Cisco Cisco 5760 Wireless LAN Controller White Paper
Copyright © 2013 Miercom Cisco 3850 and 5760 Wireless Controllers Page 5
as client computer, smart phones, and other
BYOD devices add to the complex mix.
Conventional network policy implementation has
evolved, based on the development of network
technology. A common implementation of network
policy, ACLs are now divided into other
classifications, such as Standard and Extended
ACL, Dynamic ACL, Reflexive ACL, Time-based
ACL, Context-based ACL, and so on. These
network polices have to be implemented on each
network device. This becomes a complex task for
network managers. Cisco WLC 5760 and Catalyst
3850 support downloadable ACL policy. We
tested the capability of pushing a policy ACL from
Cisco Identity Service Engine (ISE) without
manually configuring it on the access device. ISE
has a centralized management of context-based
network policy enforcement based on criteria such
as who, what, when, where, and how. It can apply
different policies on user or device type basis.
This test focused on creating an ACL on the ISE
server and applying the policy to both Cisco WLC
5760 (wired and wireless) and Catalyst 3850
(wired) using the downloadable ACL, simplifying
life for a network administrator.
We verified that the downloadable ACL was an
We verified that the downloadable ACL was an
efficient management tool for ACL-based network
policy implementation. These policies can be
saved or modified at the ISE server. The policies
can then be applied to individual network
infrastructure devices that have downloadable
ACL capability. ISE defines policy criteria based
upon user, device type, and lightweight access
point being used. Cisco ISE GUI control panel
shows integrated reporting functions to visualize
auditing and reporting about network policy.
Centralized network policy, provided by
downloadable ACLs from ISE reduces this
complexity and gives granular network access
permission control of the Cisco Catalyst 3850, WLC
5760 and other network devices that support
downloadable ACLs.
Figure 7
shows the
configuration for downloadable policy on the ISE.
Bottom Line
Cisco wireless concentrator products demonstrated
truly exceptional performance and capacity beyond
that of competitive products based on Miercom
hands-on testing validation. Both products tested
achieve high throughput and scalability for a wide
range of packet sizes tested. Cisco solutions
delivered aggregate wireless throughput at their
advertised capacity, whereas the competitive
product could only handle a fraction of its capacity.
This translates into fewer controllers at the data
center, for providing the same throughput capacity,
further pushing your data center efficiency.
Unlike its competition, excellent voice and video
Unlike its competition, excellent voice and video
quality under heavy load were observed with the
Cisco solutions.
Figure 7: Downloadable Policy Configuration
Source: Cisco, May 2013
Sample screen of the
downloadable ACL
management tool. ACL-
based network policies
can be saved or
modified at the
ISE server.