You are on page 1of 120

Managing an Enterprise WLAN with Wireless Control System (WCS)

BRKEWN-2011

Session Agenda
The Role of WCS/NCS in the Network Introducing Cisco Prime Network Control System Planning and Deploying a Wireless Network Monitoring Tools and Troubleshooting Reporting Advanced Topics WCS to NCS Migration
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

Session Objective
Original session objective: The objective of this session is to show WCS s role in the network and its lifecycle, and to demonstrate WCS features and how they can be used to perform practical tasks; the session also provides suggestions and best practices on topics where appropriate Modified session objective: Since Cisco Prime Network Control System (NCS) has been announced, this session will cover WCS and introduce NCS in the context of WCS in terms of common areas and key differences.
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

The Role of WCS/NCS in the Network

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Introducing Cisco Prime Network Control System (NCS)

What is Network Control System (NCS)?


Single platform for consolidated view of wired and wireless access infrastructure and endpoints Built on the foundation of Cisco WCS, provides complete lifecycle management of wired and wireless access networks Provides monitoring of endpoint security policy integration with Cisco Identity Services Engine (ISE) All existing functionality in WCS is also supported in NCS

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

NCS Key Enhancements


Increased Scale 15,000 lightweight APs 5,000 aIOS APs 5,000 switches Manage access layer of network wireless and wired Wireless NetOps Wired NetOps SecOps drag and drop customization, advanced filters (list pages), improved page navigation Integrated user/device monitoring and troubleshooting with Cisco Identity Services Engine (ISE) Increased reporting scale, optimization

Unified Access and Services Management

Enhanced UI Comprehensive Identity M&T Reporting Enhancements


Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

NCS Increased Device Scale


Device WCS Devices Supported 3,000 NCS Devices Supported 15,000

Cisco Lightweight Access Points Cisco 1,250 Autonomous Access Points Cisco Switches 0
Presentation_ID

5,000

5,000
Cisco Public

2011 Cisco and/or its affiliates. All rights reserved.

Appliance Delivery Models


Physical Appliance
Application & Components

Virtual Appliance
Application & Components

OS

Cisco Provided

Cisco Provided

OS

Cisco-branded Hardware (1RU) Virtual Infrastructure

Customer Provided

Discontinuation of software binaries - Replaced by new Complete Appliance Model


Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

Appliance-Based Solution
Physical Appliance Virtual Appliance Hardware and software VMware image (OS + NCS) from Cisco Supported on: (OS and NCS pre-installed) VMware ESX/ESXi version 3.5 VMware ESX/ESXi version 4.1 15,000 lightweight APs 1,200 WLCs 5,000 aIOS APs 5,000 switches Cisco hardware appliance Not supported on WLSE hardware Large: 15K/1.2K/5K/5K Medium: 7.5K/600/2.5K/2.5K Small: 3.5K/240/1K/1K High-end: 8x2.93GHz CPU/1GB DRAM/300GB HD Standard: 4x2.93 GHz/12 GB/200 GB Low-end: 2x2.93 GHz/8 GB/150 GB
Cisco Public

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

10

Planning and Deployment

Planning and Deployment


Using Planning Tool Setting up Network Elements via WCS/NCS
Controller Configuration Groups Configuration Template LaunchPad Controller Auto-Provisioning Configuration Auditing Methods

Provisioning Maps and Context-Aware Service

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

12

PlanningOverview
Launching the Planning and Editing Tools
Create a new Campus/Building Create a floor you want to plan for (import floor plan) Pick Planning Mode or Map Editor from the drop-down menu

Planning ModeHigh-Level Options


Add AP: Allows adding new Access Points to the Map Delete AP: Remove existing Access Points from the Map Map Editor: Edit the floor plan to draw objects such as light/thick walls, light/ heavy doors, cubicles, glass, coverage areas, perimeters, markers, etc. Synchronize with Deployment: Pull in currently deployed and placed Access Points on the floor to tweak existing deployment Generate Proposal: Generates a document that maybe provided to a 3rd party deployment company; additionally, also provides various heat maps
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

13

Planning ToolMap Editor


Accounts for objects and obstacles on a floor
For a precise RF propagation model display (predictive heat maps) Attenuation characteristics for objects and obstacles help predictive engine

Helps specify areas and regions such as:


Coverage Area and Markersused for location notifications Perimeterdefines the outer boundary Location Inclusion and Exclusion Regions used for location events and notifications

Objects and obstacles that may be specified:


Walls (Light and Heavy)2dB and 13dB Cubicle (Walls)1dB Doors (Light and Heavy)4dB and 15dB Glass (doors, windows, walls)1.5dB

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

14

Planning ToolOptions
Specify AP Prefix and AP Placement method (automatic vs. manual)

Selecting AP type determines the antenna choices available for both the 2.4GHz and 5GHz band Select the protocol (band) and minimum desired throughput per band that s required for this plan

Enable planning mode for advance options for data, voice, location and others

Location with monitor-mode factors in AP(s) that could be deployed to augment location accuracy Both the Demand and Override options allow for planning for any special cases where there s a highdensity of client presence such conference rooms or lecture halls

Data and Voice provide safety margins for design help. Safety margins help design for certain RSSI thresholds (detailed in online help). Location typically requires a denser deployment than data and the location checkbox helps plan for the advertised location accuracy

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

15

Planning ToolCustomize Plan


Default suggestions after running the planning tool present AP deployment choices and ability to switch between data and signal strength heatmap

Clicking an AP in the plan allows customization (added, deleted or simply modify properties) before a proposal may be generated
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

16

Planning ToolProposal

Proposal Contents:
Floor Plan Details Disclaimer/Scope/Assumptions Proposed AP Placement Coverage and Data Rate Heatmap Coverage Analysis
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

17

Configuration Config-Groups Overview


What Are Config-Groups? An easy way to group controllers logically Provides a way to manage controllers with similar configurations
Extract templates from existing controller to provision Schedule configuration sets Cascade Reboot

Manage Mobility Groups, DCA, and Configuration Auditing When Are Config-Groups Used? Group sites together for easier management for:
Mobility Groups DCA and Regulatory Domain Settings Schedule remote configuration changes

Groups sites to ensure compliance with configuration policies


Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

18

Configuration-Groups How-To: Setup

Select and add later: Only create the config group and then add controllers and templates at another time Copy Templates from controller: Copy templates from one of the controllers currently in WCS and then apply them to controllers in this config group. Note, if controllers templates are not already discovered, they can be discovered from the Configure Controllers page
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

19

Configuration-Groups How-To: Setup

Adding Controllers: Controllers in WCS are presented and can be moved over to the newly config group Applying Templates: Discovered or already present template(s) can then be applied to controller Auditing: Ensure template-based audit is selected in audit settings and then audit controllers in group to ensure they comply with policies
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

20

Configuration-Groups: Things to Remember


Template order is very important! Background audit is performed during network and controller audit Background audit and audit enforcement can only run when template-based audit is selected (under AdministrationSettings) WLC(s) may be part of multiple configuration groups so be careful while setting mobility group names

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

21

ConfigurationTemplates Overview
What Are Configuration Templates?
Sets of configurations that may be applied to devices at system/global level May be re-used to modify already applied configurations May be used to replicate configuration to other devices added subsequently May be to used to schedule configuration changes May be to used to audit against

Types of Templates
Controller templates Lightweight AP templates Autonomous AP migration templates Controller and Autonomous Command-Line templates

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

22

Controller Template LaunchPad


All-in-one, high-level view of template categories in WCS which may be expanded or collapsed for easier navigation and viewing

Tree-based hierarchy continues to exist as left-hand navigation Each template provides a callout icon which, on mouse-over, provides easy to understand description of what the template is and how it may be used to configure certain attribute(s).
Cisco Public

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

23

Templates: Things to Remember1


Templates are added to WCS database when a WLC is first added to WCS Template names can be changed to more meaningful names after discovery Additional configuration changes on the WLC may be pulled in to WCS via the Discover templates from controller option

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

24

Templates: Things to Remember2


Upon configuration refresh from WCS, template associations may be deleted or maintained Use the Templates Applied to Controller option to see a mapping of existing templates (pushed from WCS)

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

25

Templates: Things to Remember3


WLAN override feature was re-designed and merged under AP GroupsWCS does provide backward compatibility so newer releases (5.2 and above) provision this differently WCS supports template creation for WLC s dynamic interfaces

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

26

ConfigurationAuditing
Easy way to identify configuration gaps between WCS and WLC
Manual on-demand audit capability Automatic audits based on configuration sync background task

Allows easy reconciliation in the event of a configuration mismatch Helps ensure WLCs comply with configuration policies

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

27

Quick Audit Summary and Reconciliation

Audit Summary Restore or Maintain Config

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

28

Audit Settings
Audit Settings Audit Mode
Basic Audit: Perform an audit on current WLC configuration and compare it with the configuration in WCS Template-Based Audit: Perform an audit on current WLC configuration with respect to applied templates, config groups background templates and then the configuration in WCS

Audit On
All Parameters: Audit on entire WLC configuration Selected Parameters: Audit on selected parameters from the templates

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

29

ConfigurationAuto-Provisioning
What Is Auto-Provisioning? Ability to automatically detect and configure new WLCs (locally or at remote sites) Allows detection based on multiple criterion: Hostname, MAC Address or Serial number (.cfg file on TFTP server) Adds WLC to WCS for further configuration after provisioning When Would You Use It? Large distributed deployments Limited IT resources Streamline operations and eliminate configuration mismatches

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

30

Controller Auto-Provisioning
Monitor Only: Controllers matched by this filter will not be configurable by WCS in the auto provision process Filter Mode: Choose from hostname, MAC Address or Serial number to match the WLC Config Group Name: Add the auto-provisioned WLC(s) to their own config group for easier management since these might share common policies Input Device: Select from single or multiple devices to provision. Selecting CSV option provides a link to download a sample file to understand the syntax. Device Configuration: Other device parameters that can be configured at this stage.

After hitting Submit, the filter is saved with one entry for the member you just added. At this point, you may add other members (WLCs) to this filter as well. This filter also creates a WLC config file in WCSs TFTP directory. Ensure your DHCP servers option 150 points to WCS Server
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

31

Scheduled Image Download to Controller

Provides option to schedule software download (FTP/TFTP) to controllers. Task can be saved for future scheduling. Reboot can be scheduled at a future date/time. Email notification can be sent after completion of download.

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

32

Scheduling AP Pre-Image Download


Provides option to schedule image download to AP. Reboot can be scheduled at a future date/ time. Email notification can be sent after completion of download.

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

33

ConfigurationMaps
Why Maps?
Track wireless clients and tags, and play location history across campus Track and mitigate rogue devices Display Chokepoints Display Mesh AP relationships Integrate outdoor wireless mesh with Google Earth Represent wireless coverage on campus, and plan for growth View Channel and Tx Power plans provisioned by RRM View AP and RF Profile at the floor level Provision and display coverage areas, markers and other objects and use them with location notifications Post-Deployment: VoWLAN and Location Readiness tools

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

34

Maps Layout
Default View of Campus, Buildings, and Floors can be easily changed with the Quick Filters

Hierarchical Layout for easy navigation

Adding Campus or Buildings are made easy with the drop-down menu actions through an easy wizard that walks you through provisioning floor plans and APs

Building view provides a quick glance in to floors status and alarm summary for easier troubleshooting
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

35

Maps LayoutFloor View


Display and locate interference sources and zone of interference

Commonly used map actions are ever-present in icon format

Quickly Add/Remove Layers that may be placed on the floor plan and heat maps

Mouse-over on objects on the map provides quick object summaries

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

36

Maps LayoutFloor View

Commonly used map actions are ever-present in icon format

Quickly Add/Remove Layers that may be placed on the floor plan and heat maps Display and locate interference sources and zone of interference

Mouse-over on objects on the map provides quick object summaries


Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

37

WCS Map Export/Import

Provides ability to export maps from one WCS to target WCS. Can select all maps or subset. Export/import of map includes both map and APs placed on MAP. Exported via tar gzipped XML file. Import process ungzips/untars XML file automatically.

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

38

Real-Time Heat Maps

Real-Time Heatmaps
NCS provides: AP-to-AP RSSI measurements reflected in heat maps Option to switch between real-time (new) and predictive (legacy) heat maps

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

40

Real-Time Heat Maps


Real-time heatmap (NCS)

Predictive heatmap (WCS)

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

41

Real-Time Heat Maps + Rx Neighbors

Provides list of neighboring APs and RSSI value that they hear the selected AP
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

42

Advantages of Real-Time Heat Maps


Provides graphical view of RSSI based on set of nearest APs vs. AP transmit power (predictive heat map) Configurable options:
Min. number of APs Recomputation interval

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

43

Monitoring

Section Agenda: Monitoring


General Monitoring
Dashboard Concepts

Client-Related Monitoring
Client Details and Client List Pages Client Dashboard

Using Search NCS: Monitoring Autonomous APs NCS: Monitoring Switches Alarms and Events
Setting up Alarm Summary Differentiation Between Alarms and Events Severity and Layout Customization Setting Up Notifications and Help Desk-Like Usage

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

45

MonitoringWCS Dashboard Concepts


Canned tabs of high-level system views Ability to add/remove tabs Ability to add/remove components within tabs Customize individual components Introduction of trending information at system level Quick drill-downs

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

46

Customizing WCS Dashboard

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

47

Customizing and Historical Trending

Custom Tab Custom Components

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

48

Information Layout and Workflow Concepts


WCS presents many intuitive ways to arrive at information Ability to drill-down to an individual client-level detail from dashboard Ability to drill-down with the help of Quick Filters Ability to sort on different attributes in client list pages Ability to perform and save intelligent searches Ability to customize list layout, items per page and content Perform advance context-sensitive actions (such as launching a report from AP page) from page drop-downs Consistent breadcrumbs for navigational assistance

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

49

System-Level to Drill-Down

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

50

Quick Filters, Custom List Layout

Use Quick Filters or Column Sorting to arrange information relevant to the task

Edit List Pages for content relevant to you

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

51

NCS UX/UI Enhancements

NCS Homepage
drag and drop dashboard customization

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

53

Dashlet Customization

Data customization per dashlet

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

54

Using Search
Global Search Capability

Searches can be performed on partial input Search output provides configuration and monitor links based on device type found Search parameters include IP Address, Usernames, MAC Addresses, SSIDs ,Rogues and AP Names

Advanced searches can be saved for easy future reference and use
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

55

MonitoringClient-Related Workflow
Common Steps in a Troubleshooting Scenario: Lookup a client: MAC Address, Username, IP Address, Client type, Client state, From AP Details Page (example below) Where is the client now (and how is their RF profile) Where has this client been (Location playback, session and AP history) Active troubleshooting

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

56

Monitoring: Client Details1

Basic Client Propertiescan be expanded for further details

Client Association, Session History and Roam Reason

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

57

Monitoring: Client Details2


Client AP Association History

Client Statistics

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

58

Wired/Wireless Client Monitoring

Client Status: Wireless

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

60

Monitoring: Wired Clients

General client information

Session details

Security details

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

61

Wired Client Details

Provides connectivity details for wired client including switch/port info, authorization details

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

62

Client Status: Wired

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

63

Track Clients

Create policy for tracking one or more clients detected on the network

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

64

Unknown Users

Assign username to client on network not authenticated via ISE.

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

65

Autonomous AP Support

Managing Autonomous Access Points


NCS 1.0 will provide: Autonomous AP monitoring Autonomous AP reports Client Visibility

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

67

Autonomous AP Reports

Provides visibility into operation of aIOS APs

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

68

Switch Monitoring

Switch Summary

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

70

VLAN Information

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

71

Spanning Tree Details

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

72

MonitoringAlarms and Events


What Are Events?
An occurrence of a condition (or change in condition) in the network managed by WCS Not necessarily generated for every condition but could be a result of a pattern or threshold match by the WLC Events may not be useful in their raw form (unless troubleshooting, for example) and usually need further processing

What Are Alarms?


Correlated events result in alarms (WCS allows looking up event history for alarms) Both Alarms and Events are categorized by severities
Critical Major Minor Warning Informational

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

73

Alarm System and Logic Simplified

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

74

Alarms Layout and Search


Expandable Widget persistent across WCS Granular Alarm searches can be performed via the Advance Search feature, and saved for future re-use

Alarms Sorted by Categories and Severities are hyperlinked to quickly drill-down

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

75

Alarms Ac>ons and Customiza>ons


Quick access to Alarm Ac>ons


Alarm message details Customizable Layout

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

76

Working with an Alarm


Manage Alarms Manage Security Historical Data. Note First Seen and Last Seen
Trace Alarm Source

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

77

Northbound Event No>ca>ons

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

78

AlarmsThings to Remember
It s common to ignore email configuration in WCS WCS sends email notifications for Major events only! Acknowledged alarms suppress email notifications even if the severity changes Help! My alarms seem to have disappeared!
Alarms that get cleared move in to the Cleared state so be sure to check cleared alarms (or look under event history)

Clearing an alarm does not remove it from WCS database (deleting it does) Alarm severities can be customized from Administration SettingsAlarms Alarm acknowledgement works on individual alarm instance (and not on category or condition) Even if traps are disabled on WLC, WCS could generate alarms from the regular polling it performs
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

79

Tools and Troubleshoo>ng

Section Agenda: Troubleshooting


Client Troubleshooting Tool Voice Audit Tool Location Tools

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

81

Client Troubleshooting Tool


An easy way to identify client-related issues from within WCS, without the need for extensive WLC debugs
Look at the client s current state (and at what stage of the connection they might be having issues at) Allows for real-time troubleshooting and log retrieval from the WLC Allows for looking up historical, and relevant client and AP events Allows integration with ACS View Server for authentication log retrieval

But, first things firstcommon problems:


Watch out for misconfigured clients (common areas are WLAN profile settings, authentication and encryption settings, and any advanced extensions that might not be required Ensure WLC settings match the provisioned client profiles (security, SSID broadcast, WLAN override, etc.) Ensure data rate settings on the WLC (Mandatory, Supported and Disabled rates) Look for client exclusion settings (easy way to find excluded clients is via the quick filter in MonitorClients page
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

82

Client TroubleshootingLaunch Points


Multiple Launch points to initiate client troubleshooting tool allows for diverse workflow integration

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

83

Client TroubleshootingExamples
Identify whether the problem occurs at 802.11 or higher layers Suggestions on where to look and how to potentially resolve the error condition(s)

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

84

Client TroubleshootingExamples

Provides visibility into logs, event history, and related CleanAir information

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

85

NCS: Wired Client Troubleshooting

Client connectivity status/issues

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

86

APs Detecting a Specific Client


Client MAC address

List of APs that heard client probe requests, 802.11 band, RSSI, how long ago AP heard this client

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

87

ISE Integration

NCS and ISE Integration


NCS leverages ISE API for posture assessment and report generation Ability to drill-down to an individual clientlevel security details Ability to troubleshoot client connectivity issues

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

89

NCS + ISE: Client Posture and Profiling

ISE determines client to be Microsoft Workstation based on device fingerprinting

Client authenticated using 802.1x via ISE

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

90

Client Troubleshooting: Wireless Client

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

91

Client Troubleshooting: Wired Client

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

92

Voice Audit Tool


Allows auditing current network configuration from a VoWLAN deployment perspective Use default rules and thresholds based on Cisco best practices Ability to customize the rules to match your network and requirements Provides a simple report with a list of configuration gaps

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

93

Voice AuditExample
Customizable Rules

Voice Audit Tool Report

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

94

Voice Readiness ToolExample

Simple, post-deployment tool to verify or correct AP deployment and provides a way to determine VoWLAN readiness by band, and RSSI cutoff values
2011 Cisco and/or BRKAGG-2011 Presentation_ID Cisco Systems, Inc. All rights reserved. its affiliates. All Public reserved. 2009 Cisco rights Cisco Public

95

Location Accuracy ToolExample


Determine Accuracy Probability, Correct Deployment Test with Clients, Tags, Exciters

Schedule Accuracy Tests

2011 Cisco and/or BRKAGG-2011 Presentation_ID Cisco Systems, Inc. All rights reserved. its affiliates. All Public reserved. 2009 Cisco rights

Cisco Public

96

Location ReadinessExample

Simple, post-deployment tool to verify or correct AP deployment and provides information on what areas are under the Cisco recommended estimates
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

97

Sending Network Details to TAC

Input TAC case number directly into WCS for sending captured files Select network and device info to attach to TAC case

Option to send directly to TAC or download file


Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

98

Device Data Collection


Execute controller CLI commands and easily capture command output

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

99

Repor>ng

Section Agenda: Reporting


Report LaunchPad Report Customizations
Multi-Level Filtering Customizing Report Output Multi-Level Sorting in Report Output

Report Scheduling NCS + ISE Reporting

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

101

Report LaunchPad
Report LaunchPad Easy Drill-Down

Callouts Report Descriptions

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

102

Report Customization

Multi-Level Filters

Customized Reports
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

103

Graphical Report Content

Graphical Reporting

Graphical Summaries
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

104

Client Summary Report - Endpoint Type

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

105

NCS + ISE: Report Cross-Launch


New set of reports launched from NCS cross-launches reports in ISE.

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

106

NCS + ISE: Report Cross-Launch

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

107

Advanced Topic

High-AvailabilityComponents and Operation


At the heart of the high-availability design is the Health Monitor (HM) Process
Other components in WCS are JVM (WCS), Database, and Apache webserver

HM is sub-divided into smaller components:


Core HM: Configures, maintains state and starts/stops the HA configuration across WCS servers Heartbeat: Responsible for maintaining communication between the primary and secondary servers (over HTTPS, port 8082); timeout is set to two seconds, with three retries Application Monitor: Communicates with the WCS framework components on the primary server DB Monitor: Configures database replication File Sync: Identifies file changes, compression, and statistics maintenance

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

109

High-AvailabilityThings to Know
Both the primary and failover WCS servers should run the same software version Both the primary and failover WCS servers should be running on the same OS type (can t mix Windows and Linux installs) Email server and receiver must be configured (used for notifications) Communication between the primary and failover WCS must be enabled on HM port if firewall is in the path Failover mode must be carefully selected (and remembered): manual vs. automatic Authentication key is created during the install, and is used by the primary and failover WCS servers for communication (and also logging into the HMweb page) HM available at: https://ip.address:HMport (example: https://10.10.10.200:8082)

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

110

WCS High-AvailabilityThings to Know


Available in release 5.2 and above Requires the WCS PLUS license (only on the primary server) Feature supports failover of up to two primary WCS servers to one backup server Primary 1 Low-end WCS 1 Standard WCS 1 High-end WCS Secondary 1 Low or higher-end WCS 1 Standard or higher WCS 1 High-end WCS

Suggested deployment matrix in a 2:1 model Primary 2 Low-end WCS 2 Standard WCS 2 Standard WCS
Presentation_ID

Secondary 1 Standard or higher WCS 1 Standard or higher WCS 1 High-end WCS


Cisco Public

2011 Cisco and/or its affiliates. All rights reserved.

111

NCS High-AvailabilityThings to Know


No longer BASE and PLUS license (now single-tier license), so HA is available at no extra charge Feature supports failover of one primary NCS servers to one backup server Functionally the same as WCS HA

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

112

Virtual Domains
What They Are (or do) Quick way to partition WCS objects Allows users to be mapped to separate virtual domains at the time of creation Separate Reports, Controllers, Access Points, Search, Templates, Config Groups, Alarms and other objects Objects may be assigned to multiple domains at the same time root domain is a superset of all subdomains Only the root domain may location, and any other email notifications What Theyre Not (or dont do) Not necessarily a complete replacement for RBAC (for example, via TACACS+) If none specified, users are added to the root virtual domain by default Dont separate Google Earth Maps, AutoProvisioning, MSEs, and Ethernet Switches Avoid changing configurations from multiple domains management simple Not all objects are available at the root level objects such as Search and Reports are domain specific For more caveats, visit: http://www.cisco.com/en/US/docs/ wireless/wcs/5.2/configuration/guide/ 5_2virtual.html
Cisco Public

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

113

WCS to NCS Migra>on

Why Upgrade from WCS to NCS?


Increased scale (total device count: 25K) Wired/wireless integrated management: manage access layer 64-bit architecture: increased memory footprint Appliance mode: no need for customer for procure server (HW, OS + patches) Tight integration with Cisco ISE: device posture enforcement, AAA

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

115

Cisco WCS to Cisco Prime NCS Migration


Cisco WCS 7.0.X
Multi-tier License Model

Cisco Prime NCS


Licenses
Single-tier License Model

WCS Base License


(Examples: WCS-APBASE-X or WCS-WLSE-APB-X)

Prime NCS License


(Example: L-NCS-1.0-X)

WCS Plus License


(Examples: WCS-Plus-X or WCSWLSE-Plus-X)

Database Migration
Must be on WCS 7.0.164.0 or 7.0.164.3

1:1 Upgrade

WCS 7.X is the last release running on CiscoWorks Wireless LAN Solution Engine (WLSE)
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

116

Greenfield Deployment: Why WCS?


Wired/wireless integrated management: manage access layer (infrastructure and endpoints) Appliance model (physical and virtual/VM): no need to procure server (HW, OS + patches) High device scale: up to 25K infrastructure devices State of the art UI

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

117

Key Takeaways
Wired/wireless access infrastructure and endpoints need to be managed together WCS and NCS provide full lifecycle management NCS builds on the features/functionality of WCS and adds wired management Easy migration from WCS to NCS both platform and learning curve

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

118

Helpful Links
Cisco Prime Network Control System (NCS) Datasheet
http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps11682/ps11686/ps11688/ data_sheet_c78-650051.html

NCS Learning Modules


http://www.cisco.com/en/US/products/ps11686/ tsd_products_support_online_learning_modules_list.html

TACACS+ Configuration Example


http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080851f7c.shtml

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

119

Thank you.

Presentation_ID

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

120

You might also like