Cisco takes next steps to blend wired, wireless networks

Centralizing access control, security, management

Cisco today revealed new WLAN access points and controllers, along with its latest steps to blend wireless and wired enterprise networks together.

First Look: Cisco Identity Services Engine

The networking vendor announced upgraded server applications for access control, network management, and application management across both types of networks. Also new: virtualization options for these infrastructure products; two new lower-priced 802.11n access points for business networks; a new high-end WLAN controller, with a new high-availability feature for Wi-Fi clients.

The changes are part of a strategy that the vendor labels "Cisco Unified Access," now being formally announced though it's been featured on the company Website,  and talked about with customers, for over a year. The basic idea, according to Cisco marketers, is to centralize and automate policy enforcement, security and authentication, and network management, regardless of how business end users connect to the company network, or with what kind of de-client device.

For access control functions, Cisco offers the Identity Services Engine (ISE), unveiled in 2011 as a central point to create and enforce a range of network policies based on the user's identity, role, and devices. [See our "First Look" slide on ISE

A new update to the ISE software adds two features:

+ a Web-based portal, called My Devices," which lets end users register their personally owned devices with ISE, which in turn can enforce for these devices whatever bring-your-own-device (BYOD) policies have been set by the IT group

+ Secure Group Access, which lets a network administrator assign users to groups that have a set of pre-defined policies associated with them. New users automatically have these policies applied to them and their devices

For security and management across wired and wireless networks, Cisco offers Cisco Prime Infrastructure, also announced last year. It integrates several previously separate tools into one application with a single user interface, spanning both wired and wireless LANs.

That software, too, is being updated, adding what Cisco calls application visibility and control. Essentially, Prime can collect data from various sources and tools to create a visual picture of how specific applications are behaving, and of the end user's "network experience" in terms of delays or other quality standards.

Cisco also announced for small- and midsized WLANs, that several of these infrastructure products are now available as software that can be hosted on virtual servers: Cisco Prime Infrastructure and Cisco Identity Services Engine, along with Cisco Mobility Services Engine, and a WLAN controller that supports up to 200 access points.

The new WLAN hardware products are:

+ Cisco Aironet 2600 and 1600 Series access points, to complement the high-end 3600 Series: the two new products support 802.11n, but each in turn has fewer of the advanced features found in the flagship product. And unlike, the 2600, neither will be able to receive the 802.11ac plug-in module that Cisco recently announced it will ship in early 2013

+ Two new high-end WLAN controllers: the 8500 Series is aimed at service providers deploying Wi-Fi networks as adjuncts to wired or cellular network access, or at very large enterprise WLANs. The one-rack unit can manage up to 6,000 access points and 64,000 clients.

+ The new controller firmware release now supports what Cisco calls sub-second state-full switchover to improve WLAN availability. In effect, it's a way to shift Wi-Fi clients so quickly to a backup controller that they maintain their application sessions even if their original controller blows up.

John Cox covers wireless networking and mobile computing for Network World.




Copyright © 2012 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022