Cisco Prime NCS: Converged User, Access and Policy Management

8/6/2019 Cisco Prime NCS: Converged User, Access and Policy Management

1/36

Unified Management for Borderless Networks

Cisco Prime Network Control System


2/36

2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

Many of the products and features described hereinremain in varying stages of development and will beoffered on a when-and-if-available basis. This

roadmap is subject to change at the sole discretion ofCisco, and Cisco will have no liability for delay in thedelivery or failure to deliver any of the products orfeatures set forth in this document.


3/36


Mobile devices created challengeswhen using focused tools

Understanding Cisco Prime Cisco Prime Network Control System

(NCS)

Addressing client access issues withCisco Prime NCS

Cisco Prime NCS v1.0 deep dive Comprehensive Wireless Lifecycle

Management

Scalability, Deployment Options andServices

Summary


4/36


IT Consumerization: Now a Reality

ORGANIZATION

TIME

Smartphone adoption isgrowing at 50%+ annually*

By 2015, tablets will constitute

50% of laptop sales**


5/36


IT Resources Stay The Same

Fixed User Wired access One user: One device Mobile User

Wireless access One user: Local devices

Borderless UserAnytime, Anywhere access One user: Many devices

Access Evolution Late 90sEarly 90s Today

Effectively support users

with box management

Need for policy & control

Need for operational

efficiency


6/36


For more informationvisit Cisco Prime

Websites


7/36 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7

Cisco Prime for EnterpriseProduct Features NCS1.0 LMS4.1 CM1.0 NAM5.1

Cisco Prime Features

Service-centric foundation Optimized operations experience Integrated Cisco best practices Complete lifecycle management Day-one device support Smart Interactions Physical and /or virtual appliance

Product Positioning Guidance

Converged wired/wireless user access monitoring andtroubleshooting

Complete wireless lifecycle management Complete wired lifecycle management Borderless Networks services: TrustSec, Medianet, EnergyWise Video session/TelePresence monitoring and troubleshooting Application and performance visibility

2

100% support

Partial support

1 1

1 Day-one support for selected products only2 Includes sub-set of Smart Interactions features3 In conjunction with Cisco Identity Services Engine (ISE)

3



Converged Access Management for Wired and Wireless Networks

Wireless | Wired | Security Policy | Network Services

Unified Management

Users Policy Operations

Improved Network Visibility Faster Troubleshooting Eliminate Configuration Errors



Wireless considered as an EQUAL

MEANS of ACCESS

Cost pressure requires a DO

MORE WITH LESS operational

model

Focused solutions will deliver

DIMINISHING RETURNS



0

50

100

150

200250

300

350

400

Client devices(Drivers,

connections,

authentication,or other issues)

RF Interferencefrom Wi-Fi and/

or non-Wi-Fi

sources

Unexpecteddemand forincreased

converage ofcapacity

Faulty wirelessnetwork designimplementation

Old or outdatedwireless

technology

Insufficient ITadminstrator

expertise

Other

NumberofCu

stomers

Major Issues Contributing to Wireless Network Problems

Contributors to Wireless Network Problems

A recent survey shows that

respondents view client devices

as the TOP contributor to wireless

network performance problems



WiredAccess

UNIQUE PERSPECTIVEExtends to USERS and ENDPOINTS

Integrated Wired & Wireless Monitoring and Troubleshooting

Any Network Any Location Any End-user Device

WirelessAccess

RemoteAccess



Consumes lots of time and resourcesManual correlation of dataInefficient operational model

Less time and resources neededSingle view of critical dataImproves IT efficiency

WiredExpert

WirelessExpert

SecurityExpert

NetworkGeneralist


14/36


Answer the who, what,when, where and how

access related questions


15/36


Multiple teams/tools to provideresolution:

Wireless NetOps WCS with MSE

Verify user credentials Confirm laptop associates to network Observe time laptop may connect Validate current locationWired NetOps LMS

Check port and connectivitySecurity Ops NAC and ACS View

Check laptop conforms to AUP Confirm access to VLAN for resource/application is

permitted

Troubleshooting Laptop Connectivity Issues Example

When?

Where?

What?

How?

Who?

? ?? ?

? WCS

LMS

NAC

MSE

WCS

Traditional Approach


16/36


When?

Where?

What?

How?

Who?

One platform with consolidated view

for immediate resolution:

Account verifiedConnectivity confirmedEndpoint complies with AUPPermitted time of day Impermissible location for laptop

Problem identified/Case closed

Troubleshooting Laptop Connectivity Issues Example

UnifiedManagement

Cisco Prime NCS Approach


17/36

2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17Cisco Confidential 2010 Cisco and/or its affiliates. All rights reserved. 17


18/36


Information architecture: Seamless navigation andworkflows align to tasks

Modern interaction behavior: Maintains context whileperforming network management tasks

Smart tables & advanced filtering: Quickly view additionalinformation without leaving the workflow

Ever-present alarm views & browser: Always-on visibility topotential end-user problems to speed remediation

Designed to Work With How IT Approaches Problems


19/36


High-level View of Key Metrics with ContextualDrill-down to Detailed Data

19 2011 Cisco S stems, Inc. All ri hts reserved.Lumos Features DRAFT Cisco Confidential

Flexible platform: Accommodates new and experienced IT administrators Simple, intuitive user interface: Eliminates complexity User-defined customization: Display the the most relevant information


20/36


Correlated and focused wired / wirelessclient visibility

Client health metrics

Client posture & profile

Client troubleshooting

Client ReportingUnknown device ID input

Clear view of the end-userlandscape

Who is connecting

Using which device

Are they authorized


21/36


Wired & wireless discoveryand inventory

Add / detect infrastructuredevices such as switches,WLAN controllers and accesspoints

Comprehensive accessinfrastructure reporting

View the access infrastructureas a whole or as discretetechnologies

Stolen asset notificationTrack when devices presumedstolen come back online

21 2011 Cisco S stems, Inc. All ri hts reserved.Lumos Features DRAFT Cisco Confidential


22/36


Provides Context as to Where the Wired Endpoint Resides


23/36


Shows where security & policy problems existRetrieves information directly from clients: Wired, wireless - authenticated, unauthenticated

Reduces the time to troubleshoot security & policy problemsClient posture status and client profiled views

Drill deeper into security & policy issue detailsDirect linkage from Cisco NCS to Cisco ISE with contextual filtering

Converged Security and PolicyMonitoring and Troubleshooting


24/36



25/36


RF Prediction Tools Assist in Designing Optimal WLANs

Integrated Planning ToolImport floor plans from 3rd-party toolsConfigure access point placement,

coverage, and other variables

Generate equipment proposal Hierarchical Maps

Design multiple buildings, floors,regions

Location and Voice Readiness ToolsView performance and coverage

estimates

Easily Visualize theIdeal RF Environment

Planning Tool

Instant Accessto Tools Hierarchical Maps

Eliminate improper RF designs and coverage problems Built-in tools perform site-surveys, RF reassessments and RF readiness evaluation


26/36


Flexible Configuration Templates Streamline Operations

Apply common configurations across one ormore controllers and access points

Role-based access control and partitioning Standalone access point monitoring andmigration Control power consumption with energy wise

integration

Controlled wireless guest access

Industrys Broadest Array ofIntegrated Configuration Templates

CustomizableTemplates

Instant Additional Info.

Easily Define ConfigurationParameters

Fast creation and maintenance of configurations for WLAN controllers, APs, and MSE Maximizes uptime and improves operational efficiency Deploy large, multi-site networks and managed-service alike


27/36


Quickly Access the Information You Need WhenYou Need IT

Identify and diagnose RF Interference events,air quality and interference security threatswith Cisco CleanAir

Robust fault event and alarm management Guided step-by-step client troubleshooting

tools

Ever-present search for cross networkhistorical information

Cisco ISE and ACS views for additionalendpoint data

Coverage Visualization

Color-Coded Icons

Ever-present Alarm Summary

Centralized Monitoring of the entireWLAN and LAN

Efficiently assess, prioritize and manage RF interference issues Analyze problems and misconfigurations for all client devices across all connection media Troubleshoot large-scale LAN and WLAN environments with minimal IT staffing

Quickly discover events occurring outside baseline parameters


28/36

2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28Cisco Confidential 2010 Cisco and/or its affiliates. All rights reserved. 28

MappingHierarchy

and

Icons

(Expandable)

Simplified Customization ofDisplay

QuickAccessTo Tools

Ever-PresentAlarm Summary

(Expandable)

Heat Map ofEach Location

Ever-PresentSearch


29/36


Returning the Network to Optimal Performance

Integrated workflows and tools:1.Receive performance degradation notices2.Quickly asses service disruptions3.Research resolution4.Take action

CleanAir alerts summaries and reportsidentify where poor air quality andinterferers exist

Security dashboard and index showcurrent security status

Voice Tools for customized queries toaddress VoWLAN problems

Diagnose the RF environment and mitigate interference from Wi-Fi and non-WiFi sources Quickly assess and understand ways to improve the security index of the network

Quickly discover events occurring outside baseline parameters

Security Dashboard

Streamlined Workflows1

2

3


30/36


Continuous Improvement

Effectively plan for future capacity, while properly controlling costs Align the reporting structure to your business or operational environment

Understand common trends and top users of resources to right-size the network environment

Extensive on-demand andautomatic reporting

Fully customizable Focused compliance

reporting

Alarm and eventforwarding to 3rd-partysolutions

Output to CSV of PDF

Long term historical reportingand trend analysis


31/36


Identity Services Integration

Shows where security &policy problems exist

Drill deeper into issuedetails

CleanAir Detect RF Interference Locate the source Automatically adjust to

optimize the environment

Adaptive WIPS Assess wireless

vulnerabilities

Auto-classify threats Protect the wireless

network

Context-Aware

Contextual Info about Wi-Fi clients and tagged

mobile devices

Optimize applicationdelivery


32/36


Complete lifecycle management of hundreds of wireless LANcontrollers from a centralized location

Rich monitoring and troubleshooting for Cisco Catalyst SwitchesVisibility into key performance metrics interface ports, endpoints and

users and switch inventory

Device WCS DevicesSupported

NCS DevicesSupported

Cisco Lightweight Access

Points

3,000 15,000

Cisco Autonomous AccessPoints

1,250 5,000

Cisco Switches 0 5,000


33/36


Virtual AppliancePhysical Appliance

Physical and Virtual

Application & Components

OS

Cisco-branded Hardware

(1RU)

CiscoProvided

Application & Components

OS

Cisco

Provided

Customer

Provided

Virtual Infrastructure


34/36


2011 Cisco S stems, Inc. All ri hts reserved.Lumos Features DRAFT Cisco Confidential

Database*

1:1 UpgradeMust be on

WCS

7.0.164.0 or

7.0.164.3

*Note: WCS 7.X is the last release running on CiscoWorks Wireless LAN Solution Engine (WLSE)

Cisco Prime NCSCisco WCS 7.0.XLicenses

WCS Base License(Examples: WCS-APBASE-X or

WCS-WLSE-APB-X)

Prime NCS License(Example: L-NCS-1.0-X)WCS Plus License

(Examples: WCS-Plus-X or

WCS-WLSE-Plus-X)

Multi-tier License ModelSinglei-tier License Model


35/36


Converged Management of Borderless Networks

PlanIdentify mobility solutions thatalign to your businessstrategy

Cisco Unified WirelessNetwork ReadinessAssessment

Optimize mobile connectivity

with enhanced performance,security and reliability

Wireless LAN NetworkAssessment

Ensure the architecture cansupport the solutions

Wireless LANArchitecture Design

MissionCritical

Wireless

Enable the Architecture Enable Business Solutions Enable a Smart Network

BuildDesign a secure, highperformance network for mobilecollaboration

Wireless LAN Planningand Design

Accelerate ROI with efficientmigration and implementation

Wireless LAN Implementation

RunLower TCO with out-taskedmanagement and monitoring

Wireless LAN RemoteManagement Services

Improve efficiency andperformance with networkintelligence

Wireless LAN Optimization


36/36

Converged Access Management for Borderless NetworksEnable the Workforce

Provide reliable accessto network services

Visibility at the accesslayer as networks

become borderless

Address problemswhere most issues

occur - The endpoint

Empower first-tier toaddress issues without

escalation Resolve problems faster

with logical workflows

Improve resourceproductivity, lower TCO

Improve IT Productivity

Single viewpoint forwired, wireless, security

& policy management Unprecedented visibility

and control

Direct access to Ciscosupport and services

Single Unified View

Date post:	07-Apr-2018
Category:	Documents
Upload:	cisco-wireless
View:	240 times
Download:	0 times

Cisco Prime NCS: Converged User, Access and Policy Management

Documents