CiscoWorks Wireless LAN Solution Engine (WLSE) is a centralized management solution for managing the entire Cisco® Aironet® WLAN infrastructure. As the management component of the Cisco Structured Wireless-Aware Network (SWAN) autonomous Cisco Aironet access-point solution, it provides comprehensive air/radio frequency (RF) and device-management capabilities in ways that simplify deployment, reduce operational complexity, and provide administrators visibility into the WLAN. By automating several RF and device-management tasks, CiscoWorks WLSE reduces the costs and time needed for WLAN deployment, management, and security.
CiscoWorks WLSE provides WLAN intrusion detection and protection by using Cisco Aironet access points as RF air monitors. As part of the Cisco SWAN WLAN Intrusion Detection System (IDS), CiscoWorks WLSE quickly and easily detects, locates, and disables unauthorized (rogue) access points, helping to ensure that security policies are applied consistently throughout the network.
Cisco SWAN offers comprehensive WLAN management solutions that can scale to different customer deployments and sizes. CiscoWorks WLSE is the centralized management console for Cisco SWAN when autonomous Cisco Aironet access points are used. CiscoWorks WLSE can manage hundreds to thousands of Cisco Aironet access points for medium-sized to large enterprises and wireless vertical markets. CiscoWorks WLSE helps to simplify and automate the deployment and security of WLANs, helping ensure their smooth operation and availability.
Table 1 describes CiscoWorks WLSE features.
Table 1. CiscoWorks WLSE Features
Feature
Description
WLAN IDS with Rogue Access-Point Detection and Automatic Switch Port Shutdown, Client MAC Spoofing, and Unauthorized WLAN Attack Detection
Cisco Aironet access points are deployed with the radio (IEEE 802.11a, b, or g) placed in either multifunction mode or access-point scanning mode to service client devices and to provide WLAN intrusion monitoring. Commands are issued to shut down the switch port connected to detected rogue access points. Unauthorized networks are detected and alerts are issued.
Cisco Aironet Series Access Points are Ready to Deploy Using the Ciscoworks WLSE Deployment Wizard
Allows for rapid deployment and expansion of the WLAN. Newly deployed Cisco Aironet access points, bridges, and switches can be automatically discovered and configured using Dynamic Host Configuration Protocol (DHCP), with the flexibility to assign different configurations based on the access-point device type, its source subnet, and software version.
Unassociated Client Device Monitoring
The network is monitored for active but unassociated client devices to minimize the risk of clients associating to rogue access points and to protect the network from malicious intruders probing the RF environment for weaknesses.
Interference Detection
Points of interfering RF energy that affect network performance are detected. Administer-defined thresholds can be set to generate fault notifications when interference levels exceed thresholds.
Self-Healing Adjusts Cell Coverage Area to Compensate for Disabled or Failed Access Points
Cell coverage areas for access points that have failed are detected and cell coverage areas are compensated for by automatically increasing the power and cell coverage of surrounding access points.
Assisted Site Survey Tool
Administrators can use the assisted site survey tool to apply automatic WLAN settings including optimal frequency selection, transmit power, and other settings. The coverage areas desired can be defined to cover only the specified areas.
Automated Resite Surveys
Radio throughput and performance are automatically reassessed to provide notification if performance falls below administrator-defined thresholds.
Automated Configuration and Bulk Firmware Updates
A group of hundreds of devices can be easily configured. Also provides tool to update access point and bridge firmware in mass with the ability to assign an update to a specific device or to groups. Configuration tasks and firmware updates may be scheduled or implemented on demand.
Access-Point and Bridge Security-Policy Misconfiguration Detection and Alerts
All access points on the network are monitored for consistent application of security policies. Alerts are issued for misconfigured access points or security-policy deviations.
Proactive Fault and Performance Monitoring
Administrators may define different faults and performance thresholds for specific sites and groups accompanied by specific actions and fault priorities. Provides a centralized tree view of all access points and device groups. Color coding and group icons indicate fault status. Faults may be filtered and sorted by priority to facilitate viewing and resolving problems.
Access-Point Group Usage Reports
Group level Information about network utilization, client association and utilization, historical and current client-usage statistics, access-point Ethernet and radio interfaces status, and error details are displayed in both graphical and tabular form. All reports may be scheduled, delivered by e-mail, or exported in CSV, Extensible Markup Language (XML), and PDF formats
UPGRADE PATHS
Customers currently using the CiscoWorks 1130 or 1130-19 for WLSE are encouraged to update their software to CiscoWorks WLSE Software 2.11. Customers using the CiscoWorks 1105 for WLSE will not be able to run the 2.11 software and are encouraged to upgrade to the CiscoWorks 1130-19 for WLSE.
AVAILABILITY
Customers interested in purchasing the new CiscoWorks WLSE 2.11 may place orders beginning March 30, 2005 through normal sales channels. A CiscoWorks WLSE 2.11 upgrade is available for download or through the Product Upgrade Tool at http://www.cisco.com/upgrade for customers who have an earlier version of CiscoWorks WLSE. CiscoWorks WLSE contains encryption technologies controlled by the U.S. government, and users who want to download software will be prompted to apply for permission to access the encrypted files.
ORDERING INFORMATION
Table 2 lists ordering information for the CiscoWorks WLSE 2.11. Important: CiscoWorks WLSE includes strong encryption technology that is restricted for some types of U.S. exports.
Table 2. Ordering Information
Part Number
Description
CWWLSE-1130-19-K9
CiscoWorks WLSE 2.11 includes the Cisco 1130-19 hardware platform and WLAN management Software 2.11
CWWLSE-2.11-SWUP-K9
Software-only upgrade kit for customers with CiscoWorks 1130 or 1130-19 running CiscoWorks WLSE 2.x to 2.11
