Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipment4404 - Wireless LAN Controller
11121314151617181920
13
MSE, and syslog server) in the environment for analysis and review, and denial of traffic flow
and/or containment of rogue access points and clients consistent with applied wIPS policies.
The AP performs analysis of wireless traffic in the course of generating wIPS data the wIPS
event log items represent events sent from the wIPS system to the MSE. Responses to the
wIPS data from the WCS or NCS are sent via SNMPv3 and from MSE are sent via NMSP to
the Controller, and wIPS policy updates are pushed from the Controller to APs where wIPS
policies are enforced. The TOE relies on the WCS or NCS and MSE components in the IT
environment to support the wIPS functionality by defining wIPS policies, and for location
tracking by correlating wireless signal metrics measured by multiple APs.
2.2 TOE Overview
The TOE is a system of products administratively configured to interoperate to provide a
WLAN. The TOE allows mobile, wireless clients to be roaming hosts on the wireless
network, and to connect to the wired network using access points (APs). The TOE has Access
Point TOE components (Cisco Aironet 3502i, 3502e, 1262, 1252, 1142 AGN access points,
1242, 1131 AG access points, and 1524, 1522 AG and 1552 outdoor mesh access points),
Controller TOE components (Cisco Wireless LAN Controllers 4402 and 4404 , Cisco Wireless
LAN Controller 5508, and the Cisco WiSM (Cisco Wireless Services Module) and WiSM2.
Note that although there are several TOE components, when the TOE is operational there is
only one component that provides administrative interfaces authenticated by the TOE: the
Controller, so there is one administrator role on the TOE.
2.3 TOE Physical Boundary
The TOE physical boundary defines all hardware and software that is required to support the
TOEs logical boundary and the TOEs security functions. The TOE’s support of the logical
boundary and security functions is divided into functional components (TOE components)
which are described in this section.
Hardware and software not included in the TOE’s physical boundary and relied on by the
TOE and therefore supplied by the IT Environment is described in the IT Environmental
Dependencies section of this document. Security functionality included in the TOE’s
physical boundary but not identified in the TOEs logical boundary or claimed as TOE
security functions is identified in the TOE Component Communication Methods.
Table 3 below identifies the required components in the evaluated configuration and identifies
whether or not they are within the TOE boundary. This is followed by a sample network
arrangement of the TOE and detailed subsections on each TOE component.