[shortdesc]

Network management device
10 GigE
1U
rack-mountable

[/shortdesc] [properties]

Properties			^{AIR-CT3504-K9}
Description			3504 Wireless Controller with Cisco Multigigabit Ethernet technology
Product Family			AIR3500 Series
Product Type			Wireless Controller
Cisco DNA SD-Access Wireless			SD-Access Wireless is Cisco’s next-generation architecture for enterprise networks. It is the industry’s first policy-based automation from the edge to the cloud. It enables network access in minutes for any user or device to any application without compromising on security. SD-Access Wireless enables policy-based automation for wired and wireless, automated provisioning of wired and wireless networks, group-based policy for users and connected devices, and a distributed wireless data plane for campus deployments. In addition, all client roams are treated as Layer 2 roams across the network for distributed traffic.
Cisco DNA Analytics and Assurance			Cisco DNA Analytics and Assurance offer comprehensive network visibility. It collects data from users, devices, and applications to proactively identify problems. Network analytics and automation help IT quickly resolve issues, so you can increase availability and deliver a better user experience.
Scalability and performance			Optimized to enable 802.11ac Wave 2 next-generation networks, supporting: ● 4-Gbps throughput ● 150 access points ● 3000 clients ● 1x Multigigabit Ethernet interface (up to 5 Gigabit Ethernet), + 4x 1 Gigabit Ethernet ● 4096 VLANs
Flexibility and ease of deployment			● Only 10-in. (25-cm) depth to fit nicely in reduced-depth cabinet or desktop deployments ● Quiet and fanless operation for cabinet or desktop (up to 86°F [30°C] ambient) deployment. The fans are used by the controller only under certain conditions ● For quick and easy deployment, access points can be connected directly to the controller via two Power over Ethernet (PoE) ports
RF management			● Proactively identifies and mitigates signal interference for better performance ● Provides both real-time and historical information about RF interference affecting network performance across controllers, through systemwide integration with Cisco CleanAir technology
Multimode with indoor/ outdoor mesh access points			● Versatile controller with support for centralized, distributed, and mesh deployments to be used at different places in the network, offering maximum flexibility for medium-sized campus, enterprise, and branch networks ● Centralized control, management, and client troubleshooting ● Seamless client access in the event of a WAN link failure (local data switching) ● Highly secure guest access ● Efficient access point upgrade that optimizes WAN link utilization for downloading access point images ● Cisco OfficeExtend technology that supports corporate wireless service for mobile and remote workers with secure wired tunnels to indoor Cisco Aironet access points supporting OfficeExtend mode
Comprehensive end-to- end security			● Offers Control and Provisioning of Wireless Access Points (CAPWAP)-compliant Datagram Transport Layer Security (DTLS) encryption on the control plane between access points and controllers across remote WAN links ● Management frame protection detects malicious users and alerts network administrators ● Rogue detection for Payment Card Industry (PCI) compliance ● Rogue access point detection and detection of denial-of-service attacks
End-to-end voice			● Supports Cisco Unified Communications for improved collaboration through messaging, presence, and conferencing ● Supports all Cisco Unified IP Phones for cost-effective, real-time voice services
Fault tolerance and high availability			● Subsecond access point and client failover for uninterrupted application availability ● Redundant 1 Gigabit Ethernet or Cisco Multigigabit Ethernet (up to 5 Gigabit Ethernet) connectivity ● Solid-state device-based storage—no moving parts ● Enhanced system uptime with fast system restarts
Cisco Enterprise Wireless Mesh			● Allows access points to dynamically establish wireless connections without the need for a physical connection to the wired network ● Available on select Cisco Aironet access points, Enterprise Wireless Mesh is ideal for warehouses, manufacturing floors, shopping centers, and any other location where extending a wired connection may prove difficult or aesthetically unappealing
WLAN express setup			● Simplified GUI wizard for quick setup, and intuitive dashboards for monitoring and troubleshooting
High-performance video			● Cisco VideoStream technology optimizes the delivery of video applications across the WLAN
Mobility, security, and management for IPv6 and dual-stack clients			● Highly secure, reliable wireless connectivity and consistent end-user experience ● Increased network availability through proactive blocking of known threats ● Equips administrators for IPv6 planning, troubleshooting, and client traceability from Cisco Prime Infrastructure
Energy efficiency			● Organizations may choose to turn off access point radios to reduce power consumption during off- peak hours

[/properties] [specifications]

Wireless		IEEE 802.11a, 802.11b, 802.11g, 802.11d, WMM/802.11e, 802.11h, 802.11n, 802.11k, 802.11r, 802.11u, 802.11w, 802.11ac Wave 1 and Wave 2, Wi-Fi 6 (802.11ax) Note: The wireless controller does not contain any radio function itself. The wireless controller manages wireless access points/devices that implements these radio specification and functionality
Wired, switching, and routing		IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX specification, 1000BASE-T. 1000BASE-SX, 1000-BASE-LH, IEEE 802.1Q VLAN tagging, IEEE 802.1AX Link Aggregation
Data Request For Comments (RFC)		● RFC 768 UDP ● RFC 791 IP ● RFC 2460 IPv6 ● RFC 792 Internet Control Message Protocol (ICMP) ● RFC 793 TCP ● RFC 826 Address Resolution Protocol (ARP) ● RFC 1122 Requirements for Internet Hosts ● RFC 1519 Classless Interdomain Routing (CIDR) ● RFC 1542 BOOTP ● RFC 2131 Dynamic Host Configuration Protocol (DHCP) ● RFC 5415 CAPWAP Protocol ● RFC 5416 CAPWAP Binding for 802.11
Security standards		● Wi-Fi Protected Access (WPA) ● IEEE 802.11i (WPA2, RSN) ● RFC 1321 MD5 Message-Digest Algorithm ● RFC 1851 Encapsulating Security Payload (ESP) Triple Data Encryption Standard (3DES) Transform ● RFC 2104 HMAC: Keyed Hashing for Message Authentication ● RFC 2246 Transport Layer Security (TLS) Protocol Version 1.0 ● RFC 2401 Security Architecture for the Internet Protocol ● RFC 2403 HMAC-MD5-96 within ESP and Authentication Header (AH) ● RFC 2404 HMAC-SHA-1-96 within ESP and AH ● RFC 2405 ESP DES-CBC Cipher Algorithm with Explicit IV ● RFC 2407 Interpretation for Internet Security Association and Key Management Protocol (ISAKMP) ● RFC 2408 ISAKMP ● RFC 2409 Internet Key Exchange (IKE) ● RFC 2451 ESP Cipher Block Chaining (CBC)-Mode Cipher Algorithms ● RFC 3280 Internet X.509 Public Key Infrastructure (PKI) Certificate and Certificate Revocation List (CRL) Profile ● RFC 4347 Datagram Transport Layer Security ● RFC 5426 TLS Protocol Version 1.2
Encryption		Wired Equivalent Privacy (WEP) and Temporal Key Integrity Protocol-Message Integrity Check (TKIP-MIC): ● RC4 40, 104 and 128 bits (both static and shared keys) ● Advanced Encryption Standard (AES): CBC, Counter with CBC-MAC (CCM), Counter with CBC Message Authentication Code Protocol (CCMP) ● Data Encryption Standard (DES): DES-CBC, 3DES ● Secure Sockets Layer (SSL) and TLS: RC4 128-bit and RSA 1024- and 2048-bit ● DTLS: AES-CBC ● IPsec: DES-CBC, 3DES, AES-CBC ● 802.1AE MACsec encryption
Authentication, Authorization, and Accounting (AAA)		● IEEE 802.1X ● RFC 2548 Microsoft Vendor-Specific RADIUS Attributes ● RFC 2716 Point-to-Point Protocol (PPP) Extensible Authentication Protocol (EAP)-TLS ● RFC 2865 RADIUS Authentication ● RFC 2866 RADIUS Accounting ● RFC 2867 RADIUS Tunnel Accounting ● RFC 2869 RADIUS Extensions ● RFC 3576 Dynamic Authorization Extensions to RADIUS ● RFC 5176 Dynamic Authorization Extensions to RADIUS ● RFC 3579 RADIUS Support for EAP ● RFC 3580 IEEE 802.1X RADIUS Guidelines ● RFC 3748 EAP ● Web-based authentication ● TACACS support for management users
Management		● Simple Network Management Protocol (SNMP) v1, v2c, v3 ● RFC 854 Telnet ● RFC 1155 Management Information for TCP/IP-Based Internets ● RFC 1156 MIB ● RFC 1157 SNMP ● RFC 1213 SNMP MIB II ● RFC 1350 Trivial File Transfer Protocol (TFTP) ● RFC 1643 Ethernet MIB ● RFC 2030 Simple Network Time Protocol (SNTP) ● RFC 2616 HTTP ● RFC 2665 Ethernet-Like Interface Types MIB ● RFC 2674 Definitions of Managed Objects for Bridges with Traffic Classes, Multicast Filtering, and Virtual Extensions ● RFC 2819 Remote Monitoring RMON MIB ● RFC 2863 Interfaces Group MIB ● RFC 3164 Syslog ● RFC 3414 User-Based Security Model (USM) for SNMPv3 ● RFC 3418 MIB for SNMP ● RFC 3636 Definitions of Managed Objects for IEEE 802.3 MAUs ● Cisco private MIBs
Management interfaces		● Web-based: HTTP/HTTPS ● Command-line interface: Telnet, Secure Shell (SSH) Protocol, serial port ● Cisco Prime Infrastructure
Interfaces and indicators		● 1x Multigigabit Ethernet interface (up to 5 Gigabit Ethernet) + 4x 1 Gigabit Ethernet interfaces (RJ-45) ● 1x service port: 1 Gigabit Ethernet port (RJ-45) ● 1x redundancy port: 1 Gigabit Ethernet port (RJ-45) ● 1x console port: Serial port (RJ-45) ● 1x console port: Serial port (mini-B USB) ● 1x USB 3.0 port ● LED indicators: Network link, diagnostics
Operating Temperature		32 to 104 °F (0 to 40°C)
Dimensions		1.73 x 9.5 x 8.5
Power adapter		Input power: 100 to 240 VAC; 50/60 Hz Heat dissipation: 72 BTU/hour
Regulatory compliance		CE Markings per directives 2004/108/EC and 2006/95/EC Safety: ● UL 60950-1 Second Edition ● CAN/CSA-C22.2 No. 60950-1 Second Edition ● EN 60950-1 Second Edition ● IEC 60950-1 Second Edition ● AS/NZS 60950-1 ● GB4943 2011 EMC - Emissions: ● 47CFR Part 15 (CFR 47) Class B ● AS/NZS CISPR22 Class B ● EN 55032 Class B ● ICES003 Class A VCCI Class B ● EN 61000-3-2 EN 61000-3-3 KN22 Class B ● CNS13438 Class B EMC - Immunity: ● EN 55024 ● CISPR24 ● EN 300386 ● KN24
Warranty		● 3 years parts coverage ● 10-day Advance Replacement (AR): Cisco or its service center will use commercially reasonable efforts to ship a replacement within ten (10) working days after receipt of the RMA request. Actual delivery times might vary depending on customer location

[/specifications] [accesories]

PWR-115W-AC=	Cisco 3504 Wireless Controller Spare Power Supply
AIR-3504-RMNT=	Cisco 3504 Wireless Controller Rack Mount Bracket
Perpetual licenses
Cisco 3504 Wireless Controller upgrade SKU		LIC-CT3504-UPG	CON-ECMU-LICGT3504
Cisco 3504 Wireless Controller 1 access point adder license		LIC-CT3504-1A	CON-ECMU-LICT3504
Cisco 3504 Wireless Controller DTLS license		LIC-CT3504-DTLS-K9
Term-based licenses
Cisco DNA Essentials 3-, 5-, or 7-year term license per year per access point for wireless		AIR-DNA-E	Embedded Support included
Cisco DNA Advantage 3-, 5-, or 7-year term license per year per access point for wireless		AIR-DNA-A	Embedded Support included
Cisco DNA Premier 3-, 5-, or 7-year term license per year per access point for wireless		C1-AIR-K9-T	Embedded Support included

[/accesories] The Cisco 5520 Series wireless LAN controller is a highly scalable, service-rich, resilient, and flexible platform that is ideal for medium-sized to large enterprise and campus deployments. As part of the Cisco Unified Access Solution, the 5520 is optimized for the next generation of wireless networks, 802.11ac Wave 2.