Increasing Your Network Tolerance

As organizations look to improve operations through centralized control, they often need to take into account what would happen if an area of the network fails. In many cases, having a centralized controller-based wireless architecture in organizations with multiple branch offices has prompted the question, “What happens if the WAN is slow, or even worse, goes down?”

Many organizations have been reluctant to implement a centralized wireless controller located in the data center or private cloud due to this concern. Without centralized control, these organizations have two deployment strategies available to them:

  • Implement wireless controllers at each branch site. This approach is perfectly fine for an organization with many Access Points per branch, or those that require high throughput for applications such as Video. However, many branches only require a few Access Points per location or require simple applications such as bar-code scanning and printing. For these organizations, local controllers become less cost effective, with the capital expense becoming prohibitive.
  • Implement access points running in autonomous mode. This approach eliminates the benefits of having any kind of centralized control such as the ability to centrally configure wireless policy and security setting on access points, WIPS capabilities and advanced mobility services like CleanAir, leaving the branch vulnerable and opening the corporate network to attacks.

So how do organizations meet the growing needs of the branch, while assuring client’s network connectivity, even during times of WAN failure or slowdown? Recently, Cisco announced the new Cisco Flex 7500 Cloud Controller that brings together scale and WAN tolerance to keep the branch operating. You can read a summary of the announcement with a customer case study on our blog.

The Cisco Flex 7500 Cloud Controller allows for AAA authentication using RADIUS located centrally in the data center, at the branch or internally in the access point. It is the ability of the Cisco solution to support multiple authentication locations that allow users to remain connected at time of WAN failure or slowdown.  If a client is connected to the branch network and the WAN connection drops, they will remain connected until they purposely disconnect.  If a client is trying to establish a new connection, the Cisco solution will use one to all three of the methods, in the order they were configured, to get the user connected. For more information, be sure to read third-party testing of the 7500 versus our competition.

If you want to understand more about controller-based architectures the Cisco Product Management Team responsible for the controller portfolio released a new white paper titled, “The Evolution of Wireless LAN” that examines different approaches to implementing a controller-based architecture for the campus and for the branch.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.