+ All Categories
Home > Technology > Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Date post: 22-Nov-2014
Category:
Upload: cisco-mobility
View: 15,063 times
Download: 5 times
Share this document with a friend
Description:
How to use Cisco Prime Network Control System (NCS) & WCS to deploy and manage your wireless network, an advanced technical deep-dive. Includes migration tips from WCS to NCS. Learn More: http://www.cisco.com/go/wireless
120
BRKEWN-2011 Managing an Enterprise WLAN with Wireless Control System (WCS)
Transcript
Page 1: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

BRKEWN-2011

Managing an Enterprise WLAN with Wireless Control System (WCS)

Page 2: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 2

§ The Role of WCS/NCS in the Network § Introducing Cisco Prime Network Control System § Planning and Deploying a Wireless Network § Monitoring § Tools and Troubleshooting § Reporting § Advanced Topics § WCS to NCS Migration

Session Agenda

Page 3: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 3

§ Original session objective: The objective of this session is to show WCS’s role in the network and its lifecycle, and to demonstrate WCS features and how they can be used to perform practical tasks; the session also provides suggestions and best practices on topics where appropriate

§ Modified session objective: Since Cisco Prime Network Control System (NCS) has been announced, this session will cover WCS and introduce NCS in the context of WCS in terms of common areas and key differences.

Session Objective

Page 4: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 4

The Role of WCS/NCS in the Network

Page 5: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Introducing    Cisco  Prime  Network  Control  System  (NCS)  

Page 6: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 6

What is Network Control System (NCS)?

§ Single platform for consolidated view of wired and wireless access infrastructure and endpoints

§ Built on the foundation of Cisco WCS, provides complete lifecycle management of wired and wireless access networks

§ Provides monitoring of endpoint security policy integration with Cisco Identity Services Engine (ISE)

§ All existing functionality in WCS is also supported in NCS

Page 7: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 7

Increased Scale 15,000 lightweight AP’s 5,000 aIOS AP’s 5,000 switches

Unified Access and Services Management

Manage access layer of network – wireless and wired Wireless NetOps Wired NetOps SecOps

Enhanced UI “drag and drop” customization, advanced filters (list pages), improved page navigation

Comprehensive Identity M&T

Integrated user/device monitoring and troubleshooting with Cisco Identity Services Engine (ISE)

Reporting Enhancements

Increased reporting scale, optimization

NCS – Key Enhancements

Page 8: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 8

Device WCS Devices Supported

NCS Devices Supported

Cisco Lightweight Access Points

3,000 15,000

Cisco Autonomous Access Points

1,250 5,000

Cisco Switches 0 5,000

NCS – Increased Device Scale

Page 9: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 9

Virtual Appliance Physical Appliance

Appliance Delivery Models

Application & Components

OS

Cisco-branded Hardware (1RU)

Cisco Provided

Application & Components

OS

Cisco Provided

Customer Provided

Virtual Infrastructure

Discontinuation of software binaries - Replaced by new Complete Appliance Model

Page 10: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 10

Physical Appliance Virtual Appliance

Hardware and software from Cisco (OS and NCS pre-installed)

VMware image (OS + NCS) Supported on: •  VMware ESX/ESXi version 3.5 •  VMware ESX/ESXi version 4.1

15,000 lightweight AP’s 1,200 WLC’s 5,000 aIOS AP’s 5,000 switches

Large: 15K/1.2K/5K/5K Medium: 7.5K/600/2.5K/2.5K Small: 3.5K/240/1K/1K

Cisco hardware appliance •  Not supported on WLSE

hardware

High-end: 8x2.93GHz CPU/1GB DRAM/300GB HD

Standard: 4x2.93 GHz/12 GB/200 GB Low-end: 2x2.93 GHz/8 GB/150 GB

Appliance-Based Solution

Page 11: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Planning  and  Deployment  

Page 12: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 12

§ Using Planning Tool § Setting up Network Elements via WCS/NCS

Controller Configuration Groups

Configuration Template LaunchPad

Controller Auto-Provisioning

Configuration Auditing Methods

§ Provisioning Maps and Context-Aware Service

Planning and Deployment

Page 13: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 13

Launching the Planning and Editing Tools §  Create a new Campus/Building

§  Create a floor you want to plan for (import floor plan)

§  Pick “Planning Mode” or “Map Editor” from the drop-down menu

Planning Mode—High-Level Options §  Add AP: Allows adding new Access Points to the Map

§  Delete AP: Remove existing Access Points from the Map

§  Map Editor: Edit the floor plan to draw objects such as light/thick walls, light/heavy doors, cubicles, glass, coverage areas, perimeters, markers, etc.

§  Synchronize with Deployment: Pull in currently deployed and placed Access Points on the floor to tweak existing deployment

§  Generate Proposal: Generates a document that maybe provided to a 3rd party deployment company; additionally, also provides various heat maps

Planning—Overview

Page 14: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 14

§  Accounts for objects and obstacles on a floor

For a precise RF propagation model display (predictive heat maps) Attenuation characteristics for objects and obstacles help predictive engine

§  Helps specify areas and regions such as:

Coverage Area and Markers—used for location notifications

Perimeter—defines the outer boundary Location Inclusion and Exclusion Regions — used for location events and

notifications §  Objects and obstacles that may

be specified: Walls (Light and Heavy)—2dB and 13dB Cubicle (Walls)—1dB Doors (Light and Heavy)—4dB and 15dB Glass (doors, windows, walls)—1.5dB

Planning Tool—Map Editor

Page 15: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 15

Planning Tool—Options

Specify AP Prefix and AP Placement method (automatic vs. manual)

Selecting AP type determines the antenna choices available for both the 2.4GHz and 5GHz band

Select the protocol (band) and minimum desired throughput per band that’s required for this plan

Data and Voice provide “safety margins” for design help. Safety margins help design for certain RSSI thresholds (detailed in online help).

Enable planning mode for advance options for data, voice, location and others

Location typically requires a denser deployment than data and the location checkbox helps plan for the advertised location accuracy

Location with monitor-mode factors in AP(s) that could be deployed to augment location accuracy

Both the “Demand” and “Override…” options allow for planning for any special cases where there’s a high-density of client presence such conference rooms or lecture halls

Page 16: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 16

Planning Tool—Customize Plan

Clicking an AP in the plan allows customization (added, deleted or simply modify properties) before a proposal may be generated

Default suggestions after running the planning tool present AP deployment choices and ability to switch between data and signal strength heatmap

Page 17: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 17

Planning Tool—Proposal

Proposal Contents: §  Floor Plan Details

§  Disclaimer/Scope/Assumptions

§  Proposed AP Placement

§  Coverage and Data Rate Heatmap

§  Coverage Analysis

Page 18: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 18

What Are Config-Groups? §  An easy way to group controllers logically §  Provides a way to manage controllers with similar configurations

Extract templates from existing controller to provision Schedule configuration sets Cascade Reboot

§  Manage Mobility Groups, DCA, and Configuration Auditing When Are Config-Groups Used? §  Group sites together for easier management for:

Mobility Groups DCA and Regulatory Domain Settings Schedule remote configuration changes

§  Groups sites to ensure compliance with configuration policies

Configuration — Config-Groups Overview

Page 19: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 19

Configuration-Groups How-To: Setup

• Select and add later: Only create the config group and then add controllers and templates at another time •  Copy Templates from controller: Copy templates from one of the controllers currently in WCS and then apply them to controllers in this config group. Note, if controllers’ templates are not already discovered, they can be discovered from the “Configure – Controllers” page

Page 20: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 20

Configuration-Groups How-To: Setup

§  Adding Controllers: Controllers in WCS are presented and can be moved over to the newly config group

§  Applying Templates: Discovered or already present template(s) can then be applied to controller

§  Auditing: Ensure template-based audit is selected in audit settings and then audit controllers in group to ensure they comply with policies

Page 21: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 21

§ Template order is very important! § Background audit is performed during network

and controller audit § Background audit and audit enforcement can

only run when template-based audit is selected (under Administration—Settings)

§ WLC(s) may be part of multiple configuration groups so be careful while setting mobility group names

Configuration-Groups: Things to Remember

Page 22: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 22

What Are Configuration Templates? §  Sets of configurations that may be applied to devices at system/global level

§  May be re-used to modify already applied configurations

§  May be used to replicate configuration to other devices added subsequently

§  May be to used to schedule configuration changes

§  May be to used to audit against

Types of Templates §  Controller templates

§  Lightweight AP templates

§  Autonomous AP migration templates

§  Controller and Autonomous Command-Line templates

Configuration—Templates Overview

Page 23: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 23

Controller Template LaunchPad

Tree-based hierarchy continues to exist as left-hand navigation

All-in-one, high-level view of template categories in WCS which may be expanded or collapsed for easier navigation and viewing

Each template provides a callout icon which, on mouse-over, provides easy to understand description of what the template is and how it may be used to configure certain attribute(s).

Page 24: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 24

§  Templates are added to WCS database when a WLC is first added to WCS

§  Template names can be changed to more meaningful names after discovery

§  Additional configuration changes on the WLC may be pulled in to WCS via the “Discover templates from controller” option

Templates: Things to Remember—1

Page 25: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 25

§  Upon configuration refresh from WCS, template associations may be deleted or maintained

§  Use the “Templates Applied to Controller” option to see a mapping of existing templates (pushed from WCS)

Templates: Things to Remember—2

Page 26: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 26

§  WLAN override feature was re-designed and merged under AP Groups—WCS does provide backward compatibility so newer releases (5.2 and above) provision this differently

§  WCS supports template creation for WLC’s dynamic interfaces

Templates: Things to Remember—3

Page 27: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 27

§  Easy way to identify configuration gaps between WCS and WLC

Manual on-demand audit capability

Automatic audits based on “configuration sync” background task

§  Allows easy reconciliation in the event of a configuration mismatch

§  Helps ensure WLCs comply with configuration policies

Configuration—Auditing

Page 28: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 28

Quick Audit Summary and Reconciliation

Audit Summary Restore or Maintain Config

Page 29: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 29

Audit Settings

§  Audit Mode Basic Audit: Perform an audit on current WLC configuration and compare

it with the configuration in WCS

Template-Based Audit: Perform an audit on current WLC configuration with respect to applied templates, config groups’ background templates and then the configuration in WCS

§  Audit On All Parameters: Audit on entire WLC configuration

Selected Parameters: Audit on selected parameters from the templates

Audit Settings

Page 30: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 30

What Is Auto-Provisioning?

§  Ability to automatically detect and configure new WLCs (locally or at remote sites)

§  Allows detection based on multiple criterion: Hostname, MAC Address or Serial number (.cfg file on TFTP server)

§  Adds WLC to WCS for further configuration after provisioning

When Would You Use It?

§  Large distributed deployments

§  Limited IT resources

§  Streamline operations and eliminate configuration mismatches

Configuration—Auto-Provisioning

Page 31: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 31

Controller Auto-Provisioning

§  Monitor Only: Controllers matched by this filter will not be configurable by WCS in the auto provision process

§  Filter Mode: Choose from hostname, MAC Address or Serial number to match the WLC

§  Config Group Name: Add the auto-provisioned WLC(s) to their own config group for easier management since these might share common policies

§  Input Device: Select from single or multiple devices to provision. Selecting CSV option provides a link to download a sample file to understand the syntax.

§  Device Configuration: Other device parameters that can be configured at this stage.

After hitting “Submit”, the filter is saved with one entry for the “member” you just added. At this point, you may add other members (WLCs) to this filter as well. This filter also creates a WLC config file in WCS’s TFTP directory. Ensure your DHCP server’s option 150 points to WCS Server

Page 32: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 32

Scheduled Image Download to Controller

•  Provides option to schedule software download (FTP/TFTP) to controllers. •  Task can be saved for future scheduling. •  Reboot can be scheduled at a future date/time. •  Email notification can be sent after completion of download.

Page 33: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 33

Scheduling AP Pre-Image Download

•  Provides option to schedule image download to AP. •  Reboot can be scheduled at a future date/time. •  Email notification can be sent after completion of download.

Page 34: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 34

Why Maps? §  Track wireless clients and tags, and play location history across campus §  Track and mitigate rogue devices §  Display Chokepoints §  Display Mesh AP relationships §  Integrate outdoor wireless mesh with Google Earth §  Represent wireless coverage on campus, and plan for growth §  View Channel and Tx Power plans provisioned by RRM §  View AP and RF Profile at the floor level §  Provision and display coverage areas, markers and other objects and use

them with location notifications §  Post-Deployment: VoWLAN and Location Readiness tools

Configuration—Maps

Page 35: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 35

Maps Layout

Hierarchical Layout for easy navigation

Default View of Campus, Buildings, and Floors can be easily changed with

the “Quick Filters”

Building view provides a quick glance in to floors’ status and alarm summary

for easier troubleshooting

Adding Campus or Buildings are made easy with the drop-down menu actions through an

easy wizard that walks you through provisioning floor plans and APs

Page 36: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 36

Maps Layout—Floor View

Quickly Add/Remove Layers that may be placed on the floor plan and heat maps

Mouse-over on objects on the map provides quick object

summaries

Commonly used map actions are ever-present

in icon format

Display and locate interference sources and zone of interference

Page 37: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 37

Maps Layout—Floor View

Quickly Add/Remove Layers that may be placed on the floor plan and heat maps

Mouse-over on objects on the map provides quick object

summaries

Commonly used map actions are ever-present

in icon format

Display and locate interference

sources and zone of interference

Page 38: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 38

WCS Map Export/Import

•  Provides ability to export maps from one WCS to target WCS. •  Can select all maps or subset. •  Export/import of map includes both map and AP’s placed on MAP. •  Exported via tar gzipped XML file. •  Import process ungzips/untars XML file automatically.

Page 39: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Real-Time Heat Maps

Page 40: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 40

Real-Time Heatmaps

NCS provides: § AP-to-AP RSSI measurements reflected

in heat maps § Option to switch between real-time (new)

and predictive (legacy) heat maps

Page 41: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 41

Real-Time Heat Maps

Real-time heatmap (NCS)

Predictive heatmap (WCS)

Page 42: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 42

Real-Time Heat Maps + Rx Neighbors

Provides list of neighboring AP’s and RSSI value that they “hear” the

selected AP

Page 43: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 43

Advantages of Real-Time Heat Maps

§ Provides graphical view of RSSI based on set of nearest AP’s vs. AP transmit power (predictive heat map)

§ Configurable options: §  Min. number of APs §  Recomputation interval

Page 44: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Monitoring  

Page 45: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 45

§  General Monitoring Dashboard Concepts

§  Client-Related Monitoring Client Details and Client List Pages Client Dashboard

§  Using Search §  NCS: Monitoring Autonomous APs §  NCS: Monitoring Switches §  Alarms and Events

Setting up Alarm Summary Differentiation Between Alarms and Events Severity and Layout Customization Setting Up Notifications and Help Desk-Like Usage

Section Agenda: Monitoring

Page 46: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 46

§  Canned tabs of high-level system views

§  Ability to add/remove tabs

§  Ability to add/remove components within tabs

§  Customize individual components

§  Introduction of trending information at system level

§  Quick drill-downs

Monitoring—WCS Dashboard Concepts

Page 47: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 47

Customizing WCS Dashboard

Page 48: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 48

Customizing and Historical Trending

Custom Tab

Custom Components

Page 49: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 49

§  WCS presents many intuitive ways to arrive at information

§  Ability to drill-down to an individual client-level detail from dashboard

§  Ability to drill-down with the help of “Quick Filters”

§  Ability to sort on different attributes in client list pages

§  Ability to perform and save intelligent searches

§  Ability to customize list layout, items per page and content

§  Perform advance context-sensitive actions (such as launching a report from AP page) from page drop-downs

§  Consistent breadcrumbs for navigational assistance

Information Layout and Workflow Concepts

Page 50: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 50

System-Level to Drill-Down

Page 51: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 51

Quick Filters, Custom List Layout

Edit List Pages for content relevant to you

Use Quick Filters or Column Sorting to arrange information relevant to the task

Page 52: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

NCS UX/UI Enhancements

Page 53: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 53

NCS Homepage “drag and drop”

dashboard customization

Page 54: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 54

Data customization per dashlet

Dashlet Customization

Page 55: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 55

Using Search

Global Search Capability

§  Searches can be performed on partial input

§  Search output provides configuration and monitor links based on device type found

§  Search parameters include IP Address, Usernames, MAC Addresses, SSIDs ,Rogues and AP Names

Advanced searches can be saved for easy future reference and use

Page 56: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 56

Common Steps in a Troubleshooting Scenario:

§  Lookup a client: MAC Address, Username, IP Address, Client type, Client state, From AP Details Page (example below)

§  Where is the client now (and how is their RF profile)

§  Where has this client been (Location playback, session and AP history)

§  Active troubleshooting

Monitoring—Client-Related Workflow

Page 57: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 57

Monitoring: Client Details—1

Basic Client Properties—can be expanded for further details

Client Association, Session History and Roam Reason

Page 58: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 58

Monitoring: Client Details—2

Client AP Association History

Client Statistics

Page 59: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Wired/Wireless Client Monitoring

Page 60: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 60

Client Status: Wireless

Page 61: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 61

Monitoring: Wired Clients

Session details Security details General client information

Page 62: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 62

Wired Client Details

Provides connectivity details for wired client including switch/port info, authorization details

Page 63: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 63

Client Status: Wired

Page 64: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 64

Track Clients

Create policy for tracking one or more clients detected on

the network

Page 65: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 65

Unknown Users

Assign username to client on network not

authenticated via ISE.

Page 66: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Autonomous AP Support

Page 67: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 67

Managing Autonomous Access Points

NCS 1.0 will provide: §  Autonomous AP monitoring §  Autonomous AP reports §  Client Visibility

Page 68: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 68

Autonomous AP Reports

Provides visibility into operation of aIOS AP’s

Page 69: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Switch Monitoring

Page 70: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 70

Switch Summary

Page 71: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 71

VLAN Information

Page 72: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 72

Spanning Tree Details

Page 73: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 73

What Are Events? §  An occurrence of a condition (or change in condition) in the network

managed by WCS §  Not necessarily generated for every condition but could be a result

of a pattern or threshold match by the WLC §  Events may not be useful in their raw form (unless troubleshooting,

for example) and usually need further processing What Are Alarms? §  Correlated events result in alarms (WCS allows looking up event history for

alarms) §  Both Alarms and Events are categorized by severities

Critical Major Minor Warning Informational

Monitoring—Alarms and Events

Page 74: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 74

Alarm System and Logic Simplified

Page 75: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 75

Alarms Layout and Search Expandable Widget

persistent across WCS

Alarms Sorted by Categories and Severities are

hyperlinked to quickly drill-down

Granular Alarm searches can be performed via the

“Advance Search” feature, and saved for future re-use

Page 76: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 76

Alarms  Ac>ons  and  Customiza>ons  

Alarm  message  details  

 

Quick  access  to  Alarm  Ac>ons  

 

Customizable  Layout  

 

Page 77: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 77

Working with an Alarm

Manage Alarms

Trace Alarm Source

Historical Data. Note “First Seen” and “Last Seen”

Manage Security

Page 78: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 78

Northbound  Event  No>fica>ons  

Page 79: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 79

§  It’s common to ignore email configuration in WCS

§  WCS sends email notifications for “Major” events only!

§  Acknowledged alarms suppress email notifications even if the severity changes

§  Help! My alarms seem to have disappeared! Alarms that get cleared move in to the “Cleared” state so be sure to check

cleared alarms (or look under event history)

§  Clearing an alarm does not remove it from WCS database (deleting it does)

§  Alarm severities can be customized from “Administration— Settings—Alarms”

§  Alarm acknowledgement works on individual alarm instance (and not on category or condition)

§  Even if traps are disabled on WLC, WCS could generate alarms from the regular polling it performs

Alarms—Things to Remember

Page 80: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Tools  and  Troubleshoo>ng  

Page 81: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 81

§ Client Troubleshooting Tool § Voice Audit Tool § Location Tools

Section Agenda: Troubleshooting

Page 82: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 82

§  An easy way to identify client-related issues from within WCS, without the need for extensive WLC debugs

Look at the client’s current state (and at what stage of the connection they might be having issues at)

Allows for real-time troubleshooting and log retrieval from the WLC

Allows for looking up historical, and relevant client and AP events

Allows integration with ACS View Server for authentication log retrieval

§  But, first things first—common problems:

Watch out for misconfigured clients (common areas are WLAN profile settings, authentication and encryption settings, and any advanced extensions that might not be required

Ensure WLC settings match the provisioned client profiles (security, SSID broadcast, WLAN override, etc.)

Ensure data rate settings on the WLC (Mandatory, Supported and Disabled rates)

Look for client exclusion settings (easy way to find excluded clients is via the ‘quick filter’ in “Monitor—Clients” page

Client Troubleshooting Tool

Page 83: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 83

Client Troubleshooting—Launch Points

Multiple Launch points to initiate client

troubleshooting tool allows for diverse

workflow integration

Page 84: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 84

Client Troubleshooting—Examples

Identify whether the problem occurs at 802.11 or higher layers

Suggestions on where to look and how to potentially resolve

the error condition(s)

Page 85: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 85

Client Troubleshooting—Examples

Provides visibility into logs, event history, and related CleanAir

information

Page 86: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 86

NCS: Wired Client Troubleshooting

Client connectivity status/issues

Page 87: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 87

APs Detecting a Specific Client

List of APs that heard client probe requests, 802.11 band, RSSI, how

long ago AP heard this client

Client MAC address

Page 88: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

ISE Integration

Page 89: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 89

NCS and ISE Integration

§  NCS leverages ISE API for posture assessment and report generation

§  Ability to drill-down to an individual client-level security details

§  Ability to troubleshoot client connectivity issues

Page 90: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 90

NCS + ISE: Client Posture and Profiling

ISE determines client to be Microsoft

Workstation based on device fingerprinting

Client authenticated using 802.1x via ISE

Page 91: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 91

Client Troubleshooting: Wireless Client

Page 92: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 92

Client Troubleshooting: Wired Client

Page 93: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 93

§  Allows auditing current network configuration from a VoWLAN deployment perspective

§  Use default rules and thresholds based on Cisco best practices

§  Ability to customize the rules to match your network and requirements

§  Provides a simple report with a list of configuration gaps

Voice Audit Tool

Page 94: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 94

Voice Audit—Example

Voice Audit Tool Report

Customizable Rules

Page 95: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 95

Voice Readiness Tool—Example

Simple, post-deployment tool to verify or correct AP deployment and

provides a way to determine VoWLAN readiness by band, and

RSSI cutoff values

© 2009 Cisco Systems, Inc. All rights reserved. Cisco Public BRKAGG-2011 95

Page 96: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 96

Location Accuracy Tool—Example

Determine Accuracy Probability, Correct Deployment

Test with Clients, Tags,

Exciters

Schedule Accuracy Tests

© 2009 Cisco Systems, Inc. All rights reserved. Cisco Public BRKAGG-2011 96

Page 97: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 97

Location Readiness—Example

Simple, post-deployment tool to verify or correct AP deployment and provides information on what areas are under the Cisco recommended

estimates

Page 98: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 98

Sending Network Details to TAC

Option to send directly to TAC or download file

Input TAC case number directly into WCS for sending captured files

Select network and device info to attach to TAC case

Page 99: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 99

Device Data Collection

Execute controller CLI commands and easily

capture command output

Page 100: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Repor>ng  

Page 101: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 101

§ Report LaunchPad § Report Customizations

Multi-Level Filtering

Customizing Report Output

Multi-Level Sorting in Report Output

§ Report Scheduling § NCS + ISE Reporting

Section Agenda: Reporting

Page 102: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 102

Report LaunchPad

Report LaunchPad – Easy Drill-Down

Callouts – Report Descriptions

Page 103: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 103

Report Customization

Multi-Level Filters

Customized Reports

Page 104: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 104

Graphical Report Content

Graphical Reporting

Graphical Summaries

Page 105: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 105

Client Summary Report - Endpoint Type

Page 106: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 106

NCS + ISE: Report Cross-Launch New set of reports launched from NCS cross-launches reports in ISE.

Page 107: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 107

NCS + ISE: Report Cross-Launch

Page 108: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

Advanced  Topic  

Page 109: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 109

§  At the heart of the high-availability design is the “Health Monitor” (HM) Process

Other components in WCS are JVM (WCS), Database, and Apache webserver

§  HM is sub-divided into smaller components: Core HM: Configures, maintains state and starts/stops the HA configuration across

WCS servers

Heartbeat: Responsible for maintaining communication between the primary and secondary servers (over HTTPS, port 8082); timeout is set to two seconds, with three retries

Application Monitor: Communicates with the WCS framework components on the primary server

DB Monitor: Configures database replication

File Sync: Identifies file changes, compression, and statistics maintenance

High-Availability—Components and Operation

Page 110: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 110

§  Both the primary and failover WCS servers should run the same software version

§  Both the primary and failover WCS servers should be running on the same OS type (can’t mix Windows and Linux installs)

§  Email server and receiver must be configured (used for notifications)

§  Communication between the primary and failover WCS must be enabled on HM port if firewall is in the path

§  Failover mode must be carefully selected (and remembered): manual vs. automatic

§  Authentication key is created during the install, and is used by the primary and failover WCS servers for communication (and also logging into the HMweb page)

§  HM available at: https://ip.address:HMport (example: https://10.10.10.200:8082)

High-Availability—Things to Know

Page 111: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 111

§  Available in release 5.2 and above

§  Requires the WCS “PLUS” license (only on the primary server)

§  Feature supports failover of up to two primary WCS servers to one backup server

WCS High-Availability—Things to Know

Primary Secondary 1 Low-end WCS 1 Low or higher-end WCS 1 Standard WCS 1 Standard or higher WCS 1 High-end WCS 1 High-end WCS

Primary Secondary 2 Low-end WCS 1 Standard or higher WCS 2 Standard WCS 1 Standard or higher WCS 2 Standard WCS 1 High-end WCS

§  Suggested deployment matrix in a 2:1 model

Page 112: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 112

§ No longer BASE and PLUS license (now single-tier license), so HA is available at no extra charge

§ Feature supports failover of one primary NCS servers to one backup server

§ Functionally the same as WCS HA

NCS High-Availability—Things to Know

Page 113: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 113

Virtual Domains What They Are (or do) What They’re Not (or don’t do) Quick way to partition WCS objects Not necessarily a complete replacement

for RBAC (for example, via TACACS+)

Allows users to be mapped to separate virtual domains at the time of creation

If none specified, users are added to the “root” virtual domain by default

Separate Reports, Controllers, Access Points, Search, Templates, Config Groups, Alarms and other objects

Don’t separate Google Earth Maps, Auto-Provisioning, MSEs, and Ethernet Switches

Objects may be assigned to multiple domains at the same time

Avoid changing configurations from multiple domains management simple

“root” domain is a superset of all sub-domains

Not all objects are available at the “root” level – objects such as Search and Reports are domain specific

Only the “root” domain may location, and any other email notifications

For more caveats, visit: http://www.cisco.com/en/US/docs/wireless/wcs/5.2/configuration/guide/5_2virtual.html

Page 114: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

WCS  to  NCS  Migra>on  

Page 115: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 115

Why Upgrade from WCS to NCS?

§  Increased scale (total device count: 25K) §  Wired/wireless integrated management:

manage access layer §  64-bit architecture: increased memory

footprint §  Appliance mode: no need for customer for

procure server (HW, OS + patches) §  Tight integration with Cisco ISE: device

posture enforcement, AAA

Page 116: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 116

Cisco WCS to Cisco Prime NCS Migration

Database Migration

1:1 Upgrade Must be on WCS

7.0.164.0 or 7.0.164.3

WCS 7.X is the last release running on CiscoWorks Wireless LAN Solution Engine (WLSE)

Cisco Prime NCS Cisco WCS 7.0.X Licenses

WCS Base License (Examples: WCS-APBASE-X or

WCS-WLSE-APB-X) Prime NCS License (Example: L-NCS-1.0-X) WCS Plus License

(Examples: WCS-Plus-X or WCS-WLSE-Plus-X)

Multi-tier License Model Single-tier License Model

Page 117: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 117

Greenfield Deployment: Why WCS?

§  Wired/wireless integrated management: manage access layer (infrastructure and endpoints)

§  Appliance model (physical and virtual/VM): no need to procure server (HW, OS + patches)

§  High device scale: up to 25K infrastructure devices

§  State of the art UI

Page 118: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 118

Key Takeaways

§  Wired/wireless access – infrastructure and endpoints – need to be managed together

§  WCS and NCS provide full lifecycle management

§  NCS builds on the features/functionality of WCS and adds wired management

§  Easy migration from WCS to NCS – both platform and learning curve

Page 119: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 119

§  Cisco Prime Network Control System (NCS) Datasheet http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps11682/ps11686/ps11688/

data_sheet_c78-650051.html

§  NCS Learning Modules http://www.cisco.com/en/US/products/ps11686/

tsd_products_support_online_learning_modules_list.html

§  TACACS+ Configuration Example http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080851f7c.shtml

Helpful Links

Page 120: Managing an Enterprise WLAN with Cisco Prime NCS & WCS

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public Presentation_ID 120

Thank you.


Recommended