Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5871
Views
0
Helpful
7
Replies

Cisco Virtual Wireless Controller Vs Hardware Controller

Go to solution
Jacob Berger
Level 2
Level 2

‎01-13-2015 11:17 PM - edited ‎07-05-2021 02:16 AM

Our WiSM needs to be upgraded.

We were given a choice of virtual (cheaper)  or hardware controller.

We were told that the virtual controller is designed differently and the usual traffic does not go through the controller.

question:

 

how does this impact security or other features of cisco wireless solution?

 

and if you have any other comments/experience  with the virtual controller

 

THANKS

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
patoberli
VIP Alumni
VIP Alumni

‎01-14-2015 02:21 AM

I can't really comment on the security question, other than, it depends on your network design :)

Regarding features, if you already manage a controller and know the required features, you find here a good comparison of all controllers and its features:

http://www.cisco.com/c/en/us/products/wireless/buyers-guide.html#~controllers

I think the feature in question was "Central Mode" which the virtual one lacks. The more modern (or actually the way it was before we had controllers) is "Flex Connect". In this mode the data will be put in the correct VLAN directly at the port the access point is connected to. That means that you will need to configure a Trunk port on the Switch for each AP. Depending on your building security, that could be seen as an issue. You could protect that with 802.1x between AP and Switch.

View solution in original post

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Jacob Berger

‎01-14-2015 06:33 AM

I personally don't like the vWLC:)  what you need to look at is the limitation on FlexConnect which is in the FlexConnect guide.  If you support the VM infrastructure then your good, but if not, well it just another step to get things fixed.  Look at the data sheet also for vWLC and look at the max number of clients and access points and make sure that fits in your design.  FlexConnect vs local mode. Do a search on that and that will provide you some pros and cons also.

-Scott

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
7 Replies 7

Go to solution
patoberli
VIP Alumni
VIP Alumni

‎01-14-2015 02:21 AM

I can't really comment on the security question, other than, it depends on your network design :)

Regarding features, if you already manage a controller and know the required features, you find here a good comparison of all controllers and its features:

http://www.cisco.com/c/en/us/products/wireless/buyers-guide.html#~controllers

I think the feature in question was "Central Mode" which the virtual one lacks. The more modern (or actually the way it was before we had controllers) is "Flex Connect". In this mode the data will be put in the correct VLAN directly at the port the access point is connected to. That means that you will need to configure a Trunk port on the Switch for each AP. Depending on your building security, that could be seen as an issue. You could protect that with 802.1x between AP and Switch.

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎01-14-2015 04:53 AM

Just to add, like patoberli mentioned, it's your design you need to look at. If you want almost a seemless migration, you would go with hardware (5508/8510).  The vWLC most likely you will have to redesign your wireless environment. 

-Scott

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Jacob Berger
Level 2
Level 2
In response to Scott Fella

‎01-14-2015 05:46 AM

thanks

when you say that with a vWLC i would most likely need to redesign, why would that be the case?

whats different?

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Jacob Berger

‎01-14-2015 06:19 AM

vWLC design is for FlexConnect. Unless your access points are all in FlexConnect, then your okay, if not, then it's a redesign.

-Scott

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Jacob Berger
Level 2
Level 2
In response to Scott Fella

‎01-14-2015 06:26 AM

seems like ill need to upgrade APs and config to FlexConnect

found this link

http://nexp.com.ua/technologies/wireless/access-points-migration-to-vwlc-tips-and-tricks/

could you throw in some vWLC vs 5508 pros and cons.

thanks

 

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Jacob Berger

‎01-14-2015 06:33 AM

I personally don't like the vWLC:)  what you need to look at is the limitation on FlexConnect which is in the FlexConnect guide.  If you support the VM infrastructure then your good, but if not, well it just another step to get things fixed.  Look at the data sheet also for vWLC and look at the max number of clients and access points and make sure that fits in your design.  FlexConnect vs local mode. Do a search on that and that will provide you some pros and cons also.

-Scott

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
patoberli
VIP Alumni
VIP Alumni
In response to Jacob Berger

‎01-14-2015 06:24 AM

If you go with Flex Connect, you will need to reconfigure every single switchport an access point is connected to. Currently you probably have an access-port with a fixed VLAN. With Flex Connect you have a trunk port (probably?) with a native VLAN and if you value security, with a list of allowed VLANs.

This is something that you have to consider. Also, if you do secure the port with an allowed VLAN list, you will need to modify this list every time you want to allow a new VLAN on the access point, on every single switchport. This can be very time consuming, depending on how many switches/accesspoints you have.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card