cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1241
Views
10
Helpful
3
Replies

Can Cisco 9130 AP support both Local (data) and WIPS mode simultaneously?

ezisaac
Level 1
Level 1

We need WIPS function in a new building and we are planning to use 9130 AP (with existing 8500 WLC). We know the new RF ASIC supports WIPS but can WIPS and local WiFi function running on an AP (without the dedicated WIPS mode AP) to save implementation cost? Thanks,

1 Accepted Solution

Accepted Solutions

d.friday
Level 4
Level 4

Ezisaac,

 

yes the 9130 will support data and wIPS simultaneously.  are you planning on using DNAC too ?

The 9800 controller will support wIPS Network Detection and Correlation but you will need DNAC for Complex Attack Analysis, Monitoring , Reporting and Containment.

 

you will also need to run 17.x code for wIPS.  

 

Enabled on AP Join Profile from C9800 Dashboard>Configuration>Tags & Profiles>AP Join

Select a Profile and enable the aWIPs by checking the box

View solution in original post

3 Replies 3

d.friday
Level 4
Level 4

Ezisaac,

 

yes the 9130 will support data and wIPS simultaneously.  are you planning on using DNAC too ?

The 9800 controller will support wIPS Network Detection and Correlation but you will need DNAC for Complex Attack Analysis, Monitoring , Reporting and Containment.

 

you will also need to run 17.x code for wIPS.  

 

Enabled on AP Join Profile from C9800 Dashboard>Configuration>Tags & Profiles>AP Join

Select a Profile and enable the aWIPs by checking the box

Thanks, that's really help. Two follow up questions:

1. if we are keeping existing 8500 WLC and PI (no DNAC), can we provide any WIPS functions on new 9130?

2. I don't see Cisco RF ASIC on 9115 and 9117 datasheet, does that mean the WIPS won't be supported by the same WAP as 9130? 

 

Thanks,

So Cisco has not done a very good job with providing info on the  WIPS features on the nextGen gear.   The 9115, 9117 and 9130 show they support WIPs detection running AirOS  (older controllers) and on the new 9800 controllers.   AirOS controllers only provide a few out of the Box IPS rules, you had to purchase an MSE to get over 100 signatures however a lot of those are now outdated, plus Cisco is moving everything to DNAC so MSE and Prime only have a few years left.

Review Cisco Networking for a $25 gift card