CCX Whitepaper 09
CCX Whitepaper 09
CCX Whitepaper 09
List of Acronyms
ACS API AP ASD CCX GUI IE IP OID OS QoS STA UI VoIP WFA Wi-Fi WPA WME WMM WZC Cisco Access Control Server Application Programming Interface Access Point Application Specific Device Cisco Compatible Extensions Graphical User Interface Information Element Internet Protocol Object Identifier Operating System Quality of Service Station User Interface Voice over IP Wi-Fi Alliance Wireless Fidelity, aka 802.11 Wi-Fi Protected Access Wireless Multimedia Extensions Wi-Fi Multimedia (same as WME) Windows Zero Config
Devicescape is a registered trademark of Devicescape Software Inc. All other trademarks are the property of their respective owners.
Introduction
The WLAN market has grown exponentially as more users demand mobility in and out of the office. Numerous client devices have been introduced to meet the challenges of device mobility; these devices must interoperate securely with leading WLAN infrastructure and must consistently provide the features that organizations require. With the Cisco Compatible Extensions program (CCX), WLAN client device suppliers (the programs participants) license, at no charge, Cisco WLAN technology innovations in the CCX specification. Participants implement all elements of the specification and undergo extensive testing at an independent third-party test lab. The testing helps to ensure support for innovative features pioneered by Cisco, as well as interoperability with Cisco WLAN infrastructure products. The CCX program does not include the software to actually implement the CCX. Participants usually license CCX technology from an approved vendor, such as Devicescape. The Devicescape implementation of CCX is known as Devicescape Easy Wi-Fi. Devicescape Easy Wi-Fi is an embeddable software product that provides Supplicant, CCX, Wi-Fi Projected Setup (WPS), Connection Management and Hotspot Login capabilities for all types of Wi-Fi enabled devices. While this whitepaper focuses on CCX, a more general description of Easy Wi-Fi can be found at http://www.devicescape.com/learn/device_mfgs. The Cisco Compatible Extensions program helps to ensure that client devices from a variety of suppliers will work with Cisco-based WLANs. To make it easy to find these devices, Cisco has licensed the Cisco Compatible logo for use by participants whose products pass all tests at an independent third-party test lab. Locating approved wireless devices is as easy as looking for the logo. The CCX certification logo is quickly becoming a mandatory requirement for mobile devices in the enterprise environment. This white paper describes CCX and the benefits of implementing CCX on a mobile device.
What is CCX?
CCX is a group of extensions to the Wi-Fi Alliance WPA/WPA2 specification designed to address wireless roaming performance, reliability, diagnostics, security and network statistics gathering. Cisco developed the original CCX version (CCXv1) in 2002 when it was apparent the current wireless standards did not address enterprise-grade wireless connectivity requirements. Cisco Systems continues to update and maintain the CCX specification, which is currently at version 5 (CCXv5). Devicescape supports CCX up to version 5.
Description
Minimize interference in dense AP networks STA receives information from AP to make intelligent roaming decisions Expedited WPA key handshake to reduce roaming time to 125 msec or less STA submits radio signal/bandwidth data to AP to optimize network reliability Support for single sign-on to Windows network Support for STA advanced power management Dynamic updates of AP roaming information to improve network edge performance Enhances security for authenticating devices on the wireless network Enhances STA roaming performance Maintains VoIP call quality during network congestion Support for STA power save when using WME Detect and correct packet latency and packet loss problems in the wireless network Enhances security of wireless network Enhances STA roaming performance STA location reporting to enable location-specific services Allows a STA to stay associated to the AP after a period of inactivity, if desired Tests the quality of the wireless link Support for a separate channel for diagnostic support STA provides detailed hardware, capability and network statistics information to the AP STA provides diagnostic information to AP to fix performance or connection problems 802.11 management frames are encrypted to provide additional network security Provides priority for VoIP or emergency wireless traffic Specific AP requests that are performed by the STA to address network security or performance Specific performance requirements for VoIP roaming, network capacity, and radio characteristics that exceed other QoS specifications such as WMM
A CCX implementation requires one or more Cisco Access Points and a Cisco ACS authentication server, as well as a CCX-enabled mobile device to connect to the network. Cisco wireless infrastructure is already deployed on over 65% of enterprise and business networks, therefore the majority of enterprise networks can immediately benefit from the value of using CCX-enabled mobile devices. The CCX specification includes two device classes: Laptop and ASD. An ASD (Application Specific Device) would be an embedded device such as a smart phone, bar code reader or other portable device designed for a specific purpose. The Laptop device class generally needs to implement most of the CCX requirements, while the ASD device class generally has fewer CCX requirements. CCX is backwards-compatible with existing WPA/WPA2/WME devices, which means mobile devices without CCX will still work on a Cisco AP infrastructure, but will not have the valuable features that CCX provides.
On the AP side, Cisco includes CCX functionality with newer Cisco APs or with a firmware upgrade on older Cisco APs. CCX is only available on Cisco APs, and also requires a Cisco ACS authentication server. On the mobile device side, a CCX-enabled supplicant such as the Devicescape Easy Wi-Fi is required. In addition, a CCX-enabled WLAN driver (provided by the chipset manufacturer) is also required. The CCX specification does not specify an API between the supplicant and the driver, and therefore some custom integration between the supplicant and driver is required for each mobile device CCX implementation. A typical CCX implementation on a mobile device would consist of the following: Implementation of the CCX supplicant on the mobile device and platform OS. The Devicescape Easy Wi-Fi supports all popular operating systems. Integration of the CCX supplicant with the mobile device CCX-enabled WLAN driver. Devicescape can provide professional services to perform this work. In addition, Devicescape Easy Wi-Fi works with all popular chipsets and both Funk and Meetinghouse OIDs to minimize the integration effort required. Development of a GUI component for managing wireless networks on the mobile device. The Devicescape Easy Wi-Fi includes a production-ready reference GUI that can be easily re-branded by the customer. Otherwise, the customer can use the well-defined Easy Wi-Fi GUI API to develop their own GUI. Pre-testing of the CCX implementation before submission to the CCX test lab. This step is important for saving testing time and money. Devicescape can provide CCX pre-testing as part of professional services integration work.
A device OEM must be approved by Cisco prior to being able to receive CCX technology from Devicescape. Since the Cisco approval and review process can take several months to complete, Devicescape encourages prospective licensees of Easy Wi-Fi to register as soon as possible with the Cisco CCX program. Once a CCX-enabled supplicant has been integrated onto the mobile device, it must be submitted by the company to a Cisco certified test house. More information on the Cisco CCX test program and test house partners is available from the above link. Note that although Devicescape can pre-certify a mobile device, Devicescape is not a certified testing house.