Prime Recording

Empowering Whats Next
Cisco
Customer
Education
Cisco Prime: Transform
Your Network with
Cisco
This session was recorded via Cisco WebEx! You can watch
the live session recording via the following URL:
https://acecloud.webex.com/acecloud/lsr.php?RCID=1cd1928b
b30445e5ba2bdd5712a74975
Thanks for your interest and participation!
Empowering Whats Next
Cisco
Customer
Education
Cisco Prime: Transform
Your Network with
Cisco
Connect using the audio conference

box or you can call into the meeting:
1.
Toll-Free: (866) 432-9903
2.
Enter Meeting ID: 209 534 281

and your attendee ID number.
3.
Press 1 to join the conference.
Welcome and Agenda
Welcome from Cisco!
A Brief History of Networking
Cisco Unified Access Overview

One Network
One Policy
Identity Services, MDM
One Management
Wired, Wireless, WAN
Cisco Prime Infrastructure
Brian J Avery
Territory Business Manager
Florida Territory Commercial
bravery@cisco.com
Priors:
Cisco Sales and Channels (10 yrs)
President and CEO (6 yrs)
Cisco Premier Partner
Network as Enforcer
Director of Sales (2 yrs)

Cisco Silver Partner
Conclusion, Call to Action
Financial Analyst (7 yrs)

Sprint Corporation
Who Is Cisco?
1984
Computer scientists,
Len Bosack and Sandy Lerner
found Cisco Systems
Bosack and Lerner run network

cables between two different
buildings on the
Stanford University campus
A technology has to be invented to deal
with disparate local area protocols;
the multi-protocol router is born
2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
Who Is Cisco?
Dow Jones Industrial Average
Fortune 100 Company

$145B Market Capitalization
$48B in Revenue
$8B in Annual Profits
$33B More Cash than Debt
Chuck Robbins,
CEO, Cisco
$5.9B in Research and Development

http://finance.yahoo.com/q/ks?s=CSCO+Key+Statistics
Cisco Confidential
Market Leadership Matters

No. 1
No. 1
Routing
No. 1
No. 1
Edge/Core/
Access
TelePresence
Wireless LAN
Modular/Fixed
Voice
45%
43%
50%
64%
39%
Switching
No. 1
No. 1
No. 2
No. 1
Web
Conferencing
x86 Blade
Servers
Storage Area
Networks
Security
41%
27%
47%
33%
No. 1
Q1CY14
What Is the Cisco Customer Education Series?
CCE is an educational session for current and

prospective Cisco customers
Designed to help you understand the capabilities and

business benefits of Cisco technologies
Allow you to interact directly with Cisco subject matter

experts and ask questions
Offer assistance if you need/want more information,

demonstrations, etc.
A Brief History
of Networking
Who Remembers When?
20 Years Ago:
Cubicles Office Space with different Networks
Wired Ethernet
and
Dedicated Phone
Lines
2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
10
15 Years Ago:
Cisco introduced PoE and VoIP
Simplified wiring &

beginning of
infrastructure
consolidation
Cisco Confidential
11
10 Years Ago:
WiFi with Trusted Wireless
Trusted Wireless
Enabled Mobility
Cisco Confidential
12
5 Years Ago:
Bring Your Own Device (BYOD)
BYOD
Maximized
Flexibility
Cisco Confidential
13
Today:
Workspace Transformation, Ent IoT & more
Next Generation
Workspace and New
Services enabled by
the Network
Cisco Confidential
14
Ready for the Business and IT Transformation?
78%
New Connected
Experiences
Optimal
Application
Experience
The network is
increasingly critical.
BYOD and
Mobility
Managed Cloud
Services
IT Simplicity and
Programmability
Cisco Confidential
15
Ready for the Business and IT Transformation?

Policy for employee
device access*
The network is not ready for

BYOD**
The network is not ready for

cloud**
50%
41%
38%
*2012 Cisco IBSG Horizons Study
**2013 Cisco Global IT Impact Survey
Cisco Confidential
16
Cisco
Unified Access
The Intelligent Platform for a Connected World
Calling all
Autobots!
Cisco Confidential
18
With Cisco, You Can
Have a Network That Drives Your Business

Making IT More Responsive to the Business
Less Time on IT Operations, More Time on IT Business Innovation
One Policy
Simple
Secure
One Management
Lower
TCO
One Network
Cisco Confidential
19
One Network
Cisco Catalyst Switches from Access to Backbone!

New products across the complete portfolio
Catalyst 3850/3650
Catalyst 4500E
with SUP8-E
Catalyst 2960
Advanced fixed
switching with
Unified Access
Smart, simple,
green & secure
wired access
LOWER
TCO
END-TO-END
SECURITY
Catalyst 6500/6800
Flexible, scalable,
feature-rich
modular access
APPLICATION
VISIBILITY
INVESTMENT
PROTECTION
Enterprise
backbone
optimized for
10/40/100G
PERFORMANCE
21
Cisco Confidential
& SCALE
Catalyst Access Portfolio
From essential connectivity to Unified Access for next-generation workspaces

UNIFIED
WORKSPACE
BYOD
Video
Mobility
Converged Wired/Wireless Access
Secure, reliable access
Features
Low TCO & energy-efficient
Scale and performance

Resiliency & high availability
Application Visibility
Cisco TrustSec
Competitiv e Feature Set

at Compelling Prices
Scale
Cisco Confidential
22
Catalyst Converged Access Switching Portfolio
Industry-Leading Switching - Deployment Choices, Flexibility, Affordability

STACKABLE SWITCHES
Advanced Functionality
High-Performance Stackable Switch
Access points
supported
Base Stackable Switch
Stacking bandwidth
25 access points
160G stacking bandwidth
Fixed uplink
Cisco Catalyst 3650
Modular uplinks
Cisco Catalyst 3850
MODULAR SWITCHES
Highly Adopted Switching Platform
Bandwidth
(928 Gbps)
Modular 8 x 1 and 10
Gigabit Ethernet Uplinks
Cisco Catalyst 4500E with

Supervisor 8-E
Performance and Investment Protection

Cisco Confidential
23
UADP ASIC in Catalyst 3850/3650 Enables Convergence

Built on UADP
Unified Access Data Plane
Unique and powerful Cisco innovation
Hardware performance with

software flexibility
Optimized Performance
CAPWAP encapsulation/de-capsulation,
Flexible Netflow, QoS happens in ASIC for
line rate performance
Future Proofed and Programmable
Flexparser enables new software features

(like SDN) over the product lifetime
UADP is used across multiple platforms
Catalyst 3850/3650, Sup 8E, WLC5760
Cisco Confidential
24
Unified Access Wired/Wireless on One Network

Cisco Wireless
LAN Controller
Internal
Resources
One Network
Corporate
Network
Cisco
Access Point
Internet
Cisco Firewall
Catalyst
Switch
C o n v e rge d A c c e s s M o d e
2013-2014
Integrated wireless
controller
LAN Mgmt
Distributed wired/wireless
Solution
data plane (CAPWAP
Wireless
Identity
OneControl
Policy ISE
termination
Cisco and/or its affiliates.
All rights reserved. on switch)
System
Mgmt
Access Control
Server
Guest
NAC
One Management
Prime
Cisco Confidential
Server
Profiler
25
NEXT GENERATION COMPACT
Extend the Network
Quiet but Capable
Flexibility in Deployment
Ideal for Retail Kiosks, Classrooms,

Conference Rooms, Hotel
Suitesoutside the wiring closet
Fanless with full-size

capabilities, UpoE, Perpetual
PoE, Mgig, DC powered
Nbase-T, Copper/Fiber,
Standalone or Instant Access
Mode, PnP with APIC-EM
Cisco Confidential
26
Security
Segmentation with Cisco TrustSec

Business Policy:
Who can talk to whom
Who can talk to what systems
What systems can talk to other systems
Simplifies policy implementation

Simplifies security operations
Accelerates business agility
Lowers network cost and
complexity
Aggregation Layer
Data Center Firewall
Data Tag
Supplier Tag
Guest Tag
Destination
Source
HR Database
Prod HRMS
Exec BYOD
Exec PC
HR Database
Storage
Quarantine Tag
Access Layer
X
X
Voice
Data
Suppliers
Quarantine
GuestCisco Confidential
27
Smart Operations
APIC EM
Lower TCO
Sleep
Zero Touch Deployments

and Maintenance
NG Plug n Play
Sm art Install
Instant Access
Softw are image &
Configuration dow nloaded
Consistent for Devices &
PIN
On-going Image Update
and Configuration Backup
Easy Configurations
for endpoints
Sleep
Monitor and troubleshoot
Auto Sm art Ports

Auto Conf
Interface Tem plates
Port Configuration:
Applied
QoS Policy:
Enforced
Security Policy:
Enforced
Sm art Call Hom e

IPSLA
Proactive diagnostics
Real time Alerts
Web-based reports
Routed to TAC team
Sleep
Program the network

EEM, XML
Program m ability
Ability to take custom

actions based on
syslogs/triggers
Enhanced Flexibility and
control
Reduce energy consumption

Energyw ise and EEE
EEE ready
Energyw ise Time of the
day policy based on/off of
access devices
0 $ SKUs for energy
management
Cisco Confidential
28
High Availability
Protecting Business Continuity

StackPower
FlexStack+
Stateful SwitchOver
Physical Redundancy
Stateful Switchover
Network Resiliency
Redundant Pow er
Supplies
StackPow er w ith 3850
Redundant Fan Trays for
Chassis Systems
Redundant Supervisors
for Chassis Systems
Stackable Support:
3850 and 3650
Intra-chassis support:
6800, 6500 and 4500
Inter-Chassis support:
w ith VSS
NSF support for OSPF,

EIGRP, ISIS, BGP
NSF reduces forw arding
table churn
BGP PIC
Graceful Restart for IPv4
& IPv6 w ith various
routing protocols
OSPFv3 Non-Stop
Routing
Virtual Switching System
Upgrade Management Infrastructure Redundancy

ISSU for hitless softw are
upgrade
EFSU for minimal
disruption during softw are
upgrade
VSS
Instant Access
Multi-chassis
EtherChannel (MEC)
provides hardw are-based
failover
VSS Quad-Sup SSO w ith
Sup2T
Cisco Confidential
29
Cisco Multigigabit Ethernet

Key Differentiators
Maintain Switch to AP Reach at Higher Speeds

Adaptive Rate Technology (FE, 1G, 2.5G, 5G, and 10G) Future proofed for higher speeds
Infrastructure Investment Protection

Supports 100m distance with Cat5e cabling up to 5G speeds for Brownfield
Supports Cat6a cabling for Greenfield deployments for higher speeds
POE/POE+/UPOE
Cisco Innovation over 10GT Standard to support high end point power needs
Standards Compliant
1G and 10G BaseT IEEE standards, intermediate speeds WIP
Cisco Confidential
4500E Multigigabit Line Card
C3850 12 port and 24 port Multigigabit
30
Compact Multigigabit switch 3650CX
Cisco Multigigabit Ethernet Cabling Support

Maximum Investment Protection
Cable Type
1G
2.5G
5G
10G
Cat5e
100m
100m
100m *
N/A
Cat6
100m
100m
100m
55m
Cat6a
100m
100m
100m
100m
Auto-negotiation of cable type of speeds supported
0-55m: no restrictions
55-100m: based on customer cabling infrastructure and configuration, there are some corner cases in which customers
will experience less than 100m support. In these cases, the system will automatically default to 2.5G (post-FCS SW
release support)
Cisco Confidential
31
This MUST be
Autobot
technology.
Cisco Confidential
32
Gigabit Wi-Fi is Here

Capturing the Potential
of 802.11ac
Market: Why Gigabit Wi-Fi / 802.11ac now!!!
Wi-Fi as Primary
Ethernet as Fallback
Connectivity
Wireless (53%) will

bypass Wired traffic
(40%) by 20171
1 Cisco VNI Global Mobile Data Forecast 2012-2017,
2 AVI Research
50% new devices will

be 802.11ac by end of
2014, 75% by 20152
3 Nemertes Research Global Mobile Research 2013
Wi-Fi Speed
6900**
Gigabit Wi-Fi as Primary
6900**
8
Spatial
Streams
3500**
4
Spatial
Streams
2340**
1300*
1730**
2
Spatial
Stream
870*
600
450
300
430*
802.11
1997
24
3X the Performance
802.11b
802.11a/g
over 802.11n
1999
2003
2 Gigabit
Ethernet Uplinks
Gigabit
Ethernet Uplink
54
11
Desktops
3SS
Desktops / Laptops
2SS
Laptops / Tablets
1SS
Tablets / Smartphones
1
Spatial
Stream
= Connect Rates (Mbps)
65
430*
4SS
2X the802.11ac
Battery Life
802.11ac
over
802.11n
Wave
1
Wave 2
802.11n
2007
2013
2016
SS = Spatial Streams
No Price
Premium
*Assuming 80 MHz
overand
802.11n
suitable
channel is available
**Assuming 160 MHz channel is

available and suitable
Wi-Fi as Primary Connectivity Changes Everything

Improve Customer Experience
Treat more Patients
Mobile Physicians and Staff

Enabling the real-time Physician
Improve Services Delivery
Reach more Students
Mobile Faculty and Students

Enabling the always connected student
Mobile Technicians and Engineers

Connecting the previously unconnected
Mobile Staff and Services

Reach more of those you serve
Increase Sales
Increase Production
Mobile Insurance Agents

Enabling the real-time Agent
Mobile Sales Associates

Enabling the real-time in-store sale
Cisco Confidential
36
Mobile Devices as the

Most Important Technology
OF STUDENTS
OF EMPLOYEES
SAY A MOBILE DEVICE

(LAPTOP, SMARTPHONE, TABLET) IS
THE MOST IMPORTANT
TECHNOLOGY IN THEIR LIVES.
SMARTPHONES ARE POISED TO SURPASS DESKTOPS AS THE

MOST PREVALENT TOOL FROM A GLOBAL PERSPECTIVE
Cisco Confidential
37
Changing People
OF COLLEGE
STUDENTS
COLLEGE STUDENTS AND

YOUNG PROFESSIONALS
Air
Water
Food
Shelter
WiFi/Internet
CONSIDER THE INTERNET TO BE A FUNDAMENTAL
HUMAN RESOURCE
AND
OF YOUNG
EMPLOYEES
SAY THEY COULD NOT LIVE WITHOUT

THE INTERNET
Cisco Confidential
38
Why Cisco for Gigabit Wi-Fi / 802.11ac
Only AP manufacturer
that built their own
Radio ASIC
Most CPU and

Memory per AP in
the industry
Suite of High Client

and Access Point
Density
capabilities
Only Modular and

Future Proofed Access
Point in the industry
Unique Gigabit Wi-Fi / 802.11ac Access Point Design
2.4GHZ Radio
THE CISCO ADVANTAGE

CPU
More onboard CPU Processing and

Memory than any other Access Point
design in the industry with no price
premium over previous generations
DRAM (128)
5GHZ Radio
CPU
DRAM (128)
DRAM (512)
CPU
Cisco Confidential
40
Cisco High Density Experience (HDX)
Turbo Performance
Improves the efficiency of airtime
utilization and channel capacity
Optimized Roaming
Intelligently determines the
optimum time to roam
Cisco CleanAir 80Mhz

Mitigates interference and improves
channel capacity
Cisco ClientLink 3.0

Improves legacy and 802.11ac
Client performance
Noise Reduction*
Enables Dense Access Point
Coexistence / implementation
*Future
Industries Most Comprehensive Gigabit Wi-Fi Portfolio

Best in Class
Modular
Mission Critical
High-Performance
Fixed
Fixed
802.11ac with HDX
M R34
802.11ac
802.11ac with HDX
802.11n with 802.11ac Module
ON-PREMISE
CLOUD MANAGED
Cisco Unified Access:

The Foundation For Connected Mobile Experiences
How It Works
DETECT
CONNECT
ENGAGE
GUEST PRESENCE
GUEST ACCESS
GUEST EXPERIENCE
Mobile devices and characteristics

detected before they enter the
venue
Seamless and secure Wi-Fi connectivity

Preferences, profile, device, and roaming
credentials identified
Highly relevant content and services

based on user attributes and realtime location
LOCATION ANALYTICS
Insights into Customer Online and Onsite Behavior, Traffic Paths, Dwell Times, Location Density, etc.
Imagine The Possibilities

Industry Use Cases
HOSPITALITY
RETAIL
Context-rich
notifications
Use of loyalty app
encouraged
In-venue high-value
shopper engagement
CONNECTED
TRAVELERS
CONNECTED
GUESTS
CONNECTED
CONSUMERS
TRANSPORTATION
Indoor maps with

featured attractions
Personalized thirdparty advertising
Special promotions
CONNECTED
PATIENTS
Better planning for high- Caf and gift shop

orders and delivery
traffic areas
Transportation updates, Maps and wayfinding
integrated into
indoor directions
patient apps
Third-party advertising
Nearby services
opportunities
notifications
EDUCATION
HEALTHCARE
CONNECTED
STUDENTS
Campus maps and
directions
Stadium sales and
athletic event
experience
Real-time bus maps
Analytics That Aid Business Decisions

Which Area Did People Spend Tim e In?
What Were the Peak Tim es

in the Venue?
Most Frequently Used Paths in the Venue
Are They New or Repeat

Custom ers?
Wi-Fi Stats:
Associated vs. Nonassociated Devices
Not All Gigabit Wi-Fi Solutions are Created Equal

802.11ac
with HDX
Optimized Wi-Fi Network

Improved Experience on ALL Devices
Cisco is the ONLY SOLUTION
with High-Definition Experience
Technology (HDX)
Increased Scale and Coverage

Support Bandwidth Intensive Apps.
Support More Devices Than 802.11n
Improved Device Power Efficiency
All Gigabit
Wi-Fi
Vendors
802.11ac
Transform Your
Network!
Cisco Confidential
47
Branch and WAN Opportunity
Digital Innovation Overwhelming the Branch

MORE
USERS
Digital
Displays
Guest
WiFi
Omni-channel
Apps
SaaS Enterprise
Apps
HD
Video
MORE
APPS
Online
Training
80%
Of employee and
customers are served in
branch offices*
20-50%
Increase in Enterprise
bandwidth per year
through 2018**
BRANCH
Social
Media
OS
Updates
Mobile
Apps
*Tech Target, Branch Office Growth Demands New Devices., 2013

**Gartner, Forecast Analysis: Worldwide Enterprise Network Services, Q2 2014 Update
*** Gartner: Bring Branch Office Network Security Up to the Enterprise Standard, Jeremy DHoinne, 26 April. 2013.
MORE
THREATS
30%
Of advanced threats will
target branch offices by
2016 (up from 5%) **
Cisco Confidential
49
Cisco Branch Strategy

SECURITY
Cisco Unified Access (UA)
Cisco Intelligent WAN (IWAN)
Connected Mobile Experiences
Converged Branch Infrastructure
LAN
Users
WAN
BRANCH
Data Centers/
Cloud
Cisco ACI
Automation, Orchestration,
Programmability
Cisco Confidential
50
Cisco Strategy for Accelerating Branch Innovation

SECURITY
Cisco Unified Access (UA)
Cisco Intelligent WAN (IWAN)
LAN
WAN
Connected Mobile Experiences
Users
Converged Branch Infrastructure
BRANCH
Data Centers/
Cloud
Cisco ACI
Automation, Orchestration,
Programmability
Cisco Confidential
51
Cisco Intelligent WAN Vision

UNCOMPROMISED EXPERIENCE OVER ANY CONNECTION
Any
User
Private
Cloud
Hybrid
Cloud
Any
Application
Public
Cloud
Align Infrastructure to Better Business Outcomes

Application
Experience
Secure
Access
Lower
Costs
IT
Simplicity
Cisco Confidential
52
Introducing New IWAN Innovations

Elevating to an Application-Centric WAN
High Performance
Hybrid WAN
Secure Direct
Internet Access
Automate
WAN Provisioning
Internet
MPLS
3G/4
G
APP
Public
Cloud
App-aware services with

high performance; low cost
NEW
Intelligent Path Selection

Akamai Connect
365
Threat-centric services
elevate branch defense
NEW
Sourcefire IDS
CloudWeb Security
Centralized policy with

distributed enforcement
NEW
IWAN App with APIC

Open Ecosystem
Purpose-Built Branch Infrastructure: Cisco ISR 4000 Series

with Cisco ONE Software purchase options
Cisco Confidential
53
Application-Aware Services
Maximize Apps Experience and Bandwidth Use

Intelligent Path Selection
(PfRv3)
Akamai Connect
NEW
Now Shipping
Now Shipping
Internet
MPLS
3G/4G
ISR-AX
High Quality Experience

Over Any Connection
Enabling New
Digital Experiences
Simple application-based policies

One-touch, hub-only configuration
Intelligent web caching

Content prepositioning
Dramatically offloads WAN
Cisco Confidential
54
Threat-Aware Services
Comprehensive Branch Threat Defense

Cloud Web Security with
Advanced Malware Protection
Sourcefire IDS on UCS-E

NEW
NEW
Limited Availability
2HCY2014
Available 1HCY15
Delivers Branch Defense
Secure Internet Access
99% protection against attacks

Most powerful detection software
Scale Internet edge to the branch

Address full attack continuum
Cisco Confidential
55
Re-designed Architecture For Branch Agility

Service Aware
Data Plane
for Efficient traffic handling
Virtualized Services
Framework
Flexible virtualized application services
Converged Branch
with UCS E-Series
Cisco ISR 4000
Integrated network, compute, storage
Pay-as-You-Grow
Performance and services on demand
Cisco Confidential
56
One Policy
Cisco Identity Services Engine (ISE)

NETWORK / USER
CONTEXT
Who
INTEGRATED PARTNER
ECOSYSTEM
What
When Where
How
Access Policy
Guest
Visitor
BYOD
Employee
User
2013-2014 Cisco and/or its

affiliates. All rights reserved.UNKNOWNS
MINIMIZE
NETWORK
REDUCE YOUR ATTACK SURFACE
CXO Level
Secure
Access
Compromised
Device
58
CiscoCONTROL
Confidential
ENFORCE THE RIGHT LEVEL OF ACCESS
CONTAIN MALICIOUS NETWORK THREATS
Role-Based Secure Access with ISE
Confidential
Patient Records
Who: Doctor
What: Laptop
Where: Office
Internal Employee
Intranet
Who: Doctor
What: iPad
Where: Office
Internet
Who: Guest
What: iPad
Where: Office
Acquires Important Context & Identity from the Network

Implements Context-Aware Classification & Policy
Provides Differentiated Access to the Network
Enterprise Mobility Management Integrations

Enforce True Device Compliance for All Mobile Devices
Sees unregistered devices on the network?
Sees ALL devices on the network
Forces EMM Policy Compliance?
Requires devices to comply with EMM policy
Keeps noncompliant devices off network?
Provides guest access to non-EMM devices
EMM
Secures Actual Device
SOLUTION
Cisco ISE
Secures Network Access
ISE + EMM
Together
Cisco Confidential
60
One Management
Cisco
Prime!
Cisco Confidential
62
Cisco Prime Infrastructure
Realizing the Vision of One Management

Lifecycle
Converged
management
with integrated best
practices
Data Center
Assurance
Simplified operations
management
Campus Branch to DC
End-to-end application
experience and visibility
Day 0 to Day N
Application-Centric
Cisco Confidential
63
Wireless Management
Get Comprehensive Configuration and Operational Productivity

Network Configuration
Network Health
Troubleshooting
Discovery, inventory, SWIM,

compliance PSIRT
Maps-based planning for access

point placement
End-user troubleshooting
authentication and access
Controller and access point

deployment, configuration audit
Sites and virtual domains
Rogue, security, voice audit, mesh
Users and devices, and

applications
Network configuration, guest

access, RRM
Performance reporting and fault

management
Client tracking
Visualization of users, rogues,

interferers through maps
Integration with
ISE
Cisco
MSE and
Cisco Confidential
64
Switch Management with Cisco Prime Infrastructure

Network Configuration and Health
Fault
Plug and
Play (New
device in
network)
Lifecycle
Management
Discovery
and
Inventory
Configura
tion
Archive
and SWIM
Platforms
Supported
Managem
ent
(Syslog
and Trap
Processing
)
CAT2960
EEM
Trustsec
Work
Center
Wireshark
Quality of
Service
CAT
3560,
3650,
3750,
3850
Performa
nce
Managem
ent
CAT4500
User
Tracking
Configura
tion
(Features:
ACL,
VLAN,
etc)
CAT
6500,
CAT6800
EoL/EoS
Reports
Network and Application Assurance

Cisco Confidential
65
Router Management with Cisco Prime Infrastructure

Network Configuration and Health
Lifecycle
Management
Plug and
Play (New
device in
network)
Discovery
and
Inventory
ISR
800
Series
Platforms
Supported
IWAN
Management
Configurati
on Archive
and SWIM
DM-VPN
AVC
Visibility
and
Performanc
e
Performanc
e Routing
Fault
Manageme
nt (Syslog
and Trap
Processing)
ISR G1
Series
Quality of
Service
Configurati
on
(Features:
VPN, ACL,
VLAN, etc)
Performanc
e
Manageme
nt
ISR G2
1900
2900
3900
ISR
4300
4400
Zone based
firewall
ASR
1000
Series
WAAS
Network and Application Assurance

Cisco Confidential
66
Simplified IWAN Management
Guided Workflow to
help design and deploy
IWAN on your branch
or hub
Cisco Confidential
67
Prime Infrastructure Highlights Application Experience

Service Health Dashboard for Sites, Users and Applications
Automated Baselining
Proactive Performance Troubleshooting
Service Health Dashboard
AVC Configuration for ISR/ASR
One-click AVC Configuration
AVC Monitoring Customization
NBAR2 Custom Applications

Embedded Packet Capture for ASR
Top URL/Domain Views
Cisco Confidential
68
Network as Enforcer
You Cant Protect What You Cant See

The Network Gives Deep and Broad Visibility
0101
0100
1011
0101
0100
1011
0101
0100
1011
0101
0100
1011
Cisco Confidential
70
NetFlow The Heart of Network as a Sensor

Example: NetFlow Alerts With Lancope StealthWatch
Network Scanning
Botnet Detection
TCP, UDP, Port Scanning Across Multiple Hosts
When Inside Host Talks to Outside C&C Server

for an Extended Period of Time
Denial of Service
Fragmentation Attack
SYN Half Open; ICMP/UDP/Port Flood
Host Sending Abnormal # Malformed Fragments.
Host Reputation Change
Worm Propagation
Inside Host Potentially Compromised or

Received Abnormal Scans or Other Malicious Attacks
Worm Infected Host Scans and Connects to the Same Port Across
Multiple Subnets, Other Hosts Imitate the Same Above Behavior
Data Exfiltration
Large Outbound File Transfer VS. Baseline
Cisco Confidential
71
What is the StealthWatch System?
The StealthWatch System . . .
Collects and analyzes NetFlow data and brings it together with user
information, application awareness, and other security context to provide
pervasive visibility and security intelligence across the network.
StealthWatch helps organizations:
Accelerate incident identification and response.

Improves forensic investigations.
Reduces overall enterprise risk.
1/30/2
Cisco Confidential
72
72
Use Case Defense against Data Breaches

Anatomy of a Data Breach
Network as Enforcer
Perimeter
(Inbound)
Infiltration and
Backdoor establishm ent
Reconnaissance and
Netw ork Traversal
enterprise network
C2 Server
Attacker
Data
Exfiltration
Admin Node
Perimeter
(Outbound)
Exploitation and
Privilege Elevation
Staging and
Persistence (Repeat 2,3,4)
Cisco Confidential
73
What Can the Network Do for You?

Network as Sensor
Detect Anomalous Traffic Flows, Malware
e.g. Communication with Malicious Hosts, Internal Malware Propagation, Data Exfiltration
Detect App Usage, User Access Policy Violations

e.g. Maintenance Contractor Accessing Financial Data
Detect Rogue Devices, APs and More
e.g. Maintenance Contractor Connecting an Unauthorized AP in Bank Branch to Breach

Cisco Confidential
74
Conclusion
Cisco Unified Access Portfolio
Robust Converged Wired And Wireless Solution

Cisco Unified Access
One Policy
One Network
Co ntrollers and Converged Access Switches: Common OS, UADP ASIC
Cis co Identity Services Engine (ISE)

En try-level
S witches
MDM
SIEM
S ta ckable Switches
2960X/XR
4500-E w/Sup. 8 -E
Access P oints
One Management
Cis co Prime Infrastructure
3650
38 50
S witching P latform
S ma ll to Midsize
En terprise
1600
Fe a ture-Optimized
En terprise
2600
M idsize to Large
En terprise
3600
H igh-Density
En terprise
Lo w
P rofile
La r ger
D e ployments
3700 w/HDX
1530
1550
Conclusion
Thank You and Next Steps
Contact Your Cisco Partner

www.
https://tools.cisco.com/WWChannel
s/LOCATR/performBasicSearch.do
Brian Avery
bravery@cisco.com
Learn more at:
http://www.cisco.com/go/unifiedaccess
Join us again for a future Cisco Customer Education Event
CCE sessions are held weekly on a variety of topics
CCE sessions can help you understand the

capabilities and business benefits of Cisco
technologies
Watch replays of past events and register for

upcoming events!
Visit http://cs.co/cisco101 for details

Prime Recording

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Prime Recording

Uploaded by

Copyright:

Available Formats

Empowering Whats Next

Empowering Whats Next

Connect using the audio conference

Toll-Free: (866) 432-9903

Enter Meeting ID: 209 534 281

Press 1 to join the conference.

Welcome and Agenda

Welcome from Cisco!

A Brief History of Networking

Cisco Unified Access Overview

Identity Services, MDM

Wired, Wireless, WAN

Cisco Prime Infrastructure

Director of Sales (2 yrs)

Conclusion, Call to Action

Financial Analyst (7 yrs)

Bosack and Lerner run network

Fortune 100 Company

$5.9B in Research and Development

Market Leadership Matters

What Is the Cisco Customer Education Series?

CCE is an educational session for current and

Designed to help you understand the capabilities and

Allow you to interact directly with Cisco subject matter

Offer assistance if you need/want more information,

Cubicles Office Space with different Networks

Cisco introduced PoE and VoIP

Simplified wiring &

2013-2014 Cisco and/or its affiliates. All rights reserved.

WiFi with Trusted Wireless

2013-2014 Cisco and/or its affiliates. All rights reserved.

Bring Your Own Device (BYOD)

2013-2014 Cisco and/or its affiliates. All rights reserved.

Workspace Transformation, Ent IoT & more

2013-2014 Cisco and/or its affiliates. All rights reserved.

Ready for the Business and IT Transformation?

Ready for the Business and IT Transformation?

The network is not ready for

The network is not ready for

*2012 Cisco IBSG Horizons Study

2013-2014 Cisco and/or its affiliates. All rights reserved.

**2013 Cisco Global IT Impact Survey

2013-2014 Cisco and/or its affiliates. All rights reserved.

With Cisco, You Can

Have a Network That Drives Your Business

Cisco Catalyst Switches from Access to Backbone!

2013-2014 Cisco and/or its affiliates. All rights reserved.

Catalyst Access Portfolio

From essential connectivity to Unified Access for next-generation workspaces

Converged Wired/Wireless Access

Secure, reliable access

Low TCO & energy-efficient

Scale and performance

Competitiv e Feature Set

2013-2014 Cisco and/or its affiliates. All rights reserved.

Catalyst Converged Access Switching Portfolio

Industry-Leading Switching - Deployment Choices, Flexibility, Affordability

High-Performance Stackable Switch

Cisco Catalyst 3650

Cisco Catalyst 3850

Cisco Catalyst 4500E with

Performance and Investment Protection

UADP ASIC in Catalyst 3850/3650 Enables Convergence

Hardware performance with