Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Architecure
IPSec tunnel for control plane still exists. If the bridge SSID is .1x then there is a per VAP GRE tunnel for IPSEC/GRE Tunnel to EAPOL frames. An Controller - WiFi traffic additional base in GRE tunnel tunnel per AP is also created if there is a bridge mode VAP. This tunnel is used by system processes. AP AP AP Not supported Controller AP Contoller Not applicable IPSec tunnel for control plane still exists. If the bridge SSID is .1x then GRE Tunnel to there is a per VAP Controller - ENET GRE tunnel for Traffic in GRE EAPOL frames. An Tunnel and Local additional base Traffic forwarding on tunnel per AP is also AP created if there is a bridge mode VAP. This tunnel is used by system processes. AP AP AP Supported AP AP AP Supported
GRE Tunnel to GRE tunnel to Controller - ENET Controller - WiFi Traffic in GRE traffic in GRE Tunnel Tunnel
Encryption and Decryption (per VAP) 802.11 management frame processing Firewall Remote network survivability if WAN is down ARM Bandsteering Client fairness Co-channel interference mitigation Spectrum load balancing Channel reuse Airtime performance protection Coordinated access to single channel Coverage hole detection Self healing Voice aware scanning Load aware scanning Video aware scanning
AP AP Controller NA
AP AP Controller NA
Supported Managed by AP Supported Supported Supported Supported Supported No Support Supported Supported Supported Supported
Supported Managed by AP Supported Supported Supported Supported Supported No Support Supported Supported Supported Supported
Supported Managed by AP Supported Supported Supported Supported Supported No Support Supported Supported Supported Supported
Supported Managed by AP Supported Supported Supported Supported Supported No Support Supported Supported Supported Supported
Supported Managed by AP Supported Supported Supported Supported Supported No Support Supported Supported Supported Supported
Supported Managed by AP Supported Supported Supported Supported Supported No Support Supported Supported Supported Supported
Supported Managed by AP Supported Supported Supported Supported Supported No Support Supported Supported Supported Supported
802.11 standards
a,b/g,n Supported Supported Supported Supported Supported Supported Supported
Page 1 of 8
Security - AAA
802.1X authenticator Authtentiaction server EAP offload Authentication - 802.1X Authentication - 802.1X (PEAP Offload) Authentication - 802.1X (EAP-TLS Offload) Authentication - 802.1X (PEAP-GTC Offload) Authentication - 802.1X Stateful Snooping Authentication - WPA-PSK Authentication - WPA2-PSK Authentication - Captive Portal Authentication - MAC Address Authentication - L2TP/IPSEC (VPN) Authentication - XAUTH/IPSEC (VPN) Authentication - PPTP (VPN) Authentication - NTLM Snooping Authenticaiton - SIP Snooping WPA2 Opportunistic Key Caching Authentication via SecurID Token Voice-aware 802.1X rekey timers Encryption - WEP (64, 128) Encryption - TKIP Encryption - CCMP/AES Controller Internal/External Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Deprecated Supported Supported Supported Controller Internal/External Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Deprecated Supported Supported Supported Controller/AP (PSK on AP, 802.1x on Controller) Internal/External Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Deprecated Supported Supported Supported Controller Internal/External Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Deprecated Supported Supported Supported Controller Internal/External Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Deprecated Supported Supported Supported Controller/AP (PSK on AP, 802.1x on Controller Internal/External Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Deprecated Supported Supported Supported Controller/AP (PSK on AP, 802.1x on Controller Internal/External Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Deprecated Supported Supported Supported
Page 2 of 8
Page 3 of 8
VLAN Mgmt
VLAN Pooling Client VLAN assignment VLAN Derivation Role derivation Named VLAN Managed by controller station manager process Controller Controller Supported Supported Managed by controller station manager process Controller Controller Supported Supported Not supported AP Not supported Supported Not supported Managed by controller station manager process Controller Controller Supported Supported Managed by controller station manager process Controller Controller Supported Supported Not supported Controller Not supported Supported Not supported Not supported AP Not supported Supported Not supported
Mobility
802.11e action frames 802.11k action frames Layer 2 Layer 3 IGMP Proxy Mobile IP Controller Controller Supported SUpported Controller based Controller AP AP Supported Supported Controller Controller AP AP Supported Not supported Not supported Not supported Controller Controller Supported Supported Controller Controller AP AP Supported Supported Controller Controller AP AP Not supported Not supported Not supported Not supported AP AP Supported Not supported Not supported Not supported
Security IDS/IPS
Station Blacklisting & TKIP countermeasure mgmt Association flood attack detection Rogue AP detection Rogue AP classification Rogue AP containment (wireless de-auth) Rogue AP containment (wired) Rogue classification confidence Wireless router detection Ad-hoc network detection Detection of misconfigured client Detection of misconfigured AP Attack signature detection Denial of service attack detection WDS bridging detection Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Not supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Not supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Not supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Not supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Not supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported
Page 4 of 8
Platform
Captive portal L2 - Intra-VLAN forwarding L2 - 802.1D Spanning Tree + RSTP L2 - Port Channel (static mapping) + LACP L2 - 802.1q VLAN Trunks L2 - Rate Limiting for bcast/mcast L2 - GRE Tunnels Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Not supported NA NA NA NA Not supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Not supported NA NA NA NA Not supported Supported
Page 5 of 8
Power save: Drop wireless multicast traffic Supported Power save: Proxy ARP (global) Power save: Proxy ARP (per-SSID) Automatic Voice Flow Classification SIP ALG SVP ALG H.323 ALG Vocera ALG SCCP ALG NOE ALG Supported Supported Supported Supported Supported Supported Supported Supported Supported
Page 6 of 8
Mesh
Mesh: LAN-to-LAN bridging Mesh: Mesh-connected thin AP Mesh: AP-120 and 10x family Mesh: SecureJack on Mesh Point Remote Mesh Dynamic Multicast Optimization Voice over Mesh Video over Mesh Supported Supported Supported Supported Not Applicable Not Supported Supported Supported Supported Supported Supported Supported Not Applicable Not supported Supported Supported Supported Not Applicable Not Applicable Not Applicable Not Applicable Not supported Not supported Not supported Not Applicable Supported Supported Supported Supported Not Supported Supported Supported Not Applicable Supported Supported Supported Supported Not supported Supported Supported Not Applicable Supported Supported Supported Supported Not supported Not supported Not supported Not Applicable Not Applicable Not Applicable Not Applicable Not Applicable Not supported Not supported Not supported
Location Tracking
Wireless location tracking Wireless location tracking - PanGo Wireless location tracking - AeroScout Wireless location tracking - Ekahau Wireless location tracking - AWMS Supported Not Applicable Supported Supported Supported Supported Not Applicable Supported Supported Supported Supported Not Applicable Supported Supported Supported Supported Not Applicable Supported Supported Supported Supported Not Applicable Supported Supported Supported Supported Not Applicable Supported Supported Supported Supported Not Applicable Supported Supported Supported
Management
Centralized configuration of APs Master-local controller management Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported
Page 7 of 8
Web-based configuration interface (HTTPS) Supported Command line interface (serial port) Command line interface (telnet) Command line interface (SSHv2) Guided configuration wizards Admin authentication: RADIUS Admin authentication: LDAP Admin authentication: TACACS+ Admin authentication: Local database Admin authentication: Token cards Admin authentication: X.509 certificates Multiple admin user roles Syslog SNMP (v1, v2c, v3) SNMP Traps File copy: TFTP File copy: FTP File copy: SCP Network Time Protocol (NTP) Guest user administrator Guest user password generation Guest account information printing Voice protocol monitoring/reporting AWMS Monitoring via SNMP AWMS Configuration of startup-config AWMS offload of WMS database Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported
Page 8 of 8