Specifications

ManualsBrandsCisco ManualsComputer equipment4404 - Wireless LAN Controller

Cisco Aironet 3500 AG

Series Access Point

The Cisco Aironet 3500 AG Series IEEE

802.11a/b/g/n Access Point is a fixed-

configuration dual-band Access Point.

The Cisco 3500 AG Series IEEE

802.11a/b/g /n Access Point provides two

radios each with diversity antennas that

provide omni-directional coverage. The

3500 series is made up of two models,

the Cisco Aironet 3502E and the Cisco

Aironet 3502I. The "E" designation

refers to "External" antennas while the

"I" designation refers to an "Internal"

antenna configuration. The TOE's

physical boundary includes the listed

Cisco Aironet 3500 AG Series Access

Points which are considered hardware

components of the TOE. This module is

within the TOE boundary.

AIR-CAP3502I-A-K9

AIR-CAP3502I-C-K9

AIR-CAP3502I-E-K9

AIR-CAP3502I-I-K9

AIR-CAP3502I-K-K9

AIR-CAP3502I-N-K9

AIR-CAP3502I-Q-K9

AIR-CAP3502I-S-K9

AIR-CAP3502I-T-K9

AIR-CAP3502E-A-K9

AIR-CAP3502E-C-K9

AIR-CAP3502E-E-K9

AIR-CAP3502E-I-K9

AIR-CAP3502E-K-K9

AIR-CAP3502E-N-K9

AIR-CAP3502E-Q-K9

AIR-CAP3502E-S-K9

AIR-CAP3502E-T-K9

2.3.2 Wireless LAN Controller TOE Component

The Wireless LAN Controller TOE components (herein referred to as Controller) are

management devices for one or more APs and the wireless LANs that are implemented on the

APs. The Controller communicates with the AP TOE components, and other external

components including admin workstation, ACS/ISE servers, syslog server, WCS or NCS, and

MSE through its network interface. The Controllers provide WLAN security, monitoring,

quality of service and radio resource management services for APs over redundant Gigabit

Ethernet network interfaces.

The Controllers provide security management services for APs include managing access

control lists (ACLs) for wireless devices, defining the authentication pol icies and

authorization and accounting servers that are to be used by the TOE, defining the encryption

types and security policies that the APs are to enforce, and managing the radio resource

management capabilities.

The Controllers provide monitoring management services to monitor the state of APs, the

state of wireless devices associated with the APs, along with the security events detected by

the APs which include wireless intrusion prevention signature detection, rogue device

detection, 802.11 management frame protection and the containment of rogue access points

and rogue wireless clients.

 The Controllers have a web based and a command line interface for administration. Both

are included in the evaluated configuration of the TOE. Changes that affect APs are

pushed out to the APs immediately using CAPWAP management plane messages.

 AES RADIUS key wrap is used to protect the 802.11i PMK distributed from ACS/ISE to

the Controller after a successful wireless user authentication. The Controller ensures that

this management interface between the Controller and the ACS/ISE is invoked and