of surrounding APs, thus eliminating the need for scanning to roam. Reduced scanning means shorter radio uptime and better battery life. Specific results vary depending on the number of client roams; the more roaming, the greater the benefit. CCX clients work with existing APs to identify new or rogue APs. Cisco APs pre-authenticate CCX devices to the surrounding AP, ensuring roaming that is more secure and three times faster. Cisco APs can provide local authentication services. This functionality can eliminate a security server or the downtime incurred when the WAN cannot connect to a remote server and a client cannot authenticate. Cisco APs provide load information, which CCX clients can use to determine which AP has the most availability. The Cisco unified network infrastructure provides a methodology for prioritization of data. Implementation this methodology is part of the Cisco Compatible Extensions program. No action taken No action taken While the Cisco APs provide AP lists, without CCX the client does not use the additional data in the AP message. Users must rely on AP only to report rogues, although they may not always see the rogue. No action taken. Not available. Local authentication functionality is only available to CCX clients. Not available. Only CCX clients can use this functionality. Not available. No service call or downtime required to resolve radio interference issue. Mobile clients achieve better performance because of fewer retries. Users do not have to move to an area with radio coverage to interact with an application. Users will get better battery life. Improved security management. No lost productivity due to lost data. Productivity increases by eliminating unnecessary re-authentication. The greater the number of users and mobility, the greater the savings. Tangible cost reduction benefits can be calculated by eliminating the cost of a local security server and maintenance, or downtime when the security server cannot be reached over the WAN. Improved performance and response time. No down time due to congestion. Increased productivity due to better wireless application response. Especially important for VoIP functions. 6

C I S C O C O M P A T I B L E E X T E N S I O N S : C L I E N T B E N E F I T S O N A C I S C O W L A N Gamma Solutions Pty Ltd 9 Compark Circuit, Mulgrave, Victoria 3170 Australia 61 3 8562 3000 www.intermec.com Copyright 2006 Intermec Technologies Corporation. All rights reserved. Intermec is a registered trademark of Intermec Technologies Corporation. All other trademarks are the property of their respective owners. Printed in the U.S.A. In a continuing effort to improve our products, Intermec Technologies Corporation reserves the right to change specifications and features without prior notice. www.gammasolutions.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback