Your SlideShare is downloading. ×

Managing an Enterprise WLAN with Cisco Prime NCS & WCS

16,913

Published on

How to use Cisco Prime Network Control System (NCS) & WCS to deploy and manage your wireless network, an advanced technical deep-dive. Includes migration tips from WCS to NCS. Learn More: …

How to use Cisco Prime Network Control System (NCS) & WCS to deploy and manage your wireless network, an advanced technical deep-dive. Includes migration tips from WCS to NCS. Learn More: http://www.cisco.com/go/wireless

Published in: Technology
2 Comments
4 Likes
Statistics
Notes
No Downloads
Views
Total Views
16,913
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
840
Comments
2
Likes
4
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Managing an Enterprise WLAN withWireless Control System (WCS) BRKEWN-2011
  • 2. Session Agenda§ The Role of WCS/NCS in the Network§ Introducing Cisco Prime Network Control System§ Planning and Deploying a Wireless Network§ Monitoring§ Tools and Troubleshooting§ Reporting§ Advanced Topics§ WCS to NCS Migration Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
  • 3. Session Objective§ Original session objective: The objective of this session is to show WCS s role in the network and its lifecycle, and to demonstrate WCS features and how they can be used to perform practical tasks; the session also provides suggestions and best practices on topics where appropriate§ Modified session objective: Since Cisco Prime Network Control System (NCS) has been announced, this session will cover WCS and introduce NCS in the context of WCS in terms of common areas and key differences. Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
  • 4. The Role of WCS/NCS in the Network Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
  • 5. Introducing    Cisco  Prime  Network  Control  System  (NCS)  
  • 6. What is Network Control System (NCS)?§  Single platform for consolidated view of wired and wireless access infrastructure and endpoints§  Built on the foundation of Cisco WCS, provides complete lifecycle management of wired and wireless access networks§  Provides monitoring of endpoint security policy integration with Cisco Identity Services Engine (ISE)§  All existing functionality in WCS is also supported in NCSPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
  • 7. NCS – Key EnhancementsIncreased Scale 15,000 lightweight AP’s 5,000 aIOS AP’s 5,000 switchesUnified Access and Manage access layer of network – wireless and wiredServices Wireless NetOpsManagement Wired NetOps SecOpsEnhanced UI “drag and drop” customization, advanced filters (list pages), improved page navigationComprehensive Integrated user/device monitoring and troubleshootingIdentity M&T with Cisco Identity Services Engine (ISE)Reporting Increased reporting scale, optimizationEnhancements Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
  • 8. NCS – Increased Device ScaleDevice WCS Devices NCS Devices Supported SupportedCisco 3,000 15,000LightweightAccess PointsCisco 1,250 5,000AutonomousAccess PointsCisco Switches 0 5,000 Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
  • 9. Appliance Delivery Models Physical Appliance Virtual Appliance Application & Components Application & Components Cisco Cisco Provided Provided OS OS Customer Cisco-branded Hardware Provided (1RU) Virtual Infrastructure Discontinuation of software binaries - Replaced by new Complete Appliance ModelPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
  • 10. Appliance-Based SolutionPhysical Appliance Virtual ApplianceHardware and software VMware image (OS + NCS)from Cisco Supported on:(OS and NCS pre-installed) •  VMware ESX/ESXi version 3.5 •  VMware ESX/ESXi version 4.115,000 lightweight AP’s Large: 15K/1.2K/5K/5K1,200 WLC’s Medium: 7.5K/600/2.5K/2.5K5,000 aIOS AP’s Small: 3.5K/240/1K/1K5,000 switchesCisco hardware appliance High-end: 8x2.93GHz CPU/1GB•  Not supported on WLSE DRAM/300GB HD hardware Standard: 4x2.93 GHz/12 GB/200 GB Low-end: 2x2.93 GHz/8 GB/150 GB Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
  • 11. Planning  and  Deployment  
  • 12. Planning and Deployment§  Using Planning Tool§  Setting up Network Elements via WCS/NCS Controller Configuration Groups Configuration Template LaunchPad Controller Auto-Provisioning Configuration Auditing Methods§  Provisioning Maps and Context-Aware Service Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
  • 13. Planning—OverviewLaunching the Planning and Editing Tools§  Create a new Campus/Building§  Create a floor you want to plan for (import floor plan)§  Pick Planning Mode or Map Editor from the drop-down menuPlanning Mode—High-Level Options§  Add AP: Allows adding new Access Points to the Map§  Delete AP: Remove existing Access Points from the Map§  Map Editor: Edit the floor plan to draw objects such as light/thick walls, light/ heavy doors, cubicles, glass, coverage areas, perimeters, markers, etc.§  Synchronize with Deployment: Pull in currently deployed and placed Access Points on the floor to tweak existing deployment§  Generate Proposal: Generates a document that maybe provided to a 3rd party deployment company; additionally, also provides various heat maps Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
  • 14. Planning Tool—Map Editor§  Accounts for objects and obstacles on a floor For a precise RF propagation model display (predictive heat maps) Attenuation characteristics for objects and obstacles help predictive engine§  Helps specify areas and regions such as: Coverage Area and Markers—used for location notifications Perimeter—defines the outer boundary Location Inclusion and Exclusion Regions — used for location events and notifications§  Objects and obstacles that may be specified: Walls (Light and Heavy)—2dB and 13dB Cubicle (Walls)—1dB Doors (Light and Heavy)—4dB and 15dB Glass (doors, windows, walls)—1.5dB Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
  • 15. Planning Tool—OptionsSpecify AP Prefix and AP Placementmethod (automatic vs. manual)Selecting AP type determines theantenna choices available for both the2.4GHz and 5GHz band Select the protocol (band) and minimum desired throughput per bandEnable planning mode for advance that s required for this planoptions for data, voice, location andothers Data and Voice provide safety margins for design help. Safety margins help design for certain RSSILocation with monitor-mode factors in thresholds (detailed in online help).AP(s) that could be deployed toaugment location accuracy Location typically requires a denser deployment than data and the locationBoth the Demand and Override… checkbox helps plan for the advertisedoptions allow for planning for any location accuracyspecial cases where there s a high-density of client presence suchconference rooms or lecture halls Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
  • 16. Planning Tool—Customize Plan Default suggestions after running the planning tool present AP deployment choices and ability to switch between data and signal strength heatmapClicking an AP inthe plan allowscustomization(added, deleted orsimply modifyproperties) beforea proposal maybe generated Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
  • 17. Planning Tool—ProposalProposal Contents:§  Floor Plan Details§  Disclaimer/Scope/Assumptions§  Proposed AP Placement§  Coverage and Data Rate Heatmap§  Coverage Analysis Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
  • 18. Configuration — Config-Groups Overview What Are Config-Groups? §  An easy way to group controllers logically §  Provides a way to manage controllers with similar configurations Extract templates from existing controller to provision Schedule configuration sets Cascade Reboot §  Manage Mobility Groups, DCA, and Configuration Auditing When Are Config-Groups Used? §  Group sites together for easier management for: Mobility Groups DCA and Regulatory Domain Settings Schedule remote configuration changes §  Groups sites to ensure compliance with configuration policies Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
  • 19. Configuration-Groups How-To: Setup • Select and add later: Only create the config group and then add controllers and templates at another time •  Copy Templates from controller: Copy templates from one of the controllers currently in WCS and then apply them to controllers in this config group. Note, if controllers’ templates are not already discovered, they can be discovered from the “Configure – Controllers” page Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
  • 20. Configuration-Groups How-To: Setup§  Adding Controllers: Controllers in WCS are presented and can be moved over to the newly config group§  Applying Templates: Discovered or already present template(s) can then be applied to controller§  Auditing: Ensure template-based audit is selected in audit settings and then audit controllers in group to ensure they comply with policies Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
  • 21. Configuration-Groups: Things to Remember § Template order is very important! § Background audit is performed during network and controller audit § Background audit and audit enforcement can only run when template-based audit is selected (under Administration—Settings) § WLC(s) may be part of multiple configuration groups so be careful while setting mobility group names Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
  • 22. Configuration—Templates OverviewWhat Are Configuration Templates?§  Sets of configurations that may be applied to devices at system/global level§  May be re-used to modify already applied configurations§  May be used to replicate configuration to other devices added subsequently§  May be to used to schedule configuration changes§  May be to used to audit againstTypes of Templates§  Controller templates§  Lightweight AP templates§  Autonomous AP migration templates§  Controller and Autonomous Command-Line templates Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
  • 23. Controller Template LaunchPad All-in-one, high-level view of template categories in WCS which may be expanded or collapsed for easier navigation and viewingTree-based hierarchy continues toexist as left-hand navigation Each template provides a callout icon which, on mouse-over, provides easy to understand description of what the template is and how it may be used to configure certain attribute(s). Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
  • 24. Templates: Things to Remember—1§  Templates are added to WCS database when a WLC is first added to WCS§  Template names can be changed to more meaningful names after discovery§  Additional configuration changes on the WLC may be pulled in to WCS via the Discover templates from controller option Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
  • 25. Templates: Things to Remember—2§  Upon configuration refresh from WCS, template associations may be deleted or maintained§  Use the Templates Applied to Controller option to see a mapping of existing templates (pushed from WCS)Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
  • 26. Templates: Things to Remember—3§  WLAN override feature was re-designed and merged under AP Groups—WCS does provide backward compatibility so newer releases (5.2 and above) provision this differently§  WCS supports template creation for WLC s dynamic interfaces Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
  • 27. Configuration—Auditing§  Easy way to identify configuration gaps between WCS and WLC Manual on-demand audit capability Automatic audits based on configuration sync background task§  Allows easy reconciliation in the event of a configuration mismatch§  Helps ensure WLCs comply with configuration policies Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
  • 28. Quick Audit Summary and Reconciliation Audit Summary Restore or Maintain Config Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
  • 29. Audit SettingsAudit Settings§  Audit Mode Basic Audit: Perform an audit on current WLC configuration and compare it with the configuration in WCS Template-Based Audit: Perform an audit on current WLC configuration with respect to applied templates, config groups background templates and then the configuration in WCS§  Audit On All Parameters: Audit on entire WLC configuration Selected Parameters: Audit on selected parameters from the templates Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
  • 30. Configuration—Auto-ProvisioningWhat Is Auto-Provisioning?§  Ability to automatically detect and configure new WLCs (locally or at remote sites)§  Allows detection based on multiple criterion: Hostname, MAC Address or Serial number (.cfg file on TFTP server)§  Adds WLC to WCS for further configuration after provisioningWhen Would You Use It?§  Large distributed deployments§  Limited IT resources§  Streamline operations and eliminate configuration mismatches Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
  • 31. Controller Auto-Provisioning§  Monitor Only: Controllers matched by this filter will not be configurable by WCS in the auto provision process§  Filter Mode: Choose from hostname, MAC Address or Serial number to match the WLC§  Config Group Name: Add the auto-provisioned WLC(s) to their own config group for easier management since these might share common policies§  Input Device: Select from single or multiple devices to provision. Selecting CSV option provides a link to download a sample file to understand the syntax.§  Device Configuration: Other device parameters that can be configured at this stage.After hitting “Submit”, the filter is saved with one entryfor the “member” you just added. At this point, you mayadd other members (WLCs) to this filter as well. Thisfilter also creates a WLC config file in WCS’s TFTPdirectory. Ensure your DHCP server’s option 150points to WCS Server Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
  • 32. Scheduled Image Download to Controller •  Provides option to schedule software download (FTP/TFTP) to controllers. •  Task can be saved for future scheduling. •  Reboot can be scheduled at a future date/time. •  Email notification can be sent after completion of download. Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
  • 33. Scheduling AP Pre-Image Download •  Provides option to schedule image download to AP. •  Reboot can be scheduled at a future date/ time. •  Email notification can be sent after completion of download. Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
  • 34. Configuration—MapsWhy Maps?§  Track wireless clients and tags, and play location history across campus§  Track and mitigate rogue devices§  Display Chokepoints§  Display Mesh AP relationships§  Integrate outdoor wireless mesh with Google Earth§  Represent wireless coverage on campus, and plan for growth§  View Channel and Tx Power plans provisioned by RRM§  View AP and RF Profile at the floor level§  Provision and display coverage areas, markers and other objects and use them with location notifications§  Post-Deployment: VoWLAN and Location Readiness tools Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
  • 35. Maps Layout Default View of Campus, Buildings, and Floors can be easily changed with the Quick Filters Hierarchical Layout Adding Campus or Buildings are made easy for easy navigation with the drop-down menu actions through an easy wizard that walks you through provisioning floor plans and APs Building view provides a quick glance in to floors status and alarm summary for easier troubleshootingPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
  • 36. Maps Layout—Floor View Display and locate interference sources and zone of interference Commonly used map actions are ever-present in icon formatQuickly Add/Remove Layers that may beplaced on the floor plan and heat maps Mouse-over on objects on the map provides quick object summaries Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
  • 37. Maps Layout—Floor View Commonly used map actions are ever-present in icon format Quickly Add/Remove Layers that may be placed on the floor plan and heat maps Display and locate interference sources and zone of interference Mouse-over on objects on the map provides quick object summariesPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
  • 38. WCS Map Export/Import •  Provides ability to export maps from one WCS to target WCS. •  Can select all maps or subset. •  Export/import of map includes both map and AP’s placed on MAP. •  Exported via tar gzipped XML file. •  Import process ungzips/untars XML file automatically.Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
  • 39. Real-Time Heat Maps
  • 40. Real-Time HeatmapsNCS provides:§ AP-to-AP RSSI measurements reflected in heat maps§ Option to switch between real-time (new) and predictive (legacy) heat mapsPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
  • 41. Real-Time Heat Maps Real-time heatmap (NCS) Predictive heatmap (WCS)Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
  • 42. Real-Time Heat Maps + Rx Neighbors Provides list of neighboring AP’s and RSSI value that they “hear” the selected AP Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
  • 43. Advantages of Real-Time Heat Maps § Provides graphical view of RSSI based on set of nearest AP’s vs. AP transmit power (predictive heat map) § Configurable options: §  Min. number of APs §  Recomputation interval Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
  • 44. Monitoring  
  • 45. Section Agenda: Monitoring§  General Monitoring Dashboard Concepts§  Client-Related Monitoring Client Details and Client List Pages Client Dashboard§  Using Search§  NCS: Monitoring Autonomous APs§  NCS: Monitoring Switches§  Alarms and Events Setting up Alarm Summary Differentiation Between Alarms and Events Severity and Layout Customization Setting Up Notifications and Help Desk-Like Usage Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
  • 46. Monitoring—WCS Dashboard Concepts§  Canned tabs of high-level system views§  Ability to add/remove tabs§  Ability to add/remove components within tabs§  Customize individual components§  Introduction of trending information at system level§  Quick drill-downs Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
  • 47. Customizing WCS DashboardPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
  • 48. Customizing and Historical Trending Custom Tab Custom Components Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
  • 49. Information Layout and Workflow Concepts§  WCS presents many intuitive ways to arrive at information§  Ability to drill-down to an individual client-level detail from dashboard§  Ability to drill-down with the help of Quick Filters§  Ability to sort on different attributes in client list pages§  Ability to perform and save intelligent searches§  Ability to customize list layout, items per page and content§  Perform advance context-sensitive actions (such as launching a report from AP page) from page drop-downs§  Consistent breadcrumbs for navigational assistance Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
  • 50. System-Level to Drill-DownPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
  • 51. Quick Filters, Custom List Layout Use Quick Filters or Column Sorting to arrange information relevant to the task Edit List Pages for content relevant to youPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
  • 52. NCS UX/UI Enhancements
  • 53. NCS Homepage “drag and drop” dashboard customization Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
  • 54. Dashlet Customization Data customization per dashletPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
  • 55. Using Search Global Search Capability§  Searches can be performed on partial input§  Search output provides configuration and monitor links based on device type found§  Search parameters include IP Address, Usernames, MAC Addresses, SSIDs ,Rogues and AP NamesAdvanced searches can be savedfor easy future reference and use Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
  • 56. Monitoring—Client-Related Workflow Common Steps in a Troubleshooting Scenario: §  Lookup a client: MAC Address, Username, IP Address, Client type, Client state, From AP Details Page (example below) §  Where is the client now (and how is their RF profile) §  Where has this client been (Location playback, session and AP history) §  Active troubleshooting Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
  • 57. Monitoring: Client Details—1 Basic Client Properties—can be expanded for further details Client Association, Session History and Roam ReasonPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
  • 58. Monitoring: Client Details—2 Client AP Association History Client StatisticsPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
  • 59. Wired/Wireless Client Monitoring
  • 60. Client Status: Wireless Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
  • 61. Monitoring: Wired ClientsGeneral client Session details Security details informationPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
  • 62. Wired Client Details Provides connectivity details for wired client including switch/port info, authorization details Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
  • 63. Client Status: Wired Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
  • 64. Track Clients Create policy for tracking one or more clients detected on the network Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
  • 65. Unknown Users Assign username to client on network not authenticated via ISE.Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
  • 66. Autonomous AP Support
  • 67. Managing Autonomous Access Points NCS 1.0 will provide: §  Autonomous AP monitoring §  Autonomous AP reports §  Client Visibility Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
  • 68. Autonomous AP ReportsProvides visibility into operation of aIOS AP’s Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
  • 69. Switch Monitoring
  • 70. Switch SummaryPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
  • 71. VLAN InformationPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
  • 72. Spanning Tree DetailsPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
  • 73. Monitoring—Alarms and EventsWhat Are Events?§  An occurrence of a condition (or change in condition) in the network managed by WCS§  Not necessarily generated for every condition but could be a result of a pattern or threshold match by the WLC§  Events may not be useful in their raw form (unless troubleshooting, for example) and usually need further processingWhat Are Alarms?§  Correlated events result in alarms (WCS allows looking up event history for alarms)§  Both Alarms and Events are categorized by severities Critical Major Minor Warning Informational Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
  • 74. Alarm System and Logic SimplifiedPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
  • 75. Alarms Layout and Search Expandable Widget persistent across WCS Granular Alarm searches can be performed via the Advance Search feature, and saved for future re-use Alarms Sorted by Categories and Severities are hyperlinked to quickly drill-downPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
  • 76. Alarms  Ac>ons  and  Customiza>ons   Quick  access  to  Alarm   Ac>ons     Alarm  message  details   Customizable  Layout      Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
  • 77. Working with an Alarm Manage Alarms Manage Security Historical Data. Note First Seen and Last Seen Trace Alarm SourcePresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
  • 78. Northbound  Event  No>fica>ons  Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
  • 79. Alarms—Things to Remember§  It s common to ignore email configuration in WCS§  WCS sends email notifications for Major events only!§  Acknowledged alarms suppress email notifications even if the severity changes§  Help! My alarms seem to have disappeared! Alarms that get cleared move in to the Cleared state so be sure to check cleared alarms (or look under event history)§  Clearing an alarm does not remove it from WCS database (deleting it does)§  Alarm severities can be customized from Administration— Settings—Alarms§  Alarm acknowledgement works on individual alarm instance (and not on category or condition)§  Even if traps are disabled on WLC, WCS could generate alarms from the regular polling it performs Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
  • 80. Tools  and  Troubleshoo>ng  
  • 81. Section Agenda: Troubleshooting§ Client Troubleshooting Tool§ Voice Audit Tool§ Location Tools Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
  • 82. Client Troubleshooting Tool§  An easy way to identify client-related issues from within WCS, without the need for extensive WLC debugs Look at the client s current state (and at what stage of the connection they might be having issues at) Allows for real-time troubleshooting and log retrieval from the WLC Allows for looking up historical, and relevant client and AP events Allows integration with ACS View Server for authentication log retrieval§  But, first things first—common problems: Watch out for misconfigured clients (common areas are WLAN profile settings, authentication and encryption settings, and any advanced extensions that might not be required Ensure WLC settings match the provisioned client profiles (security, SSID broadcast, WLAN override, etc.) Ensure data rate settings on the WLC (Mandatory, Supported and Disabled rates) Look for client exclusion settings (easy way to find excluded clients is via the quick filter in Monitor—Clients page Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 82
  • 83. Client Troubleshooting—Launch Points Multiple Launch points to initiate client troubleshooting tool allows for diverse workflow integration Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
  • 84. Client Troubleshooting—Examples Identify whether the problem occurs at 802.11 or higher layers Suggestions on where to look and how to potentially resolve the error condition(s)Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
  • 85. Client Troubleshooting—Examples Provides visibility into logs, event history, and related CleanAir informationPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
  • 86. NCS: Wired Client Troubleshooting Client connectivity status/issues Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
  • 87. APs Detecting a Specific Client Client MAC address List of APs that heard client probe requests, 802.11 band, RSSI, how long ago AP heard this clientPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
  • 88. ISE Integration
  • 89. NCS and ISE Integration §  NCS leverages ISE API for posture assessment and report generation §  Ability to drill-down to an individual client- level security details §  Ability to troubleshoot client connectivity issues Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 89
  • 90. NCS + ISE: Client Posture and ProfilingISE determines client to Client authenticated be Microsoft using 802.1x via ISE Workstation based on device fingerprinting Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
  • 91. Client Troubleshooting: Wireless Client Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 91
  • 92. Client Troubleshooting: Wired Client Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
  • 93. Voice Audit Tool§  Allows auditing current network configuration from a VoWLAN deployment perspective§  Use default rules and thresholds based on Cisco best practices§  Ability to customize the rules to match your network and requirements§  Provides a simple report with a list of configuration gaps Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
  • 94. Voice Audit—Example Customizable Rules Voice Audit Tool ReportPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
  • 95. Voice Readiness Tool—Example Simple, post-deployment tool toverify or correct AP deployment and provides a way to determine VoWLAN readiness by band, and RSSI cutoff values BRKAGG-2011 Presentation_ID Cisco Systems, Inc. All rights reserved. its affiliates. All Public reserved. © 2009 © 2011 Cisco and/or Cisco rights Cisco Public 95
  • 96. Location Accuracy Tool—Example Determine Accuracy Probability, Correct Deployment Test with Clients, Tags, Exciters Schedule Accuracy TestsBRKAGG-2011 Presentation_ID Cisco Systems, Inc. All rights reserved. its affiliates. All Public reserved. © 2009 © 2011 Cisco and/or Cisco rights Cisco Public 96
  • 97. Location Readiness—Example Simple, post-deployment tool toverify or correct AP deployment andprovides information on what areasare under the Cisco recommended estimates Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 97
  • 98. Sending Network Details to TAC Input TAC case number directly into WCS for sending captured files Select network and device info to attach to TAC case Option to send directly to TAC or download filePresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
  • 99. Device Data Collection Execute controller CLI commands and easily capture command outputPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 99
  • 100. Repor>ng  
  • 101. Section Agenda: Reporting§ Report LaunchPad§ Report Customizations Multi-Level Filtering Customizing Report Output Multi-Level Sorting in Report Output§ Report Scheduling§ NCS + ISE Reporting Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
  • 102. Report LaunchPad Report LaunchPad – Easy Drill-Down Callouts – Report DescriptionsPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 102
  • 103. Report Customization Multi-Level Filters Customized ReportsPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 103
  • 104. Graphical Report Content Graphical Reporting Graphical SummariesPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 104
  • 105. Client Summary Report - Endpoint Type Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
  • 106. NCS + ISE: Report Cross-Launch New set of reports launched from NCS cross-launches reports in ISE. Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
  • 107. NCS + ISE: Report Cross-LaunchPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 107
  • 108. Advanced  Topic  
  • 109. High-Availability—Components and Operation§  At the heart of the high-availability design is the Health Monitor (HM) Process Other components in WCS are JVM (WCS), Database, and Apache webserver§  HM is sub-divided into smaller components: Core HM: Configures, maintains state and starts/stops the HA configuration across WCS servers Heartbeat: Responsible for maintaining communication between the primary and secondary servers (over HTTPS, port 8082); timeout is set to two seconds, with three retries Application Monitor: Communicates with the WCS framework components on the primary server DB Monitor: Configures database replication File Sync: Identifies file changes, compression, and statistics maintenance Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 109
  • 110. High-Availability—Things to Know§  Both the primary and failover WCS servers should run the same software version§  Both the primary and failover WCS servers should be running on the same OS type (can t mix Windows and Linux installs)§  Email server and receiver must be configured (used for notifications)§  Communication between the primary and failover WCS must be enabled on HM port if firewall is in the path§  Failover mode must be carefully selected (and remembered): manual vs. automatic§  Authentication key is created during the install, and is used by the primary and failover WCS servers for communication (and also logging into the HMweb page)§  HM available at: https://ip.address:HMport (example: https://10.10.10.200:8082) Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 110
  • 111. WCS High-Availability—Things to Know §  Available in release 5.2 and above §  Requires the WCS PLUS license (only on the primary server) §  Feature supports failover of up to two primary WCS servers to one backup server Primary Secondary 1 Low-end WCS 1 Low or higher-end WCS 1 Standard WCS 1 Standard or higher WCS 1 High-end WCS 1 High-end WCS §  Suggested deployment matrix in a 2:1 model Primary Secondary 2 Low-end WCS 1 Standard or higher WCS 2 Standard WCS 1 Standard or higher WCS 2 Standard WCS 1 High-end WCS Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 111
  • 112. NCS High-Availability—Things to Know § No longer BASE and PLUS license (now single-tier license), so HA is available at no extra charge § Feature supports failover of one primary NCS servers to one backup server § Functionally the same as WCS HA Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
  • 113. Virtual DomainsWhat They Are (or do) What They’re Not (or don’t do)Quick way to partition WCS objects Not necessarily a complete replacement for RBAC (for example, via TACACS+)Allows users to be mapped to separate If none specified, users are added to thevirtual domains at the time of creation “root” virtual domain by defaultSeparate Reports, Controllers, Access Don’t separate Google Earth Maps, Auto-Points, Search, Templates, Config Provisioning, MSEs, and EthernetGroups, Alarms and other objects SwitchesObjects may be assigned to multiple Avoid changing configurations fromdomains at the same time multiple domains management simple“root” domain is a superset of all sub- Not all objects are available at the “root”domains level – objects such as Search and Reports are domain specificOnly the “root” domain may location, and For more caveats, visit:any other email notifications http://www.cisco.com/en/US/docs/ wireless/wcs/5.2/configuration/guide/ 5_2virtual.html Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 113
  • 114. WCS  to  NCS  Migra>on  
  • 115. Why Upgrade from WCS to NCS?§  Increased scale (total device count: 25K)§  Wired/wireless integrated management: manage access layer§  64-bit architecture: increased memory footprint§  Appliance mode: no need for customer for procure server (HW, OS + patches)§  Tight integration with Cisco ISE: device posture enforcement, AAAPresentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 115
  • 116. Cisco WCS to Cisco Prime NCS Migration Cisco WCS 7.0.X Cisco Prime NCS Multi-tier License Model Licenses Single-tier License Model WCS Base License (Examples: WCS-APBASE-X or WCS-WLSE-APB-X) Prime NCS License (Example: L-NCS-1.0-X) WCS Plus License (Examples: WCS-Plus-X or WCS- WLSE-Plus-X) Database MigrationMust be on WCS 1:1 Upgrade7.0.164.0 or 7.0.164.3 WCS 7.X is the last release running on CiscoWorks Wireless LAN Solution Engine (WLSE) Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 116
  • 117. Greenfield Deployment: Why WCS?§  Wired/wireless integrated management: manage access layer (infrastructure and endpoints)§  Appliance model (physical and virtual/VM): no need to procure server (HW, OS + patches)§  High device scale: up to 25K infrastructure devices§  State of the art UI Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 117
  • 118. Key Takeaways§  Wired/wireless access – infrastructure and endpoints – need to be managed together§  WCS and NCS provide full lifecycle management§  NCS builds on the features/functionality of WCS and adds wired management§  Easy migration from WCS to NCS – both platform and learning curve Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 118
  • 119. Helpful Links§  Cisco Prime Network Control System (NCS) Datasheet http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps11682/ps11686/ps11688/ data_sheet_c78-650051.html§  NCS Learning Modules http://www.cisco.com/en/US/products/ps11686/ tsd_products_support_online_learning_modules_list.html§  TACACS+ Configuration Example http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080851f7c.shtml Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 119
  • 120. Thank you.Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 120

×