1 © 2002, Cisco Systems, Inc. All rights reserved. Cisco Mobile Office Channel SE Hotel Venue Cisco...

1© 2002, Cisco Systems, Inc. All rights reserved.

Cisco Mobile Office Channel SE Hotel Venue

Cisco Mobile Office—On the Road

Making Your Hotel Public Spaces More Valuable to Mobile Professionals



Agenda

• Introducing Cisco Mobile Office—On the Road

• Mobility trends

• Cisco Mobile Office—On the Road program

• Wireless update

• Enabling technologies and standards

• Products

• Design requirements

• Implementation

• Migration

• Why Cisco



Introducing Cisco Mobile Office—On the Road

• Cisco Mobile Office—On the Road offers the opportunity for you to:

Provide differentiated guest services to increase room occupancy

Provide a platform to deploy new applications

Create new sources of revenue

Leverage your property investment and achieve operational benefits

• How:

Provide high-speed network access to guest rooms, meeting spaces, and other public spaces

• In addition, operational benefits can help make the project a success

Provide high-speed network access to the “back of the house”



Cisco Mobile Office — On the Road High-Speed Network Access for Hotel Guests

• Internet and corporate VPN access

• Converged hotel services

Video on demand

Guest services

Interactive gaming

IP telephony

Networked mini-bar

• Meeting Rooms

Training, video conferencing

• Hotel portal/ad insertion



Cisco Mobile Office — On the RoadHigh-Speed Network Access in the Back Office

• Environmental control

• Web-based staff training

• Roving check in/out

• Mobile staff communications

• Supply chain management



Requirements for Mobile Professionals

• Secure

• Fast

• Available

• Access to business applications

• Video and voice integrated with data

• Convenient access and accounting



Mobility RequirementMobility Requirement Cisco Addresses the RequirementCisco Addresses the Requirement

Secure connectionsSecure connections

Cisco Addresses the Requirements for Mobility

• VPN security• Firewall• VLANs• 802.1x• EAP/LEAP

• VPN security• Firewall• VLANs• 802.1x• EAP/LEAP

Fast, instant access to Internet/intranetFast, instant access to Internet/intranet

• Standards-based, reliable broadband infrastructure

• Standards-based, reliable broadband infrastructure

Available any time, anywhere, to any deviceAvailable any time, anywhere, to any device

• Wired and wireless access solutions• Wired and wireless access solutions

Easy access to data, voice, and video applicationsEasy access to data, voice, and video applications

• AVVID• Content optimization• AVVID• Content optimization

Consistent user experience Consistent user experience • Virtual networking• IP domain management• Mobile IP

• Virtual networking• IP domain management• Mobile IP




Cisco Mobile Office—On the Road Partner Community

Enterprise

Development Partners

Venue Partners

Other Partners

HotelsHotels

Train Stations

Train Stations

Airports/Airlines

Airports/Airlines

Visitor-Based Networks

Visitor-Based Networks

ConventionCenters

ConventionCenters

CPN ServiceProviders

Resellers SettlementProviders

PC OEMs PC OEMs

ASPsASPs

ContentProvidersContent

Providers

Provide services to venues

Provide hardware and applications

Create Demand for Access and Brand

© 2002, Cisco Systems, Inc. All rights reserved.

Integrators



Wireless ISP Roaming (WISPr) Forum

• Wireless Ethernet Compatibility Alliance (WECA)

• Global industry-wide representation

Hardware manufacturers (Cisco, Agere, Toshiba, Funk, Intel, Nokia, Nomadix)

Software vendors (Microsoft, Woodside Networks)

Settlement providers (iPass, GRiC, TSI, Excilan, Fiberlink)

WISPs (Wayport, Airwave, HereUare)

Operators (Sprint PCS)



Objectives of WISPr

• Define Wireless ISP roaming best practices:

Billing and roaming

Consistent end-user experience

Third-party billing settlement

Network-wide security

• Initiate creation of standards for roaming through groups such as IEEE, ETSI or the IETF



Enabling Technologies and Standards

WLAN SecurityWLAN Security

Wireless LAN (WLAN)Wireless LAN (WLAN) 802.11

Wi Fi

802.11

Wi Fi

802.1x

Extensible Application Protocol(EAP)

Light Extensible Application Protocol (LEAP)

3DES encryption

IPsec

AAA RADIUS

802.1x

Extensible Application Protocol(EAP)

Light Extensible Application Protocol (LEAP)

3DES encryption

IPsec

AAA RADIUS



Standards Wireless Security—802.1X

• IEEE draft standard

• Overcomes limitations of 802.11 security

• Leverages existing standards

Extensible Authentication Protocol (EAP)

RADIUS

• Available authentication types

Light Extensible Authentication Protocol (LEAP)

EAP-TLS

client

AP

RADIUSserver

EAP

RADIUS

userdatabase

1

2

3

1

2

3

4 4

Mutual authentication

Dynamic, session-based encryption keys

Centralized user administration

Extensible authentication support



Light Extensible Authentication Protocol (LEAP)

Start

challenge

response

broadcast key

username

challenge

response

AP sends client broadcast key, encrypted with session key

AP blocks all requests until LEAP completes

username

RADIUS server authenticates client

Request identity

success success

challenge challenge

response response, key

Client authenticates RADIUSserver

key length

clientAP

RADIUS server

keykey



How LEAP Challenges and Responses Work

challenge

Create

password from

database

one-wayhash

password hash

LEAP algorithmresponse A

challenge

challenge

Using password from database, generate response to own challenge



How LEAP Challenges and Responses Work

user-supplied

password

one-wayhash

password hash

response B

response B

If response A = response B, then authenticate user

Why?

challenge

challenge

LEAP algorithm

response A

Using user-supplied password, generate response to challenge



Comparing Responses

password from

database

one-wayhash

password hash

LEAP algorith

mresponse A

challenge

user-supplied

password

one-wayhash

password hash response B

challenge

LEAP algorith

m

If response A = response B, then user-supplied password = password from database



Deriving the Session Key

hash (hash (password))

client challenge to RADIUS RADIUS challenge to client

RADIUS response to client client response to RADIUS

MD5

128-bit key



Deploying LEAP

Clients

• Cisco Aironet ® adapters

Turn on LEAP in ACU

Windows: Use Windows Networking logon

Others: Use ACU window

• Others: No support for LEAP

Use static WEP

On Windows XP, use EAP-TLS

One AP can support LEAP, EAP-TLS, and static WEP

RADIUS servers

• Cisco Secure ACS

Supports LEAP

Needs access to an NT-formatted database or ODBC connection to NT Domain Controller or Active Directory

With LEAP proxy in V3.0, can interact with database manager that supports MS-CHAP*

• Others:

Funk Software

Interlink Networks

Open Systems Consultants

* LDAP and NDS do not support MS-CHAP



Setting Up ACS

• ACS can handle 40+ LEAP logons per second

• Connection from site to ACS must be reliable

• Access to backup ACS server is advisable

• ACS for LEAP Design Guide provides details



HotelHotel

LRE switch POTS

splitter

T1/E1

Meeting RoomsMeeting Rooms

Cisco Mobile Office—On the Road Mobility from Public Access Facilities

Hotel RoomsHotel Rooms

LRE CPE

In-line powered switch

InternetWireless

Access Point

Router/Firewall

Wiring ClosetWiring Closet

Coffee Shop

Coffee Shop

AirportAirport

EnterpriseEnterprise

PBX

BBSM

Third-party broadband

roaming/settlement/

billing service



HotelHotel

Cisco LRE 48 POTS

Splitter

T1/E1

Meeting RoomsMeeting Rooms

Cisco Mobile Office—On the Road Mobility from Public Access Facilities

Hotel RoomsHotel Rooms

PBXCisco 575 LRE CPE

BBSM

Internet

Wiring ClosetWiring Closet

Coffee Shop

Coffee Shop

AirportAirport

EnterpriseEnterprise

Catalyst ® 3524-PWR XL In-line powered switch

Cisco 2600 Series router and firewall

Cisco Aironet ® 1200 wireless access points

Third-party broadband

roaming/settlement/

billing service

Catalyst 2900 Series LRE switch



Network Options for Any Public Space

10/100/1000 high-speed Ethernet switching for areas with Category 5 wiring

10/100/1000 high-speed Ethernet switching for areas with Category 5 wiring

Wireless LANs for concourses, airline lounges, concession, ticket counter, and baggage claim areas

Wireless LANs for concourses, airline lounges, concession, ticket counter, and baggage claim areas

Long-reach Ethernet for areas with category 1/2/3 wiring and/or long runs

Long-reach Ethernet for areas with category 1/2/3 wiring and/or long runs

Cisco Building Broadband Services Manager (BBSM)Cisco Building Broadband Services Manager (BBSM)

Routers for enterprise-class multi-service solutions and managed services

Routers for enterprise-class multi-service solutions and managed services

Service Selection Gateway (SSG) – menu-based service selection and billing for individual services

Service Selection Gateway (SSG) – menu-based service selection and billing for individual services




Cisco Aironet ® Series Wireless LAN Access

• Access points

10/100 Ethernet

Can be used as a repeater

Minimum setup

Maximum flexibility

Internal testing for RF link

• Client adapters

PC

LM

PCI

• Wireless bridges

8 MAC addresses

New!

Cisco Aironet 1200 Series Access Point



Cisco Long-Reach Ethernet (LRE)

• Cisco Catalyst ® 2900 Long-Reach Ethernet LRE XL switch

Up to 15-Mbps symmetric Ethernet

Management

QoS, scalability, security

Supports POTS

Supports Cisco switch clustering

• Cisco Long-Reach Ethernet LRE 48 POTS Splitter

LRE and POTS on the same telephone line

• Cisco 575 Long-Reach Ethernet LRE Customer Premise Equipment CPE

Bridges LRE and Ethernet

Small footprint



Cisco Switches

Cisco Catalyst 2900 Series

Performance

Migration path to Gigabit in the LAN

LAN-edge QoS

Multicast management

Cluster management

High availability and security

Cisco Catalyst 3500 Series XL

Stackable

10/100 and Gigabit Ethernet

Mid-sized networks

Internet business applications



Cisco Routers

Cisco 3600 Series

For medium to large offices

Modular, multi-service

Data/voice/video integration

Cisco 2600 Series

For branch offices

Modular, multi-service

Data/voice/video integration

Cisco 7200 Series

For diverse VPN environments

IOS-based services

VPN Acceleration module

Service Selection Gateway (SSG)

Cisco 7100 Series

Integrated VPN solution

Routing and VPN services



Cisco Building Broadband Service Manager (BBSM)

• Software platform for subscriber session management

• MXU environment

• High-speed Internet access in building broadband networks

• BBSM provides

Subscriber session management

Integrated billing

Easy plug-and-play access

• Most widely deployed in-building service platform

• Compatible with broadband technologies

Ethernet

Long-reach Ethernet (LRE)

Digital subscriber line (DSL)

Cable

Wireless

Fiber



Cisco Content Transformation Engine CTE 1400

• Solutions for:Many device types — Connection management

Existing content not wireless-friendly — Presentation management

Connections are intermittent and many — Data management

• Leverage existing content

• Rapid deployment

• Fast, seamless installation

• Easy to use

• Line rate performance

• Scalability

• Low cost of ownership



Phase IIQ1CY02Phase IIQ1CY02

Phase III? Q3CY02

Phase III? Q3CY02

FeaturesFeatures

ProductsProducts Wireless LAN accessLong-reach Ethernet Plain old telephone service (POTS) Ethernet switchesRoutersService managementRADIUS serversVPN clientsFirewallsNetwork management

Wireless LAN accessLong-reach Ethernet Plain old telephone service (POTS) Ethernet switchesRoutersService managementRADIUS serversVPN clientsFirewallsNetwork management

Cisco Mobile Office—On the Road Product and Feature Roadmap

Phase I plus: Cisco CTE 1400Catalyst 5000Cisco IP Phone 7960 Cisco IP SoftPhone

Phase I plus: Cisco CTE 1400Catalyst 5000Cisco IP Phone 7960 Cisco IP SoftPhone

Phase II plus: Web collaboration softwareCisco Aironet AP upgrade

Phase II plus: Web collaboration softwareCisco Aironet AP upgrade

Phase IQ3CY01Phase IQ3CY01

End-to-end securityReliabilityScalabilityNetwork management

End-to-end securityReliabilityScalabilityNetwork management

Phase I plus:QoSVoIP support802.1 supportGSM/CDMS billing

Phase I plus:QoSVoIP support802.1 supportGSM/CDMS billing

Phase II plus:VLAN supportVisitor-based networkWISPr supportGSM/CDMS roaming

Phase II plus:VLAN supportVisitor-based networkWISPr supportGSM/CDMS roaming



Design Requirements

• Traffic requirements

• Security requirements

• Interference with other networks

• Additional traffic on existing infrastructure

• Regulatory requirements



Implementation

• Site survey — a vital component

Refer to BBSU Web site:

http://www.cisco.com/warp/customer/504/index.html

• Logical segregation/prioritization of traffic between public and private segments

• Maintenance, root access control implementation

• Set-up of walled garden, access rights, billing and authentication (relevant to the deployment)

• Evaluate in-house resources

• Consider leveraging an integration partner



Migration

• Effects on existing backbone connection – need to upgrade?

• Management framework for upgrades/servicing

• Dual-mode (802.11a/b) upgrade issues

• Appropriate framework for 802.1x

• Scalability requirements for future services



Mobility—Cisco Advantage

• End-to-end solution

From enterprise to venue

End-to-end security

• Demand generation

For venue partner

For service provider

• Market leadership

Cisco brand

World-class solution



On the RoadOn the Road

Get Started Now

Engage in the Cisco Mobile Office—On the Road program






Information for Systems Engineers

• The following material is not to be presented to the customer



Information for Systems Engineers—Agenda

• Why sell Cisco Mobile Office—On the Road?

• Technical qualifying questions

• Overcoming technical objections

• Tools to help you sell Cisco Mobile Office—On the Road



Why Sell Cisco Mobile Office—On the Road?

• Strong demand

• High-speed access in buildings and public spaces is becoming a competitive requirement

• New revenue opportunity

• First step toward multiple broadband application (and sales) opportunities

VoIP, video, and vertical market applications

• Cisco offers complete solutions



Technical Qualifying Questions

• Is there more than one wireless Internet service provider (WISP) delivering wireless services in the venue?

• What is your existing infrastructure?

Frame?

ATM?

Ethernet?

• Do you have shared media deployed?

• Is there a security policy in place?

• What relationships with technical partners exist, if any?

• Is there any wireless deployed?

If so, do you use SSID?

Or (name the alternative to SSID)?



Overcoming Technical Objections

• It’s not secure enough

• It may not be available all the time

• The quality of service may be unacceptable

• It could be hard to manage



Cisco Mobile Office—On the Road Tools for Successful Selling

• Web site www.cisco.com/go/mobileofficeWhite papers

Contacts

Presentations

Case studies

Partners

HotSpot Locator

• Resources for resellersCisco packaged services

Partner and reseller communications

Partner and Reseller Helpline

Sales Tools Central

Networking Products MarketPlace for Resellers

Cisco Resource Network for Resellers

Partner and reseller training

Date post:	23-Dec-2015
Category:	Documents
Upload:	sharon-gilmore
View:	220 times
Download:	0 times

1 © 2002, Cisco Systems, Inc. All rights reserved. Cisco Mobile Office Channel SE Hotel Venue Cisco...

Documents