Did you go HUH?, like I did when I seen the LDPE code rev for the Cisco WLC? I opened a TAC case to find out what this was and this is what I was told.
Client data encryption is normally not done. LDPE feature is Licensed Data Payload Encryption (LDPE). Data Payload Encryption allows for the data that travels between the Access Point and the WLC to be Datagram Transport Layer Security (DTLS) encrypted.
Note: Non Russian customers using Cisco 5508 Series Controller do not need data DTLS license. If your controller does not have a data DTLS license and if the access point associated with the controller has DTLS enabled, the data path will be unencrypted
AIR-CT5500-K9-7-0-116-0.aes (Regular image)
· AIR-CT5500-LDPE-K9-7-0-116-0.aes (LDPE image)
It would appear that Russia has some requirements to encrypt their AP to WLC traffic internally.
NOTE: I came across a post by blogger/friend Sam C. @ sc-wifi.com that covers this subject in more detail. Thanks SAM! I should have called and opened a ticket with you instead! LOL