The Cisco MSE (Mobility Service Engine) provides two primary services
1. Context Aware Services (CAS)
Ability to track the physical location of Network Devices, both wired and wireless, using wireless LAN controllers (WLCs) and Cisco Aironet Lightweight Access Points (LAPs). This solution allows a customer to track any Wi-Fi device, including clients, active RFID tags, and rogue clients and access points (APs).
2. Adaptive Wireless Intrusion Prevention System (wIPS)
wIPS software provides visibility and comprehensive threat prevention for the mobility network through monitoring, alerts, classifying, and remediation of wireless and wired network vulnerabilities
Communication among the system components involves the following protocols:
1. Control and Provisioning of Wireless Access Points (CAPWAP)—This protocol is the successor to LWAPP and is used for communication between access points and controllers.
2. Network Mobility Services Protocol (NMSP)—The protocol handles communication between controllers and the mobility services engine. In a wIPS deployment, this protocol provides a pathway for alarm information to be aggregated from controllers and forwarded to the mobility services engine and for wIPS configuration information to be pushed to the controller. This protocol is encrypted.
–Controller TCP Port: 16113
3. Simple Object Access Protocol (SOAP/XML)—The method of communication between the mobility services engine and WCS. This protocol is used to distribute configuration parameters to the wIPS service running on the mobility services engine.
–MSE TCP Port: 443
4. Simple Network Management Protocol (SNMP)—This protocol is used to forward wIPS alarm information from the mobility services engine to the WCS. It is also employed to communicate rogue access point information from the controller to WCS.
Full list of protocol/port used for MSE-WLC-WCS can be found from below link (Cisco Document ID 113344)
Cisco Unified Wireless Network Protocol and Port Matrix
Here are some settings of Context Aware Service (CAS) deployment.
in WCS under “Services-> Mobility Services -> Context Aware Services->Location Parameters“, you can change location specific information. An element is declared “inactive” if it is remain inactive for 1 hour.If it remain inactive for 24 hours (Absent Data Cleanup Interval) it is removed from the tracking table. But element’s history will be in MSE for 30 days by default.
The RSSI Cutoff is an important field that can be tuned for a particular environment. This field specifies the minimum RSSI value below which the MSE ignores when it calculates the location for a given element. This value is only applicable to track clients, that is, it does not apply to tag tracking.
If you specify a very high RSSI Cutoff, such as -60 or -50 with low AP density, it leads to poor location calculation since the MSE excludes RSSI values of reliable hearing APs from its calculation.
If you use a low RSSI Cutoff, such as -85 of -90 and operate in an open space area or with low walls, inter-floor attenuation areas lead to poor location calculation because the MSE includes RSSI values from outlying APs in its calculation.
Here are few reference guides I found useful when configuring MSE. Please feel free to read it & understand different settings on this platform.
1. Wired Client Tracking in MSE