Product Bulletin
Cisco Wireless Release 8.0
PB732295
Overview
The mobile workspace trend is helping employees and partners embrace mobile technologies, create new
possibilities for untethered work styles, enable better customer engagement, and connect with people, information,
and services. The IEEE 802.11ac standard will provide wireless networks better performance and coverage and
address the demand for client access, including 802.11ac-enabled clients. Customers across fields such as higher
education, K-12, healthcare, manufacturing, retail, or other verticals face the same challenges: more users coming
onto the network, more users bringing more devices (known as bring your own device, or BYOD), more devices
that have only wireless connectivity (no wired port), more security requirements, and operating system behavior
changes with updates on each of those devices.
At the same time, we are experiencing the Internet of Things (IoT), where millions of new devices are regularly
being connected to the Internet. As these “things” add capabilities such as context awareness, increased
processing power, and energy independence and as more people and new types of information are connected, we
will quickly enter the Internet of Everything (IoE). This proliferation of wirelessly connected Internet devices in the
IoE will create a new environment of information. Limited by the address space of IPv4, objects in the IoE are
expected to utilize IPv6 addresses, driving the rapid transition to end-to-end IPv6 communications.
The Cisco® Wireless Release 8.0 delivers a holistic end-to-end IPv6 solution to mitigate the challenges associated
with the diminishing number of unique IPv4 addresses available and allows consistent IPv6 addresses for
communications throughout the network. This software release also enhances the Cisco High-Density Experience
(HDX), which alleviates the complexity of more clients, bandwidth-hungry applications, and high-density network
strain to provide an unparalleled user experience.
Primary Features in Release 8.0
●
Cisco HD Experience with Optimized Roaming
◦ Optimized Roaming monitors the connection quality of all devices and proactively prompts poorly
performing client devices to seek a better connection much sooner.
●
IPv6 infrastructure support allows IT administrators the ability to configure the entire WLAN infrastructure
with IPv6 addresses and enable communication between the wireless controller and access point, Cisco
Prime™ Infrastructure, RADIUS Server, and Mobility Services Engine using IPv6 throughout the network.
●
Granular per user and per device policies for Application Visibility and Control (AVC) to provide the
right access to users and maintain operational costs by properly managing applications and their bandwidth
use.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 7
●
Policies for Multicast discovery protocols such as Bonjour and Chromecast. Location-specific and per
user group Bonjour policies enable customers to deploy Bonjour at scale by simplifying control of services
access by user types without needing to segment users unto different SSIDs or VLANs. In addition, this
feature allows customer to view Bonjour location-specific services available on wired and wireless networks.
Chromecast policies allow deployments over large networks with multiple VLANs while restricting access to
a specific group of users.
●
Service provider features PMIPv6 MAG on access point and Q-in-Q tagging that provide deployment
flexibility for interoperability of Wi-Fi and mobile packet core networks.
●
A better location (blue dot) experience with more frequent location updates for Wi-Fi clients using CMX
FastLocate and CMX Presence Analytics that enables customers to gain insight about visitor patterns in
their venues and use it to improve business decisions.
●
CMX for Facebook Wi-Fi integrated with Mobility Services Engine to enable customers to incent guests
with a premium guest experience.
Platform Support
Cisco Wireless Release 8.0 is supported on the following platforms:
●
Cisco Aironet® access points running the Control and Provisioning of Wireless Access Points (CAPWAP)
Protocol
●
Cisco 2500 and 5500 Series Wireless LAN Controllers
●
Cisco Catalyst® 6500 Series Wireless Services Module 2 (WiSM2)
●
Cisco Flex 7500 Series Wireless Controllers
●
Cisco 8500 Series Wireless Controllers
●
Cisco Wireless LAN Controller Module for Integrated Services Routers G2 (UCS-E)
●
Cisco Virtual Wireless Controller (vWLC)
●
Cisco Mobility Services Engine (MSE)
●
Cisco Virtual Mobility Services Engine (vMSE): VMware ESXi and Microsoft Hyper-V
Management support for Release 8.0 will be delivered as part of the Cisco Prime Infrastructure Release 2.1.1.
Recommended Release for Production Deployments
Maintenance Deployment (MD) releases: These long-lived software releases provide bug fixes and ongoing
software maintenance:
●
Release 8.0 is the next MD release train (a release in this train will be qualified as MD).
●
Release 7.4 is the current MD release train, and 7.4.121.0 the minimum recommended MD release.
Early Deployment (ED) releases: These software releases provide new features and new hardware platform
support as well as bug fixes:
●
Release 7.6.130.0 is the minimum recommended ED release.
●
Customers with earlier ED release versions of 7.2, 7.3 should upgrade to 7.4 (MD).
Customers with earlier ED release versions of 7.5 should upgrade to 7.6.130.0.
Refer to Guidelines for Cisco Wireless Software Release Migration for additional details.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 2 of 7
Cisco New Access Point and Wireless Controller Features
Table 1 describes the features in Cisco Wireless Release 8.0.
Table 1.
New Access Point and WLC Features
Feature
Description
HD Experience: Optimized
Roaming
Sets a threshold RSSI value and/or minimum data rate Optimal user experience for Wi-Fi users by monitoring
that a client will be sent a deauthentication.
the connection quality of all devices and proactively
prompting poorly performing client devices to seek a
better connection much sooner.
HD Experience: Rx-SOP
Rx-SOP determines the Wi-Fi signal level in dBm at
which an access point radio will demodulate and
decode a packet.
The higher the level, the less sensitive the radio is and
the smaller the receiver cell size.
Benefit
Helps optimize network performance at high-density
deployments such as stadiums and auditoriums where
access points need to optimize for the nearest and
strongest clients.
By reducing the cell size, we can affect everything
from the distribution of clients to perception of channel
utilization.
HD Experience: 802.11ac
module 80Mhz CleanAir®
Radio monitoring occurs on all 3 widths (20, 40, 80)
80MHz 11ac channel will be detected and reported.
This makes sure of optimal performance for 11ac.
CleanAir Express for AP1600
CleanAir Express supports several of the same
features as higher end access points (location,
severity list, air quality index, zone of impact) with
limited detection and alert correlation capabilities
compared to CleanAir.
Differentiate entry-level access with AP1600 from
competitors’ offerings.
Policies for multicast
discovery protocols such as
Bonjour and Chromecast
Enhancements in Bonjour GW services that enable:
● Device service mapping to access policy
Simplifies IT operations for controlling services access
for emerging applications to specific user types
without requiring complex network reconfiguration.
● Bonjour group and single access policy
management
● Bonjour/mDNS profile control with local policy and
AAA override
Scale Chromecast deployments over large networks
with multiple VLANs using policies restricting access
to specific user groups.
AVC enhancements for user
role, device, and application
specific policy
Updates and enhancements in AVC:
● Protocol Pack 9.0
● NBAR Engine version 16
● AAA AVC Profile override for clients
Enables organizations to provide the right access to
the user and maintain operational costs by properly
managing applications and their bandwidth use
instead of incurring costly upgrades.
● AVC per application, per client-based rate limiting
on WLAN
● Integration of AVC profiles to the local policy
classification on WLC
● AVC directional QoS DSCP marking for upstream
and downstream traffic
Policy Classification Engine:
dynamic device profile
updates
Native IPv6 infrastructure
Update device profile dynamically independently of
WLC image updates.
Upload MAC OUI from external sources, including
IEEE MAC OUI registry.
New devices or special custom devices can be
profiled by updating the device profiles library
independently of built-in profiles embedded in WLC
image.
Increased number of built-in default profiles.
This enables new device profiles to be added without
waiting for WLC image updates.
Cisco supports the ability to configure all WLAN
infrastructure with IPv6 addresses as well as the
communication between access point and controller,
controller to Cisco Prime infrastructure, and controller
to RADIUS Server using IPv6 throughout the network.
Provides consistent IP addresses throughout the
entire network. This is important when troubleshooting
issues.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
IPv6 addressing alleviates the challenges associated
with the number of unique IPv4 addresses available.
This is important for large enterprise networks to
increase address space and multinational companies
with IPv6 at remote sites.
Page 3 of 7
Feature
Description
Federal certifications (FIPS,
Common Criteria, UcAPL,
USGv6)
Federal Information Processing Standard (FIPS) for all Enables customers to meet regulatory compliance,
nonmilitary government agencies and government
including government, defense and international
contractors
organizations, when purchasing Cisco wireless
infrastructure, including access points, WLCs, MSE,
Common Criteria: Federal government and
and Cisco Prime Infrastructure.
organizations with critical infrastructure across the
Benefit
globe
UcAPL: Single consolidated list of products that have
completed interoperability (IO) and information
assurance (IA) certification
USGv6: The National Institute of Standards and
Technology to develop infrastructure standards and
testing to support wide-scale adoption of IPv6 in the
U.S. government.
Dynamic channel assignment
(DCA) in RF profiles
Enables multicountry support with one access point
group per country, each with a defined channel list in
RF profiles.
Allows assigning just the channels that are supported
per country to a specific group of access points
sharing the same regulatory domain.
Simplifies managing mixed channel (802.11n/ac 40/80
MHz) environments.
Channel assignment can be done by physical area.
For conference centers, this allows the assignment of
channel ranges to individual vendors and creation of
buffer zones on main network for isolation.
802.11v: battery control for
client device battery
conservation
802.11v provides several methods to allow a phone to 802.11v provides a better end-user experience as
continue in sleep mode, thereby increasing the battery improved battery life is becoming more important to
life of the mobile device:
end users.
● With directed multicast service, the device need
not wake up to process any multicast packets, as it
will get a unicast copy upon waking up from the
802.11v-enabled access point.
● The BSS Max Idle period is a time period during
which the access point does not disassociate a
device due to nonreceipt of frames. This allows a
client to know the maximum time it can remain idle
without transmitting any frame to the access point.
802.11r mixed mode support
Removes the restriction of creating a separate SSID
for 802.11r support. Non-802.11r clients with updated
drivers can join 802.11r-enabled SSID.
Simplifies operations with single SSID for 802.11r
clients.
VideoStream for Cisco
FlexConnect local switched
deployments
VideoStream enables conversion of multicast to
unicast streams at the access point with appropriate
quality of service (QoS) for high-priority video traffic.
VideoStream on Cisco FlexConnect provides smooth,
reliable multicast video delivery over the WAN to
multiple clients at remote sites.
New Cisco FlexConnect plus
bridge mode
Enables Cisco FlexConnect behavior across meshenabled access point.
Provides outdoor and indoor mesh access point
redundancy links over the wireless network in Cisco
FlexConnect deployments, if Ethernet goes down.
Wired Guest Access on
WLC2500
Support for wired guest functionality on WLC2500 for
small deployments.
Provides the wired guest access feature available on
WLC5508/WiSM2 to WLC2500 for small-sized
deployments.
HTTPS support for web
authentication
When a client starts browsing with an https://webpage, Customers using a Layer 3 security method such as
it will be redirected to the web authentication login
web authentication or web passthrough can use this
page.
feature to enable BYOD.
High-availability Stateful
Switchover enhancements
Stateful Switchover (SSO) support for sleeping clients
and OEAP clients.
Sleeping clients avoid web reauthentication if they
wake up within the sleeping client timeout interval
after WLC switchover.
Extends transparent failover for OEAP clients.
VLAN tagging on AP700W
Allows IT to define individual VLAN tags for each
individual Ethernet port available on AP700W Series.
It will allow for traffic to be separated not only between
wireless and wired, but also among the four Ethernet
ports.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
In a typical hospitality or university residential hall
deployment, AP700W may have IP phone, a
multimedia device, and other devices on remaining
two ports such as a guest laptop, HVAC unit,
secondary IP phone, etc. IT administrators can now
separate traffic for these devices by assigning
different VLAN tags for respective ports on AP700W.
Page 4 of 7
Feature
Description
OEAP600 enhancements
● OEAP basic firewall
● OEAP split tunneling
● OEAP voice QoS
● OEAP link tests
Benefit
● A basic firewall provides port/application protection
that can be controlled by the OEAP end user using
user-accessible GUI.
● Split tunneling enables OEAP clients to reach
Internet directly through the WAN instead of going
through the corporate network.
● Enhanced OEAP offers high priority for voice
packets for customers using VOIP in remote
offices.
● Link tests allow the end user to test the OEAP link
metrics (latency, jitter) on demand or periodically.
Mesh fast convergence
Allows mesh convergence parameters such as parent Enables faster convergence by reducing mesh
loss detection and keepalive timers to be automatically convergence time per hop to less than 20 seconds.
configured to standard, fast, and very fast
convergence methods.
vWLC increased client scale
Increased vWLC scale allows up to 6000 clients to
connect over up to 200 access points.
Increase in scale addresses larger client count
requirements of customer deployments.
PMIPv6 MAG on access point
Access point (MAG) in Cisco FlexConnect local
switched mode can dynamically establish a data
tunnel to local mobility anchor (LMA) directly.
Deployment flexibility to allow data traffic from access
point to directly tunnel to LMA such as ASR5K in
mobile packet core without traversing the WLC.
Q-in-Q tagging
Q-in-Q allows multiple VLAN tags in an Ethernet
frame. The additional tag can be used to represent a
unique parameter such as a different source access
point group.
Enables different traffic treatment based on the VLAN
tags in the tag stack.
PPPoE on Cisco FlexConnect
access points
The Cisco FlexConnect access point can act as
PPPoE client.
Reduced number of devices as the Cisco FlexConnect
access point can eliminate the need for an external
PPPoE router.
RADIUS selection by realm
A realm value (such as username@realm) is unique
for a service provider.
Allows deployment flexibility to select, redirect, or load
balance wireless clients for RADIUS authentication
based on realm.
Service Provider Features
WLC can use the realm value as a tag to make a
choice on which RADIUS to select for authentication
and/or accounting for a wireless client.
DHCP relay suboptions
DHCP option 82 suboptions support:
The DHCP relay agent information suboptions enable
easy to operate, shared usage of a centralized DHCP
● Suboption 5 (RFC 3527) defines the subnet,
server that can provide cost savings.
hence allowing the GIADDR to be the relay
source.
● Suboption 151 (RFC6607) tells the DHCP the VPN
ID or the VRF name of that subnet.
Connected Mobility Experience and Mobility Services
Table 2 describes new Connected Mobile Experience (CMX) and MSE features in Cisco Wireless Release 8.0.
Table 2.
New CMX and MSE Features in Release 8.0
Feature
Description
Benefit
CMX FastLocate
MSE delivers faster location updates for Wi-Fi
clients using signal strength (RSSI) from probe and
data packets.
Wi-Fi client location is refreshed more frequently,
leading to a better blue dot experience.
This requires the Wireless Security Module (WSM)
for AP3600/3700.
CMX Analytics: Presence
CMX Presence Analytics classifies Wi-Fi devices as
inside or outside a venue. Intuitive and
customizable dashboards help compare Wi-Fi
device patterns (counts and dwell time) over a day
or a month across different venues.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
CMX FastLocate can be turned on simultaneously with
advanced security on existing modular access points.
Customers can gain insight about visitor patterns in their
venues and use it to improve business decisions. CMX
Presence Analytics can be enabled for all existing Cisco
WLC or CleanAir access point deployments (with single
or multiple access points) without the need to site
survey or add new access points.
Page 5 of 7
Feature
Description
Benefit
CMX Connect and CMX for
Facebook Wi-Fi
CMX Connect offers premium level of guest access
for social users.
Customers can incentivize guests to log in with premium
guest access experience.
CMX for Facebook Wi-Fi is now integrated with
MSE for ease of use and better scalability.
Customers can enable CMX for Facebook Wi-Fi at
multiple locations easily.
CMX Mobile App Server and
SDK: iOS and Android
CMX Mobile App Server and CMX SDK allow
CMX partners and app developers can accelerate
mobile apps to consume location, maps, routes,
location-aware app development by using CMX SDK to
and zone information. Apps can receive zone-based consume Wi-Fi client location.
greeting as a push notification.
MSE Platform Certifications:
FIPS 140-2, IPv6
MSE platform has been updated to comply with the
requirements of federal security standards FIPS
140-2 and IPv6.
Note:
Customers in federal vertical and those needing IPv6
compliance can now adopt MSE in their IT stack to
make use of advanced location technology.
WLC and MSE 8.0 make use of SHA-2 cryptographic hash functions. This improved security posture
might lead to incompatibility with mismatched WLC and MSE versions. PI release 2.1.x and later have built-in
checks to resolve this incompatibility.
Cisco Prime Network Infrastructure 2.1.1
Cisco Prime Infrastructure is a network management platform that supports lifecycle management of your entire
network infrastructure from one GUI (Figure 1). Cisco Prime Infrastructure provides network administrators with a
“single pane of glass” solution for provisioning, monitoring, optimizing, and troubleshooting both wired and wireless
devices. Robust GUIs make device deployments and operations simple and cost-effective.
Figure 1.
Cisco Prime Infrastructure 2.1.1
Cisco Prime Infrastructure 2.1.1 allows basic monitoring and management of Cisco Wireless Release 8.0 with
technology packs to enable new feature support.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 6 of 7
Service and Support
Services from Cisco and our partners can help you assess, design, tune, and operate your wireless LAN to
transparently integrate mobility services and take advantage of the systemwide capabilities of the Cisco Unified
Wireless Network.
Our professional services help you align your interference management, performance, and security needs with
your technical requirements to better use the self-healing, self-optimizing features built into the silicon-level
intelligence of Cisco CleanAir technology and the increased performance of the 802.11ac standard. These services
can enhance deployment and operational efficiencies to reduce the cost and complexity of transitioning to new
technologies.
Our Technical Support Services help you maintain network availability and reduce risk. Optimization services
provide ongoing assistance with performance, secure access, and maintaining a strong foundation for business
evolution and innovation.
For More Information
For more information about planning, building, and running services for Cisco CleanAir technology, Cisco
802.11ac, and the Cisco Unified Wireless Network, visit Cisco Technical Support Services or Cisco Professional
Services at http://www.cisco.com/go/services.
For more information about Cisco wireless products, visit http://www.cisco.com/go/wireless.
Printed in USA
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
C25-732295-00
08/14
Page 7 of 7