Cisco SWAN

With so many organizations wanting to adopt wireless networking technology, Cisco realized it was difficultif not impossiblefor many organizations to quickly and effectively deploy their own wireless solutions. When users decide they need wireless capabilities, problems often occur. For example, users take it upon themselves to install wireless components. This initiative poses performance and security issues for the network. To help address this problem, Cisco developed its SWAN solution.

For any size network, SWAN makes it possible to quickly add wireless infrastructure and then configure the WLAN in a manner consistent with the rest of the network.

SWAN Highlights

SWAN is not an off-the-shelf product; rather, SWAN is an architecture built from many Cisco components. To build your own SWAN, you need the following components, as illustrated in Figure 3-1:

  • Wireless network adapters

  • Aironet access points (AP)

  • Airespace APs

  • Switches (such as the Catalyst 6500 with the WLAN Services Module [WLSM])

  • Routers


    Switches and routers are not required equipment for a SWAN infrastructure, but compatible devices can be included in your SWAN solution.

  • AAA server (such as the Cisco Access Control Server [ACS]) for authentication

Figure 3-1. Cisco SWAN Components

You must also include the CiscoWorks LAN Management Solution software and the Wireless Solutions Engine (WLSE) appliance for management.


WLSE is covered in more depth in Chapter 10, "CiscoWorks Wireless LAN Solution Engine (WLSE)."

Alhough this sounds like a lot of equipment, chances are you already have most of it because of your support for wired LANs. Additionally, routers and switches are not mandatory for a SWAN solution.

Overall, SWAN focuses on two main areas:

  • Secure mobility Encompasses fast, secure, seamless roaming (at Layers 2 and 3)

  • Radio frequency (RF) management Involved with such issues as rogue AP detection, site surveys, RF monitoring, and performance


SWAN introduces the Cisco Wireless Domain Services (WDS) technology. In essence, WDS is a set of Cisco IOS Software features that run on one of the WLAN's APs. The device, in addition to its own AP duties, also acts as a controller for other APs on the same subnet. To speed up Layer 2 roaming (roaming in the same subnet) and Layer 3 roaming (roaming between subnets), all APs register with the WDS AP using 802.1X. As clients power up, they are initially authenticated with the AAA server. This information is sent through the WDS, which transfers it to the AP.


Layer 3 roaming is supported if WDS runs on a router or a WLSM module in a Catalyst 6500 series switch.

As the client roams from cell to cell, WDS sends the client key to the new AP. As such, the client does not need to re-authenticate with the AAA server, which makes roaming much more efficient and speedy. Figure 3-2 illustrates the roaming process as facilitated by WDS.

Figure 3-2. WDS Transmits a Client's Key to APs the Client Has Roamed into, Making Roaming Faster

Further, the WDS acts as a backup local authenticator for remote offices if the WAN connected to an AAA server in a head office fails.


When an AP is used as an authenticator, the WDS can handle only 50 accounts, and it is not synchronized to the central Remote Authentication Dial-In User Service (RADIUS) server. For that functionality, you need to use WLSE, which is used for the management of hundreds of APs. More accounts can be handled if an external RADIUS server is used.

RF Management

SWAN adds the following ease-of-use features that make WLAN management much simpler and smoother for both setup and ongoing use:

  • Rogue AP detection APs with WDS can aggregate RF statistics from other APs, and then pass along the data to the WLSE. This shows rogue APs on the WLAN. After it is identified, a rogue AP can be isolated from the rest of the network.

  • Site surveys To effectively deploy any WLAN, a site survey is necessary. (Site surveys are covered in more detail in Chapter 5, "Installing and Configuring Access Points.") Most often, a consultant or IT staff member who is knowledgeable about site surveys conducts them. Unfortunately, this can be costly and time-intensive.

    With SWAN, however, site surveys can be assisted without required extensive RF knowledge. Site surveys are assisted using site survey tools that are integrated into the WLSE. Although SWAN can help conduct a survey, it is not a replacement for conventional site surveys.

    The stream of RF statistics (used for rogue AP detection) can also help the WLSE create a map of wireless coverage and use existing APs to conduct site surveys. You can identify areas in your WLAN where there is no coverage. To do this, import floor plans into the software, and then you can see where extra APs are needed. If performance falls under a specified threshold, a site survey can be automatically initiated, which can sometimes help track down the problem.

  • Interference detection SWAN's site surveys are equally important to its capability to detect RF interference. Interference that affects network performance can come from a number of sources, which include rogue APs and even microwave ovens. When interference is detected, SWAN can be used to locate the source. This WLAN controller can also readjust channels to avoid interference.

  • Self-healing features Because SWAN can manage thousands of APs, if an AP fails, the network can detect the outage and compensate with other APs. Adjustments can automatically be made to the power and cell coverage of neighboring APs.

Cisco 802.11 Wireless Networking Quick Reference
Cisco 802.11 Wireless Networking Quick Reference
ISBN: 158705227X
EAN: 2147483647
Year: 2005
Pages: 126

Similar book on Amazon © 2008-2017.
If you may any questions please contact us: