3504 Wireless Controller

Optimized for 802.11ac Wave 2 performance, the intent-driven Cisco DNA ready Cisco® 3504 Wireless Controller with Cisco Multigigabit Ethernet technology is a compact, highly scalable, service-rich, resilient, and flexible platform that enables next-generation wireless networks for small to medium-sized enterprises and branch office deployments.

Product Overview

The Cisco 3504 Wireless Controller provides centralized control, management, and troubleshooting for small to medium-sized enterprises and branch offices. It offers flexibility to support multiple deployment modes in the same controller—a centralized mode for campus environments, Cisco FlexConnect® mode for lean branches managed over the WAN, and a mesh (bridge) mode for deployments in which full Ethernet cabling is unavailable. As a component of the Cisco Unified Wireless Network, the 3504 controller provides real-time communications between Cisco Aironet® access pointsCisco Prime® Infrastructure, and the Cisco Mobility Services Engine, and is interoperable with the Cisco 5520 and 8540 Wireless Controllers.

The Cisco Digital Network Architecture (Cisco DNA) is an open and extensible, software-driven architecture that accelerates and simplifies your enterprise network operations. The programmable architecture frees your IT staff from time-consuming, repetitive network configuration tasks so they can focus instead on innovation that positively transforms your business. SD-Access, as part of Cisco DNA, enables policy-based automation from edge to cloud with foundational capabilities. Cisco DNA Assurance, also part of Cisco DNA, provides a single source to monitor, modify, and manage your network and application data.

Features and Benefits

The Cisco 3504 Wireless Controller with Cisco Multigigabit Ethernet technology is optimized for 802.11ac Wave 2 performance, high scale, and enhanced system uptime. It offers:

  • Intent-driven programmability and streaming telemetry.
  • Quiet operation, with a small form factor and compact design ideal for space-constrained deployments, providing flexibility without compromising on features.
  • Cisco Multigigabit Ethernet technology to support next-generation 802.11ac Wave 2 deployments using existing cabling infrastructure.
  • Subsecond access point and client failover for uninterrupted application availability.
  • Extraordinary visibility into application traffic, using Cisco Application Visibility and Control (AVC), the technology that includes the Network-Based Application Recognition 2 (NBAR2) engine, with Cisco's Deep Packet Inspection (DPI) capability. This allows the 3504 to mark, prioritize, and block to conserve network bandwidth and enhance security. Customers can optionally export the flows to Cisco Prime Infrastructure or a third-party NetFlow collector.
  • An embedded wireless Bring-Your-Own-Device (BYOD) policy classification engine that allows classification of client devices and application of user group policies.
  • Guest access and Bonjour and Chromecast services in centralized deployments.
  • Software-defined segmentation with Cisco TrustSec® technology, reducing Access Control List (ACL) maintenance, complexity, and overhead.
  • Integrated Cisco CleanAir® technology, providing the industry’s only self-healing and self-optimizing wireless network.
  • A simplified GUI wizard for quick setup and intuitive dashboards for monitoring and troubleshooting.
  • Cisco DNA and SD-Access Wireless, as well as Cisco DNA Assurance.

Manufacturer Part Number
AIR-CT3504-K9
Full Product Specifications

Note:

  • The full product specifications below are from the manufacturer and may contain information related to other package quantities that will not apply to the product that you are reviewing. Please confirm the actual content and/or package quantity from the main product specifications page.
  • These specifications may represent the entire product series/model/line to which this product belongs with specific configuration differences between the individual products stated.
  • These specifications may have been copied from the same product in other region/country in which case there might be minor differences in region-specific data such as Input Voltage, Terms of Warranty etc.

Wireless: IEEE 802.11a, 802.11b, 802.11g, 802.11d, WMM/802.11e, 802.11h, 802.11n, 802.11k, 802.11r, 802.11u, 802.11w, 802.11ac Wave 1 and Wave 2

Wired, switching, and routing: IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX specification, 1000BASE-T. 1000BASE-SX, 1000-BASE-LH, IEEE 802.1Q VLAN tagging, IEEE 802.1AX Link Aggregation

Data Request For Comments (RFC)

●  RFC 768 UDP

●  RFC 791 IP

●  RFC 2460 IPv6

●  RFC 792 Internet Control Message Protocol (ICMP)

●  RFC 793 TCP

●  RFC 826 Address Resolution Protocol (ARP)

●  RFC 1122 Requirements for Internet Hosts

●  RFC 1519 Classless Interdomain Routing (CIDR)

●  RFC 1542 BOOTP

●  RFC 2131 Dynamic Host Configuration Protocol (DHCP)

●  RFC 5415 CAPWAP Protocol

●  RFC 5416 CAPWAP Binding for 802.11

Security standards

●  Wi-Fi Protected Access (WPA)

●  IEEE 802.11i (WPA2, RSN)

●  RFC 1321 MD5 Message-Digest Algorithm

●  RFC 1851 Encapsulating Security Payload (ESP) Triple Data Encryption Standard (3DES) Transform

●  RFC 2104 HMAC: Keyed Hashing for Message Authentication

●  RFC 2246 Transport Layer Security (TLS) Protocol Version 1.0

●  RFC 2401 Security Architecture for the Internet Protocol

●  RFC 2403 HMAC-MD5-96 within ESP and Authentication Header (AH)

●  RFC 2404 HMAC-SHA-1-96 within ESP and AH

●  RFC 2405 ESP DES-CBC Cipher Algorithm with Explicit IV

●  RFC 2407 Interpretation for Internet Security Association and Key Management Protocol (ISAKMP)

●  RFC 2408 ISAKMP

●  RFC 2409 Internet Key Exchange (IKE)

●  RFC 2451 ESP Cipher Block Chaining (CBC)-Mode Cipher Algorithms

●  RFC 3280 Internet X.509 Public Key Infrastructure (PKI) Certificate and Certificate Revocation List (CRL) Profile

●  RFC 4347 Datagram Transport Layer Security

●  RFC 5426 TLS Protocol Version 1.2

Encryption

Wired Equivalent Privacy (WEP) and Temporal Key Integrity Protocol-Message Integrity Check

(TKIP-MIC):

●  RC4 40, 104 and 128 bits (both static and shared keys)

●  Advanced Encryption Standard (AES): CBC, Counter with CBC-MAC (CCM), Counter with CBC Message Authentication Code Protocol (CCMP)

●  Data Encryption Standard (DES): DES-CBC, 3DES

●  Secure Sockets Layer (SSL) and TLS: RC4 128-bit and RSA 1024- and 2048-bit

●  DTLS: AES-CBC

●  IPsec: DES-CBC, 3DES, AES-CBC

●  802.1AE MACsec encryption

Authentication, Authorization, and Accounting (AAA):

●  IEEE 802.1X

●  RFC 2548 Microsoft Vendor-Specific RADIUS Attributes

●  RFC 2716 Point-to-Point Protocol (PPP) Extensible Authentication Protocol (EAP)-TLS

●  RFC 2865 RADIUS Authentication

●  RFC 2866 RADIUS Accounting

●  RFC 2867 RADIUS Tunnel Accounting

●  RFC 2869 RADIUS Extensions

●  RFC 3576 Dynamic Authorization Extensions to RADIUS

●  RFC 5176 Dynamic Authorization Extensions to RADIUS

●  RFC 3579 RADIUS Support for EAP

●  RFC 3580 IEEE 802.1X RADIUS Guidelines

●  RFC 3748 EAP

●  Web-based authentication

●  TACACS support for management users

Management:

●  Simple Network Management Protocol (SNMP) v1, v2c, v3

●  RFC 854 Telnet

●  RFC 1155 Management Information for TCP/IP-Based Internets

●  RFC 1156 MIB

●  RFC 1157 SNMP

●  RFC 1213 SNMP MIB II

●  RFC 1350 Trivial File Transfer Protocol (TFTP)

●  RFC 1643 Ethernet MIB

●  RFC 2030 Simple Network Time Protocol (SNTP)

●  RFC 2616 HTTP

●  RFC 2665 Ethernet-Like Interface Types MIB

●  RFC 2674 Definitions of Managed Objects for Bridges with Traffic Classes, Multicast Filtering, and Virtual Extensions

●  RFC 2819 Remote Monitoring RMON MIB

●  RFC 2863 Interfaces Group MIB

●  RFC 3164 Syslog

●  RFC 3414 User-Based Security Model (USM) for SNMPv3

●  RFC 3418 MIB for SNMP

●  RFC 3636 Definitions of Managed Objects for IEEE 802.3 MAUs

●  Cisco private MIBs

Management interfaces:

●  Web-based: HTTP/HTTPS

●  Command-line interface: Telnet, Secure Shell (SSH) Protocol, serial port

●  Cisco Prime Infrastructure

Interfaces and indicators:

●  1x Multigigabit Ethernet interface (up to 5 Gigabit Ethernet) + 4x 1 Gigabit Ethernet interfaces (RJ-45)

●  1x service port: 1 Gigabit Ethernet port (RJ-45)

●  1x redundancy port: 1 Gigabit Ethernet port (RJ-45)

●  1x console port: Serial port (RJ-45)

●  1x console port: Serial port (mini-B USB)

●  1x USB 3.0 port

●  LED indicators: Network link, diagnostics

Physical and environmental:

Dimensions: 1.73 x 9.5 x 8.5 in. (43.94 x 214.3 x 215.9 mm)

Weight: 4.4lbs

Temperature:

Operating: 32 to 104 °F (0 to 40°C)

Storage: -4 to 158 °F (-20 to 70°C)

Humidity:

Operating Humidity: 5% to 95% RH non-condensing

Storage Humidity: 0% to 95% RH non-condensing

Power adapter: Input power: 100 to 240 VAC; 50/60 Hz

Heat dissipation(without PoE): 47W, 160BTU/hr

Heat dissipation(with PoE): 98W, 335BTU/hr

Regulatory compliance:

CE Markings per directives 2004/108/EC and 2006/95/EC Safety:

●  UL 60950-1 Second Edition

●  CAN/CSA-C22.2 No. 60950-1 Second Edition

●  EN 60950-1 Second Edition

●  IEC 60950-1 Second Edition

●  AS/NZS 60950-1

●  GB4943 2011 EMC - Emissions:

●  47CFR Part 15 (CFR 47) Class B

●  AS/NZS CISPR22 Class B

●  EN 55032 Class B

●  ICES003 Class A VCCI Class B

●  EN 61000-3-2 EN 61000-3-3 KN22 Class B

●  CNS13438 Class B EMC - Immunity:

●  EN 55024

●  CISPR24

●  EN 300386

●  KN24

Published Date: August 29, 2017
AIR-CT3504-K9