Weitere ähnliche Inhalte Ähnlich wie Managing an Enterprise WLAN with Cisco Prime NCS & WCS (20) Mehr von Cisco Mobility (10) Kürzlich hochgeladen (20) Managing an Enterprise WLAN with Cisco Prime NCS & WCS2. Session Agenda
§ The Role of WCS/NCS in the Network
§ Introducing Cisco Prime Network Control System
§ Planning and Deploying a Wireless Network
§ Monitoring
§ Tools and Troubleshooting
§ Reporting
§ Advanced Topics
§ WCS to NCS Migration
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
3. Session Objective
§ Original session objective: The objective of this
session is to show WCS s role in the network and
its lifecycle, and to demonstrate WCS features and
how they can be used to perform practical tasks;
the session also provides suggestions and best
practices on topics where appropriate
§ Modified session objective: Since Cisco Prime
Network Control System (NCS) has been
announced, this session will cover WCS and
introduce NCS in the context of WCS in terms of
common areas and key differences.
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
4. The Role of WCS/NCS in the Network
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
6. What is Network Control System (NCS)?
§ Single platform for consolidated view of wired and
wireless access infrastructure and endpoints
§ Built on the foundation of Cisco WCS, provides
complete lifecycle management of wired and
wireless access networks
§ Provides monitoring of endpoint security policy
integration with Cisco Identity Services Engine
(ISE)
§ All existing functionality in WCS is also supported in
NCS
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
7. NCS – Key Enhancements
Increased Scale 15,000 lightweight AP’s
5,000 aIOS AP’s
5,000 switches
Unified Access and Manage access layer of network – wireless and wired
Services Wireless NetOps
Management Wired NetOps
SecOps
Enhanced UI “drag and drop” customization, advanced filters (list
pages), improved page navigation
Comprehensive Integrated user/device monitoring and troubleshooting
Identity M&T with Cisco Identity Services Engine (ISE)
Reporting Increased reporting scale, optimization
Enhancements
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
8. NCS – Increased Device Scale
Device WCS Devices NCS Devices
Supported Supported
Cisco 3,000 15,000
Lightweight
Access Points
Cisco 1,250 5,000
Autonomous
Access Points
Cisco Switches 0 5,000
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
9. Appliance Delivery Models
Physical Appliance Virtual Appliance
Application & Components Application & Components Cisco
Cisco Provided
Provided
OS OS
Customer
Cisco-branded Hardware Provided
(1RU)
Virtual Infrastructure
Discontinuation of software binaries
- Replaced by new Complete Appliance Model
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
10. Appliance-Based Solution
Physical Appliance Virtual Appliance
Hardware and software VMware image (OS + NCS)
from Cisco Supported on:
(OS and NCS pre-installed) • VMware ESX/ESXi version 3.5
• VMware ESX/ESXi version 4.1
15,000 lightweight AP’s Large: 15K/1.2K/5K/5K
1,200 WLC’s Medium: 7.5K/600/2.5K/2.5K
5,000 aIOS AP’s Small: 3.5K/240/1K/1K
5,000 switches
Cisco hardware appliance High-end: 8x2.93GHz CPU/1GB
• Not supported on WLSE DRAM/300GB HD
hardware Standard: 4x2.93 GHz/12 GB/200 GB
Low-end: 2x2.93 GHz/8 GB/150 GB
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
12. Planning and Deployment
§ Using Planning Tool
§ Setting up Network Elements via WCS/NCS
Controller Configuration Groups
Configuration Template LaunchPad
Controller Auto-Provisioning
Configuration Auditing Methods
§ Provisioning Maps and Context-Aware Service
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
13. Planning—Overview
Launching the Planning and Editing Tools
§ Create a new Campus/Building
§ Create a floor you want to plan for (import floor plan)
§ Pick Planning Mode or Map Editor from the drop-down menu
Planning Mode—High-Level Options
§ Add AP: Allows adding new Access Points to the Map
§ Delete AP: Remove existing Access Points from the Map
§ Map Editor: Edit the floor plan to draw objects such as light/thick walls, light/
heavy doors, cubicles, glass, coverage areas, perimeters, markers, etc.
§ Synchronize with Deployment: Pull in currently deployed and placed Access
Points on the floor to tweak existing deployment
§ Generate Proposal: Generates a document that maybe provided to a 3rd
party deployment company; additionally, also provides various heat maps
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
14. Planning Tool—Map Editor
§ Accounts for objects and obstacles
on a floor
For a precise RF propagation model
display (predictive heat maps)
Attenuation characteristics for objects
and obstacles help predictive engine
§ Helps specify areas and regions
such as:
Coverage Area and Markers—used for
location notifications
Perimeter—defines the outer boundary
Location Inclusion and Exclusion Regions — used for location events and
notifications
§ Objects and obstacles that may
be specified:
Walls (Light and Heavy)—2dB and 13dB
Cubicle (Walls)—1dB
Doors (Light and Heavy)—4dB and 15dB
Glass (doors, windows, walls)—1.5dB
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
15. Planning Tool—Options
Specify AP Prefix and AP Placement
method (automatic vs. manual)
Selecting AP type determines the
antenna choices available for both the
2.4GHz and 5GHz band
Select the protocol (band) and
minimum desired throughput per band
Enable planning mode for advance that s required for this plan
options for data, voice, location and
others
Data and Voice provide safety
margins for design help. Safety
margins help design for certain RSSI
Location with monitor-mode factors in
thresholds (detailed in online help).
AP(s) that could be deployed to
augment location accuracy
Location typically requires a denser
deployment than data and the location
Both the Demand and Override… checkbox helps plan for the advertised
options allow for planning for any location accuracy
special cases where there s a high-
density of client presence such
conference rooms or lecture halls
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
16. Planning Tool—Customize Plan
Default suggestions after running
the planning tool present AP
deployment choices and ability to
switch between data and signal
strength heatmap
Clicking an AP in
the plan allows
customization
(added, deleted or
simply modify
properties) before
a proposal may
be generated
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
17. Planning Tool—Proposal
Proposal Contents:
§ Floor Plan Details
§ Disclaimer/Scope/Assumptions
§ Proposed AP Placement
§ Coverage and Data Rate Heatmap
§ Coverage Analysis
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
18. Configuration — Config-Groups Overview
What Are Config-Groups?
§ An easy way to group controllers logically
§ Provides a way to manage controllers with similar configurations
Extract templates from existing controller to provision
Schedule configuration sets
Cascade Reboot
§ Manage Mobility Groups, DCA, and Configuration Auditing
When Are Config-Groups Used?
§ Group sites together for easier management for:
Mobility Groups
DCA and Regulatory Domain Settings
Schedule remote configuration changes
§ Groups sites to ensure compliance with configuration policies
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
19. Configuration-Groups How-To: Setup
• Select and add later: Only create
the config group and then add
controllers and templates at
another time
• Copy Templates from
controller: Copy templates from
one of the controllers currently in
WCS and then apply them to
controllers in this config group.
Note, if controllers’ templates are
not already discovered, they can be
discovered from the “Configure –
Controllers” page
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
20. Configuration-Groups How-To: Setup
§ Adding Controllers: Controllers in WCS are
presented and can be moved over to the newly
config group
§ Applying Templates: Discovered or already
present template(s) can then be applied to controller
§ Auditing: Ensure template-based audit is selected
in audit settings and then audit controllers in group
to ensure they comply with policies
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
21. Configuration-Groups: Things to Remember
§ Template order is very important!
§ Background audit is performed during network
and controller audit
§ Background audit and audit enforcement can
only run when template-based audit is selected
(under Administration—Settings)
§ WLC(s) may be part of multiple configuration
groups so be careful while setting mobility
group names
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
22. Configuration—Templates Overview
What Are Configuration Templates?
§ Sets of configurations that may be applied to devices at system/global level
§ May be re-used to modify already applied configurations
§ May be used to replicate configuration to other devices added subsequently
§ May be to used to schedule configuration changes
§ May be to used to audit against
Types of Templates
§ Controller templates
§ Lightweight AP templates
§ Autonomous AP migration templates
§ Controller and Autonomous Command-Line templates
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
23. Controller Template LaunchPad
All-in-one, high-level view of
template categories in WCS which
may be expanded or collapsed for
easier navigation and viewing
Tree-based hierarchy continues to
exist as left-hand navigation
Each template provides a callout
icon which, on mouse-over,
provides easy to understand
description of what the template is
and how it may be used to
configure certain attribute(s).
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
24. Templates: Things to Remember—1
§ Templates are added to WCS database when a WLC
is first added to WCS
§ Template names can be changed to more meaningful names
after discovery
§ Additional configuration changes on the WLC may be pulled
in to WCS via the Discover templates from controller
option
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
25. Templates: Things to Remember—2
§ Upon configuration refresh from WCS, template
associations may be deleted or maintained
§ Use the Templates Applied to Controller option to see
a mapping of existing templates (pushed from WCS)
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
26. Templates: Things to Remember—3
§ WLAN override feature was re-designed and merged under AP
Groups—WCS does provide backward compatibility so newer
releases (5.2 and above) provision this differently
§ WCS supports template creation for WLC s dynamic interfaces
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
27. Configuration—Auditing
§ Easy way to identify
configuration gaps between
WCS and WLC
Manual on-demand audit capability
Automatic audits based on
configuration sync background
task
§ Allows easy reconciliation
in the event of a
configuration mismatch
§ Helps ensure WLCs comply
with configuration policies
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
28. Quick Audit Summary and Reconciliation
Audit Summary
Restore or Maintain Config
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
29. Audit Settings
Audit Settings
§ Audit Mode
Basic Audit: Perform an audit on current WLC configuration and compare
it with the configuration in WCS
Template-Based Audit: Perform an audit on current WLC configuration
with respect to applied templates, config groups background templates
and then the configuration in WCS
§ Audit On
All Parameters: Audit on entire WLC configuration
Selected Parameters: Audit on selected parameters from the templates
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
30. Configuration—Auto-Provisioning
What Is Auto-Provisioning?
§ Ability to automatically detect and configure new WLCs (locally or at
remote sites)
§ Allows detection based on multiple criterion: Hostname, MAC
Address or Serial number (.cfg file on TFTP server)
§ Adds WLC to WCS for further configuration after provisioning
When Would You Use It?
§ Large distributed deployments
§ Limited IT resources
§ Streamline operations and eliminate configuration mismatches
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
31. Controller Auto-Provisioning
§ Monitor Only: Controllers matched by this filter
will not be configurable by WCS in the auto
provision process
§ Filter Mode: Choose from hostname, MAC Address
or Serial number to match the WLC
§ Config Group Name: Add the auto-provisioned
WLC(s) to their own config group for
easier management since these might share
common policies
§ Input Device: Select from single or multiple devices
to provision. Selecting CSV option provides a link to
download a sample file to understand the syntax.
§ Device Configuration: Other device parameters
that can be configured at this stage.
After hitting “Submit”, the filter is saved with one entry
for the “member” you just added. At this point, you may
add other members (WLCs) to this filter as well. This
filter also creates a WLC config file in WCS’s TFTP
directory. Ensure your DHCP server’s option 150
points to WCS Server
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
32. Scheduled Image Download to Controller
• Provides option to schedule software
download (FTP/TFTP) to controllers.
• Task can be saved for future scheduling.
• Reboot can be scheduled at a future
date/time.
• Email notification can be sent after
completion of download.
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
33. Scheduling AP Pre-Image Download
• Provides option to schedule image
download to AP.
• Reboot can be scheduled at a future date/
time.
• Email notification can be sent after
completion of download.
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
34. Configuration—Maps
Why Maps?
§ Track wireless clients and tags, and play location history across campus
§ Track and mitigate rogue devices
§ Display Chokepoints
§ Display Mesh AP relationships
§ Integrate outdoor wireless mesh with Google Earth
§ Represent wireless coverage on campus, and plan for growth
§ View Channel and Tx Power plans provisioned by RRM
§ View AP and RF Profile at the floor level
§ Provision and display coverage areas, markers and other objects and use
them with location notifications
§ Post-Deployment: VoWLAN and Location Readiness tools
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
35. Maps Layout
Default View of Campus, Buildings,
and Floors can be easily changed with
the Quick Filters
Hierarchical Layout Adding Campus or Buildings are made easy
for easy navigation with the drop-down menu actions through an
easy wizard that walks you through
provisioning floor plans and APs
Building view provides a quick glance
in to floors status and alarm summary
for easier troubleshooting
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
36. Maps Layout—Floor View
Display and locate interference sources
and zone of interference
Commonly used map
actions are ever-present
in icon format
Quickly Add/Remove Layers that may be
placed on the floor plan and heat maps
Mouse-over on objects on the
map provides quick object
summaries
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
37. Maps Layout—Floor View
Commonly used map
actions are ever-present
in icon format
Quickly Add/Remove Layers that may be
placed on the floor plan and heat maps
Display and locate
interference
sources and zone
of interference
Mouse-over on objects on the
map provides quick object
summaries
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
38. WCS Map Export/Import
• Provides ability to export maps from one
WCS to target WCS.
• Can select all maps or subset.
• Export/import of map includes both map and
AP’s placed on MAP.
• Exported via tar gzipped XML file.
• Import process ungzips/untars XML file
automatically.
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
40. Real-Time Heatmaps
NCS provides:
§ AP-to-AP RSSI measurements reflected
in heat maps
§ Option to switch between real-time (new)
and predictive (legacy) heat maps
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
41. Real-Time Heat Maps
Real-time heatmap
(NCS)
Predictive heatmap
(WCS)
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
42. Real-Time Heat Maps + Rx Neighbors
Provides list of neighboring AP’s and
RSSI value that they “hear” the
selected AP
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
43. Advantages of Real-Time Heat Maps
§ Provides graphical view of RSSI based on
set of nearest AP’s vs. AP transmit power
(predictive heat map)
§ Configurable options:
§ Min. number of APs
§ Recomputation interval
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
45. Section Agenda: Monitoring
§ General Monitoring
Dashboard Concepts
§ Client-Related Monitoring
Client Details and Client List Pages
Client Dashboard
§ Using Search
§ NCS: Monitoring Autonomous APs
§ NCS: Monitoring Switches
§ Alarms and Events
Setting up Alarm Summary
Differentiation Between Alarms and Events
Severity and Layout Customization
Setting Up Notifications and Help Desk-Like Usage
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
46. Monitoring—WCS Dashboard Concepts
§ Canned tabs of high-level system views
§ Ability to add/remove tabs
§ Ability to add/remove components within tabs
§ Customize individual components
§ Introduction of trending information at system level
§ Quick drill-downs
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
48. Customizing and Historical Trending
Custom Tab
Custom
Components
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
49. Information Layout and Workflow Concepts
§ WCS presents many intuitive ways to arrive at information
§ Ability to drill-down to an individual client-level detail
from dashboard
§ Ability to drill-down with the help of Quick Filters
§ Ability to sort on different attributes in client list pages
§ Ability to perform and save intelligent searches
§ Ability to customize list layout, items per page and content
§ Perform advance context-sensitive actions (such as launching a
report from AP page) from page drop-downs
§ Consistent breadcrumbs for navigational assistance
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
51. Quick Filters, Custom List Layout
Use Quick Filters or Column Sorting to
arrange information relevant to the task
Edit List Pages for content relevant to you
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
53. NCS Homepage
“drag and drop”
dashboard
customization
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
54. Dashlet Customization
Data customization
per dashlet
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
55. Using Search
Global Search Capability
§ Searches can be performed on
partial input
§ Search output provides
configuration and monitor links
based on device type found
§ Search parameters include IP
Address, Usernames, MAC
Addresses, SSIDs ,Rogues and
AP Names
Advanced searches can be saved
for easy future reference and use
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
56. Monitoring—Client-Related Workflow
Common Steps in a Troubleshooting Scenario:
§ Lookup a client: MAC Address, Username, IP Address, Client
type, Client state, From AP Details Page (example below)
§ Where is the client now (and how is their RF profile)
§ Where has this client been (Location playback, session and
AP history)
§ Active troubleshooting
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
57. Monitoring: Client Details—1
Basic Client Properties—can be
expanded for further details
Client Association, Session
History and Roam Reason
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
58. Monitoring: Client Details—2
Client AP Association History
Client Statistics
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
60. Client Status: Wireless
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
61. Monitoring: Wired Clients
General client Session details Security details
information
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
62. Wired Client Details
Provides connectivity details for wired client including switch/port
info, authorization details
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
63. Client Status: Wired
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
64. Track Clients
Create policy for
tracking one or more
clients detected on
the network
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
65. Unknown Users
Assign username
to client on
network not
authenticated via
ISE.
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
67. Managing Autonomous Access Points
NCS 1.0 will provide:
§ Autonomous AP monitoring
§ Autonomous AP reports
§ Client Visibility
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
68. Autonomous AP Reports
Provides visibility into operation of aIOS AP’s
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
73. Monitoring—Alarms and Events
What Are Events?
§ An occurrence of a condition (or change in condition) in the network
managed by WCS
§ Not necessarily generated for every condition but could be a result
of a pattern or threshold match by the WLC
§ Events may not be useful in their raw form (unless troubleshooting,
for example) and usually need further processing
What Are Alarms?
§ Correlated events result in alarms (WCS allows looking up event history for
alarms)
§ Both Alarms and Events are categorized by severities
Critical
Major
Minor
Warning
Informational
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
74. Alarm System and Logic Simplified
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
75. Alarms Layout and Search
Expandable Widget
persistent across WCS Granular Alarm searches can
be performed via the
Advance Search feature,
and saved for future re-use
Alarms Sorted by Categories
and Severities are
hyperlinked to quickly
drill-down
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
76. Alarms
Ac>ons
and
Customiza>ons
Quick
access
to
Alarm
Ac>ons
Alarm
message
details
Customizable
Layout
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
77. Working with an Alarm
Manage Alarms
Manage Security
Historical Data.
Note First Seen
and Last Seen
Trace Alarm Source
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
79. Alarms—Things to Remember
§ It s common to ignore email configuration in WCS
§ WCS sends email notifications for Major events only!
§ Acknowledged alarms suppress email notifications even
if the severity changes
§ Help! My alarms seem to have disappeared!
Alarms that get cleared move in to the Cleared state so be sure to check
cleared alarms (or look under event history)
§ Clearing an alarm does not remove it from WCS database
(deleting it does)
§ Alarm severities can be customized from Administration—
Settings—Alarms
§ Alarm acknowledgement works on individual alarm instance
(and not on category or condition)
§ Even if traps are disabled on WLC, WCS could generate alarms from the
regular polling it performs
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
82. Client Troubleshooting Tool
§ An easy way to identify client-related issues from within WCS, without the need
for extensive WLC debugs
Look at the client s current state (and at what stage of the connection they might be
having issues at)
Allows for real-time troubleshooting and log retrieval from the WLC
Allows for looking up historical, and relevant client and AP events
Allows integration with ACS View Server for authentication log retrieval
§ But, first things first—common problems:
Watch out for misconfigured clients (common areas are WLAN profile settings,
authentication and encryption settings, and any advanced extensions that might not be
required
Ensure WLC settings match the provisioned client profiles (security, SSID broadcast,
WLAN override, etc.)
Ensure data rate settings on the WLC (Mandatory, Supported and Disabled rates)
Look for client exclusion settings (easy way to find excluded clients is via the quick
filter in Monitor—Clients page
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 82
83. Client Troubleshooting—Launch Points
Multiple Launch points
to initiate client
troubleshooting tool
allows for diverse
workflow integration
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
84. Client Troubleshooting—Examples
Identify whether the problem
occurs at 802.11 or higher layers
Suggestions on where to look
and how to potentially resolve
the error condition(s)
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
85. Client Troubleshooting—Examples
Provides visibility into logs, event
history, and related CleanAir
information
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
86. NCS: Wired Client Troubleshooting
Client connectivity
status/issues
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
87. APs Detecting a Specific Client
Client MAC
address
List of APs that
heard client probe
requests, 802.11
band, RSSI, how
long ago AP heard
this client
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
89. NCS and ISE Integration
§ NCS leverages ISE API for posture
assessment and report generation
§ Ability to drill-down to an individual client-
level security details
§ Ability to troubleshoot client connectivity
issues
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 89
90. NCS + ISE: Client Posture and Profiling
ISE determines client to Client authenticated
be Microsoft using 802.1x via ISE
Workstation based on
device fingerprinting
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
93. Voice Audit Tool
§ Allows auditing current network configuration from a
VoWLAN deployment perspective
§ Use default rules and thresholds based on Cisco best
practices
§ Ability to customize the rules to match your network and
requirements
§ Provides a simple report with a list of configuration gaps
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
94. Voice Audit—Example
Customizable Rules
Voice Audit Tool
Report
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
95. Voice Readiness Tool—Example
Simple, post-deployment tool to
verify or correct AP deployment and
provides a way to determine
VoWLAN readiness by band, and
RSSI cutoff values
BRKAGG-2011 Presentation_ID Cisco Systems, Inc. All rights reserved. its affiliates. All Public reserved.
© 2009 © 2011 Cisco and/or Cisco rights Cisco Public 95
96. Location Accuracy Tool—Example
Determine Accuracy Probability,
Correct Deployment
Test with Clients, Tags,
Exciters
Schedule Accuracy Tests
BRKAGG-2011 Presentation_ID Cisco Systems, Inc. All rights reserved. its affiliates. All Public reserved.
© 2009 © 2011 Cisco and/or Cisco rights Cisco Public 96
97. Location Readiness—Example
Simple, post-deployment tool to
verify or correct AP deployment and
provides information on what areas
are under the Cisco recommended
estimates
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 97
98. Sending Network Details to TAC
Input TAC case number directly into
WCS for sending captured files
Select network and device info to
attach to TAC case
Option to send directly to TAC or
download file
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
99. Device Data Collection
Execute controller CLI
commands and easily
capture command output
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 99
101. Section Agenda: Reporting
§ Report LaunchPad
§ Report Customizations
Multi-Level Filtering
Customizing Report Output
Multi-Level Sorting in Report Output
§ Report Scheduling
§ NCS + ISE Reporting
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
102. Report LaunchPad
Report LaunchPad – Easy
Drill-Down
Callouts – Report Descriptions
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 102
103. Report Customization
Multi-Level
Filters
Customized Reports
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 103
104. Graphical Report Content
Graphical
Reporting
Graphical Summaries
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 104
105. Client Summary Report - Endpoint Type
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
106. NCS + ISE: Report Cross-Launch
New set of reports
launched from NCS
cross-launches reports
in ISE.
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
107. NCS + ISE: Report Cross-Launch
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 107
109. High-Availability—Components and Operation
§ At the heart of the high-availability design is the Health
Monitor (HM) Process
Other components in WCS are JVM (WCS), Database, and Apache webserver
§ HM is sub-divided into smaller components:
Core HM: Configures, maintains state and starts/stops the HA configuration across
WCS servers
Heartbeat: Responsible for maintaining communication between the primary and
secondary servers (over HTTPS, port 8082); timeout is set to two seconds, with
three retries
Application Monitor: Communicates with the WCS framework components
on the primary server
DB Monitor: Configures database replication
File Sync: Identifies file changes, compression, and statistics maintenance
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 109
110. High-Availability—Things to Know
§ Both the primary and failover WCS servers should run the same software
version
§ Both the primary and failover WCS servers should be running
on the same OS type (can t mix Windows and Linux installs)
§ Email server and receiver must be configured (used for notifications)
§ Communication between the primary and failover WCS must be enabled on HM
port if firewall is in the path
§ Failover mode must be carefully selected (and remembered): manual vs.
automatic
§ Authentication key is created during the install, and is used by
the primary and failover WCS servers for communication (and
also logging into the HMweb page)
§ HM available at: https://ip.address:HMport (example: https://10.10.10.200:8082)
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 110
111. WCS High-Availability—Things to Know
§ Available in release 5.2 and above
§ Requires the WCS PLUS license (only on the primary server)
§ Feature supports failover of up to two primary WCS servers to one
backup server
Primary Secondary
1 Low-end WCS 1 Low or higher-end WCS
1 Standard WCS 1 Standard or higher WCS
1 High-end WCS 1 High-end WCS
§ Suggested deployment matrix in a 2:1 model
Primary Secondary
2 Low-end WCS 1 Standard or higher WCS
2 Standard WCS 1 Standard or higher WCS
2 Standard WCS 1 High-end WCS
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 111
112. NCS High-Availability—Things to Know
§ No longer BASE and PLUS license
(now single-tier license), so HA is
available at no extra charge
§ Feature supports failover of one
primary NCS servers to one backup
server
§ Functionally the same as WCS HA
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
113. Virtual Domains
What They Are (or do) What They’re Not (or don’t do)
Quick way to partition WCS objects Not necessarily a complete replacement
for RBAC (for example, via TACACS+)
Allows users to be mapped to separate If none specified, users are added to the
virtual domains at the time of creation “root” virtual domain by default
Separate Reports, Controllers, Access Don’t separate Google Earth Maps, Auto-
Points, Search, Templates, Config Provisioning, MSEs, and Ethernet
Groups, Alarms and other objects Switches
Objects may be assigned to multiple Avoid changing configurations from
domains at the same time multiple domains management simple
“root” domain is a superset of all sub- Not all objects are available at the “root”
domains level – objects such as Search and
Reports are domain specific
Only the “root” domain may location, and For more caveats, visit:
any other email notifications http://www.cisco.com/en/US/docs/
wireless/wcs/5.2/configuration/guide/
5_2virtual.html
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 113
115. Why Upgrade from WCS to NCS?
§ Increased scale (total device count: 25K)
§ Wired/wireless integrated management:
manage access layer
§ 64-bit architecture: increased memory
footprint
§ Appliance mode: no need for customer for
procure server (HW, OS + patches)
§ Tight integration with Cisco ISE: device
posture enforcement, AAA
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 115
116. Cisco WCS to Cisco Prime NCS Migration
Cisco WCS 7.0.X Cisco Prime NCS
Multi-tier License Model Licenses
Single-tier License Model
WCS Base License
(Examples: WCS-APBASE-X or
WCS-WLSE-APB-X)
Prime NCS License
(Example: L-NCS-1.0-X)
WCS Plus License
(Examples: WCS-Plus-X or WCS-
WLSE-Plus-X)
Database Migration
Must be on
WCS 1:1 Upgrade
7.0.164.0 or
7.0.164.3
WCS 7.X is the last release running on CiscoWorks Wireless LAN Solution Engine (WLSE)
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 116
117. Greenfield Deployment: Why WCS?
§ Wired/wireless integrated management: manage
access layer (infrastructure and endpoints)
§ Appliance model (physical and virtual/VM): no
need to procure server (HW, OS + patches)
§ High device scale: up to 25K infrastructure
devices
§ State of the art UI
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 117
118. Key Takeaways
§ Wired/wireless access – infrastructure and
endpoints – need to be managed together
§ WCS and NCS provide full lifecycle
management
§ NCS builds on the features/functionality of WCS
and adds wired management
§ Easy migration from WCS to NCS – both
platform and learning curve
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 118
119. Helpful Links
§ Cisco Prime Network Control System (NCS) Datasheet
http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps11682/ps11686/ps11688/
data_sheet_c78-650051.html
§ NCS Learning Modules
http://www.cisco.com/en/US/products/ps11686/
tsd_products_support_online_learning_modules_list.html
§ TACACS+ Configuration Example
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080851f7c.shtml
Presentation_ID © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 119