New advanced features
Improvements
Archive less than 1 day
The request platform software trace archive last command has been enhanced to archive all the trace logs relevant to all the processes running on a system.
FIPS 140-3 Compliance
This release enables all COS APs to achieve FIPS 140-3 compliance, ensuring adherence to security standards. The Cisco Catalyst 9800 controllers, however, are FIPS 140-2 compliant.
Improve Crash Data Collection, Kernel Panics, Out of Memory
A new command is introduced to limit the number of kernel core dumps collected on the AP: core-dump kernel limit
Intelligent Capture (iCAP) Hardening
This feature aims at making troubleshooting for wireless clients and APs easier.
MacBook Analytics
This feature is supported on the controller when the MacBook device sends 11k action frames along with the model information.For more information, see the chapter Device Analytics.
Mesh Support in Cisco Catalyst 9130AX Series Access Points
From this release, mesh support is included in the Cisco Catalyst 9130AX Series Access Points.All traditional capabilities of mesh are included in the Cisco Catalyst 9130AX Series APs operating in Cisco IOS XE Dublin 17.12.1.For more information, see the chapter Mesh Access Points.
Rogue Channel Width
From this release, you can specify the channel width and the band for rogue detection. The following command is introduced: condition chan-width
Rogue PMF
From this release, the controller will contain rogue APs with 802.11w Protected Management Frame (PMF) on centrally switched WLANs.The following commands are introduced: rogue detection containment pmf-denial and pmf-deauth
Software Entropy Enhancement for FIPS 140-3
From Cisco IOS XE Dublin 17.12.1 onwards, Federal Information Processing Standard (FIPS) 140-3 is supported as a security standard to validate cryptographic modules.
New and Modified GUI Features
Rogue Channel Width
Configuration > Security > Wireless Protection Policies > Rogue AP Rules