Options for Cisco WLC Connections

The Kloudspot Analytics platform can be configured to request and receive client session data from Cisco Wireless Lan Controllers (WLC).

In order to do this, the platform needs to be able to connect to the WLC on port 16113. This is easy to achieve in an on-premises installation where the WLC and the Kloudspot Analytics platform are on the same network. The data receiver (‘Rcv’) in the Kloudspot Analytics platform connects directly to the WLC using port 16113 to subscribe for a data feed.

However, it can be difficult to set up this configuration when using Amazon Web Services or another cloud provider for the following reasons:

  • It can be difficult to persuade network administration to implement the necessary firewall rules:

  • It opens an attack surface whereby a 3rd party might potentially be able to disable the WLC with a Denial Of Service attack. Often this clashes with companies cyber security rules.

For this reason, it is possible to reconfigure the Kloudspot Analytics platform so that the data receiver (‘Rcv’) is positioned on-premises in a small VM and acts as a ‘proxy’ with all connections outbound from the company to AWS:

In this configuration, the receiver, inside the customer’s DMZ or data center connects to the WLC on port 16113 and then sends the received data to AWS on port 9092 using an TLS secured connection.

High Availability/Scalability

For scalability and high availability, the receiver can be configured in a N+1 configuration whereby the load can be shared across multiple receiver instances, with the ability to rebalance the workload on failure.

In order to use this functionality an Apache Zookeeper cluster needs to be setup. This is then used to elect a ‘leader’ of the available Receiver instances. The leader shares out the work to the group of available receivers. If the leader fails, a new leader is elected. If any member of the group fails, the leader will rebalance the work across the remaining members.

An existing zookeeper cluster can be used or the same VMs used for the receivers can also be used to provide the zookeeper functionality.

To set up a zookeeper cluster at least three VM instances on physically separate hardware are required. So, if the same VMs are used as receivers, this is the minimum configuration.

Receiver VM System Requirements

Each VM instance has the following hardware requirements:

• 8 GB RAM

• 4 core processor

• 50 GB SSD