cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
717
Views
0
Helpful
4
Replies

Cisco WLC Anchor or ISE?

asmlicense
Level 1
Level 1

Hello, I am on the eve of implementation wireless security access network. I should make a decision to use wlc anchor or not. Basically the scenario is there should be 2 SSIDs, Corporate and Guest. We will definitely use ISE as access control. In this case do we need to use anchor for guest access?
if anchor isolate guest traffic, ISE also can do it. What make me purhcase wlc anchorif I have ISE? I can't differentiate their functions clearly.
Can someone explain me, why I might need anchor?
It is urgent to make a decison, please help.

Thank you a lot

1 Accepted Solution

Accepted Solutions

If it is a single site and you have ensure proper security between guest user network and rest of the network, I would not worry too much about an anchor WLC.

Rasika

View solution in original post

4 Replies 4

if anchor isolate guest traffic, ISE also can do it. What make me purhcase wlc anchorif I have ISE? I can't differentiate their functions clearly. Can someone explain me, why I might need anchor?

Guest Anchor solution is used where you do not want to terminate Guest user traffic on the same network where your other user traffic terminate.

Usually Guest Anchor controller sits in a DMZ and all guest users get IP given from a DMZ subnet, so it can access public internet and no internal network.

This is really useful if you have multiple branches, where you do not want to terminate guest traffic at individual branches, instead terminate it a a central location DMZ.

ISE can be use to implement security, but not to L3 separation of networks as mentioned above.

HTH

Rasika

*** Pls rate all useful responses ***

Thank you for your reply. 

For single site deployment, from security point of view, is it critical to install anchor? Even guest traffic is terminated in internal network, it is totally isolated with ISE and I still can't get a key point why I should get anchor. Does it worth extra budget, if I have ISE?

If it is a single site and you have ensure proper security between guest user network and rest of the network, I would not worry too much about an anchor WLC.

Rasika

Thank you for your reply.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: