Cisco Cisco Aironet 350 Mini-PCI Wireless LAN Client Adapter 设计指南
2-28
Enterprise Mobility 4.1 Design Guide
OL-14435-01
Chapter 2 Cisco Unified Wireless Technology and Architecture
Design Considerations
The best way to address Layer 3 roaming is to avoid deployment scenarios that would otherwise
necessitate it. Currently, large mobility subnets are more feasible to implement due to the scaling
capabilities of the WISM module coupled with the broadcast/multicast suppression features offered by
the WLC.
necessitate it. Currently, large mobility subnets are more feasible to implement due to the scaling
capabilities of the WISM module coupled with the broadcast/multicast suppression features offered by
the WLC.
By centralized the WLC infrastructure, capacity management becomes simpler and more cost effective.
Also, as WLANs become more mission critical, centralized deployments make it easier to create a high
availability WLC topology. Centralization reduces the number of locations where capacity management
and high availability issues must be dealt with.
Also, as WLANs become more mission critical, centralized deployments make it easier to create a high
availability WLC topology. Centralization reduces the number of locations where capacity management
and high availability issues must be dealt with.
The same principle applies when integrating the WLC with other infrastructure components. Centralized
WLCs minimize the number of integration points and integration devices. For example, if a decision is
made to implement an inline security device such as a NAC appliance, the centralized WLC will have
one integration point, whereas a distributed solution will have 'n' integration points, where n equals the
number of locations where WLCs are deployed.
WLCs minimize the number of integration points and integration devices. For example, if a decision is
made to implement an inline security device such as a NAC appliance, the centralized WLC will have
one integration point, whereas a distributed solution will have 'n' integration points, where n equals the
number of locations where WLCs are deployed.
In summary, a centralized WLC deployment is the preferred and recommended method. When planning
any centralized WLC deployment, consideration must be given to the protection of the wired network
infrastructure that directly connects to the WLC. The reason is because the WLC essentially attaches an
'access' network at a location within the overall enterprise topology that would not otherwise be exposed
to 'access network' and its associated vulnerabilities. Therefore, all security considerations normally
associated with an access layer network device must be considered. For example, in a WiSM based
deployment, features such as denial-of-service protection and traffic storm protection should be
considered because of the large scale role the WISM plays in providing diverse WLAN services to large
numbers of end users while at the same time being directly connected to the backplane of a core
multi-layer, multi-function Catalyst 6500 switching platform.
any centralized WLC deployment, consideration must be given to the protection of the wired network
infrastructure that directly connects to the WLC. The reason is because the WLC essentially attaches an
'access' network at a location within the overall enterprise topology that would not otherwise be exposed
to 'access network' and its associated vulnerabilities. Therefore, all security considerations normally
associated with an access layer network device must be considered. For example, in a WiSM based
deployment, features such as denial-of-service protection and traffic storm protection should be
considered because of the large scale role the WISM plays in providing diverse WLAN services to large
numbers of end users while at the same time being directly connected to the backplane of a core
multi-layer, multi-function Catalyst 6500 switching platform.
Distributed WLC Network Connectivity
As mentioned above, distributed WLCs are typically connected to the distribution layer router within the
campus network. If this is the case, Cisco does not recommend the WLC connect to the distribution layer
via a Layer 2 link, as shown in
campus network. If this is the case, Cisco does not recommend the WLC connect to the distribution layer
via a Layer 2 link, as shown in
.