Guest

Cisco Catalyst 3750 Series Integrated Wireless LAN Controllers

Cisco Catalyst 3750G Integrated Wireless LAN Controller

Hierarchical Navigation

Downloads

The Cisco Catalyst 3750 Integrated Wireless LAN Controller combines Cisco's Unified Wireless LAN functionality with Cisco's award-winning Catalyst 3750 stackable switches and delivers unparalleled WLAN security, mobility, and ease of use for business critical wireless LANs.

Configurations

The Cisco Catalyst 3750G Integrated Wireless LAN Controller includes the following configurations:

• The Cisco Catalyst WS-C3750G-24WS-S25, with 24 10/100/1000 PoE ports, 2 SFP module slots, and an integrated Cisco wireless LAN controller supporting up to 25 Cisco Access Points

• The Cisco Catalyst WS-C3750G-24WS-S50, with 24 10/100/1000 PoE ports, 2 SFP module slots, and an integrated Cisco wireless LAN controller supporting up to 50 Cisco Access Points

The Cisco Catalyst 3750G Integrated Wireless LAN Controller delivers secure, enterprise wireless access to midsize organizations and enterprise branch offices requiring support for 50 to 200 access points in one logical unit. A logical unit is a stack of up to nine 3750G switches. For example, a logical unit can consist of four Cisco Catalyst 3750G Integrated Wireless LAN Controllers and five Catalyst 3750G switches, thus supporting up to 200 access points. Cisco Aironet access points can connect to any switch port in the logical unit.
The Cisco Catalyst 3750G Integrated Wireless LAN Controller delivers centralized security policies, wireless intrusion prevention system (IPS) capabilities, award-winning RF management, QoS, and Layer 3 fast secure roaming for WLANs. As a core component of the Cisco Unified Wireless Network, the Cisco Catalyst 3750G Integrated Wireless LAN Controller provides the control, security, redundancy, and reliability that network managers need to scale and manage their wireless networks as easily as they scale and manage their traditional wired networks (Figure 2).
The Cisco Catalyst 3750G Integrated Wireless LAN Controller is available with the Cisco IOS® Software IP Base image. The IP Base image feature set includes advanced quality of service (QoS), rate limiting, access control lists (ACLs), Routing Information Protocol (RIP) routing capability, and an Enhanced Interior Gateway Routing Protocol (EIGRP) stub for routing at the access layer. The Cisco IOS Software IP Services image and Advanced IP Services image are also available. The IP Services image provides a richer set of enterprise-class features, including advanced hardware-based IP unicast and multicast routing; the Advanced IP Services image provides IPv6 routing (Layer 3 switching).
The Cisco Catalyst 3750G Integrated Wireless LAN Controller communicates using the emerging Lightweight Access Point Protocol (LWAPP) standard to establish secure connectivity between access points and modules across Layer 3 networks. This protocol enables the automation of important WLAN configuration and management functions for cost-effective WLAN operations. With this integrated approach to wireless networking, customers can realize significant total cost of ownership benefits by streamlining support costs and reducing planned and unplanned network downtime.
The Cisco Catalyst 3750G Integrated Wireless LAN Controller is a member of the Cisco Wireless LAN Controller family. It works in conjunction with Cisco Aironet® access points, the Cisco Wireless Control System (WCS), and the Cisco Wireless Location Appliance to support mission-critical wireless data, voice, and video applications. It provides real-time communication between controller-based access points and other wireless LAN controllers to deliver a secure and unified wireless solution.

Figure 1. Cisco Catalyst 3750G Integrated Wireless LAN Controller

Figure 2. Unified Wireless LAN with the Cisco Catalyst 3750G Integrated Wireless LAN Controller

The Cisco Catalyst 3750G Integrated Wireless LAN Controller enables enterprises to create and enforce policies that support business-critical applications. From voice and data services to location tracking, the Cisco Catalyst 3750G Integrated Wireless LAN Controller provides the control and reliability that IT managers require to build secure, enterprise-class 802.11 wireless networks.
Because the Cisco® Catalyst® 3750G Integrated Wireless LAN Controller supports 802.11a/b/g and the IEEE 802.11n draft 2.0 standard, organizations can deploy the solution that best meets their individual requirements. Organizations can offer robust coverage with 802.11 a/b/g or deliver greater performance with 5x the throughput and unprecedented reliability using 802.11n and Cisco's Next-Generation Wireless Solutions.

Cisco Stack Wise Technology: A New Standard in Stackable Resiliency

Cisco StackWise technology is a unique stacking architecture optimized for Gigabit Ethernet. This technology is designed to respond to additions, deletions, and redeployment while maintaining constant performance. Up to nine Cisco Catalyst 3750G series switches can be stack in any combination. Within the nine, up to four can be the Cisco Catalyst 3750G Integrated Wireless LAN Controller. Using special stack-interconnect cables and stacking software. The stack behaves as a single switching unit that is managed by a master switch elected from one of the member switches. The master switch automatically creates and updates all the switching and optional routing tables. A working stack can accept new members or delete old ones without service interruption.

Uninterrupted Performance at Layer 3

The Cisco Catalyst 3750G Series increases availability for stackable switches. Each switch can operate both as master controller and forwarding processor. Each switch in the stack can serve as a master, creating a 1:N availability scheme for network control. In the unlikely event of a single unit failure, all other units continue to forward traffic and maintain operation.
The Cisco Catalyst 3750G Integrated Wireless LAN Controller delivers the highest level of reliability for mission-critical wireless networks. In the event of an access point failure, the Cisco Catalyst 3750G Integrated Wireless LAN Controller automatically adjusts power on adjacent access points to cover the area where the failed access point provided service. In the event of an individual Integrated Wireless LAN Controller failure, access points automatically find a backup on the same Cisco Catalyst 3750G stack or any other Cisco LWAPP-enabled platform.

Figure 3. Enterprise RF Intelligence

Intelligent RF Management

The Cisco Catalyst 3750G Integrated Wireless LAN Controller comes equipped with integrated software for adaptive real-time RF management. The Cisco WLAN solution uses Cisco's patent-pending Radio Resource Management (RRM) algorithms that detect and adapt to changes in the air space in real time. These adjustments create the optimal topology for wireless networking in much the same way that routing protocols compute the best possible topology for IP networks. Cisco RMM creates an intelligent RF control plane for self-configuration, self-healing, and self-optimization of the WLAN (Figure 3).
Specific intelligent RF capabilities managed by the Cisco Catalyst 3750G Integrated Wireless LAN Controller include:

Dynamic channel assignment: 802.11 channels are adjusted to optimize network coverage and performance based on changing RF conditions

Interference detection and avoidance: The system detects interference and recalibrates the network to avoid performance problems

Load balancing: The system provides automatic load balancing of users across multiple access points for optimum network performance, even under a heavy load

Coverage hole detection and correction: Cisco RRM software detects coverage holes and attempts to correct them by adjusting the power output of access points

Dynamic power control: The system dynamically adjusts the power output of individual access points to accommodate changing network conditions, helping to ensure predictable wireless performance and availability

• And previous releases

• For more information please refer to the Cisco Unified Wireless Network Software 4.0 Product Bulletin

Enterprise-Class Security

The Cisco Catalyst 3750G Integrated Wireless LAN Controller adheres to the strictest level of security standards, including:

• 802.11i Wi-Fi Protected Access 2 (WPA2), WPA, and Wired Equivalent Privacy (WEP)

• 802.1X with multiple Extensible Authentication Protocol (EAP) types, including Protected EAP (PEAP), EAP with Transport Layer Security (EAP-TLS), EAP with Tunneled TLS (EAP-TTLS), and Cisco LEAP

The result is the industry's most comprehensive WLAN security solution.
In Cisco's WLAN solution, access points act as air monitors, communicating real-time information about the wireless domain to Cisco wireless LAN controllers. All security threats are rapidly identified by the Cisco Wireless LAN controllers. Network administrators can use the Cisco Wireless Control System (WCS) to locate rogues or correlate threat information across controllers.
Cisco provides the only wireless LAN system that offers simultaneous wireless protection and wireless LAN service delivery. This helps to ensure complete wireless LAN protection, with no unnecessary overlay equipment costs or extra monitoring devices. This solution can be deployed initially as a standalone wireless IPS, and reconfigured later to add wireless LAN data service. This allows network managers to create a "defense shield" around their RF domains, containing unauthorized wireless activity until they are ready to deploy wireless LAN services.
Cisco addresses wireless LAN security by offering multiple layers of protection (Figure 4), including:

RF security: Detects and avoids 802.11 interference and control unwanted RF propagation.

Wireless LAN intrusion protection and location: Detects rogue devices and potential wireless threats, and also locates these devices. This helps IT administrators to quickly assess the threat level and take immediate action to mitigate threats as required.

Identity-based networking: IT staff must support many different user access rights, device formats, and application requirements when securing wireless LANs. The Cisco WLAN solution enables enterprises to deliver individualized security policies to wireless users or groups of users. These include:

– Layer 2 security: 802.1X (PEAP, LEAP, EAP-TTLS), WPA, 802.11i (WPA2), and Layer 2 Tunneling Protocol (L2TP)

– Layer 3 security (and above): IP Security (IPSec), Web authentication

– VLAN assignments

– ACLs: IP restrictions, protocol types, ports, and differentiated services code point (DSCP) value

– Qo: Multiple service levels, bandwidth contracts, traffic shaping, and RF utilization

– Authentication, authorization, and accounting (AAA)/RADIUS: User session policies and rights management

Network Admission Control (NAC): Enforces policies pertaining to client configuration and behavior, to help ensure that only end-user devices with appropriate security utilities can gain access to the network.

Secure mobility: Maintains the highest level of security in mobile environments with Cisco Proactive Key Caching (PKC), an extension to the 802.11i standard and precursor to the 802.11r standard that facilitates secure roaming with Advanced Encryption Standard (AES) encryption and RADIUS authentication.

Guest tunneling: Provides additional security for access to the corporate network by guest users. It helps ensure that guest users are only able to access the corporate network by passing through the corporate firewall.

Real-Time Application Support

The Cisco Unified Wireless Network provides best-in-class performance to support real-time applications such as voice. The Cisco Catalyst 3750G Integrated Wireless LAN Controller enables rapid handoff between access points and multiple modules and controllers, providing smooth mobility with no interruption in service to the client. Intelligent queuing and content management schemes provide effective resource management in the air space. The Cisco Catalyst 3750G Integrated Wireless LAN Controller also supports QoS capabilities that are Wi-Fi Multimedia (WMM)-compliant and closely mirror the emerging IEEE 802.11e standard. Full compliance with the finished standard will be achieved via a software upgrade when the final standard is ratified.

Mobility

The Cisco Catalyst 3750G Integrated Wireless LAN Controller allows users to roam between access points and across bridged and routed subnets without requiring changes to the underlying infrastructure. Security and QoS context information follows users wherever they roam, helping to ensure that mobility does not compromise performance, reliability, or privacy. The Cisco Catalyst 3750G Integrated Wireless LAN Controller does not require any modifications to existing infrastructures or client devices to enable mobility (mobile IP, for example).

Simplified Deployment and Management

The Cisco Catalyst 3750G Integrated Wireless LAN Controller is easy to deploy and cost-effective to own and operate. It provides maximum flexibility to deploy anywhere in the network, from the access layer to the distribution layer to the core, based upon customer business requirements. It supports zero-touch deployments that do not require manual configuration or pre-configuration of the access points. It also supports template-based configuration management. These intuitive templates enable the quick application of systemwide security configurations, QoS policies, mobility groups, back-end services, and other important configurations via the easy-to-use, award-winning Cisco WLAN user interface.
The Cisco Catalyst 3750G Integrated Wireless LAN Controller supports several integrated troubleshooting tools. When deployed with Cisco WCS, it supports enhanced monitoring and troubleshooting features, including intuitive heat map displays, alarm filtering, event correlation, and granular reporting tools.

Features and Benefits

Table 1 lists the features and benefits of the Cisco Catalyst 3750G Integrated Wireless LAN Controller.

Table 1. Features and Benefits of the Cisco Catalyst 3750G Integrated Wireless LAN Controller

Feature

Benefits

Cisco Catalyst 3750G Series Switch Integration

Integrated system for the Cisco Catalyst 3750G Series infrastructure delivers centralized security policies, intrusion prevention, RF management, QoS, and Layer 3 fast secure roaming for WLANs.

Scalability

Scalable architecture provides business-critical wireless services for midsize organizations and enterprise branch offices supporting 50 access points per switch and up to 200 access points in a stack.

Enterprise Reliability

With automated recovery from failures of Cisco Aironet access points, the Cisco Catalyst 3750G Integrated Wireless LAN Controller maximizes the availability of the wireless network.

Integrated RRM

The Cisco Catalyst 3750G Integrated Wireless LAN Controller creates an intelligent RF control plane for self-configuration, self-healing, and self-optimization.

Zero-Configuration Deployment

The Cisco Catalyst 3750G Integrated Wireless LAN Controller can be deployed without manually configuring access points or modifying existing network infrastructures.

Multilayered Security

Flexible security policies adapt to changing corporate security needs.

Intrusion Detection, Location, and Containment

Integrated wireless intrusion prevention preserves the integrity of wireless networks and sensitive corporate information.

Mobility Management

Users can roam between access points and across bridged and routed subnets without requiring changes to the underlying infrastructure.

Intuitive Management Interfaces

Better visibility and control of the air space reduces operational costs.

Product Specifications

Table 2 lists the product specifications for the Cisco Catalyst 3750G Integrated Wireless LAN Controller.

Table 2. Product Specifications for the Cisco Catalyst 3750G Integrated Wireless LAN Controller

Item

Specification

Wireless

IEEE 802.11a, 802.11b, 802.11g, 802.11d, 802.11h, 802.11n

Wired/Switching

IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX specification, IEEE 802.1Q VLAN tagging, and IEEE 802.1D Spanning Tree Protocol

Data RFCs
• RFC 768 UDP
• RFC 791 IP
• RFC 792 ICMP
• RFC 793 TCP
• RFC 826 ARP
• RFC 1122 Requirements for Internet Hosts
• RFC 1519 CIDR
• RFC 1542 BOOTP
• RFC 2131 DHCP

Security Standards
• NAC
• WPA
• IEEE 802.11i (WPA2, RSN)
• RFC 1321 MD5 Message-Digest Algorithm
• RFC 1851 The ESP Triple DES Transform
• RFC 2104 HMAC: Keyed Hashing for Message Authentication
• RFC 2246 TLS Protocol Version 1.0
• RFC 2401 Security Architecture for the Internet Protocol
• RFC 2403 HMAC-MD5-96 within ESP and AH
• RFC 2404 HMAC-SHA-1-96 within ESP and AH
• RFC 2405 ESP DES-CBC Cipher Algorithm with Explicit IV
• RFC 2406 IPSec
• RFC 2407 Interpretation for ISAKMP
• RFC 2408 ISAKMP
• RFC 2409 IKE
• RFC 2451 ESP CBC-Mode Cipher Algorithms
• RFC 2661 L2TP
• RFC 3280 Internet X.509 PKI Certificate and CRL Profile
• RFC 3602 The AES-CBC Cipher Algorithm and its use with IPSec
• RFC 3686 Using AES Counter Mode with IPSec ESP

Encryption
• WEP and TKIP-MIC: RC4 40, 104, and 128 bits (both static and shared keys)
• Secure Sockets Layer (SSL) and TLS: RC4 128-bit and RSA 1024- and 2048-bit
• AES: CCM, CCMP

AAA
• IEEE 802.1X
• RFC 2548 Microsoft Vendor-Specific RADIUS Attributes
• RFC 2716 PPP EAP-TLS
• RFC 2865 RADIUS Authentication
• RFC 2866 RADIUS Accounting
• RFC 2867 RADIUS Tunnel Accounting
• RFC 2869 RADIUS Extensions
• RFC 3576 Dynamic Authorization Extensions to RADIUS
• RFC 3579 RADIUS Support for EAP
• RFC 3580 IEEE 802.1X RADIUS Guidelines
• RFC 3748 Extensible Authentication Protocol
• Web-based authentication

Management
• Simple Network Management Protocol (SNMP) v1, v2c, v3
• RFC 854 Telnet
• RFC 1155 Management Information for TCP/IP-Based Internets
• RFC 1156 MIB
• RFC 1157 SNMP
• RFC 1213 SNMP MIB II
• RFC 1350 TFTP
• RFC 1643 Ethernet MIB
• RFC 2030 SNTP
• RFC 2616 HTTP
• RFC 2665 Ethernet-Like Interface Types MIB
• RFC 2674 Definitions of Managed Objects for Bridges with Traffic Classes, Multicast Filtering, and Virtual LAN Extensions
• RFC 2819 RMON MIB
• RFC 2863 Interfaces Group MIB
• RFC 3164 Syslog
• RFC 3414 User-Based Security Model (USM) for SNMPv3
• RFC 3418 MIB for SNMP
• RFC 3636 Definitions of Managed Objects for IEEE 802.3 MAUs
• Cisco private MIBs

Management Interfaces

Web-based: HTTP/HTTPS

Command-line interface: Telnet, Secure Shell (SSH), serial port

Interfaces and Indicators
• 24 Ethernet 10/100/1000 ports with IEEE 802.3af and Cisco prestandard PoE
• 2 SFP-based Gigabit Ethernet ports
• 32-Gbps, high-speed stacking bus
• 2 RU stackable, multilayer switch
• Console port: RS-232 (DB-9 male, DTE interface)
• Per-port status LEDs: link integrity, disabled, activity, speed, and full-duplex indications
• System-status LEDs: system, RPS, and bandwidth-utilization indications

Physical and Environmental
• Dimensions (W x D x H): 17.5 x 14.5 x 3.5 in. (44.45 x 38.63 x 8.89 cm)
• Weight: 21 lb
• Temperature:
• Operating: 32 to 113°F (0 to 45°C)
• Storage: -13 to 158°F (-25 to 70°C)
• Humidity:
• Operating humidity: 10 to 85 percent, noncondensing
• Storage humidity: Up to 95 percent
• Power:
• 137.5W

Regulatory Compliance
• CE Mark
• Safety:
• IEC 60950-1
• UL60950-1
• CAN/CSA C22.2 No. 60950-1
• EN 60950-1
• AS/NZS 60950.1
• EMI and susceptibility (Class A):
• U.S.: FCC Part 15.107 and 15.109
• Canada: ICES-003
• Japan: VCCI
• Europe: EN 55022, EN 55024

Mean Time Between Failure (MTBF)

209,170 hours

Ordering Information

Table 3 provides ordering information for the Cisco Catalyst 3750G Integrated Wireless LAN Controller. To place an order, visit http://www.cisco.com/en/US/ordering/index.shtml.

Table 3. Ordering Information for the Cisco Catalyst 3750G Integrated Wireless LAN Controller.

Part Number

Product Name

Minimum Software Required

WS-C3750G-24WS-S25

Cisco Catalyst 3750G Integrated Wireless LAN Controller with support for up to 25 Cisco Aironet access points
• IOS Software: 12.2(25)FZ
• Wireless Controller: Cisco Unified Wireless Network Software Release 4.0

WS-C3750G-24WS-S50

Cisco Catalyst 3750G Integrated Wireless LAN Controller with support for up to 50 Cisco Aironet access points
• IOS Software: 12.2(25)FZ
• Wireless Controller: Cisco Unified Wireless Network Software Release 4.0

CD-3750G-EMI=

IP Services image upgrade kit for standard versions of the Cisco Catalyst 3750G-24WS running the IP Base image

IOS Software: 12.2(25)FZ

3750G-AISK9-LIC-B=

Advanced IP Services image upgrade for standard versions of the Cisco Catalyst 3750G-24WS models running the IP Base image

IOS Software: 12.2(25)FZ

Summary

The Cisco Catalyst 3750G Integrated Wireless LAN Controller is ideal for midsize organizations and enterprise branch office wireless LAN deployments that require support for up to 50 access points per switch. The Integrated Wireless LAN Controller eliminates the deployment and management complexity of wireless networks, and provides enhanced security, maximum network availability, and enhanced WLAN performance. The Cisco Integrated Wireless LAN Controller works in conjunction with Cisco WCS and the Cisco Wireless Location Appliance to support mission-critical wireless data, voice, and video applications. As a component of the Cisco Unified Wireless Network, the Cisco Catalyst 3750G Integrated Wireless LAN Controller provides network administrators with the visibility and control they need to effectively manage and secure their enterprise-class WLANs.

Service and Support

Cisco offers a wide range of services programs to accelerate customer success. These innovative programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco services, visit Cisco Technical Support Services or Cisco Advanced Services.

For More Information

For more information about the Cisco Catalyst 3750G Integrated Wireless LAN Controller, contact your local account representative or visit http://www.cisco.com/en/US/products/hw/switches/ps5023/index.html.
For more information about the Cisco Unified Wireless Network, visit http://www.cisco.com/go/unifiedwireless.