Hawaii Tech Day- Cisco Mobility
119
Kurt Sauter Mobility Product Specialist Digital Network Architecture - Mobility Cisco Mobility
-
Upload
cisco -
Category
Technology
-
view
90 -
download
3
Transcript of Hawaii Tech Day- Cisco Mobility
Kurt Sauter
Mobility Product Specialist
Digital Network Architecture - Mobility
Cisco Mobility
Agenda1. DNA - Mobility
2. DNA – Wave 2
3. Cisco + Apple Partnership
4. Wireless Portfolio
5. Architectures
6. CMX (demo) (Video) (Apps)
7. Wrap Up + Q&A
Digital Network Architecture - Mobility
Digital Transformation
Information Era: 2000-2015 Digital Business Era: 2015+
Human Scale
Physical Appliances
Manual Management
Centralized Enterprise and Web Apps
IoT Scale (People, Devices, Things)
Virtualized Services
Automation, Zero Touch, DevOps
Distributed SaaS, Mobile, & M2M Apps
Connectivitywith High Reliability
Platform for
Innovation, Agility, Security
NETWORK
Requires Network Evolution
Automation & OrchestrationOn demand Application/Service Delivery & Uncompromised, Secure Experiences Over Any Connection
Accelerating Digital TransformationThe Network is the Foundation of the Digital Business
Ensure Content ComplianceThreat Defense
Policy & Identity ControlNetwork Access Control,
Visibility & Threat Containment
Personalized MobileExperiencesGain Insights &
Engage Customers
Digital ReadyOptimized Investments &
Seamless Experiences
Virtualization On demand infrastructure and virtualized functions
Secure the New EdgeEnhanced Direct Internet Attach Security
Detect Threats FasterSecurity Everywhere
Network Transformation for the WANUncompromised & Secure Experiences Over Any Connection
Traditional network management cannot provide sufficient dynamic management
• Focus has been on Day0/1 automation
• CLI not built for volumes of changes in machine real time
Controller based networking supports dynamic policy change
• Controller allows network to be managed as a system
• Policy management is automated and abstracted
Digital Business DriversRequirement for Dynamic Policy Changes
Cisco Digital Network Architecturewww.cisco.com/go/dna
AutomationAbstraction & Policy Control
from Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service ManagementPolicy | Orchestration
VirtualizationPhysical & Virtual Infrastructure | App Hosting
AnalyticsNetwork Data,
Contextual Insights
FASTER INNOVATIONInsights & Experiences
REDUCED COST & COMPLEXITYAutomation& Assurance
LOWER RISKSecurity & Compliance
Network-enabled Applications
Cloud-enabled | Software-delivered
Principles
How do we simplify, yet build reliable and versatile networks?
Lowers OPEX: Simplicity without compromise
Defend from a critical vantage point
Increase IT value and meet any use case regardless of
organization size
Automation & Assurance Security & ComplianceInsights & Experiences
Wireless is the primary mode of access for users and things
Cisco Digital Network Architecture
AutomationAbstraction and Policy
Control from Core to Edge
Open and Programmable | Standards-based
Open APIs | Developers Environment
DNA Service ManagementPolicy | Orchestration
VirtualizationPhysical and Virtual Infrastructure | App Hosting
AnalyticsNetwork Data,
Contextual Insights
Insights and Experiences
Network-enabled Applications
Cloud-enabled | Software-delivered
Automation and Assurance
Security and Compliance
Principles
TOM
OR
RO
WTO
DAY
Prime ISEWLC UI APIC-EMBest in Class Wired
Best in Class Wireless
Single Pane of Glass Automation & Assurance
Launch Services• Elastic On-Demand Services• Manage Services Across
Fabric
SDA• Fabric Automation /
Orchestration• Simple User Group Policy
Instantly
Lower OpEx • Built on Existing Infras• Seamless Brownfield
Integration
Network Assurance• Pinpoint issue location &
impact• Speed Remediation
Automation Analytics
One Wired-Wireless Experience with Fabric
Cisco Digital Network Architecture for Wired-Wireless
Automation
• PnP for Centralized & Flex• EasyQOS• ISE: .1x, BYOD, Guest
Open APIs: Modular Aps with Restful APIs
Cloud Service Management• CMX 10.x with Context and Guest
Platforms & Virtualization
Assurance
• Netflow Export• Apple Network Optimization
& FastLane
Principles
DNA Center: Public and Private Cloud
• Modular AP’s with Restful API’s• DNA Optimized Controllers: 3504, 5520, 8540• Various VM Models: ESXi, KVM, HyperV, AWS
Software Defined Access and TrustSec SXP & SGT
Enterprise Mobility VisionIT has to deliver on
outcomes…Mobility is not just about
802.11…
LiFi
NFV
IoTintegration
5G
HDRadiooptimization
SW
BLELocationbasedServices
Networks are getting complex…
DNA - 802.11ac Wave 2
Wi-Fi Connectivity Speed Timeline Gigabit Wi-Fi As Primary Access
3SS Desktops / Laptops
2SS Laptops / Tablets
1SS Tablets / Smartphones
802.11 802.11n802.11b 802.11a/g 802.11acWave 1
802.11acWave 2
2630**
1730**
290*
= Spatial StreamsSS
2016+2015
Gig
abit
Ethe
rnet
U
plin
k
2 G
igab
it Et
hern
et
Upl
inks
1 SpatialStream
2 SpatialStream
3Spatial
Streams
20132007200319991997
2 1124
54 65
450
300
1300*
290*
870*
5260**
3500**
600*
Dual 5GHz
Mul
ti-G
igab
it U
plin
ks
Flexible Radio AssignmentSoftware defined radio automatically
adjusts to dual 5GHz to better serve high client environment
Optimized RoamingIntelligently Connects the Proper Access Point as People Move
Turbo PerformanceScales to Support More Devices Running High Bandwidth Apps.
Zero Impact AVCHardware Based Application Visibility and
Control without Impact to Performance.
Cisco CleanAir®
Remediates device Impacting Interference from other WiFi and non-WiFi devices
Cisco ClientLink Improves Performance of Legacy and 802.11ac Devices.
Future Proof Expandability Add Functionality Via Module, Smart Antenna Port or USB Port
Multi-Gigabit UplinksFree Up Wireless With Faster
Wired Network Offload Gb+
Flex Dynamic Frequency SelectionAutomatically Adjusts So Not to Interfere With Other Radio Systems
Wireless excellence and innovations delivered only byCisco Aironet 2800, 3800 Series Access Points
Apple Fast LaneAutomatically assures highest priority, fastest
performance for trusted apps on trusted Apple devices
LAS VEGAS TOKYO
Optimized RoamingRX-SOP
Pervasive Wi-Fi
HDX TurboPerformance
Event Driven RRM
Flexible RadioFRA
Cisco CleanAir®
RF Profiles
RRM, DCA, TPC, CHDM
Load BalancingBand Select
Client Link 4.0
Off-Channel Scanning
Flex DFSDBS
5GHzServing
2.4GHzServing5/2.4GHzMonitor
RF Optimized Connectivity
Flexible Radio Assignment FRA2.4GHzServing
2.4-5GHzMonitoring
5GHz.Serving
5GHz.Serving
2.4GHzServing
5GHz.Serving
5GHzServing5Hz
Serving
2.4GHzServing
ü FRA-auto (default value) or Manual
ü Auto 2.4 -> 5GHz or Monitor Mode
ü Transition to 2.4 GHz if coverage drops
Two 5GHz Radios…what is the Big Deal?
3 252.4 GHz Channels
5 GHz Channels
FCC: 25x 5 GHz ChannelsETSI: 16x 5 GHz Channels
Event Clients 5GHz vs. 2.4GHz
Mobile World Congress 2015 87% / 13%
Cisco Live 2016 90% / 10%
Democratic National Convention 85% / 15%
Your Radio Architecture should match your clients needs!!!
Optimize Wi-Fi with CleanAirQuickly Identify and Mitigate Wi-Fi Impacting Interference
Channel 48
48
4848
48
48
48
48
48
48
48
48
ü Interference on 20/40/80/160 MHz ü Air Quality and Interference by
AP/radio on WLCü AQ Threshold trap and Interference
Device trap (per radio) ü CleanAir-enabled RRM
Network Air Quality and Interference Location with PI 3.1.x and CMX
Interference Devices and Air Quality ReportCleanAir Enabled RRM
Mitigated RF interference for improved reliability and performance
Wi-Fi andnon-Wi-Fi
aware
Dynamic mitigationED-RRM
Granular spectrum
visibility and control
Air Quality Performance
Improved Client Performance
Complete Automatic Interference Mitigation Solution for Rogues and Non-Wi-Fi Interference
Maximize Channels When Radar Is PresentFlexible Dynamic Frequency Selection
5170MHz
5330MHz
36 40 44 48 52 56 60 64
20MHz.
40MHz.
80MHz.
160MHz.
5490MHz
5710MHz
100
104
108
112
116
120
124
128
132
136
140Channel Used
by Air Traffic Radar
See it on 160MHZ Band
Dynamic Frequency Selection FlexibleDynamic Frequency Selection
FlexDFS with Dynamic Bandwidth Selection
Identifies radar frequency to
1 MHz
FlexDFSisolates radar
event to 20MHz
DBS allows best channel
and width
Interference is impactingonly channel 60
FlexDFS + DBSAutomatic and intelligent use of spectrum
52 56 60 64
DBS combined with FlexDFS: Increased confidence in using wider channel bandwidth; reduced radio flapping
Primary20
Secondary 20
Secondary40
52 56 60 64
Optimizes HD Experience
Better Client Connectivity RXSOP, Load Balancing, Band Select
Fine-tuning HDX with RF Profiles
Wi-Fi Triggered ED-
RRM
OptimizedRoamingRXSOP
Dynamic Bandwidth Selection
TPC, DCACHDM
FlexDFS
CORE:
• CleanAir
• ClientLink 4.0
• Turbo Performance
ü Pre-canned RF Profilesü Client Distributionü Data Ratesü DCA, TPC, CHDMü Profile Threshold for
Trapsü High Density Features
Security and Threat Mitigation
Secure Access
P2PBlocking
Client Exclusion
802.1x WPA2/AES
AES256 Encryption
AAA Override VLAN, ACL, QoS
Local Policy w/QoS and AVC
MFP, 802.11w
TrustSec SXP Inline Tagging
wIDS, ELM
MAC Auth Rogue Detection
BYOD NAC RADIUS
8.4
8.3 MR1
5GHz. / 2.4GHz. .5GHz. / Security
Cisco Wireless Security Deployment with AP3800/2800 Maintains Capacity and Avoids Interference
Good Better Best
Features ELM Monitor Mode AP ELM with FRAMonitor Mode
Deployment Density Per AP 1 in 5 APs 1 radio per 5 APs
Client Serving with Security Monitoring
Y N Y
wIPS Security Monitoring 50 ms off-channel scan on selected channels on 2.4 and 5 GHz
7 x 24 All Channels on 2.4GHz and5GHz
7 x 24 All Channels on 2.4GHz and5GHz
CleanAir Spectrum Intelligence 7 x 24 on client serving channel 7 x 24 All Channels on 2.4GHz and5GHz
7 x 24 All Channels on 2.4GHz and5GHz
Serving channel Serving channelOff-Ch Off-Ch
Serving channel Serving channelOff-Ch Off-Ch
Enhanced Local ModeAccess Point
ü GOOD
2.4 GHz
5 GHz
t
t
Monitor ModeAccess Point
ü BETTER
2.4 GHz
5 GHz
t
t
Ch11Ch2
Ch38
Ch1
Ch36
…Ch11Ch2Ch1
…Ch11Ch2Ch1
…
…Ch161Ch157 Ch38Ch36
…… …
t
2.4 GHz
5 GHz
tCh11Ch2Ch1…
Ch38Ch36 Ch161Ch157…… …
ELM with FRA Wireless Security Monitoring
ü BEST
Serving channel Serving channelOff-Ch Off-Ch5 GHz t
ServeClienton2.4GHz
50ms off-channel
ServeClientson5
GHz
50ms off-channel
Rogue Detection and Mitigationü Rogue Classification and
Containment• Rogue Rules• Manual Classification –
Friendly/Malicious • Manual and Auto
Containment
ü CleanAir with Rogue AP Types
• WiFi Invalid Channel• WiFi Inverted
ü Rogue Location • Real-time with PI, MSE,
CleanAir• Location of Rogue APs
and Clients , Ad-hoc Rogue, Non-wifiinterferers
DataServingAP
Scan
1.2sperchannel
MonitorModeAP
FRAwithMM
ServeClientondedicated5
GHz
Scan1.2sperchannel
Service ReadyFeature Highlights
VideostreamMulticast VLAN
Per-Client/Per-SSID BW Contract
Local Profiling
Bonjour Apple Services
Service Ready
AVCNetflow
AAA Override ofAVC Profile
Voice Optimization, CAC, WMM Policy
Adaptive 11r ,11k, 11vFastLane
QoS ProfilesOKC, CCKM
Fast Roaming
8.3 MR1
Zero Impact Application Visibility and Control
Maintain Performance with Zero Impact AVC
Gain Visibility into the Network
Monitor Critical Applications
Control Application Performance
APP APP APP APP
APP APP APP APP
APP APP APP APP
APP APP APP APP
ü SettingupAVCprofilesandrulesü Drop/MarkforseveralvideoappslikeYouTubeandNetflixoniPhone,iPadü Drop/MarkforotherappssuchasJabberandWebexü Profileswithblockandpassrulescombinedü RateLimitingofVideo/Voiceappsü AAAoverride forAVCprofileü AVCProfilewithLocalPolicyClassification
Enterprise Infrastructure Feature Highlights
Fast SSID
Flex, Local, Sniffer, Monitor, ME
Certifications
Enterprise Infrastructure
Pre-Image Download
AP Multicast
WiFi Tagging
OEAPWebauth
Guest Access
Plug n Play
8.3 MR1 8.3 MR1
8.3
AP and WLC Portfolio
Cisco Aironet 802.11ac Wave 2 Portfolio Enterprise Mission Critical Best in Class
18101830
1850 (i/e)2800 (i/e)
3800 (i/e)
• Dual Band • 802.11ac Wave 2• Compact Design• 3x Gbps switch port• 1x Gbps uplink port• Wall Plate AP • Teleworker OEAP• 802.3af PoE out
• 802.11ac Wave 2: Most Cost-effective, 870 Mbps.
• 3x3:2SS 80MHz. • Spectrum Analysis*• Tx Beam Forming• 1 GE Port• USB 2.0• Centralized,
FlexConnect* and Mobility Express
• 802.11ac Wave 2: Cost-effective, 1.7 Gbps
• 4x4:4SS 80Mhz. • Spectrum Analysis*• Tx Beam Forming • 2 GE Ports• USB 2.0• Centralized,
FlexConnect* and Mobility Express
• 802.11ac W2: High-Performance 5Gbps
• Flexible Radio Assignment
• 4x4:3SS 160 MHz• 2 GE Ports• USB 2.0• Hyperlocation
(External Antenna)• CleanAir 160MHz. • ClientLink 4.0• Centralized,
FlexConnect* and Mobility Express
• 802.11ac W2: High-Performance 5Gbps.
• Flexible Radio Assignment
• 4x4:3SS 160MHz.• MU-MIMO• 2 GE or 1 GE + 1
mGig (5G)• Hyperlocation
(External Antenna)• CleanAir 160 MHz• ClientLink 4.0 • StadiumVision• Modularity• Centralized,
FlexConnect and Mobility Express
Cisco Aironet Portfolio – Outdoor APEnterprise Class Best in Class Cable Operators
1560• 802.11ac W2• 4 models (I/E/D/PS)• 3x3:3, 80MHz, 1.3G (I)• 2x2:2, 80MHz, 867M (D/E/PS)• MU-MIMO• SFP• Internal Directional Ant. (D)• 4.9 GHz (PS: Public Safety)• Flexible Antenna Ports• CleanAir 80 MHz• ClientLink 4.0 • Centralized, FlexConnect,
Mesh & Mobility Express
1572EAC• 802.11ac W1• 4x4:3 80 MHz; 1.3 G• External antenna• SFP• GPS• PoE-Out (803.2at) • Flexible Antenna Ports• CleanAir 80 MHz• ClientLink 3.0 • Modularity• Centralized, FlexConnect &
Mesh
1572IC/EC
• 802.11ac W1• 4x4:3 80 MHz; 1.3 G• Internal or External antenna• DOCSIS 3.0, 24x8• SFP• GPS• PoE-Out (803.2at) (EC)• Flexible Antenna Ports• CleanAir 80 MHz• ClientLink 3.0 • Modularity• Centralized, FlexConnect &
Mesh
1530• 802.11n• 2 models, low profile• 2G: 3x3:3; 5G: 2x3:2• Internal or External antenna• Flexible Antenna Ports• Centralized, FlexConnect, &
Mesh
* Future availabilityShipping ShippingFCSAugust 2016
Industrial Wireless IW3700 Series Access PointOptimized for Rail, Mining, Manufacturing, Oil & Gas
N-type antenna ports for 4x4 MIMO with three spatial streams and support for up to 13 dBigain antennas
10/100/1000Base-T, PoE and PoE+ in (M12)
10/100/1000Base-T, PoE out (M12)
10 to 60 VDC in (M12)Management console port (RJ-45 serial)
Integrated mounting ears
Diecast aluminum chassis with
integrated heatsinkand heaters
Meet Any Wi-Fi Use CaseExpandability and Investment Protection
Future Wi-Fi Standard
IOTIntegration
Custom ComputePlatform
Adv. Security and Spectrum
Analysis3G & LTESmall Cell
Bluetooth Beacon
Hyperlocation Antenna
Stadium Panel
Antenna
Self-Discover / Self-Configure
3G/LTEBackhaul
Directional Antennas
BluetoothIntelligence
Access Point Extensions (APeX)Third-party Development Framework
• Seamlessly Enable partnersü Cisco Wireless BEü Other Cisco Business Unitsü Strategic partnersü 3rd Party solutions vendors
• Facilitate both hardware and software based solutions
• Sustained differentiation of 3K Series APs
• Gain competitive advantage by enabling vertical specific solutions
MODULE PORT
A development framework to enable an ecosystem of expansion modules (HW module, USB or software) for Cisco Aironet AP 3800 Series
Wireless Architecture
Autonomous FlexConnect Centralized Converged Access
Traffic Distributed at AP
Traffic Centralized at Controller
Traffic Distributed at SwitchStandalone APs
Target Positioning Small Wireless Network Branch Campus Branch and Campus
WAN
§ Right To Use Licensing, Ease of Enablement and Portability
§ Utilizes the NEW WLAN Express WEBGUI with best practices enabled
§ Allows administrator to easily migrate config from previous WLC
Simplified Migration and Manageability
§ Ability to host multiple services such as Application Visibility and Control, Bonjour
Services Directory, TrustSec, Guest, High Availability with SSO
§ Support for centralized, distributed and Mesh deployments
Services Ready
§ 5520 scales up to 1500 AP & 20,000 clients
§ 8540 scales up to 6000 AP & 64,000 clients
Built for addressing Scale of BYOD
§ 5520 supports 20 Gig of throughput
§ 8540 supports 40 Gig of throughput
Throughput to address needs of Wave-2 11ac
5520
8540
Introducing the Cisco 5520 and 8540Feature-Rich, Multi-mode and Ready for Wave 2 802.11ac
Built for addressing Scale of BYOD
Introducing the Cisco 3500Feature-Rich, 150APs 3000 Clients
Easy to Use Sidebar
Navigation
Intuitive and Interactive Network Summary Navigation
Cisco’s Simplified WLAN Controller GUI
Switch between graphic and text
Drag Dashlets to Rearrange
Add Dashlets
Mobility Express Interface(Single AP)
Converged Wired/Wireless
2.5-5 Gigabit Port
Offload Wireless Traffic FasterMultigigabit Technology
Cisco MultigigabitStandard Cat 5e/Cat6 Cables
1 Gigabit Port
Delivers up to 5X Speeds in Enterprise WithoutReplacing Cabling Infrastructure
Supports PoE Up to 60W
2.5-5 Gigabit Port
Available on AP 3800
Catalyst 3850 ─ Multigigabit Versions
48 Port Version 24 Port VersionDownlinks:36 x 1G LineRate 10/100/1000BASE-T, 12 x GE/mGig/10GT Line RatePoE/PoE+/UPoE, EEE, MACSec
Uplinks:4x10GE SFP+, 2 x 40G QSFP (NEW), 8x10G SFP+ (NEW)
Downlinks:24 x GE/mGig/10GTPoE/PoE+/UPoE, EEE, MACSec
Uplinks: 4x10GE SFP+, 2 x 40G QSFP (NEW), 8x10G SFP+ (NEW)
All 3850 Versions Can Stack with Each Other
Catalyst 3850 mGig
C3850 24 port mGig Switch24p mGig/10GT PoE+/UPOE. Line rate at 72 byte packet sizes
C3850 48 port mGig Switch12p mGig/10GT PoE+, 36p 1GE UPOE. Line rate
Investment Protection – mGig speeds with Cat 5e,
DATA
PoE+
UPOE
Fiber
New Member to the stacking Family
MGIG
Cisco + Apple Partnership
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
The new partnership for Federal Customers
What are we trying to solve?
Scalability
Complex configuration of advanced features
Mobility
Sub optimal roaming for mobile devices and battery efficiency
Better integration between mobile devices and the network
Reliability
User experience is affected
Cisco-Apple partnership provides these benefitsOptimized Wi-Fi Connectivity Prioritized Mission applications
Intelligent, and efficient roaming is automatically configured
iOS and Cisco devices recognize each other and enable special capabilities
Mission data gets priority and speed even if network is congested
Reduces complexity - IT can focus on the mission – the network does the heavy lifting
What happens Today?
In 802.11, delay in roaming causes poor experience, especially for rich-media real-time applications. Interoperability increases complexity and prevents adoption.Standards to the rescue?• 802.11r – Fast Roaming• 802.11k – Neighbor List• 802.11v – BSS Transition
But• Operational Complexity• Multiple SSIDs – some clients cant
associate with SSIDs enabled with 11r
Optimized Wi-Fi Connectivity
Intelligent, and efficient roaming is automatically configured
Makes critical apps more reliable
iOS and Cisco devices recognize each other and enable special capabilities
802.11k, 802.11v, 802.11r help efficient roaming
802.11r enables fast roaming without complete reauth802.11k sends you list of neighbors802.11v BSS Transition sends you the new best AP Cisco-AP-2 to connect to
Association
Fast Transition (802.11r)Cisco-AP-1 Cisco-AP-2
Association
Cisco-Apple Optimized Roaming reduces management overhead by up to 50%
Legacy client cannotjoin the same SSID where 11r is enabled
I recognize that you are an Apple device11r is enabled for you
802.11k, 802.11v are on by default
Legacy client that does not support 11r/k/v canjoin the same SSID
Cisco-APNon-Cisco-AP
Roaming Performance : 10x Better end-user Browsing and App Experience
QoS, 802.11r/k/vNo QoS, No 802.11r/k/v
Time (s)*
*Time Interval between last packet on previous AP, and first packet on next AP
Benefits of Optimized Wi-Fi Connectivity
Automatic configuration reducing complexity for IT
Up to 50% reduced management overhead due to fewer SSIDs
86% reduction in network message load from the device during roaming
Investment protection -Leverage existing network design
Lower battery usage
66x reduction in probability of poor audio quality experience. 10x more successful end user browsing experience
What happens Today?
Inability to prioritize mission-critical real-time traffic all the way from clients to the destination
• Today IT Administrators can classify traffic ONLY at the access point. this implies:
• Inability to prioritize between the client and the AP.
• Burden on IT administrator to manage the applications across the enterprise
Prioritizing Business Apps
Prioritize mission critical apps and real time data
Turning on is easy
IT has control over which Apps get priority
Fast lane Configuration Profiles
A QoS configuration profile will ONLY be acted upon on an iOS 10 client
Uses standard Apple iOS Profiling techniques (MDM, email, Web-based)• Profile lists “whitelisted” applications in a dictionary file• Whitelisted applications are allowed to mark QoS (DSCP/UP) upstream• ‘Non-Whitelisted’ applications receive only BE/BK marking upstream
Used in Combination with Cisco and Apple mutual detection
Fast Lane only applies to Cisco-Apple Deployments
QoS Profile is not consideredApplications can only mark UP, not DSCP*
QoS Profile or no QoS Profile
If a Profile was received, All apps in White list Can mark QoS upstream
QoS Profile
Cisco-APNon-Cisco-AP
Supports Fast lane
* DSCP can be marked with IP_TOS/IPv6_TCLASS when SO_NET_SERVICE_TYPE is best effort
Fast Lane enables network administrator to prioritize applications per your environment
Supports Fast lane Admin can provision Apple IOS device with a QoS profile*
Applications in whitelist get QoS marking**Other applications get BE/BK
Supports Fast lane
My profile for this environment:Minecraft = Real-time-interactiveViber = BE
My profile for this environment:Minecraft = BEViber = Voice
Cisco-AP
Supports Fast laneSupports Fast lane
Cisco-AP*Without a profile, all applications are whitelisted by default in a Fast Lane cell
**Fast Lane does NOT override apps QoS, it either allow the app QoS or apply BE
App prioritization elements
QoS Profile
Voice QoS Trust
AutoQoS
Better EDCA
Helps determine which applications should receive QoS upstream
Trust upstream voice traffic, with ACM and without TSPEC
Benefits IT AdministratorConfigure optimal WLC QoS in one click
Ease of UseIEEE 802.11-2016 EDCA
No Fast Lane
Fast Lane delivers a reliable voice experience even in a congested environment
• In a congested environment, one voice packet is sent every 20 ms
• We measure the actual interval between voice packets in the upstream direction
Capture time (seconds)
Packet average interval is 40 ms (not so good)
Many glitches, of up to 0.6 second (poor audio experience)
Interval (seconds)
Fast Lane
Interval (seconds)Packet average interval is 20 ms (good)
Very few glitches, of up to 0.1 second(fair audio experience)
Benefits of App prioritization
Business data gets priority and speed even if network is congested
Reduces complexity - IT can focus on the mission – the network does the heavy lifting
Reliable mobility for mission use
Benefits of Apple-Cisco partnership
Simple, automated configuration of
Optimized Roaming & Fast lane
Faster client roams, lower battery usage and reduced network load
Enabled with a unique to Apple and Cisco mutual identification
Prioritizes mission-critical apps over
the air and network
What can we enable
All Wireless Office Manage growing network demands
Mobile access to real-time data
Prioritize mission critical apps
Improved voice and video communication
Seamless Collaboration with Cisco Spark
• Meet anywhere and everywhere
• Always-on, secure team messaging and file sharing
• Integrated business phone with• HD voice and video calling
Enterprise Voice Integration
• Take your desk phone with you
• Easier than ever to collaborate
• Enable by Cisco Spark and iOS 10 APIs
Native Voice Experience – Hey Siri!
• Intuitive - use the iOS native dialer for Spark calls
• Convenient - consolidated view of contacts, call history, and favorites
• Control - call waiting allows user to screen and prioritize calls
• Multi-functional - extends hands free experiences using Siri voice commands, Bluetooth and mobile accessories
• Use connected headsets and accessories
Enterprise Voice Integration• Users never miss a call
• Reliable, high-quality calling with reduced costs
• Improved compliance for calls made through the corporate PBX
• Accelerated user onboarding
PBX TelcoSwitch
Desk Phone
iPhoneCisco
CollaborationCloud
Recommended platforms
Networking infrastructure Caching iOS devices• Wireless controller: Running
AireOS 8.3, 8.3MR or connected to Meraki cloud
• 802.11ac Aironet and Meraki MR Access points
• Catalyst and Meraki MS Multigigabit-capable switches
• Meraki Systems Manager EMM• Software licenses, maintenance
& support
• ISR 4000 Series• WAAS – Wide Area Application
Services• Akamai Connect license• Software licenses, maintenance
& support
Optimized Efficient Roaming
• iPhone 6s and later• iPhone 6s Plus and later• iPad Air 2 and later• iPad mini 4 and later• iPad Pro and later• iPhoneSE
Fast Lane
• iPhone 5 and later• iPad mini 2 and later• iPad Air and later• iPad Pro• iPod touch (6th generation)
CMX & ISE
Prime Infrastructure
Cisco WLAN
Controller
Systems Manager (MDM/EMM)
MDM Manager
Wired Network Devices
Cisco Catalyst Switches
Office Wired Access
Office Wireless Access
IdentityServices Engine
Remote Access
ASA Firewall
CSM / ASDM
Identity Services Engine – Policy Enforcement
Cisco Identity Services Engine (ISE)
Network ResourcesAccess Policy
Traditional Cisco TrustSec®
BYOD Access
Threat Containment
Guest Access
Role-BasedAccess
Identity Profilingand Posture
A centralized security solution that automates context-aware access to network resources and shares contextual data
NetworkDoor
Physical or VM
ISE pxGridController
Who
CompliantP
What
When
Where
How
Context
Threat (New!)
Vulnerability (New!)
Demo CMX
DNA for Mobility: Summary of Solutions
AnalyticsPresence Analytics
Location based AnalyticsVerticalization
User EngagementCustom Guest Experience
Location Specific PortalConnected Visitors Analytics
Mobile Applications Location based Engagement
3rd party App integrationProgrammability & extensibility
Lower RiskFaster Innovation Reduce Costand Complexity
Apple and CiscoOptimize Wi-Fi Connectivity
Prioritize Business AppsIntegrate Collaboration
Automation Flexible Radio Assignment
WLAN Express Setup Plug n Play Provisioning
VisibilityEasy Monitoring & troubleshooting
App & Device Awareness
Fast PolicyBYOD Provisioning
802.1x Authentication Guest Access
Embedded SecurityVisibility and Segmentation
Threat DetectionBYOD Monitoring
Web Content/ControlCategory-Based Filtering
Policy SegmentationSecurity Activity Monitor
Protect The AirInterference and Air Quality Detect Rogues and attacks
Cisco’s location roadmap and use case vision
PresenceGreater customer
insights
Enhanced location
Hyperlocation
Bluetooth Low Energy
Accuracy 20m
Type In-zone Detection
Use Cases
Venue-level,Visitors, Dwell Time
Accuracy 10m
Type X,Y coordinates, Optimized refresh
Use Cases
Zone-levelCorrelation
Accuracy 1-3m
Type Real time refresh, app required
Use Cases
Way Finding / Indoor navigation / Proximity Marketing
Accuracy 1-3m
Type Refresh every 10 seconds, no app
Use Cases
Sub-zone-levelWork space optimization
• CMX now has the capability of sending data natively into a CMX Splunk Application and CMX for ElasticSearch with Kibana visualization. These connectors allow the end user to take advantage of CMX to calculate location and analytics data and use the third party tool to add additional visualizations and data views.
Expanded Visulization - CMX Connectors
• Notifications based on additional events from RFID tags including button pushes and battery events.
• Notifications to email addresses to enable rapid prototyping of applications
• Configurable encryption key per destination.
CMX Notifications – Improved Support for RFID Tag events and Email notifications
New Notification Types
Updated Destination options
Configurable encryption key
Note: Enables Asset Tag solution migration from MSE 8.0 to CMX
Northbound Notifications – MAC hashing
• SSID based filtering for Location• When a customer has multiple different SSID for
different purposes, they can now isolate which SSID are used for by the system, such as a GUEST SSID and not include data from this SSID in reports
• Connected and Detected client selection in all Analytics reports• Each report can now be customized to include
Connected (i.e. Associated) and Detected (i.e. Probing) Devices to provide additional granularity. (or both)
CMX Analytics - Report Filtering
• Analytics reports now have the ability to use customizable opening hours for the reports based on a configuration file. This allows more accurate analytics reporting that is specific to the venue.
CMX Analytics – Customizable Opening hours
Input File Customized Open Hours
• CMX Analytics has changed from a NOW report to a dedicated RealTime analytics tab. This allows accurate and timely display of what is occurring right now in the venue at a floor level. RealTimereports can be saved similar to other analytics reports.
CMX Analytics – Real Time Report
• CMX 10.2.3 now allows creation and editing of Inclusion and Exclusion zones within CMX instead of having to create them in Prime. This simplifies the management process when a map is added or changes.
CMX Location – Configurable Inclusion/Exclusion Zones
• CMX now has the ability to show a new Portal page after a certain number of days (1 to 1000) or if configured to (0), will show a new portal whenever user is timed out of WLC. This makes it much easier to configure when a portal page will show up to a user.
CMX Connect – Configurable Portal Timeouts
NEW
• System uses Virtual IP and heartbeat check pointing between two systems, active and standby.
• Failover time about 5 mins• Database is check pointed
CMX High Availability
What's New in CMX CloudPresence and Connect
CMX Cloud - Support Aironet and Meraki Wi-Fi
Cloud CMX MerakiAPI
Aironet Meraki MR
Common Dashboard for CMX Analytics and Connect
Guest Voucher Code
Front-desk or lobby admin creates a voucher code one at a
time or in bulk
Customize the email & print formatting and distribute the
voucher keys
Full audit capability to trace back the lobby admin, voucher code and last access history
Create Voucher Format Email Receipt
Email Verification: Host Sponsor or Self Sponsor
Visitor provides an email seeking approval – Visitor waits for approval or cancel request.
Sponsor clicks on URL to approve and Visitor gains access
Note: leave domain blank for self sponsorship
Sponsor Guest Settings
Customizing Repeat Visitor Portal Experience Location based Policy ControlsMAC Filtering: automatic repeat
visitor association; MAC database in CMX Cloud
Repeat visitor login portal experiences customizable
Add Repeat Visitor context to the captive portal
Rules Engine – Define Customized ExperiencesNext generation Portal Splash Rules
Experience
Site-based Policy
SSID-based Policy Assign Rule
• 2 Rule-basedportal and POST auth Portal
• ENGAGE Rule for Customer follow Up
• SERVICE PLANfor Network Policy(Bandwidth and Access Duration)
• Defined Rate-limiting and Access Duration With this, CMX Cloud
• With CMX Cloud any policy enforcement can be done with a simple configuration
Policy Plan Authorization with CMX Cloud
• Background: when there are multiple guest SSIDs from Single AP (Managed Wi-Fi, Shopping Mall, etc) CMX can assign each SSID as completely separate Guest Portal Policy and configuration
New-Use case.SSID-based Connected Experience
• In Multi-Tenant environment, CMX can display portal upon every new site visit.
• Franchise or branches that are located across multiple site, can suppress splash page if customer visited same branch in last login frequency
New-Use casePortal display policy upon visiting new site
• Use-case : Multi-Tenant, Managed SP customer can assign different sponsor per tenant
• Sponsor Portal now can support multiple accepted email domains
• Settings > CONNECT Tab
New Use-CasesMultiple Sponsor Email Domains
Use Sponsor element On portal
CMX Cloud - Push Notification• Generate Push Notification message based on Presence Detection from AP
• Can send different message per types of movement• PASSERBY, VISITOR, CONNECTED, GONE,
App NotificationMessage
SMS-MessageWhen leave venue
• Twitter (Oauth 1.0) and LinkedIn (Oauth 2.0) has been added
• CMX Cloud - Now supports 5 Different Social ID Login.• Facebook, Instagram, Foursquare, Twitter and LinkedIn
CMX Cloud support - Social Network Login
Resources
CMX Cloud homepage: http://cmxcloud.cisco.com
Mobility Express homepage: http://cisco.com/go/mobilityexpress
dCloud CMX Cloud demo: https://dcloud-rtp-web-1.cisco.com/dCloud/drn.jsp
dCloud Mobility Express demo: https://dcloud2-rtp.cisco.com/content/demo/222996
Making it Easier: Assurance
ServiceManageFix Predict
Predict Client and network issues before they occur
Fix real time issues and get insight into historic trends
Learn
Surface undetected client and network anomalies
Machine Learning01001011000101110010010101100
1011000010101100110
PlanningInfrastructure Data
Behavioral analytics InsightSensor Data
Root cause issues in few Clicks
Build Resilient and Reliable Networks
Automate tools to discover outliers
Proactive wireless network assurance
Making it Easier: Licensing
A complete wireless system with ONE License
Enterprise Class Wi-Fi
Experience
Identity-Based Secure Access
Policy
Network Management End-to-End Security
Comprehensive Management For User,
Network and Application
(Prime)
Industry-Leading Mobility Capabilities
(HDX)
Centralized Identity-Based Policy Management(ISE-Base)
Software-Defined Segmentation
(TrustSec)Stealthwatch
Location Based Mobile Services
Customizable Location Tracking
(MSE-Base)
Location Tracking HyperlocationvBLE
No Single Technology Delivers for All Use Cases
CMX delivers high accuracy indoor location, leveraging Wi-Fi & BLE, today
BLENavigation
Proximity MarketingFast Refresh Rates
Wi-FiAnalytics
Space UtilizationZone-based Triggers
Enabling High Accuracy Wi-Fi
Client Side ApplicationPhunware Software
Delivers mobile experience
Uses Wi-Fi and BLE from Hyperlocation plus device
sensors to enhance location and refresh rate
HardwareHyperlocation Solution
Module and/or Antenna
Applies to Aironet AP3700 &
other AP 3K
Uses 16 to 32antennas to
determine mobile client location
Using Wi-Fi for Highly Accurate and Near-Real Time Location
Location Excellence Means BetterBusiness Intelligence
Cisco CleanAir® Technology - Detects BLE beacons and interferers;optimizes RF
Cisco FastLocate - A faster refresh provides more location detail
Hyperlocation - Provides enhanced location accuracy
BLE Gateway - Complete BLE management, integrated and plugin BLE options, and BLE analytics*
FastLocate: Critical toactionable data
T=00s T=30s
70 APs, 147 Connected Clients, 352 Detected Clients, 10 Zones, 18 Beacons, 17 Interferers
*Coming
Enabling High Accuracy Location
Client Side ApplicationPhunware Software/ Cisco SDK / Sample App
Delivers mobile experience
Uses BLE from Beacon point enhance location and refresh rate
HardwareCisco Beacon Point
Applies to Cisco Beacon
Point
Using BLE for Highly Accurate and Near-Real Time Location
CMX Virtual Beacon Solution
• Eliminates battery operated BLE beacons
• Operational Simplicity with virtual beacons
• Proximity Engagement and Indoor navigation
Customer BenefitsWhat is it?• Beacon Point generates BLE beams
• Beacon Center creates virtual beacons and manages beacon points via Cloud. Priced per beacon point per year
Cisco Virtual
Beacon www.cmxcisco.com
CMX
CMX Virtual Beacon – Value Proposition
Eliminate battery operated physical beacons
Replace up to eight physical beacons
Add or move virtual beacons with a click
Scale beacon deployment with operational simplicity
Eliminate RF calibration with advanced machine learning
Deliver high location accuracy, Reduced latency
Cisco Cloud Machine learning
and location engine
Beams | Hear
Location Estimate
CMX Beacon Points
Simplify Beacons – CMX Cloud Beacon Center
EngagementMetrics
Manage Beacon Points
Machine Learning Across Device Types
Drag and Drop Virtual Beacons
Create Proximity Message
Cisco Cloud Machine learning
and location engine
Customer Cloud
How It Works
Pharmacy
Bakery
Electronics
Clothing
Mobile app with Cisco SDK
Cisco Beacon Point
1
3
4
26
5
Mobile device listens to the BLE beacons from the Beacon Point1
Cisco Cloud sends location & map information to the mobile app. 3
Customer app interacts with Customer app cloud with additional information about it location
4
Cisco SDK (integrated into the mobile app) sends information to the Cisco cloud
2
When users are in proximity of a virtual beacon, custom notifications or URLs can be sent or actions can be taken
5
Virtual Beacons can be created anywhere in the coverage area 6
Cisco Virtual Beacon - Ordering Information
PID / SKU Description List Price
AIR-VBLE1-K9 CMX Beacon Point $695
AIR-CMX-SVC-VBLE CMX Cloud Beacon Center Subscription software includes software support
With multi-year discount$190 per BP per yr. (12 mos)$150 per BP per yr. (36 mos)$130 per BP per yr. (60 mos)
CON-SNT-AIRVBL1K Technical services 8x5xNBD SNT Replacement
Federal Certifications
Current Cisco Wireless Government CertificationsCertify every MD/long lived release
What’s Certified:ü All Cisco 11ac and 11n Access Points ü All appliance and integrated
controllersü MSE 8.0, and PI 2.2 ü APL Listing for WLAS, WAB,WIDS
What’s unique to Cisco:ü Cisco ONLY Wireless vendor with DCE
and Common Criteria Certificationü Predictable wireless certification – MD
SW release gets certifiedü Common release both Enterprise and
Government customers – Feature consistency and deployment flexibility
Certification 7.0 8.0 IOS 3.6
FIPS
CC
UCAPL
CSfC
USGv6
Comprehensive end-end solution certified !
Roadmap - Cisco Wireless Government Certifications8.3 (MR1) and IOS 16.3 – Q3CY16
What’s Certified:ü 11ac Wave 2 Access Pointsü 5520, 8540, 5508, 2504, WiSM2ü 3650 and 3850 switches/WLCü CMX 10.3ü APL Listing for WLAS, WAB,WIDSü Cisco SSL 6.x Integration w/AireOS
What’s the timeline:ü FCS – Nov ‘16ü JITC Eval Began Oct ‘16ü Estimate Completion Q2CY16
Certification 8.3 IOS 16.3
FIPS
CC
UCAPL
CSfC
USGv6
NGE and Wave 2 Certified Release!
Making Wireless Easier…
• Network of Tomorrow – Digital Network Architecture• Automation• Security• Insights
• Full Line of Products
• Full Speed• 802.11ac Excellence
• Full Control• Services & Security ensure granular control & enforcement
• More Ways to Do things… Making it even Easier
Thank You!
Questions?
