Søren Dulong Andreasen Technical Solution Architect CCIE#3252 Soren@cisco.com Cisco Denmark May 2016

Virtual Update 18/5-2016

Prime Infrastructure 3.1

2 © 2014 Cisco and/or its affiliates. All rights reserved.

Prime Infrastructure 3.1

AP Health Index

Wireless Switching Routing Platform

Network Health Dashboard

Geo Maps Views

IWAN 2.1 provisioning

*Configuration Compliance –

Wireless extension

Monitoring – BGP

Enhanced SWIM Workflows

Rogue Management –

Enhanced AutoSPT

Trustsec Assessment

AP PnP and Bulk Migration

Instant Access deployment Workflows

Router Health Index Switch Health Index

Client Troubleshooting –

Syslog Viewer

Simplified PnP Workflows

PfR Monitoring – Phase 2

3 © 2014 Cisco and/or its affiliates. All rights reserved.

Do I need APIC-EM, Prime, or Both for PnP?

PnP App

Use PnP App when: • Simple config / little change among devices • Have another a custom tool that generates configs (e.g. SPs) • Want to build an orchestration - APIC-EM will be integrated with other systems

PnP Service

Use Prime when: • There are multiple variables per device • Device will need to be managed for day2 • Need to have a variety of templates that create a standard way of deploying profiles • Want to deploy solution level: IWAN, TrustSec, Converged Access

Cisco Prime Infrastructure

APIs

4 © 2014 Cisco and/or its affiliates. All rights reserved.

PI 3.1 Simplifies Onboarding Devices using the New and Improved Plug-n-Play Workflow

4

ü  Easy to understand Plug-n-Play lifecycle

ü  Smoothly transition between various stages of the PnP lifecycle

ü  Easy to find Profile statistics right on the dashboard

ü  Quick Access to PnP Jobs from the dashboard

5 © 2014 Cisco and/or its affiliates. All rights reserved.

Deployment Status

5

Know the status of the device deployment

6 © 2014 Cisco and/or its affiliates. All rights reserved.

Reminder on network discovery

§  Discover Wired/Wireless/DC in a single scoop

§  Allows multiple protocols §  Advance filtering capabilities §  Multiple credential definitions §  Preferred management IP choices

Ø  sysName, Ø  ReverseDNS Ø  Loopback

§  Automatic post-discovery processing out-of-the-box.

§  Auto assignment to device/location groups based on rules

7 © 2014 Cisco and/or its affiliates. All rights reserved.

Enhanced Location Based Grouping

7

8 © 2014 Cisco and/or its affiliates. All rights reserved.

Supports for Maintenance States

8

9 © 2014 Cisco and/or its affiliates. All rights reserved.

PI 3.1 Simplifies Deploying Instant Access in Greenfield and/or Brownfield Environment Parent Switch Automation : o  Single and Clustered* Chassis mode o  Standalone to VSS Conversion o  Layer 3 Modules to Fabric Mode o  Integrated VSS best practices

FEX Switch Automation : o  Complete FEX Plug-n-Play solution o  Standalone and Stack* system mode o  Auto conversion & Pre-Provisioning o  EtherChannel, FEX ID, Fabric QoS

FEX Port Automation : o  ZTD solution for 2000 FEX Ports o  Policy based on Device classification & provisioning o  Simplified FEX Port configuration o  VLAN Mgmt, Interface Mgmt, AutoQoS

Standalone

VSS Parent

Convert Preset

HR Finance R&D

Endpoint WorkGroup

FEX

Prime Infrastructure

Platforms IOS Software CPI Software Catalyst 6500E and 6807-XL – Sup2T 15.2(1)SY PI 3.1 – Q1CY16 Catalyst 6880X and 6840 15.2(2)SY PI 3.1 – Q1CY16 Catalyst 3560CX-8-PD and 3560CX-12-PD 15.2.X PI 3.1 – Q1CY16 VSS Cluster (2 Chassis) Mode * 15.2(1)SY PI 3.1 + TP – Q3CY16 Catalyst 6800ia * 15.2(1)SY PI 3.1 + TP – Q3CY16

10 © 2014 Cisco and/or its affiliates. All rights reserved.

ü New and simplified User Interface ü 15+ new Converged Access feature support

ü  Increased scalability

ü Smarter with several built-in error-detection

Converged Access Workflow 2.0 – New Features

Platforms Software Catalyst 3650 / 3860 / CT5760 3.6.0 Catalyst 4500E – Sup8E 3.7.0

Next Gen OS (16.x) is also being certified for

Small and Large Deployments.

11 © 2014 Cisco and/or its affiliates. All rights reserved.

Snort IPS A lightweight Threat Defense solution for the Branch

Help meet PCI compliance mandate at the Branch Office

Threat protection built into ISR 4000 branch routers

Complement ISR 4000 Integrated Security

Lightweight Threat Defense with low TCO and automated signature updates

Cisco ISR 4000

Snort IPS

Snort is an open source intrusion prevention system capable of real-time traffic analysis and packet logging

Prime

Infrastructure

Provisioning: - Ready to use templates Monitoring: - Via Syslog viewer

12 © 2014 Cisco and/or its affiliates. All rights reserved.

Out of the box templates for Snort/IPS

13 © 2014 Cisco and/or its affiliates. All rights reserved.

•  Lowers long maintenance window periods, traditionally needed for global software upgrade on Cisco devices

•  Distributed Architecture for enhanced scalability and speed §  Dedicated External file server per site(s) to enhanced

performance §  Support for secure protocols out of the box – SCP, SFTP

•  Independent flows for Addition, Distribution, Activation, and Commit to meet operational needs for Cisco devices

•  Works on all of the operating systems for Cisco devices (AireOS, IOS, IOS-XE, IOS-XR, NX-OS, StarOS)

PI 3.1 Simplifies and Optimizes Software Image Management for Cisco devices

14 © 2014 Cisco and/or its affiliates. All rights reserved.

PI 3.1 Introduces Easy to Use Workflow for Software Image Management

15 © 2014 Cisco and/or its affiliates. All rights reserved.

Network Health

16 © 2014 Cisco and/or its affiliates. All rights reserved.

Site Health View for Network devices

16

17 © 2014 Cisco and/or its affiliates. All rights reserved.

Network Health Index

17

18 © 2014 Cisco and/or its affiliates. All rights reserved.

AP Health Index Router/Switch Health Index

•  Channel Utilization

•  Noise

•  Interference

•  Interface Utilization

•  Client Count

•  Availability

•  CPU

•  Memory

•  Temperature

•  Interface Availability

•  Interface Utilization

18

19 © 2014 Cisco and/or its affiliates. All rights reserved.

Site Health Monitoring – Router Health

20 © 2014 Cisco and/or its affiliates. All rights reserved.

Switch Health

21 © 2014 Cisco and/or its affiliates. All rights reserved.

Access Point Health

22 © 2014 Cisco and/or its affiliates. All rights reserved.

Service Health

Quickly Switch between

Applications

23 © 2014 Cisco and/or its affiliates. All rights reserved.

CONFIGURATION • Plug and Play and PKI Certificate automation via APIC-EM • Bulk (csv file) import for PnP • Workflow for IWAN Configuration for Hub/Spoke routers

•  Green-field and brown field deployments •  Customize IWAN technology enablement

• AVC Work Center •  Network assessment •  NBAR Protocol Pack Management •  Multi-device AVC configuration •  Create and Manage custom application

• QoS Management •  Best practices based design •  Create/Modify/Delete •  NBAR and DSCP based configuration support

• BGP templates for the transport overlay • Multi-datacenter with transit MC • Support APIC-EM GA release

MONITORING / TROUBLESHOOTING • Network performance (CPU/Memory/Interface) • Network Application Health Dashboard • Application visibility – NBAR, ART, Perfmon • WAAS Performance Monitoring with NAM • QoS performance and trending • Perfmon based troubleshooting • PfRv3 monitoring • IWAN App auto onboard sites in prime after provisioning and starts monitoring • Greatly improved PfR monitoring with per link application visibility and SP stats • Routing monitoring for BGP/EIGRP • Revoke PKI Certificate button (makes call to APIC-EM PKI service) • APIC-EM IWAN App can display monitoring/troubleshooting for PfR, QoS, AVC from prime

IWAN Management Highlights new in PI 3.1 new in PI 3.0

24 © 2014 Cisco and/or its affiliates. All rights reserved.

CONFIGURATION • Plug and Play and PKI Certificate automation via APIC-EM • Bulk (csv file) import for PnP • Workflow for IWAN Configuration for Hub/Spoke routers

•  Green-field and brown field deployments •  Customize IWAN technology enablement

• AVC Work Center •  Network assessment •  NBAR Protocol Pack Management •  Multi-device AVC configuration •  Create and Manage custom application

• QoS Management •  Best practices based design •  Create/Modify/Delete •  NBAR and DSCP based configuration support

• BGP templates for the transport overlay • Multi-datacenter with transit MC • Support APIC-EM GA release

MONITORING / TROUBLESHOOTING • Network performance (CPU/Memory/Interface) • Network Application Health Dashboard • Application visibility – NBAR, ART, Perfmon • WAAS Performance Monitoring with NAM • QoS performance and trending • Perfmon based troubleshooting • PfRv3 monitoring • IWAN App auto onboard sites in prime after provisioning and starts monitoring • Greatly improved PfR monitoring with per link application visibility and SP stats • Routing monitoring for BGP/EIGRP • Revoke PKI Certificate button (makes call to APIC-EM PKI service) • APIC-EM IWAN App can display monitoring/troubleshooting for PfR, QoS, AVC from prime

IWAN Management Highlights new in PI 3.1 new in PI 3.0

25 © 2014 Cisco and/or its affiliates. All rights reserved.

DataCenter Features

26 © 2014 Cisco and/or its affiliates. All rights reserved.

Datacenter Topology

26

27 © 2014 Cisco and/or its affiliates. All rights reserved.

VPC View

27

28 © 2014 Cisco and/or its affiliates. All rights reserved.

Troubleshoot vPC Inconsistency

28

29 © 2014 Cisco and/or its affiliates. All rights reserved.

Real-time Syslog Viewer

29

30 © 2014 Cisco and/or its affiliates. All rights reserved.

Reports are exported via CSV or PDF

31 © 2014 Cisco and/or its affiliates. All rights reserved.

•  Flexibility to choose events to be alarmed •  Allows filtering alarms on

•  Device Groups / Location Groups •  Port Groups

•  Suppress alarms, out of the box, for Access Switch Ports

•  Advance suppression for wireless alarms based on •  Percentage down on Location Group / Floors

Simplify Alarm Noise Reduction

•  Raise critical alarms that needs action

•  Reduce time to clean up alarms

32 © 2014 Cisco and/or its affiliates. All rights reserved.

Device 360 – Updated Actionable Items

32

Routing Table at

your mouse clicks !

33 © 2014 Cisco and/or its affiliates. All rights reserved.

PI 3.1 Simplifies Search for Keywords within Configuration Archives and take action on them