Cisco WS-SVC-WISM-1-K9 Wireless Services Module

The Cisco Catalyst 6500 Series/Cisco 7600 Series Wireless Services Module (WiSM) provides unparalleled security, mobility, redundancy, and ease of use for business-critical wireless LANs (WLANs). It delivers the most secure wireless system available by offering centralized security policies, wireless intrusion prevention system (IPS) capabilities, award-winning RF management, quality of service (QoS), and Layer 3 fast secure roaming for WLANs. As a key component of the Cisco Unified Wireless Network for the enterprise, and Cisco Service Provider Wi-Fi (SP Wi-Fi) for service providers, the Cisco WiSM provides the control, security, redundancy, and reliability that network managers and operators need to scale and manage their wireless networks easily.


Cisco addresses wireless LAN security by offering multiple layers of protection including:

• RF security: Detect and avoid 802.11 interference and control unwanted RF propagation.

• Wireless LAN intrusion protection and location: The solution not only detects rogue devices or potential wireless threats, but also locates these devices. This helps administrators to quickly assess the threat level and take immediate action to mitigate threats as required.

• Identity-based networking: Network managers must support many different user access rights, device formats, and application requirements when securing wireless LANs. The Cisco WLAN solution enables organizations to deliver individualized security policies to wireless users or groups of users. These include:

– Layer 2 security: 802.1X (PEAP, LEAP, EAP-TTLS), WPA, 802.11i (WPA2), and Layer 2 Tunneling Protocol (L2TP)

– Layer 3 security (and above): IP Security (IPsec), Web authentication.

– VLAN Assignments

– Access control lists (ACLs): IP restrictions, protocol types, port, and differentiated services code point (DSCP) value.

– QoS: Multiple service levels, bandwidth contracts, traffic shaping, and RF utilization.

– Authentication, Authorization, and Accounting (AAA)/RADIUS authentication: User session policies and rights management.

• Cisco Network Admission Control (NAC): Enforce policies pertaining to client configuration and behavior, to help ensure that only end-user devices with appropriate security utilities can gain access to the network.

• Secure Mobility: Maintains the highest level of security in mobile environments with Cisco Proactive Key Caching (PKC), an extension to the 802.11i standard and precursor to the 802.11r standard that facilitates secure roaming with Advanced Encryption Standard (AES) encryption and RADIUS authentication.

• Guest tunneling: Provides additional security for access to a corporate network by guest users. It helps ensure that guest users are able to access a corporate network only by passing through a corporate firewall.