, , , , , , ,

Cisco has published AireOS release in late October for AireOS based controllers (8540/5520/3504/vWLC). In many ways this release is significant one. You may be already aware Cisco is heavily focusing on standardizing its software codes across all platforms for a long time.  They have chosen IOS-XE software is the way forward & introduced that to every platforms (switches, routers, wireless controllers & access points). Specific to wireless, Cisco introduced 9800 series WLCs running on IOS-XE in late 2018.

With that AireOS platforms (AP & WLC) has to retire one day. It is expected 8.10 code train may be the last main release for AireOS based products. I am sure Cisco will continue to provide technical support for existing customers over next few years. However, You will start seeing IOS-XE WLC platforms get all new features and AireOS start lacking of those new features.


This post is to look at what AireOS 8.10 brings. Here are the main features introduced in AireOS 8.10. You can read AireOS release notes for full details.

New Access Point Support
Cisco Catalyst 9130 Access Points (C9130AXI-x)
Cisco Catalyst 9120E & 9120P Access Points (C9120AXE-x/C9120AXP-x)
Cisco Catalyst IW6300 Heavy Duty Series Access Points
Cisco 6300 Series Embedded Services Access Points

Intelligent Packet Capture
– If you have Cisco DNA-C, then you can use this feature to establish direct communication link between DNA-C & APs. So DNA-C  can get packet captures, client stats, spectrum data directly from APs. It is extremely useful to troubleshoot client roaming scenarios in enterprise environment.

– This feature is supported on wave-2 APs (1800,2800,3800,4800) and 9100 series APs. Specific to 8.10 release, it added this feature on Cisco 1800,9115,9117,9120 & 6300 series APs

WPA3 Support
WPA3 is the WiFi alliance new security certification to improve drawbacks of WPA2. So it is going to replace WPA2 over time.
– WPA3-Personal support with 128-bit encryption
– WPA3-Enterprise support with 192-bit encryption

Enhanced Open
– It is another WiFi alliance certification to provide security for Open SSID traffic based on OWEOpportunistic Wireless Encryption. This allow to encrypt Open SSID traffic without impacting how users connect to those public venue SSIDs.

Agile Multiband (MBO)
– It is a WiFi Alliance certification designed to optimize WiFi network resources, environment and enable MBO supporting devices to respond ot changing WiFi network condition.
– based on IEEE 802.11k, 802.11v, 802.11u technology.
– It is only supported with Cisco 802.11ax APs (9100 series)
– As per WiFi Alliance spec, it provides a practical solution for band steering, load balancing and other related operation procedures.

Other Features
– Support  for SNMPv3 trap notification
– per AP group NTP server
– Password encryption

If you are wondering what IOS-XE software release got those features, it is IOS-XE 16.12.x version you should look for.

I am sure most of existing customers still heavily rely on AireOS based WLC platforms (8540/5520/3504) or even (WiSM2/5508/2504) that is only supported up to 8.5 software releases. Therefore if you have AireOS based Wireless solution, nothing to panic about it. Better to start planning migrating to IOS-XE based 9800 platforms. Here are some great overview of those 9800 series WLCs

1. Cisco Catalyst Access AP
2. 9800-L series WLCs
3. AireOS to 9800 series command reference mapping.

As a side note, Sujit Ghosh who was the presenter in above talks has moved on from Cisco recently. He was one of the great speakers I have ever met. I was fortunate to learn about AireOS from him since 2011, year I met him first time during CLMEL.


During CLMEL 2019

As I got couple of 8540 & 5520 HA pairs in my campus environment , I am going to implement AireOS based 802.11ax AP deployment early next year. I will write more about those features added in 8.10 release and some of my experience in 802.11ax AP deployment.

Related Posts
1. Enhanced Open – Part 1
2. Enhanced Open –  Part 2 (Transition Mode)
3. WPA3 – Personal (SAE)
4. WPA3-SAE Tranistion Mode
5. WPA3 – Enterprise
6. DNAC-Intelligent Packet Capture