Cisco Cisco 8540 Wireless Controller 数据汇总
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 4 of 7
In Software Release 7.6, Cisco wireless LAN controllers provide solutions to facilitate wireless as the primary
means of access in high-performance enterprise networks.
Table 2 describes the new features of the wireless controllers in this release.
Table 2.
New Controller Features
Feature
Description
Benefit
DNS-Based (FQDN) ACLs
for Clients in the
Registration Phase of
Onboarding
for Clients in the
Registration Phase of
Onboarding
For BYOD onboarding use cases, IT administrators can
set pre-authentication ACLs to restrict the sites that
devices have the permission to visit prior to
authentication. Registering BYOD devices may need to
connect to the Internet for either downloading the
supplicant software for registration or validating the
device for connection to the Wi-Fi network.
set pre-authentication ACLs to restrict the sites that
devices have the permission to visit prior to
authentication. Registering BYOD devices may need to
connect to the Internet for either downloading the
supplicant software for registration or validating the
device for connection to the Wi-Fi network.
Allow the client to access the proper resource (apple.com
or play.google.com typically) without a broad IP-based
ACL. With DNS-based ACLs, the client, when in
registration phase, will be allowed to connect to the
configured URLs.
or play.google.com typically) without a broad IP-based
ACL. With DNS-based ACLs, the client, when in
registration phase, will be allowed to connect to the
configured URLs.
Apple iOS7 Captive Portal
Support
Support
With iOS7, Apple has enhanced the Captive Network
Assistant (CNA) to make it more robust. Cisco Wireless
Release 7.6 includes associated changes to interoperate
with Apple’s new implementation.
Assistant (CNA) to make it more robust. Cisco Wireless
Release 7.6 includes associated changes to interoperate
with Apple’s new implementation.
The wireless LAN controller can detect and respond to
pre-iOS7 Captive and iOS7-based changes to CNA,
providing a seamless experience for all clients.
pre-iOS7 Captive and iOS7-based changes to CNA,
providing a seamless experience for all clients.
Application Visibility and
Control (AVC) Protocol
Pack Update
Control (AVC) Protocol
Pack Update
The new protocol pack to be delivered with Release 7.6
includes Microsoft Lync 2013 and Cisco Jabber support.
includes Microsoft Lync 2013 and Cisco Jabber support.
Customers can detect new applications in their networks,
including Jabber and Microsoft Lync 2013, and enable
appropriate QoS policies for these applications.
including Jabber and Microsoft Lync 2013, and enable
appropriate QoS policies for these applications.
Increased Scale for
Sleeping Clients on Cisco
8500 WLC and Flex 7500
Products
Sleeping Clients on Cisco
8500 WLC and Flex 7500
Products
For large, geo-distributed deployments with the 8500
WLC and Flex7500, the number of sleeping clients that
are remembered is increased from 9000 clients to 25,000
clients.
WLC and Flex7500, the number of sleeping clients that
are remembered is increased from 9000 clients to 25,000
clients.
A larger number of sleeping clients are remembered,
even after waking up on the wireless network with high-
scale controllers. This eliminates the need for user
intervention to re-enter credentials for a greater number of
clients.
even after waking up on the wireless network with high-
scale controllers. This eliminates the need for user
intervention to re-enter credentials for a greater number of
clients.
Automatic Recovery of
Primary and Standby
Controllers in Stateful
Switchover High-
Availability Deployment
from Maintenance Mode
After the Network Re-
converges
Primary and Standby
Controllers in Stateful
Switchover High-
Availability Deployment
from Maintenance Mode
After the Network Re-
converges
The standby controller will automatically recover from
maintenance mode when:
maintenance mode when:
●
The management default gateway is not reachable
●
The peer redundancy port is not reachable
●
The standby WLC, which has never paired up with the
primary WLC, boots up first
Prior to Release 7.6, when a wireless LAN controller
enters into maintenance mode due to a network outage,
IT administrators were required to manually pair the
controllers back after the network issue was addressed.
enters into maintenance mode due to a network outage,
IT administrators were required to manually pair the
controllers back after the network issue was addressed.
In order to address and simplify this problem,
enhancement is added in 7.6 to automatically recover.
enhancement is added in 7.6 to automatically recover.
Ethernet Fallback
Shutdown for Access
Points in Cisco
FlexConnect Mode
Shutdown for Access
Points in Cisco
FlexConnect Mode
With this feature enabled, if the access point has power,
but its Ethernet interface is disconnected, the radios will
shutdown.
but its Ethernet interface is disconnected, the radios will
shutdown.
Clients can connect to other adjoining access points with
connectivity to the wired network over the Ethernet port.
connectivity to the wired network over the Ethernet port.
China -H Domain Support Expanded China 5 GHz spectrum is now approved for
indoor use (5150 to 5350 MHz). This is in addition to the
existing 5720 to 5850 MHz range.
existing 5720 to 5850 MHz range.
Support for new channels with a new domain, H, is
enabled for China. The older domain, C, is still used by
Pakistan and Malaysia.
enabled for China. The older domain, C, is still used by
Pakistan and Malaysia.
Support for Secure LDAP
Communication
Communication
The connection between the wireless controller and LDAP
external server can be secured with Transport Level
Security (TLS).
external server can be secured with Transport Level
Security (TLS).
In addition to authenticated access to the LDAP server,
encryption provides enhanced security for limiting denial-
of-service (DoS) attacks and to validate the source of the
query.
encryption provides enhanced security for limiting denial-
of-service (DoS) attacks and to validate the source of the
query.
Enhancements for Radius
Accounting and
Authentication
Accounting and
Authentication
Call Station ID Type can be set for Authentication (like in
7.5) and also for Accounting (new in 7.6). In addition, Call
Station ID type can be set to new values such as access
point Ethernet Mac Address and access point Ethernet
Mac Address: SSID.
7.5) and also for Accounting (new in 7.6). In addition, Call
Station ID type can be set to new values such as access
point Ethernet Mac Address and access point Ethernet
Mac Address: SSID.
Additional flexibility for RADIUS information about the
source of the RADIUS request is available.
source of the RADIUS request is available.
Flexible EAP Timers for
External RADIUS
External RADIUS
The timers allow for activation of EAP values on a per-
WLAN basis, and override global configuration.
WLAN basis, and override global configuration.
Customers can have specific WLANs for specific devices,
and require different EAP timers and retries for these
WLANs.
and require different EAP timers and retries for these
WLANs.