This document discusses different wireless network architectures from Cisco, including autonomous access points, centralized architecture, and FlexConnect architecture. Autonomous access points are managed individually while centralized architecture uses wireless LAN controllers for centralized management. FlexConnect is an extension of centralized that allows some local switching and control at remote branch sites for better WAN efficiency and high availability when the connection to the main controller fails. The document provides details on how each architecture works, available access point and controller options, benefits and limitations of each.
Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device.
NSO: Network Service Orchestrator enabled by Tail-f Hands-on LabCisco Canada
The Network Service Orchestrator (NSO) is a multi-vendor network orchestrator developed by Tail-f, a recent Cisco acquisition in the area of network management and orchestration. This 4hs session will give an introduction to the NCS system and show hands-on the tool and its different interfaces: network-wide CLI, REST API, etc. Participants will also create one basic network services models using the YANG language.
he Associate level of Cisco Certifications can begin directly with CCNA for network installation, operations and troubleshooting or CCDA for network design. Think of the Associate Level as the foundation level of networking certification.
Brief introduction into SIP protocol, how it works, common problems to solve. Tech. details about handshake, SIP Trunks and SIP trunking. Market research.
Spanning Tree Protocol (STP) is a network protocol designed to prevent layer 2 loops. It is standardized as IEEE 802.D protocol. STP blocks some ports on switches with redundant links to prevent broadcast storms and ensure loop-free topology. With STP in place, you can have redundant links between switches in order to provide redundancy.
Kamailio is the leading Open Source SIP Server - a SIP proxy, registrar, location server, presence server, IMS server and much more. Find out more by viewing this quick presentation! (Updated June 2014)
FreeIPA is the open source answer to Active Directory, bringing the functionality of Kerberos and centralized management to the unix world. This talk will dive into the background of FreeIPA, how to attack it, and its parallels to traditional Active Directory. We will cover the FreeIPA equivalents of credential abuse, discovery, and lateral movement, highlighting the similarities and differences from traditional Active Directory tradecraft. This will culminate in multiple real-world demos showing how chains of abuse, previously accessible only in Windows environments, are now possible in the unix realm, providing a new medium for offensive research into Kerberos and LDAP environments.
CCNA is associate level career certification. It is an International certification course. Which is helpful to improve your career path in networking field. It gives lot of opportunity for Engineers and lots of opportunity having lots of job.
But now in these days,
This International course is offered by SMS Institute of Technology, Lucknow
So ,
There is no need to go anywhere for the training on CCNA Course Certification during summer Training.
I want to give this information because lots of people think about this course. But they have no any other way like - going to the training institute that offers CCNA Training But they give the certification on Own training Institute That is invalid Because CCNA is a International course Certification and these certificate are come on the email Id.
But Now this course Certification offers by SMS Institute of Technology But the certificate are valid through out the world.
Learn more at blog : --
https://solutionbyexpert.blogspot.com/2020/08/become-expert-secret-of-success-ii.html
#coding
#coding development skill program
#java
Creating a Collaborative Workplace Culture Webinar Series: “How can remote wo...Cisco Canada
To increase innovation and productivity, organizations recognize that they have to get better at creating more “collaborative cultures” to leverage the collective knowledge, expertise and experience from within. View the slides from Part 2 of the series: “How can remote workers and distributed teams Collaborate Effectively”.
Building the Next Generation Workplace Cisco Canada
Alan McGinty, Cisco Workplace Resources and Mark Miller, Cisco Global Collaboration Sales focused on building the next generation workplace at Cisco Connect Toronto.
Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device.
NSO: Network Service Orchestrator enabled by Tail-f Hands-on LabCisco Canada
The Network Service Orchestrator (NSO) is a multi-vendor network orchestrator developed by Tail-f, a recent Cisco acquisition in the area of network management and orchestration. This 4hs session will give an introduction to the NCS system and show hands-on the tool and its different interfaces: network-wide CLI, REST API, etc. Participants will also create one basic network services models using the YANG language.
he Associate level of Cisco Certifications can begin directly with CCNA for network installation, operations and troubleshooting or CCDA for network design. Think of the Associate Level as the foundation level of networking certification.
Brief introduction into SIP protocol, how it works, common problems to solve. Tech. details about handshake, SIP Trunks and SIP trunking. Market research.
Spanning Tree Protocol (STP) is a network protocol designed to prevent layer 2 loops. It is standardized as IEEE 802.D protocol. STP blocks some ports on switches with redundant links to prevent broadcast storms and ensure loop-free topology. With STP in place, you can have redundant links between switches in order to provide redundancy.
Kamailio is the leading Open Source SIP Server - a SIP proxy, registrar, location server, presence server, IMS server and much more. Find out more by viewing this quick presentation! (Updated June 2014)
FreeIPA is the open source answer to Active Directory, bringing the functionality of Kerberos and centralized management to the unix world. This talk will dive into the background of FreeIPA, how to attack it, and its parallels to traditional Active Directory. We will cover the FreeIPA equivalents of credential abuse, discovery, and lateral movement, highlighting the similarities and differences from traditional Active Directory tradecraft. This will culminate in multiple real-world demos showing how chains of abuse, previously accessible only in Windows environments, are now possible in the unix realm, providing a new medium for offensive research into Kerberos and LDAP environments.
CCNA is associate level career certification. It is an International certification course. Which is helpful to improve your career path in networking field. It gives lot of opportunity for Engineers and lots of opportunity having lots of job.
But now in these days,
This International course is offered by SMS Institute of Technology, Lucknow
So ,
There is no need to go anywhere for the training on CCNA Course Certification during summer Training.
I want to give this information because lots of people think about this course. But they have no any other way like - going to the training institute that offers CCNA Training But they give the certification on Own training Institute That is invalid Because CCNA is a International course Certification and these certificate are come on the email Id.
But Now this course Certification offers by SMS Institute of Technology But the certificate are valid through out the world.
Learn more at blog : --
https://solutionbyexpert.blogspot.com/2020/08/become-expert-secret-of-success-ii.html
#coding
#coding development skill program
#java
Creating a Collaborative Workplace Culture Webinar Series: “How can remote wo...Cisco Canada
To increase innovation and productivity, organizations recognize that they have to get better at creating more “collaborative cultures” to leverage the collective knowledge, expertise and experience from within. View the slides from Part 2 of the series: “How can remote workers and distributed teams Collaborate Effectively”.
Building the Next Generation Workplace Cisco Canada
Alan McGinty, Cisco Workplace Resources and Mark Miller, Cisco Global Collaboration Sales focused on building the next generation workplace at Cisco Connect Toronto.
Are you facing some, or all, of these challenges?
-Host Mobility (w/o stretching VLANs)
-Network Segmentation (w/o implementing MPLS)
-Roles-based Access Control (w/o end-to-end TrustSec)
-Common Policy for Wired and Wireless (w/o multiple tools)
Using Cisco technologies already available today, you can overcome these challenges and build an evolved Campus network to better meet your business objectives.
Design and Deployment of Enterprise Wirlesss NetworksCisco Mobility
Learn everything you need to know about designing and deploying Cisco wireless networks for enterprise in this in-depth technical guide. Learn More: http://www.cisco.com/go/wireless
Wireless LAN Security, Policy, and Deployment Best PracticesCisco Mobility
The current state of wireless security, covering wireless device access, preventing rogue threats and addressing wireless attacks. Special focus on device profiling and policy covering how to prevent unauthorized (such as smartphones and tablets) from accessing the network. Learn More: http://www.cisco.com/go/wireless
Design and Deployment of Outdoor Mesh Wireless NetworksCisco Mobility
Covering outdoor wireless products involved in delivering outdoor broadband wireless services for Service Providers Municipalities Transportation and other end user customers. The Cisco Outdoor Wireless Bridging and MESH Technologies will be discussed in detail. Learn More: http://www.cisco.com/go/wireless
Enhance your Collaboration Experience by Enabling Pervasive Video on your Cis...Cisco Canada
Shawn Cardinal, Cisco Collaboration CSE discusses enhancing your collaboration experience by enabling pervasive video on your Cisco Unified Communications Manager at Cisco Connect Toronto 2015.
Future of Work - Cisco Connected Workplace - Office Experience DesignMyndi Garrett
This presentation originated from Andrew Cammer at Cisco. I modified it for a presentation I made at Jeanne Meister's 2020 Workplace event at MasterCard.
Watch the replay: http://cs.co/9001DxsKP
Are you getting unrivaled simplicity, end-to-end visibility, hardware reliability, and consistent policies from your WAN? You can get all of these things when you combine SD-WAN software with Cisco IOS XE routing platforms.
Experts from Cisco’s enterprise routing team will be on hand to show you what intent-based networking and software-defined simplicity in the WAN can bring. Powerful new capabilities are possible with a simple software image change.
Resources:
Watch the related TechWiseTV episode: http://cs.co/9003DvZHt
TechWiseTV: http://cs.co/9009DzrjN
The value proposition of enabling IP data networks with intelligent unified solutions. ICC Networking as the best software-driven solution to drive down the cost of connectivity while increasing network elasticity and performance.
This hands on workshop for OpenContrail will be led by Sreelakshmi Sarva & Aniket Daptari.
This is a labs session so we will have hard RSVP limits. Please RSVP only if you are confident that you will be able to attend.
About Sreelakshmi Sarva
Sree is currently working as part of solution engineering team at Juniper’s Contrail team. She is responsible for delivering & managing SDN solutions & partnerships relating to Contrail. She has been with Juniper for the last 13 years working on various Routing, Switching, Network programmability & virtualization platforms. Prior to Juniper, She worked at Nortel networks in the Systems Engineering group. Sree received her Masters in Computer Science from University of Texas at Dallas and Bachelor’s in Computer Science from India.
About Aniket Daptari
Aniket is currently working as part of Juniper Networks' Contrail Cloud Solutions team. He is responsible for delivering SDN solutions and technology partnerships related to Contrail. He has been with Juniper for the last 3 years working on various Network programmability & virtualization platforms. Prior to Juniper, he worked at Cisco Systems in the Internet Systems Business Unit (Catalyst 6500). Aniket received his Masters in Computer Science from University of Southern California and a graduate certificate in Management Science and Engineering from Stanford University.
Course Abstract
This session will be the first of a series of OpenContrail hands-on tutorials for developers who want to get deep into OpenContrail code.
This “Basic OpenContrail Programming” Hands-on Session will focus on making developers proficient in writing and contributing code for our OpenContrail Project.
Session will cover the following areas
1) Contrail Overview
· Use Cases
· Architecture recap
2) Contrail Hands on
· Demo + Hands on - Configuration , VN, VM, Network Policies etc
· DevStack introduction
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...Cisco Enterprise Networks
Presentation from the April 22, 2015 Webcast: Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide.
Register to View Webcast: http://cs.co/9004CRn0
Webinar NETGEAR - Insight, le funzionalita' per il Networking ManagementNetgear Italia
In questo secondo appuntamento di webinar dedicati ad Insight, si introducono le funzionalita' di gestione e monitaraggio disponibili per tutte le tipologie di prodotti Insight based.
ICC's Access Control System is a unified wired/wireless system to allow SMB and small enterprise leverage software to control IP data networking centrally or distributed throughout their networks.
ICC's Access Control System is a unified wired/wireless system to allow SMB and small enterprise leverage software to control IP data networking centrally or distributed throughout their networks.
Similar to The right Wireless Architecture for you (20)
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
5. How It Works
Autonomous Access Points
• Since the beginning of times (1997)
• Each AP is individually managed
From AP CLI
From AP GUI
From Cisco Prime Infrastructure (WLSE)
• AP connected to 802.1q trunk switch port
• SSID = VLAN
• End-user is dropped in local VLAN
• End-user data traffic is locally switchedAccess Points
End-User Data Traffic
ISE Prime
Internal
Resources
Campus
Network
Management
Tools
7. Outdoor Autonomous Access Point Portfolio
1552I
1552E
1552EU
1552C
1552CU
• Integrated Antennas
• Low Power Consumption
• CleanAir
• ClientLink
• External Antennas
• High Power Gain
• Fiber SPF Option
• PoE Out
• CleanAir
• ClientLink
• Integrated DOCSIS 3.0 Cable
Modem
• Cable Plant Powered
• High Power Gain
• CleanAir
• ClientLink
1552H
1552S
• ATEX Certified Class1 / Div2/
Zone2
• Integrated Honeywell Sensor
Gateway (S)
• Fiber SPF Option
• PoE Out
• CleanAir
• ClientLink
8. Benefits
Autonomous Access Points
• Affordable entry level solution
No controllers and licensing
• Supports latest Wi-Fi standards:
802.11 a/b/g/n for connectivity
WPA2 for robust security
• Industry best range and throughput
Best of bread RF
• Investment protection
Can be upgraded to a controller-based architectureAccess Points
End-User Data Traffic
ISE Prime
Internal
Resources
Campus
Network
Management
Tools
9. Limitations
Autonomous Access Points
• Each AP is managed individually
Prone to configuration inconsistencies
Individual software upgrades
Each AP must be configured in RADIUS server
• Base level Wi-Fi functionality
No dynamic radio resource management
No Advanced security
Rogue detection and mitigation
WIPS
No guest access,
• Voice over WLAN (roaming)
Requires campus wide VLAN’s
Access Points
End-User Data Traffic
ISE Prime
Internal
Resources
Campus
Network
Management
Tools
10. Where / When To Use
Autonomous Access Points
• Hotspot deployments with nomadic roaming
• Static environments
• Customers without requirement for advanced
services
Guest access, location, rogue detection, WIPS, etc.
• Small business or small distributed branch
offices
• Small warehouses and plants
Access Points
End-User Data Traffic
ISE Prime
Internal
Resources
Campus
Network
Management
Tools
12. How It Works
Centralized Architecture
• Zero touch AP deployment
Auto discovery
AP joins WLC
AP established CAPWAP tunnel with WLC
Auto firmware update
Auto configuration
• Single centralized management point
From WLC GUI
From Cisco Prime Infrastructure
• End-user is dropped in a VLAN behind WLC
VLAN can be dynamically assigned
• End-user date traffic is centrally switchedAccess Points
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
ISE Prime
Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
16. Cisco Unified Access Pillars
Identity
Services Engine (ISE)
Prime
Management
Wired and Wireless Network
• Self-provisioning portal – My Devices
• Secure Group Access (SGA) -
simplified role-based access control
and enforcement based on context,
avoids manual ACL/VLAN configs
• Comprehensive Guest Management
• Consistent functionality across wired and
wireless
• Application Visibility and Control (AVC)
• Sub-second Stateful Switchover (SSO)
• Hierarchical QoS - Port, Access Point, Radio,
SSID, User, & application
• Advanced Analytics and Business Intelligence
• One application wired and wireless -
Cisco Prime Infrastructure 1.4
• Application visibility and assurance –
deterministic end user application
experience across wired and wireless
• Third Party device management
18. One Management
Cisco Prime
Infrastructure 1.2
Unified Visibility
Prime 360
Integrated Workflows Aligned
with Lifecycle Processes
Support the way network
operators do their job
Prime Assurance Manager
Enhanced Application Visibility
and Control (AVC)
Offering Wired and Wireless
Application Insight and Control
ISR G2 Routers NAM
ASR WLAN Controller
19. Benefits
Centralized Architecture
• Centralized management and troubleshooting
for lowest TCO
• Easy to deploy and manage
• Consistent configuration across all AP’s
• Radio Resource Management (RRM)
• Advanced security
Rogue detection and mitigation
WIPS
Identity Networking / RADIUS CoA / ISE
• Voice over WLAN (roaming)
• Guest accessAccess Points
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
ISE Prime
Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
20. Benefits
Centralized Architecture
• High availability (client SSO)
• AVC - Application Visibility and Control
• Location services
• CleanAir
• Videostream / multicast delivery optimisation
• CMX - Connected Mobile Experience / Analytics
• Apple Bonjour gateway
• Mesh (indoor and outdoor)
• Highly customizable and advanced feature setAccess Points
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
ISE Prime
Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
21. Network Based Application Recognition - NBAR2
Deep Packet Inspection et App ID
NBAR2 LIBRARY
Deep Packet inspection
Traffic
POLICY
Packet Mark and
Drop
Wireless LAN Controller
Netflix = 50%
YouTube = 15%
WebEx = 10%
Citrix = 9%
Exchange= 8%
Netflow v9 export
• Classify 1000+ applications with sub-classification within applications: e.g. Lync – desktop share, video/voice, file transfer
• Apply Granular policies - Per SSID, Device, Campus, Building, Floor
• Real-time troubleshooting on the Wireless LAN Controller
• Wired-wireless consistent export to standard netflow collectors
Application Visibility and Control (AVC)
22. Limitations
Centralized Architecture
• All end-user traffic is forwarded to the WLC
• Poor use of LAN/WAN infrastructure when
internal resources are distributed
• WLC may become a bottleneck
• WLC can be a single point of failure
Access Points
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
ISE Prime
Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
23. Where / When To Use
Centralized Architecture
• Flexible architecture for campus, large branch,
home, and outdoor
Enterprise campus
Large manufacturing plants
Hospitals
Education campus / universities
• Significant customization needs
• For VoWLAN deployments / real time
applications with roaming
• Need / prefer on-premise management
Access Points
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
ISE Prime
Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
25. How It Works
FlexConnect Architecture
• First available in 2005
• Originally named Hybrid Remote Edge Access
Point (Hybrid-REAP / H-REAP)
• Extension to the Centralised architecture
• End-user is can either be dropped in a VLAN
behind WLC, or in a VLAN in the switch to
which the AP is connected
Per SSID, user/group and/or per location
• End-user data traffic can be locally switchedAccess Points
AP-Controller CAPWAP tunnel (Control Plane)
End-User Data Traffic
ISE Prime
Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
26. How It Works
FlexConnect Architecture
• First available in 2005
• Originally named Hybrid Remote Edge Access
Point (Hybrid-REAP / H-REAP)
• Extension to the Centralised architecture
• End-user is can either be dropped in a VLAN
behind WLC, or in a VLAN in the switch to
which the AP is connected
Per SSID, user/group and/or per location
• End-user data traffic can be locally switchedAccess Points
AP-Controller CAPWAP tunnel (Control Plane)
End-User Data Traffic
ISE Prime
Wireless LAN
Controller
Internal
Resources
WAN
Management
Tools
Branch
29. FlexConnect – Advanced Services
• High Availability – WAN Survivability
FlexConnect AP provides wireless access and services to clients when the
connection to the primary WLC fails
• Fast Secure Roaming in remote branches – for VoWLAN
• Dynamic VLAN and ACL assignment – per user
• Scalability
• Number of FlexConnect groups: 500 (7500s) and 100 (5500s)
• APs per Group: 50 (7500s) and 25 (5500s)
30. FlexConnect – WLC Authenticator
Branch OfficeData Center
WLC
ISR 3925 ISR 3925
VPN
AP
ISR 3925 ISR 3925
Dot1X Auth Req
Dot1x Auth Success
New Client1
2
AAA RADIUS
• All the client authentication requests travels through Central Controller
• If Controller is not reachable, then no clients can authenticate
31. FlexConnect – AP Authenticator
Branch OfficeData Center
WLC
ISR 3925 ISR 3925
VPN
AP
ISR 3925 ISR 3925
Dot1X Auth Req
Dot1x Auth Success
New Client
• All the client authentication requests travels straight from AP to RADIUS Server.
• If Controller is not reachable, clients can still continue to authenticate and access network services.
1
2
AAA RADIUS
32. FlexConnect – AP Authenticator
Branch OfficeData Center
WLC
ISR 3925 ISR 3925
AP
ISR 3925 ISR 3925
Dot1X Auth Req
Dot1x Auth
Success
New Client
• All the client authentication requests travels straight from AP to Local Branch RADIUS Server.
• If WAN link is down, clients can still continue to authenticate and access network services.
1
2
AAA RADIUS
33. FlexConnect – Local Authentication
Branch OfficeData Center
WLC
ISR 3925 ISR 3925
AP
ISR 3925 ISR 3925 Dot1X Auth Req
Dot1x Auth
Success
• All the client authenticated directly by the AP.
• If WAN link & Local Backup RADIUS Server is down clients can still continue to authenticate and access
network services.
1
2
AAA RADIUS
34. By The Way…
• SSID’s
on “Local Mode” AP’s
• Centrally Switched SSID’s
on FlexConnect AP’s
• End-user traffic is always
switched at the controller• “Local Mode”
35. Benefits
FlexConnect Architecture
• Same benefits as for the Centralised
Architecture (most of them) + …
• Flexible deployment and configuration options
• Simple wireless operations with DC hosted
controller (no need to distribute controllers)
• Efficient use of WAN resources for branches
Only desired traffic is tunneled to the controller
• Highly available and scalable for large number
of remote branchesAccess Points
AP-Controller CAPWAP tunnel (Control Plane)
End-User Data Traffic
ISE Prime
Wireless LAN
Controller
Internal
Resources
WAN
Management
Tools
Branch
36. Limitations
FlexConnect Architecture
• Some WAN limitations may apply
RTT must be below 300 ms data (100 ms voice)
Minimum 500 bytes WAN MTU (with maximum four
fragmented packets)
• Requires site wide VLAN for roaming
(VoWLAN)
• Some features are not available in standalone
mode or in local switching mode
AVC and VideoStream
See full list in « H-REAP Feature Matrix » at www.cisco.com
Access Points
AP-Controller CAPWAP tunnel (Control Plane)
End-User Data Traffic
ISE Prime
Wireless LAN
Controller
Internal
Resources
WAN
Management
Tools
Branch
37. Where / When To Use
FlexConnect Architecture
• Flexible architecture for small to medium size
branches (up to 50 AP’s per site)
Retail stores
Food / restaurant chains
Small warehouses
Branch offices
• Significant customization needs
• For VoWLAN deployments / real time
applications with roaming
• Need / prefer on-premise management
• Excellent migration option for autonomous AP’sAccess Points
AP-Controller CAPWAP tunnel (Control Plane)
End-User Data Traffic
ISE Prime
Wireless LAN
Controller
Internal
Resources
WAN
Management
Tools
Branch
39. How it works
Converged Access
• Similar to Centralised Architecture
• Mobility Agent (MA) is responsible for:
– AP CAPWAP termination
– Maintaining client database
– Policy enforcement
• Mobility Controller (MC) is responsible for:
– Client Mobility
– Radio Resource Management (RRM)
– WiPS, Spectrum Management
Access Points
ISE Prime
MC
MA
Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
40. How it works
Converged Access
• Similar to Centralised Architecture
• Mobility Agent (MA) is responsible for:
– AP CAPWAP termination
– Maintaining client database
– Policy enforcement
• Mobility Controller (MC) is responsible for:
– Client Mobility
– Radio Resource Management (RRM)
– WiPS, Spectrum Management
Access Points
ISE Prime
MC Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
MA
M
A
M
A
M
A
M
A
Catalyst 3850
41. Wireless Control
System
Access Control
Server
LAN Mgmt
Solution
Identity
Mgmt
NAC
Profiler
Guest
Server
Cisco Wireless
LAN Controller
Internal
Resources
Cisco FirewallCisco
Access Point
Catalyst
Switch
Corporate
Network Internet
One Management
Prime
One Policy
ISE
Delivering Converged Access
IOS Based WLAN Controller
• Consistent IOS and ASIC as Catalyst
3850
• Required to scale beyond 250 AP or 16K
client domains
Converged Access Mode
• Integrated wireless controller
• Distributed wired/wireless data plane
(CAPWAP termination on switch)
New 5760
One Network
Catalyst 3850
42. • 802.11n
• Clean Air
• Video Stream
• Radio Resource
Management (RRM)
• Wireless Intrusion
Prevention System
(WiPS)
• 802.11ac Ready
Features:
• Stacking, Stackpower
• Trustsec/Identity
• AVC/Medianet
• Flexible Netflow
• Granular QoS
• Smart Operations
• EnergyWise
• Virtualization
Features:
B e n e f i t s
• Built on Doppler – Cisco’s Innovative
Flexparser ASIC technology
• Eliminates operational complexity
• Single Operating System for wired and
wireless
Single Platform for Wired and Wireless
• 20+ Years of IOS Richness – Now on Wireless
WIRELESS WIRED
Note: All features may not be available on
new platforms at introduction but are
expected to be added within 12-18 months
43. Converged Wired/Wireless Access – Benefits
Scale with
distributed wired
and wireless
data plane
480G stack bandwidth;
40G wireless/switch; 16K
clients without separate
WLC – future proof
Maximum
resiliency with
fast stateful
recovery
Layered network high
availability design with
stateful switchover
Single
platform for
wired and
wireless
Common IOS, same
administration point,
one release
Unified Access - One Policy | One Management | One Network
Network wide
visibility for
faster
troubleshooting
Wired and wireless
traffic visible at
every hop
Consistent
security and
quality of
service control
Hierarchical bandwidth
management and
distributed policy
enforcement
45. How it works
Converged Access
• Similar to Centralised Architecture
• Mobility Agent (MA) is responsible for:
– AP CAPWAP termination
– Maintaining client database
– Policy enforcement
• Mobility Controller (MC) is responsible for:
– Client Mobility
– Radio Resource Management (RRM)
– WiPS, Spectrum Management
Access Points
ISE Prime
MC Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
MA
Catalyst 3850
46. How it works
Converged Access
• Similar to Centralised Architecture
• Mobility Agent (MA) is responsible for:
– AP CAPWAP termination
– Maintaining client database
– Policy enforcement
• Mobility Controller (MC) is responsible for:
– Client Mobility
– Radio Resource Management (RRM)
– WiPS, Spectrum Management
Access Points
ISE Prime
Internal
Resources
WAN
Management
Tools
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
M
A
M
A
M
A
M
A
Catalyst 3850
M
C
M
C
M
C
M
C
47. Benefits
Converged Access
Access Points
ISE Prime
MC Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
M
A
M
A
M
A
M
A
Catalyst 3850
• Single platform for wired and wireless
• Consistent security and quality of service
control
• Distributed control plane
• Highly scalable
• 802.11ac ready – no bottleneck
• Centralized management and troubleshooting
for lowest TCO
• Radio Resource Management (RRM)
48. Benefits
Converged Access
Access Points
ISE Prime
MC Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
M
A
M
A
M
A
M
A
Catalyst 3850
• Highly customizable and advanced feature set
• Advanced security
Rogue detection and mitigation
WIPS
Identity Networking / RADIUS CoA / ISE
• High availability
• Voice over WLAN (roaming)
• Guest access
• Location services
• CleanAir
49. Limitations
Converged Access
Access Points
ISE Prime
MC Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
M
A
M
A
M
A
M
A
Catalyst 3850
• More complex to deploy and manage
• No full feature parity with AireOS controllers
AVC - Application Visibility and Control
Bonjour protocol optimisation
Mesh (indoor and outdoor)
50. Where / When to use
Converged Access
Access Points
ISE Prime
MC Wireless LAN
Controller
Internal
Resources
Campus
Network
Management
Tools
AP-Controller CAPWAP tunnel (Control and Data Planes)
End-User Data Traffic
M
A
M
A
M
A
M
A
Catalyst 3850
• Flexible architecture for campus and branches
Enterprise campus
Large manufacturing plants
Hospitals
Education campus / universities
• Significant customization needs
• For VoWLAN deployments / real time
applications with roaming
• Need / prefer on-premise management
52. How It Works
Cloud Managed
• Cisco acquired Meraki in December 2012
• Leader in cloud managed network solutions
• AP connected to 802.1q trunk switch port
• Local Authentication to RADIUS / AD
• End-user is dropped in local VLAN on AP
VLAN can be dynamically assigned
• End-user data traffic is locally switched
Access Points
Internal
Resources
LAN
Meraki
Dashboard
Internet
AP-Cloud management tunnel (Control Plane – 1 kbps)
End-User Data Traffic
53. 100% cloud managed edge networks
Meraki MS
Ethernet Switches
Meraki SM
Mobile Device Management
Meraki MR
Wireless LAN
Meraki MX
Security Appliances
54. Cisco Unified Access
100% Cloud ManagedUnparalleled Deployment Flexibility
Cisco Enterprise Portfolio Cisco Cloud Managed
Prime ISE
Catalyst 2K/3K/4K/6K
ASA - Firewall
ISR - Routing
MS Switch
MX Series Security
Appliances
Aironet Access Points & Controllers
Dashboard
Cisco Networking Portfolio
MR AP’s
Systems Manager3rd Party MDM Integration
55. MR wireless access points
55
Feature
highlights
5 models including indoor/outdoor, high performance and value-priced
Enterprise-class silicon including PoE, voice/video optimization
Lifetime warranty on indoor APs
BYOD policies
Application traffic shaping
Guest access
Enterprise security
WIDS / WIPS
Mesh routing
57. SaaS feature delivery, quarterly updates
WAN optimization
User/device fingerprinting Application firewall
Mobile application deployment
Content filtering Network access control
58. Scalable cloud infrastructure
Telmex
Nationwide hotspot and 3G
offload network
Next Retail
550 retail stores across the
UK
Motel 6
70,000 hotel room
deployment
Jeffco School District 80,000
student district with 100+
schools
59. Systems Manager MDM
Feature
highlights
Device Management controls iOS, Android, Mac, and Windows devices
Cloud-based - no on-site appliances or software, works with any vendor’s network
100% free - available at no cost to any organization, sign up at meraki.com/sm
Centralized app deployment
Device security
Rapid provisioning
Backpack™ file sharing
Asset management
60. Benefits
Cloud Managed
• It’s too easy!!!
• Simple to buy (2 SKUs)
• Easy to deploy and manage over the web
Add devices or sites in minutes
• Out-of-the-box optimized feature set
• Ongoing upgrades and enhancements
• Reliable
Highly available cloud with multiple datacenters
Network functions even if connection to cloud
is interruptedAccess Points
Internal
Resources
LAN
Meraki
Dashboard
Internet
AP-Cloud management tunnel (Control Plane)
End-User Data Traffic
61. Benefits
Cloud Managed
• Secure
No user traffic passes through cloud
Fully HIPAA / PCI compliant (level 1 certified)
3rd party security audits, daily penetration test
Reliability and security information at meraki.com/trust
• No bottlenecks
• And… did I say it’s easy?
Access Points
Internal
Resources
LAN
Meraki
Dashboard
Internet
AP-Cloud management tunnel (Control Plane)
End-User Data Traffic
62. Limitations
Cloud Managed
• Customer must embrace cloud services
• Limited customisation capability (compared to
on-premise controller based solutions)
• Single architecture – less flexibility
• No layer 3 roaming
• Requires site wide VLAN for roaming
(VoWLAN)
• Limited integration with 3rd party solutions
Access Points
Internal
Resources
LAN
Meraki
Dashboard
Internet
AP-Cloud management tunnel (Control Plane)
End-User Data Traffic
63. Where / When to Use
Cloud Managed
• Mid-market businesses / distributed sites
• Remote branches without on-site IT
Retail
Professional services
Lawyers offices
Clinics
Construction
K-12 Education
Hospitality
• Lean IT
• Cloud service users (salesforce, box.net, gmail)Access Points
Internal
Resources
LAN
Meraki
Dashboard
Internet
AP-Cloud management tunnel (Control Plane)
End-User Data Traffic
65. Autonomous Centralized FlexConnect
Converged
Access
Cloud
Managed
Best of Breed RF
One Policy—ISE
One Management—Prime
Sub-Second Failover N/A N/A
Advanced Features, Highly Scalable
Application Visibility and Control
TrustSec/SGA
Common Policy Enforcement for LAN and
WLAN
Network Wide Traffic Visibility
One Operating System LAN and WLAN
Unified Access—Wireless Deployment Modes
Highly Differentiated Value Across All Deployment Models
66. On-Premise and Cloud-Managed Networking Positioning
EnterpriseMid-Market / Commercial
Cisco Enterprise Portfolio
On-Premise Managed
- Deployment Flexibility
Cisco Cloud Networking Portfolio
Cloud Managed
- Lean, Generalist IT
- Distributed small sites
Network Size (Sites, Density)
Features/NetworkServices
Small Business
Cisco Small Business
Solutions
67. Cisco Unified Access: Flexibility
Autonomous AP Centralised FlexConnect
Converged
Access
Cloud Managed
• Intended for static installations
• Aironet Access Points
• Catalyst Switches
• Identity Services Engine
• Prime Infrastructure
• Premise-based Controller
• Controller at every location
• Optimized for campus
deployment
• Aironet Access Points
• Centralized Controllers
• Catalyst Switches
• Identity Services Engine
• Mobility Services Engine
• Prime Infrastructure
• Data Center hosted Controller
• No Controller at remote sites
• Optimized for small branch
deployment
• Aironet Access Points
• Centralized Controllers
• Catalyst Switches
• Identity Services Engine
• Mobility Services Engine
• Prime Infrastructure
• Common LAN & WLAN OS
• LAN & WLAN feature
consistency
• Optimized for high performance
• Optimized for campus & branch
• Aironet Access Points
• Catalyst 3850 Switch
• Identity Services Engine
• Mobility Services Engine
• Prime Infrastructure
• Common LAN & WLAN OS
• LAN & WLAN feature
consistency
• No Controllers
• Optimized for distributed
enterprise
• MR Access Points
• MS Switches
• MX Security
• Dashboard
WAN
Dashboard
WAN Internet
68.
69. Complete Your Paper
“Session Evaluation”
Give us your feedback and you could win
1 of 2 fabulous prizes in a random draw.
Complete and return your paper
evaluation form to the room attendant
as you leave this session.
Winners will be announced today.
You must be present to win!
..visit them at BOOTH# 100