Wireless domain services (WDS) is another new offering from Cisco that is part
of their wireless-aware framework. WDS is basically a batch of Cisco IOS software
features that help enhance client mobility in the WLAN and simplify the
WLAN deployment and management. All Cisco APs in a subnet register themselves
with the WDS and work together to monitor the WLAN. Some of the
features offered as part of this are rogue AP detection, interference detection, and
assisted site surveys. Each of these features are discussed in the next section, but
first, let’s cover a couple of additional feature sets provided by the WDS—fast
secure roaming and IEEE 802.1X local authentication.
Fast secure roaming is a new feature that Cisco has included as part of the
WDS.Typically in a WLAN, switching between wireless APs requires either a configuration
change on the client side or a long delay in communication as the client
is authenticated with the new AP. Fast, secure roaming eliminates this configuration
change or delay by allowing Cisco wireless client adapters or Cisco compatible
client adapters to quickly switch between APs on the same subnet.The delay in
switching between APs has been narrowed down to less than 150ms.
Though it is not yet available, Cisco is also working on introducing the same
fast secure roaming features when going between subnets.This feature will be
released with or soon after Cisco’s release of wireless-aware LAN features for
Cisco switches and routers. Roaming is covered in more detail in Chapter 3 of
Another feature of the WDS is IEEE 802.1X local authentication.With this
feature, Cisco Aironet APs can be configured to act as a local Remote
Authentication Dial-In User Service (RADIUS) server. Using an AP as a
RADIUS server in this manner allows clients to authenticate to the WLAN even
when the Cisco Secure Access Control Server (ACS) is unavailable. Using
RADIUS, the end user is able to authenticate and gain access to normal network
resources such as file shares or shared printers.
The RADIUS authentication features of Cisco Aironet APs can be configured
and managed through the Cisco WLSE software. From this central point of
management, you can configure the APs to act as RADIUS servers and manage
RADIUS accounts. Keep in mind that if an AP is configured to act as a
RADIUS server, it still provides functionality as an AP.These features are in no
way mutually exclusive.