Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
216
Views
1
Helpful
0
Comments

Embedded Wireless Controller (EWC) on Catalyst 9000 Series- SDAccess

sandjose
Cisco Employee
Cisco Employee

on ‎05-05-2026 05:51 AM

Introduction

In an SD-Access fabric, one of the key requirements for fabric-enabled wireless is the deployment of a dedicated Wireless LAN Controller (WLC) for each fabric site. While this model works well for large campus environments, it introduces significant overhead for small branch deployments, where deploying a physical or virtual WLC per site may not be practical or cost-effective.

The Embedded Wireless Controller (EWC) addresses this challenge by integrating wireless control directly into the switching platform. Built on the Catalyst 9800 architecture, EWC runs natively on Catalyst 9000 Series switches, eliminating the need for a separate controller.

This approach provides a simplified, cost-effective, and operationally efficient solution, making it particularly well-suited for small branch environments adopting SD-Access fabric.

What is EWC on 9k ?

EWC is a wireless LAN controller running as a package within Catalyst 9300, 9400, and 9500 switches. Instead of deploying a separate controller appliance per fabric site, organizations can leverage their existing switching infrastructure to manage fabric wireless networks.

In this architecture, a LISP (Locator/ID Separation Protocol) agent within the embedded 9800 software communicates with the SD-Access control plane, enabling seamless mobility, authentication and authorization for wireless endpoint.

 

Key Capabilities

EWC on 9k delivers robust wireless capabilities suitable for small to mid-sized deployments:

  • Supports up to 200 Access Points (APs)
  • Supports up to 4000 wireless clients
  • Stateful Switchover (SSO) .
  • Up to two controllers per fabric site, and can operate on N+1 HA mode

These capabilities ensure consistent performance and scalability for distributed enterprise environments.

 

Deployment Models

EWC is designed primarily for SD-Access environments and supports flexible deployment options:

  • Fabric-in-a-Box (FiaB)
  • Embedded Wireless on Fabric Edge
  • Co-located Border and Control Plane deployments

High Availability and Resilience

Business continuity is a critical requirement for wireless networks. EWC provides multiple high-availability mechanisms:

  • Stateful Switchover (SSO)
  • N+1 redundancy across independent nodes.

Different Catalyst 9000 platforms offer varying capabilities:

Catalyst 9300

  • Supports SSO via back plane stacking
  • Supports N+1 high availability with two independent nodes

Catalyst 9400

  • Supports SSO via dual supervisors
  • Supports N+1 high availability with two independent nodes

Catalyst 9500 / 9500H

  • Supports SSO via StackWise Virtual
  • Supports N+1 high availability with two independent nodes

Deployment Prerequisites

Before deploying EWC on 9k, ensure the following requirements are met:

  • NETCONF must be enabled on the switch
  • Cisco Catalyst  Center is the ONLY method  for provisioning
  • The switch must operate in install mode
  • Wireless package version must match the Cisco IOS-XE version of the switch
    • Example: IOS-XE 16.11.1 requires wireless package 16.11.1

Ensure NETCONF is selected as a credential for device discovery.

 

Limitations to Consider

While EWC simplifies wireless architecture, certain limitations should be considered during design:

  • Supported primarily in SD-Access environments
  • Maximum of two controllers per fabric site
  • Only fabric-based SSIDs are supported
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents