Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Hawaii Tech Day- Cisco Mobility


Published on

Cisco Mobility presented at Hawaii Tech Day February 2017

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Hawaii Tech Day- Cisco Mobility

  1. 1. Kurt Sauter Mobility Product Specialist Digital Network Architecture - Mobility Cisco Mobility
  2. 2. Agenda 1. DNA - Mobility 2. DNA – Wave 2 3. Cisco + Apple Partnership 4. Wireless Portfolio 5. Architectures 6. CMX (demo) (Video) (Apps) 7. Wrap Up + Q&A
  3. 3. Digital Network Architecture - Mobility
  4. 4. Digital Transformation Information Era: 2000-2015 Digital Business Era: 2015+ Human Scale Physical Appliances Manual Management Centralized Enterprise and Web Apps IoT Scale (People, Devices, Things) Virtualized Services Automation, Zero Touch, DevOps Distributed SaaS, Mobile, & M2M Apps Connectivity with High Reliability Platform for Innovation, Agility, Security NETWORK Requires Network Evolution
  5. 5. Automation & Orchestration On demand Application/Service Delivery & Uncompromised, Secure Experiences Over Any Connection Accelerating Digital Transformation The Network is the Foundation of the Digital Business Ensure Content Compliance Threat Defense Policy & Identity Control Network Access Control, Visibility & Threat Containment Personalized Mobile Experiences Gain Insights & Engage Customers Digital Ready Optimized Investments & Seamless Experiences Virtualization On demand infrastructure and virtualized functions Secure the New Edge Enhanced Direct Internet Attach Security Detect Threats Faster Security Everywhere Network Transformation for the WAN Uncompromised & Secure Experiences Over Any Connection
  6. 6. Traditional network management cannot provide sufficient dynamic management • Focus has been on Day0/1 automation • CLI not built for volumes of changes in machine real time Controller based networking supports dynamic policy change • Controller allows network to be managed as a system • Policy management is automated and abstracted Digital Business Drivers Requirement for Dynamic Policy Changes
  7. 7. Cisco Digital Network Architecture Automation Abstraction & Policy Control from Core to Edge Open & Programmable | Standards-Based Open APIs | Developers Environment Cloud Service Management Policy | Orchestration Virtualization Physical & Virtual Infrastructure | App Hosting Analytics Network Data, Contextual Insights FASTER INNOVATION Insights & Experiences REDUCED COST & COMPLEXITY Automation & Assurance LOWER RISK Security & Compliance Network-enabled Applications Cloud-enabled | Software-delivered Principles
  8. 8. How do we simplify, yet build reliable and versatile networks? Lowers OPEX: Simplicity without compromise Defend from a critical vantage point Increase IT value and meet any use case regardless of organization size Automation & Assurance Security & ComplianceInsights & Experiences Wireless is the primary mode of access for users and things
  9. 9. Cisco Digital Network Architecture Automation Abstraction and Policy Control from Core to Edge Open and Programmable | Standards-based Open APIs | Developers Environment DNA Service Management Policy | Orchestration Virtualization Physical and Virtual Infrastructure | App Hosting Analytics Network Data, Contextual Insights Insights and Experiences Network-enabled Applications Cloud-enabled | Software-delivered Automation and Assurance Security and Compliance Principles
  10. 10. TOMORROWTODAY Prime ISEWLC UI APIC-EM Best in Class Wired Best in Class Wireless Single Pane of Glass Automation & Assurance Launch Services • Elastic On-Demand Services • Manage Services Across Fabric SDA • Fabric Automation / Orchestration • Simple User Group Policy Instantly Lower OpEx • Built on Existing Infras • Seamless Brownfield Integration Network Assurance • Pinpoint issue location & impact • Speed Remediation Automation Analytics One Wired-Wireless Experience with Fabric
  11. 11. Cisco Digital Network Architecture for Wired-Wireless Automation • PnP for Centralized & Flex • EasyQOS • ISE: .1x, BYOD, Guest Open APIs: Modular Aps with Restful APIs Cloud Service Management • CMX 10.x with Context and Guest Platforms & Virtualization Assurance • Netflow Export • Apple Network Optimization & FastLane Principles DNA Center: Public and Private Cloud • Modular AP’s with Restful API’s • DNA Optimized Controllers: 3504, 5520, 8540 • Various VM Models: ESXi, KVM, HyperV, AWS Software Defined Access and TrustSec SXP & SGT
  12. 12. Enterprise Mobility Vision IT has to deliver on outcomes… Mobility is not just about 802.11… LiFi NFV IoT integration 5G HD Radio optimization SW BLE Location based Services Networks are getting complex…
  13. 13. DNA - 802.11ac Wave 2
  14. 14. Wi-Fi Connectivity Speed Timeline Gigabit Wi-Fi As Primary Access 3SS Desktops / Laptops 2SS Laptops / Tablets 1SS Tablets / Smartphones 802.11 802.11n802.11b 802.11a/g 802.11ac Wave 1 802.11ac Wave 2 2630** 1730** 290* = Spatial StreamsSS 2016+2015 Gigabit Ethernet Uplink 2Gigabit Ethernet Uplinks 1 Spatial Stream 2 Spatial Stream 3 Spatial Streams 20132007200319991997 2 11 24 54 65 450 300 1300* 290* 870* 5260** 3500** 600* Dual 5GHz Multi-Gigabit Uplinks
  15. 15. Flexible Radio Assignment Software defined radio automatically adjusts to dual 5GHz to better serve high client environment Optimized Roaming Intelligently Connects the Proper Access Point as People Move Turbo Performance Scales to Support More Devices Running High Bandwidth Apps. Zero Impact AVC Hardware Based Application Visibility and Control without Impact to Performance. Cisco CleanAir® Remediates device Impacting Interference from other WiFi and non-WiFi devices Cisco ClientLink Improves Performance of Legacy and 802.11ac Devices. Future Proof Expandability Add Functionality Via Module, Smart Antenna Port or USB Port Multi-Gigabit Uplinks Free Up Wireless With Faster Wired Network Offload Gb+ Flex Dynamic Frequency Selection Automatically Adjusts So Not to Interfere With Other Radio Systems Wireless excellence and innovations delivered only by Cisco Aironet 2800, 3800 Series Access Points Apple Fast Lane Automatically assures highest priority, fastest performance for trusted apps on trusted Apple devices LAS VEGAS TOKYO
  16. 16. Optimized Roaming RX-SOP Pervasive Wi-Fi HDX Turbo Performance Event Driven RRM Flexible Radio FRA Cisco CleanAir® RF Profiles RRM, DCA, TPC, CHDM Load Balancing Band Select Client Link 4.0 Off-Channel Scanning Flex DFS DBS 5GHz Serving 2.4GHz Serving 5/2.4GHz Monitor RF Optimized Connectivity
  17. 17. Flexible Radio Assignment FRA 2.4GHz Serving 2.4-5GHz Monitoring 5GHz. Serving 5GHz. Serving 2.4GHz Serving 5GHz. Serving 5GHz Serving5Hz Serving 2.4GHz Serving ü FRA-auto (default value) or Manual ü Auto 2.4 -> 5GHz or Monitor Mode ü Transition to 2.4 GHz if coverage drops
  18. 18. Two 5GHz Radios…what is the Big Deal? 3 25 2.4 GHz Channels 5 GHz Channels FCC: 25x 5 GHz Channels ETSI: 16x 5 GHz Channels Event Clients 5GHz vs. 2.4GHz Mobile World Congress 2015 87% / 13% Cisco Live 2016 90% / 10% Democratic National Convention 85% / 15% Your Radio Architecture should match your clients needs!!!
  19. 19. Optimize Wi-Fi with CleanAir Quickly Identify and Mitigate Wi-Fi Impacting Interference Channel 48 48 48 48 48 48 48 48 48 48 48 48 ü Interference on 20/40/80/160 MHz ü Air Quality and Interference by AP/radio on WLC ü AQ Threshold trap and Interference Device trap (per radio) ü CleanAir-enabled RRM Network Air Quality and Interference Location with PI 3.1.x and CMX
  20. 20. Interference Devices and Air Quality Report CleanAir Enabled RRM Mitigated RF interference for improved reliability and performance Wi-Fi and non-Wi-Fi aware Dynamic mitigation ED-RRM Granular spectrum visibility and control Air Quality Performance Improved Client Performance Complete Automatic Interference Mitigation Solution for Rogues and Non-Wi-Fi Interference
  21. 21. Maximize Channels When Radar Is Present Flexible Dynamic Frequency Selection 5170 MHz 5330 MHz 36 40 44 48 52 56 60 64 20MHz. 40MHz. 80MHz. 160MHz. 5490 MHz 5710 MHz 100 104 108 112 116 120 124 128 132 136 140 Channel Used by Air Traffic Radar See it on 160MHZ Band Dynamic Frequency Selection Flexible Dynamic Frequency Selection
  22. 22. FlexDFS with Dynamic Bandwidth Selection Identifies radar frequency to 1 MHz FlexDFS isolates radar event to 20MHz DBS allows best channel and width Interference is impacting only channel 60 FlexDFS + DBS Automatic and intelligent use of spectrum 52 56 60 64 DBS combined with FlexDFS: Increased confidence in using wider channel bandwidth; reduced radio flapping Primary 20 Secondary 20 Secondary 40 52 56 60 64 Optimizes HD Experience
  23. 23. Better Client Connectivity RXSOP, Load Balancing, Band Select
  24. 24. Fine-tuning HDX with RF Profiles Wi-Fi Triggered ED- RRM Optimized Roaming RXSOP Dynamic Bandwidth Selection TPC, DCA CHDM FlexDFS CORE: • CleanAir • ClientLink 4.0 • Turbo Performance ü Pre-canned RF Profiles ü Client Distribution ü Data Rates ü DCA, TPC, CHDM ü Profile Threshold for Traps ü High Density Features
  25. 25. Security and Threat Mitigation Secure Access P2P Blocking Client Exclusion 802.1x WPA2/AES AES256 Encryption AAA Override VLAN, ACL, QoS Local Policy w/ QoS and AVC MFP, 802.11w TrustSec SXP Inline Tagging wIDS, ELM MAC Auth Rogue Detection BYOD NAC RADIUS 8.4 8.3 MR1
  26. 26. 5GHz. / 2.4GHz. .5GHz. / Security Cisco Wireless Security Deployment with AP3800/2800 Maintains Capacity and Avoids Interference Good Better Best Features ELM Monitor Mode AP ELM with FRA Monitor Mode Deployment Density Per AP 1 in 5 APs 1 radio per 5 APs Client Serving with Security Monitoring Y N Y wIPS Security Monitoring 50 ms off-channel scan on selected channels on 2.4 and 5 GHz 7 x 24 All Channels on 2.4GHz and 5GHz 7 x 24 All Channels on 2.4GHz and 5GHz CleanAir Spectrum Intelligence 7 x 24 on client serving channel 7 x 24 All Channels on 2.4GHz and 5GHz 7 x 24 All Channels on 2.4GHz and 5GHz Serving channel Serving channelOff-Ch Off-Ch Serving channel Serving channelOff-Ch Off-Ch Enhanced Local Mode Access Point ü GOOD 2.4 GHz 5 GHz t t Monitor Mode Access Point ü BETTER 2.4 GHz 5 GHz t t Ch11Ch2 Ch38 Ch1 Ch36 … Ch11Ch2Ch1 … Ch11Ch2Ch1 … … Ch161Ch157 Ch38Ch36 …… … t 2.4 GHz 5 GHz t Ch11Ch2Ch1 … Ch38Ch36 Ch161Ch157 …… … ELM with FRA Wireless Security Monitoring ü BEST Serving channel Serving channelOff-Ch Off-Ch 5 GHz t
  27. 27. Serve Client on 2.4 GHz 50 ms off- channel Serve Clients on 5 GHz 50 ms off- channel Rogue Detection and Mitigation ü Rogue Classification and Containment • Rogue Rules • Manual Classification – Friendly/Malicious • Manual and Auto Containment ü CleanAir with Rogue AP Types • WiFi Invalid Channel • WiFi Inverted ü Rogue Location • Real-time with PI, MSE, CleanAir • Location of Rogue APs and Clients , Ad-hoc Rogue, Non-wifi interferers Data Serving AP Scan 1.2s per channel Monitor Mode AP FRA with MM Serve Client on dedicated 5 GHz Scan 1.2s per channel
  28. 28. Service Ready Feature Highlights Videostream Multicast VLAN Per-Client/Per-SSID BW Contract Local Profiling Bonjour Apple Services Service Ready AVC Netflow AAA Override of AVC Profile Voice Optimization, CAC, WMM Policy Adaptive 11r ,11k, 11v FastLane QoS Profiles OKC, CCKM Fast Roaming 8.3 MR1
  29. 29. Zero Impact Application Visibility and Control Maintain Performance with Zero Impact AVC Gain Visibility into the Network Monitor Critical Applications Control Application Performance APP APP APP APP APP APP APP APP APP APP APP APP APP APP APP APP ü Setting up AVC profiles and rules ü Drop/ Mark for several video apps like YouTube and Netflix on iPhone, iPad ü Drop/ Mark for other apps such as Jabber and Webex ü Profiles with block and pass rules combined ü Rate Limiting of Video/Voice apps ü AAA override for AVC profile ü AVC Profile with Local Policy Classification
  30. 30. Enterprise Infrastructure Feature Highlights Fast SSID Flex, Local, Sniffer, Monitor, ME Certifications Enterprise Infrastructure Pre-Image Download AP Multicast WiFi Tagging OEAP Webauth Guest Access Plug n Play 8.3 MR1 8.3 MR1 8.3
  31. 31. AP and WLC Portfolio
  32. 32. Cisco Aironet 802.11ac Wave 2 Portfolio Enterprise Mission Critical Best in Class 1810 1830 1850 (i/e) 2800 (i/e) 3800 (i/e) • Dual Band • 802.11ac Wave 2 • Compact Design • 3x Gbps switch port • 1x Gbps uplink port • Wall Plate AP • Teleworker OEAP • 802.3af PoE out • 802.11ac Wave 2: Most Cost-effective, 870 Mbps. • 3x3:2SS 80MHz. • Spectrum Analysis* • Tx Beam Forming • 1 GE Port • USB 2.0 • Centralized, FlexConnect* and Mobility Express • 802.11ac Wave 2: Cost-effective, 1.7 Gbps • 4x4:4SS 80Mhz. • Spectrum Analysis* • Tx Beam Forming • 2 GE Ports • USB 2.0 • Centralized, FlexConnect* and Mobility Express • 802.11ac W2: High- Performance 5Gbps • Flexible Radio Assignment • 4x4:3SS 160 MHz • 2 GE Ports • USB 2.0 • Hyperlocation (External Antenna) • CleanAir 160MHz. • ClientLink 4.0 • Centralized, FlexConnect* and Mobility Express • 802.11ac W2: High- Performance 5Gbps. • Flexible Radio Assignment • 4x4:3SS 160MHz. • MU-MIMO • 2 GE or 1 GE + 1 mGig (5G) • Hyperlocation (External Antenna) • CleanAir 160 MHz • ClientLink 4.0 • StadiumVision • Modularity • Centralized, FlexConnect and Mobility Express
  33. 33. Cisco Aironet Portfolio – Outdoor AP Enterprise Class Best in Class Cable Operators 1560 • 802.11ac W2 • 4 models (I/E/D/PS) • 3x3:3, 80MHz, 1.3G (I) • 2x2:2, 80MHz, 867M (D/E/PS) • MU-MIMO • SFP • Internal Directional Ant. (D) • 4.9 GHz (PS: Public Safety) • Flexible Antenna Ports • CleanAir 80 MHz • ClientLink 4.0 • Centralized, FlexConnect, Mesh & Mobility Express 1572EAC • 802.11ac W1 • 4x4:3 80 MHz; 1.3 G • External antenna • SFP • GPS • PoE-Out (803.2at) • Flexible Antenna Ports • CleanAir 80 MHz • ClientLink 3.0 • Modularity • Centralized, FlexConnect & Mesh 1572IC/EC • 802.11ac W1 • 4x4:3 80 MHz; 1.3 G • Internal or External antenna • DOCSIS 3.0, 24x8 • SFP • GPS • PoE-Out (803.2at) (EC) • Flexible Antenna Ports • CleanAir 80 MHz • ClientLink 3.0 • Modularity • Centralized, FlexConnect & Mesh 1530 • 802.11n • 2 models, low profile • 2G: 3x3:3; 5G: 2x3:2 • Internal or External antenna • Flexible Antenna Ports • Centralized, FlexConnect, & Mesh * Future availabilityShipping ShippingFCS August 2016
  34. 34. Industrial Wireless IW3700 Series Access Point Optimized for Rail, Mining, Manufacturing, Oil & Gas N-type antenna ports for 4x4 MIMO with three spatial streams and support for up to 13 dBi gain antennas 10/100/1000Base-T, PoE and PoE+ in (M12) 10/100/1000Base-T, PoE out (M12) 10 to 60 VDC in (M12) Management console port (RJ-45 serial) Integrated mounting ears Diecast aluminum chassis with integrated heatsink and heaters
  35. 35. Meet Any Wi-Fi Use Case Expandability and Investment Protection Future Wi-Fi Standard IOT Integration Custom Compute Platform Adv. Security and Spectrum Analysis 3G & LTE Small Cell Bluetooth Beacon Hyperlocation Antenna Stadium Panel Antenna Self-Discover / Self-Configure 3G/LTE Backhaul Directional Antennas Bluetooth Intelligence
  36. 36. Access Point Extensions (APeX) Third-party Development Framework • Seamlessly Enable partners ü Cisco Wireless BE ü Other Cisco Business Units ü Strategic partners ü 3rd Party solutions vendors • Facilitate both hardware and software based solutions • Sustained differentiation of 3K Series APs • Gain competitive advantage by enabling vertical specific solutions MODULE PORT A development framework to enable an ecosystem of expansion modules (HW module, USB or software) for Cisco Aironet AP 3800 Series
  37. 37. Wireless Architecture Autonomous FlexConnect Centralized Converged Access Traffic Distributed at AP Traffic Centralized at Controller Traffic Distributed at SwitchStandalone APs Target Positioning Small Wireless Network Branch Campus Branch and Campus WAN
  38. 38. § Right To Use Licensing, Ease of Enablement and Portability § Utilizes the NEW WLAN Express WEBGUI with best practices enabled § Allows administrator to easily migrate config from previous WLC Simplified Migration and Manageability § Ability to host multiple services such as Application Visibility and Control, Bonjour Services Directory, TrustSec, Guest, High Availability with SSO § Support for centralized, distributed and Mesh deployments Services Ready § 5520 scales up to 1500 AP & 20,000 clients § 8540 scales up to 6000 AP & 64,000 clients Built for addressing Scale of BYOD § 5520 supports 20 Gig of throughput § 8540 supports 40 Gig of throughput Throughput to address needs of Wave-2 11ac 5520 8540 Introducing the Cisco 5520 and 8540 Feature-Rich, Multi-mode and Ready for Wave 2 802.11ac
  39. 39. Built for addressing Scale of BYOD Introducing the Cisco 3500 Feature-Rich, 150APs 3000 Clients
  40. 40. Easy to Use Sidebar Navigation Intuitive and Interactive Network Summary Navigation Cisco’s Simplified WLAN Controller GUI Switch between graphic and text Drag Dashlets to Rearrange Add Dashlets
  41. 41. Mobility Express Interface (Single AP)
  42. 42. Converged Wired/Wireless
  43. 43. 2.5-5 Gigabit Port Offload Wireless Traffic Faster Multigigabit Technology Cisco Multigigabit Standard Cat 5e/Cat6 Cables 1 Gigabit Port Delivers up to 5X Speeds in Enterprise Without Replacing Cabling Infrastructure Supports PoE Up to 60W 2.5-5 Gigabit Port Available on AP 3800
  44. 44. Catalyst 3850 ─ Multigigabit Versions 48 Port Version 24 Port Version Downlinks: 36 x 1G LineRate 10/100/1000BASE-T, 12 x GE/mGig/10GT Line Rate PoE/PoE+/UPoE, EEE, MACSec Uplinks: 4x10GE SFP+, 2 x 40G QSFP (NEW), 8x10G SFP+ (NEW) Downlinks: 24 x GE/mGig/10GT PoE/PoE+/UPoE, EEE, MACSec Uplinks: 4x10GE SFP+, 2 x 40G QSFP (NEW), 8x10G SFP+ (NEW) All 3850 Versions Can Stack with Each Other
  45. 45. Catalyst 3850 mGig C3850 24 port mGig Switch 24p mGig/10GT PoE+/UPOE. Line rate at 72 byte packet sizes C3850 48 port mGig Switch 12p mGig/10GT PoE+, 36p 1GE UPOE. Line rate Investment Protection – mGig speeds with Cat 5e, DATA PoE+ UPOE Fiber New Member to the stacking Family MGIG
  46. 46. Cisco + Apple Partnership
  47. 47. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 47 The new partnership for Federal Customers
  48. 48. What are we trying to solve? Scalability Complex configuration of advanced features Mobility Sub optimal roaming for mobile devices and battery efficiency Better integration between mobile devices and the network Reliability User experience is affected
  49. 49. Cisco-Apple partnership provides these benefits Optimized Wi-Fi Connectivity Prioritized Mission applications Intelligent, and efficient roaming is automatically configured iOS and Cisco devices recognize each other and enable special capabilities Mission data gets priority and speed even if network is congested Reduces complexity - IT can focus on the mission – the network does the heavy lifting
  50. 50. What happens Today? In 802.11, delay in roaming causes poor experience, especially for rich- media real-time applications. Interoperability increases complexity and prevents adoption. Standards to the rescue? • 802.11r – Fast Roaming • 802.11k – Neighbor List • 802.11v – BSS Transition But • Operational Complexity • Multiple SSIDs – some clients cant associate with SSIDs enabled with 11r
  51. 51. Optimized Wi-Fi Connectivity Intelligent, and efficient roaming is automatically configured Makes critical apps more reliable iOS and Cisco devices recognize each other and enable special capabilities
  52. 52. 802.11k, 802.11v, 802.11r help efficient roaming 802.11r enables fast roaming without complete reauth 802.11k sends you list of neighbors 802.11v BSS Transition sends you the new best AP Cisco-AP-2 to connect to Association Fast Transition (802.11r) Cisco-AP-1 Cisco-AP-2
  53. 53. Association Cisco-Apple Optimized Roaming reduces management overhead by up to 50% Legacy client cannot join the same SSID where 11r is enabled I recognize that you are an Apple device 11r is enabled for you 802.11k, 802.11v are on by default Legacy client that does not support 11r/k/v can join the same SSID Cisco-APNon-Cisco-AP
  54. 54. Roaming Performance : 10x Better end-user Browsing and App Experience QoS, 802.11r/k/vNo QoS, No 802.11r/k/v Time (s)* *Time Interval between last packet on previous AP, and first packet on next AP
  55. 55. Benefits of Optimized Wi-Fi Connectivity Automatic configuration reducing complexity for IT Up to 50% reduced management overhead due to fewer SSIDs 86% reduction in network message load from the device during roaming Investment protection - Leverage existing network design Lower battery usage 66x reduction in probability of poor audio quality experience. 10x more successful end user browsing experience
  56. 56. What happens Today? Inability to prioritize mission-critical real-time traffic all the way from clients to the destination • Today IT Administrators can classify traffic ONLY at the access point. this implies: • Inability to prioritize between the client and the AP. • Burden on IT administrator to manage the applications across the enterprise
  57. 57. Prioritizing Business Apps Prioritize mission critical apps and real time data Turning on is easy IT has control over which Apps get priority
  58. 58. Fast lane Configuration Profiles A QoS configuration profile will ONLY be acted upon on an iOS 10 client Uses standard Apple iOS Profiling techniques (MDM, email, Web-based) • Profile lists “whitelisted” applications in a dictionary file • Whitelisted applications are allowed to mark QoS (DSCP/UP) upstream • ‘Non-Whitelisted’ applications receive only BE/BK marking upstream Used in Combination with Cisco and Apple mutual detection
  59. 59. Fast Lane only applies to Cisco-Apple Deployments QoS Profile is not considered Applications can only mark UP, not DSCP* QoS Profile or no QoS Profile If a Profile was received, All apps in White list Can mark QoS upstream QoS Profile Cisco-APNon-Cisco-AP Supports Fast lane * DSCP can be marked with IP_TOS/IPv6_TCLASS when SO_NET_SERVICE_TYPE is best effort
  60. 60. Fast Lane enables network administrator to prioritize applications per your environment Supports Fast lane Admin can provision Apple IOS device with a QoS profile* Applications in whitelist get QoS marking** Other applications get BE/BK Supports Fast lane My profile for this environment: Minecraft = Real-time- interactive Viber = BE My profile for this environment: Minecraft = BE Viber = Voice Cisco-AP Supports Fast laneSupports Fast lane Cisco-AP *Without a profile, all applications are whitelisted by default in a Fast Lane cell **Fast Lane does NOT override apps QoS, it either allow the app QoS or apply BE
  61. 61. App prioritization elements QoS Profile Voice QoS Trust AutoQoS Better EDCA Helps determine which applications should receive QoS upstream Trust upstream voice traffic, with ACM and without TSPEC Benefits IT Administrator Configure optimal WLC QoS in one click Ease of Use IEEE 802.11-2016 EDCA
  62. 62. No Fast Lane Fast Lane delivers a reliable voice experience even in a congested environment • In a congested environment, one voice packet is sent every 20 ms • We measure the actual interval between voice packets in the upstream direction Capture time (seconds) Packet average interval is 40 ms (not so good) Many glitches, of up to 0.6 second (poor audio experience) Interval (seconds) Fast Lane Interval (seconds) Packet average interval is 20 ms (good) Very few glitches, of up to 0.1 second (fair audio experience)
  63. 63. Benefits of App prioritization Business data gets priority and speed even if network is congested Reduces complexity - IT can focus on the mission – the network does the heavy lifting Reliable mobility for mission use
  64. 64. Benefits of Apple-Cisco partnership Simple, automated configuration of Optimized Roaming & Fast lane Faster client roams, lower battery usage and reduced network load Enabled with a unique to Apple and Cisco mutual identification Prioritizes mission- critical apps over the air and network
  65. 65. What can we enable All Wireless Office Manage growing network demands Mobile access to real-time data Prioritize mission critical apps Improved voice and video communication
  66. 66. Seamless Collaboration with Cisco Spark • Meet anywhere and everywhere • Always-on, secure team messaging and file sharing • Integrated business phone with • HD voice and video calling
  67. 67. Enterprise Voice Integration • Take your desk phone with you • Easier than ever to collaborate • Enable by Cisco Spark and iOS 10 APIs
  68. 68. Native Voice Experience – Hey Siri! • Intuitive - use the iOS native dialer for Spark calls • Convenient - consolidated view of contacts, call history, and favorites • Control - call waiting allows user to screen and prioritize calls • Multi-functional - extends hands free experiences using Siri voice commands, Bluetooth and mobile accessories • Use connected headsets and accessories
  69. 69. Enterprise Voice Integration • Users never miss a call • Reliable, high-quality calling with reduced costs • Improved compliance for calls made through the corporate PBX • Accelerated user onboarding PBX Telco Switch Desk Phone iPhone Cisco Collaboration Cloud
  70. 70. Recommended platforms Networking infrastructure Caching iOS devices • Wireless controller: Running AireOS 8.3, 8.3MR or connected to Meraki cloud • 802.11ac Aironet and Meraki MR Access points • Catalyst and Meraki MS Multigigabit-capable switches • Meraki Systems Manager EMM • Software licenses, maintenance & support • ISR 4000 Series • WAAS – Wide Area Application Services • Akamai Connect license • Software licenses, maintenance & support Optimized Efficient Roaming • iPhone 6s and later • iPhone 6s Plus and later • iPad Air 2 and later • iPad mini 4 and later • iPad Pro and later • iPhoneSE Fast Lane • iPhone 5 and later • iPad mini 2 and later • iPad Air and later • iPad Pro • iPod touch (6th generation)
  71. 71. CMX & ISE
  72. 72. Prime Infrastructure Cisco WLAN Controller Systems Manager (MDM/EMM) MDM Manager Wired Network Devices Cisco Catalyst Switches Office Wired Access Office Wireless Access Identity Services Engine Remote Access ASA Firewall CSM / ASDM Identity Services Engine – Policy Enforcement
  73. 73. Cisco Identity Services Engine (ISE) Network ResourcesAccess Policy Traditional Cisco TrustSec® BYOD Access Threat Containment Guest Access Role-Based Access Identity Profiling and Posture A centralized security solution that automates context-aware access to network resources and shares contextual data Network Door Physical or VM ISE pxGrid Controller Who CompliantP What When Where How Context Threat (New!) Vulnerability (New!)
  74. 74. Demo CMX
  75. 75. DNA for Mobility: Summary of Solutions Analytics Presence Analytics Location based Analytics Verticalization User Engagement Custom Guest Experience Location Specific Portal Connected Visitors Analytics Mobile Applications Location based Engagement 3rd party App integration Programmability & extensibility Lower RiskFaster Innovation Reduce Cost and Complexity Apple and Cisco Optimize Wi-Fi Connectivity Prioritize Business Apps Integrate Collaboration Automation Flexible Radio Assignment WLAN Express Setup Plug n Play Provisioning Visibility Easy Monitoring & troubleshooting App & Device Awareness Fast Policy BYOD Provisioning 802.1x Authentication Guest Access Embedded Security Visibility and Segmentation Threat Detection BYOD Monitoring Web Content/Control Category-Based Filtering Policy Segmentation Security Activity Monitor Protect The Air Interference and Air Quality Detect Rogues and attacks
  76. 76. Cisco’s location roadmap and use case vision Presence Greater customer insights Enhanced location Hyperlocation Bluetooth Low Energy Accuracy 20m Type In-zone Detection Use Cases Venue-level, Visitors, Dwell Time Accuracy 10m Type X,Y coordinates, Optimized refresh Use Cases Zone-level Correlation Accuracy 1-3m Type Real time refresh, app required Use Cases Way Finding / Indoor navigation / Proximity Marketing Accuracy 1-3m Type Refresh every 10 seconds, no app Use Cases Sub-zone-level Work space optimization
  77. 77. • CMX now has the capability of sending data natively into a CMX Splunk Application and CMX for ElasticSearch with Kibana visualization. These connectors allow the end user to take advantage of CMX to calculate location and analytics data and use the third party tool to add additional visualizations and data views. Expanded Visulization - CMX Connectors
  78. 78. • Notifications based on additional events from RFID tags including button pushes and battery events. • Notifications to email addresses to enable rapid prototyping of applications • Configurable encryption key per destination. CMX Notifications – Improved Support for RFID Tag events and Email notifications New Notification Types Updated Destination options Configurable encryption key Note: Enables Asset Tag solution migration from MSE 8.0 to CMX
  79. 79. Northbound Notifications – MAC hashing
  80. 80. • SSID based filtering for Location • When a customer has multiple different SSID for different purposes, they can now isolate which SSID are used for by the system, such as a GUEST SSID and not include data from this SSID in reports • Connected and Detected client selection in all Analytics reports • Each report can now be customized to include Connected (i.e. Associated) and Detected (i.e. Probing) Devices to provide additional granularity. (or both) CMX Analytics - Report Filtering
  81. 81. • Analytics reports now have the ability to use customizable opening hours for the reports based on a configuration file. This allows more accurate analytics reporting that is specific to the venue. CMX Analytics – Customizable Opening hours Input File Customized Open Hours
  82. 82. • CMX Analytics has changed from a NOW report to a dedicated RealTime analytics tab. This allows accurate and timely display of what is occurring right now in the venue at a floor level. RealTime reports can be saved similar to other analytics reports. CMX Analytics – Real Time Report
  83. 83. • CMX 10.2.3 now allows creation and editing of Inclusion and Exclusion zones within CMX instead of having to create them in Prime. This simplifies the management process when a map is added or changes. CMX Location – Configurable Inclusion/Exclusion Zones
  84. 84. • CMX now has the ability to show a new Portal page after a certain number of days (1 to 1000) or if configured to (0), will show a new portal whenever user is timed out of WLC. This makes it much easier to configure when a portal page will show up to a user. CMX Connect – Configurable Portal Timeouts NEW
  85. 85. • System uses Virtual IP and heartbeat check pointing between two systems, active and standby. • Failover time about 5 mins • Database is check pointed CMX High Availability
  86. 86. What's New in CMX Cloud Presence and Connect
  87. 87. CMX Cloud - Support Aironet and Meraki Wi-Fi Cloud CMX MerakiAPI Aironet Meraki MR Common Dashboard for CMX Analytics and Connect
  88. 88. Guest Voucher Code Front-desk or lobby admin creates a voucher code one at a time or in bulk Customize the email & print formatting and distribute the voucher keys Full audit capability to trace back the lobby admin, voucher code and last access history Create Voucher Format Email Receipt
  89. 89. Email Verification: Host Sponsor or Self Sponsor Visitor provides an email seeking approval – Visitor waits for approval or cancel request. Sponsor clicks on URL to approve and Visitor gains access Note: leave domain blank for self sponsorship Sponsor Guest Settings
  90. 90. Customizing Repeat Visitor Portal Experience Location based Policy ControlsMAC Filtering: automatic repeat visitor association; MAC database in CMX Cloud Repeat visitor login portal experiences customizable Add Repeat Visitor context to the captive portal
  91. 91. Rules Engine – Define Customized Experiences Next generation Portal Splash Rules Experience Site-based Policy SSID-based Policy Assign Rule • 2 Rule-based portal and POST auth Portal • ENGAGE Rule for Customer follow Up • SERVICE PLAN for Network Policy (Bandwidth and Access Duration)
  92. 92. • Defined Rate-limiting and Access Duration With this, CMX Cloud • With CMX Cloud any policy enforcement can be done with a simple configuration Policy Plan Authorization with CMX Cloud
  93. 93. • Background: when there are multiple guest SSIDs from Single AP (Managed Wi-Fi, Shopping Mall, etc) CMX can assign each SSID as completely separate Guest Portal Policy and configuration New-Use case. SSID-based Connected Experience
  94. 94. • In Multi-Tenant environment, CMX can display portal upon every new site visit. • Franchise or branches that are located across multiple site, can suppress splash page if customer visited same branch in last login frequency New-Use case Portal display policy upon visiting new site
  95. 95. • Use-case : Multi-Tenant, Managed SP customer can assign different sponsor per tenant • Sponsor Portal now can support multiple accepted email domains • Settings > CONNECT Tab New Use-Cases Multiple Sponsor Email Domains Use Sponsor element On portal
  96. 96. CMX Cloud - Push Notification • Generate Push Notification message based on Presence Detection from AP • Can send different message per types of movement • PASSERBY, VISITOR, CONNECTED, GONE, App Notification Message SMS-Message When leave venue
  97. 97. • Twitter (Oauth 1.0) and LinkedIn (Oauth 2.0) has been added • CMX Cloud - Now supports 5 Different Social ID Login. • Facebook, Instagram, Foursquare, Twitter and LinkedIn CMX Cloud support - Social Network Login
  98. 98. Resources CMX Cloud homepage: Mobility Express homepage: dCloud CMX Cloud demo: https://dcloud-rtp-web- dCloud Mobility Express demo: https://dcloud2-
  99. 99. Making it Easier: Assurance
  100. 100. ServiceManage Fix Predict Predict Client and network issues before they occur Fix real time issues and get insight into historic trends Learn Surface undetected client and network anomalies Machine Learning 01001011000101110010010101100 1011000010101100110 Planning Infrastructure Data Behavioral analytics InsightSensor Data Root cause issues in few Clicks Build Resilient and Reliable Networks Automate tools to discover outliers Proactive wireless network assurance
  101. 101. Making it Easier: Licensing
  102. 102. A complete wireless system with ONE License Enterprise Class Wi-Fi Experience Identity-Based Secure Access Policy Network Management End-to-End Security Comprehensive Management For User, Network and Application (Prime) Industry-Leading Mobility Capabilities (HDX) Centralized Identity- Based Policy Management (ISE-Base) Software-Defined Segmentation (TrustSec) Stealthwatch Location Based Mobile Services Customizable Location Tracking (MSE-Base)
  103. 103. Location Tracking Hyperlocation vBLE
  104. 104. No Single Technology Delivers for All Use Cases CMX delivers high accuracy indoor location, leveraging Wi-Fi & BLE, today BLE Navigation Proximity Marketing Fast Refresh Rates Wi-Fi Analytics Space Utilization Zone-based Triggers
  105. 105. Enabling High Accuracy Wi-Fi Client Side Application Phunware Software Delivers mobile experience Uses Wi-Fi and BLE from Hyperlocation plus device sensors to enhance location and refresh rate Hardware Hyperlocation Solution Module and/or Antenna Applies to Aironet AP3700 & other AP 3K Uses 16 to 32 antennas to determine mobile client location Using Wi-Fi for Highly Accurate and Near-Real Time Location
  106. 106. Location Excellence Means Better Business Intelligence Cisco CleanAir® Technology - Detects BLE beacons and interferers; optimizes RF Cisco FastLocate - A faster refresh provides more location detail Hyperlocation - Provides enhanced location accuracy BLE Gateway - Complete BLE management, integrated and plugin BLE options, and BLE analytics* FastLocate: Critical to actionable data T=00s T=30s 70 APs, 147 Connected Clients, 352 Detected Clients, 10 Zones, 18 Beacons, 17 Interferers *Coming
  107. 107. Enabling High Accuracy Location Client Side Application Phunware Software/ Cisco SDK / Sample App Delivers mobile experience Uses BLE from Beacon point enhance location and refresh rate Hardware Cisco Beacon Point Applies to Cisco Beacon Point Using BLE for Highly Accurate and Near-Real Time Location
  108. 108. CMX Virtual Beacon Solution • Eliminates battery operated BLE beacons • Operational Simplicity with virtual beacons • Proximity Engagement and Indoor navigation Customer BenefitsWhat is it? • Beacon Point generates BLE beams • Beacon Center creates virtual beacons and manages beacon points via Cloud. Priced per beacon point per year Cisco Virtual Beacon CMX
  109. 109. CMX Virtual Beacon – Value Proposition Eliminate battery operated physical beacons Replace up to eight physical beacons Add or move virtual beacons with a click Scale beacon deployment with operational simplicity Eliminate RF calibration with advanced machine learning Deliver high location accuracy, Reduced latency
  110. 110. Cisco Cloud Machine learning and location engine Beams | Hear Location Estimate CMX Beacon Points
  111. 111. Simplify Beacons – CMX Cloud Beacon Center Engagement Metrics Manage Beacon Points Machine Learning Across Device Types Drag and Drop Virtual Beacons Create Proximity Message
  112. 112. Cisco Cloud Machine learning and location engine Customer Cloud How It Works Pharmacy Bakery Electronics Clothing Mobile app with Cisco SDK Cisco Beacon Point 1 3 4 2 6 5 Mobile device listens to the BLE beacons from the Beacon Point1 Cisco Cloud sends location & map information to the mobile app.3 Customer app interacts with Customer app cloud with additional information about it location 4 Cisco SDK (integrated into the mobile app) sends information to the Cisco cloud 2 When users are in proximity of a virtual beacon, custom notifications or URLs can be sent or actions can be taken 5 Virtual Beacons can be created anywhere in the coverage area6
  113. 113. Cisco Virtual Beacon - Ordering Information PID / SKU Description List Price AIR-VBLE1-K9 CMX Beacon Point $695 AIR-CMX-SVC-VBLE CMX Cloud Beacon Center Subscription software includes software support With multi-year discount $190 per BP per yr. (12 mos) $150 per BP per yr. (36 mos) $130 per BP per yr. (60 mos) CON-SNT-AIRVBL1K Technical services 8x5xNBD SNT Replacement
  114. 114. Federal Certifications
  115. 115. Current Cisco Wireless Government Certifications Certify every MD/long lived release What’s Certified: ü All Cisco 11ac and 11n Access Points ü All appliance and integrated controllers ü MSE 8.0, and PI 2.2 ü APL Listing for WLAS, WAB,WIDS What’s unique to Cisco: ü Cisco ONLY Wireless vendor with DCE and Common Criteria Certification ü Predictable wireless certification – MD SW release gets certified ü Common release both Enterprise and Government customers – Feature consistency and deployment flexibility Certification 7.0 8.0 IOS 3.6 FIPS CC UCAPL CSfC USGv6 Comprehensive end-end solution certified !
  116. 116. Roadmap - Cisco Wireless Government Certifications 8.3 (MR1) and IOS 16.3 – Q3CY16 What’s Certified: ü 11ac Wave 2 Access Points ü 5520, 8540, 5508, 2504, WiSM2 ü 3650 and 3850 switches/WLC ü CMX 10.3 ü APL Listing for WLAS, WAB,WIDS ü Cisco SSL 6.x Integration w/AireOS What’s the timeline: ü FCS – Nov ‘16 ü JITC Eval Began Oct ‘16 ü Estimate Completion Q2CY16 Certification 8.3 IOS 16.3 FIPS CC UCAPL CSfC USGv6 NGE and Wave 2 Certified Release!
  117. 117. Making Wireless Easier… • Network of Tomorrow – Digital Network Architecture • Automation • Security • Insights • Full Line of Products • Full Speed • 802.11ac Excellence • Full Control • Services & Security ensure granular control & enforcement • More Ways to Do things… Making it even Easier
  118. 118. Thank You! Questions?