Cisco’s wireless LAN strategy has taken a leap forward. With a new module for its flagship Catalyst 6500 switch, and a new rugged access point, the networking giant reckons it is in the same technical league as the wireless switch startups. The system works best with all-Cisco kit, and the access point is pricey, but that is business as usual at Cisco.

The Wireless LAN Services Module (WLSM) for Cisco's Catalyst 6500 switch is intended as the central controller, managing all the wireless access points (APs) across a whole enterprise, WANs and LANs. It can support up to 300 APs and 6,000 users, Cisco said. The Cisco Aironet 1300 outdoor AP/bridge is designed for outdoor hotspots or for building-to-building connections and temporary networks.

The company also upgraded its radio management application, CiscoWorks Wireless LAN Solution Engine (WLSE). Version 2.7 improves on the application’s ability to manage APs, and provide even WLAN coverage. It now adjusts AP power and channels automatically, a feature that has been part of the arsenal of start-ups such as Airespace and Aruba for a year.

WLSE suffered a security alert last month, and switch start-up ReefEdge has launched a bundle specifically designed to improve security on Cisco wireless networks.

The new products are part of Cisco’s overall Structured Wireless-Aware Network (SWAN) strategy (see our feature on SWAN) announced in 2003, and the company is about to start a marketing push for applications such as voice on campus networks. The company has not been noticeably hurt by controversy over its authentication protocols.

Specialist switches on the market are mere “appliances” that won’t scale up beyond a “pilot deployment”, said Cisco product manager Douglas Gourlay. Sticking a WLSM in your Catalyst 6500 gives you the headroom to keep adding access points and users toward true enterprise scale without degrading performance, he said.

The module is good enough to allow voice on Wi-Fi, because it supports fast roaming, so users can move from one AP to another without losing applications, said Gourlay. The system can handoff and re-authenticate in 50 milliseconds or less - the magic figure for voice calls.

It’s a Cisco-only system, however, because users are authenticated at the AP - which must come from Cisco. And you only get that sub-50ms roaming if you use clients which support the proprietary Cisco Compatible Extensions (CCX). Though some other vendors support CCX, most others just get basic roaming. And, even with an all-Cisco network, you can’t get sub-50ms handover unless you are on the same campus as the WLSM-equipped Cat 6500. Elsewhere, handoffs take longer because of latency across the WAN.

Of course, the requirement to just buy Cisco is not a problem for the died-in-the-wool Cisco user. Manager Daniel Foss of Virginia-based print and online publisher Media General, said he prefers to stick with established vendors, because a start-up might be acquired by a larger vendor that has a weak overall product lineup or management system. "If they integrate a good solution into a bad system, it's still a bad system," he said.

Foss’s network is still at the trial stage, but he rates Cisco’s rogue access point detection and the way it automates network layout. He expects the technology to pay off by giving employees network access away from their desks, so newspaper editors can check page layouts while in meetings.

Big deployments in Cisco’s prize customers are key to the strategy, said IDC analyst Abner Germanow. In some cases, Cisco has put in bigger installations than specialised vendors such as Aruba and Airespace, while in others Cisco is offering something different, he said.

The Cisco Aironet 1300 AP/bridge costs $1,299, and the WLSM costs $18,000 for a module supporting 150 APs, with a cost of $8,000 to upgrade for more. The new version of WLSE is a free update.