Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Marcus Barman
Cisco Norge Mobility Team
Januar 2019
Uninett
Mobility Update
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
AgendaIntent Based Networking everywhereCatalyst Expansion to Wireless
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Intent-based networking infrastructure
Powered by intent. Informed by context.
TranslationCapture business intent, translate to policies, and check integrity
ActivationOrchestrate policies and configure systems
AssuranceContinuous verification, insights, and visibility, with corrective actions
Always on Secure Deploy anywhere
DNA Center™
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Principles of intent-based networking infrastructure
Powered by Cisco IOS® XE
Physical and virtualinfrastructure
Application-specific integrated circuit (ASIC)
Applications
APIs
Domain controllers
DNA Center™Bridging intent-based networking portfolio
Built-in security, streaming telemetry, and rich analytics
Open programmable architecture
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
User experience starts with the access network
Access switchesAccess points Aggregation switches Wireless controllers
9200, 9300, 9400 Series
Cisco® Catalyst® Cisco Catalyst9500 Series
Cisco Catalyst9800 Series
Automation Security AnalyticsBuilt for intent-
based networking
The full experience, end to end
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
New Cisco Catalyst 9800 Series Wireless Controllers
Deploy anywhereAlways on
• Software updates with no disruption
• Rolling AP upgrades
• Seamlessly add new AP models
Secure
• Detect encrypted threats with Cisco® Encrypted Traffic Analytics (ETA)
• Automated macro and micro segmentation with Cisco Software-Defined Access (SD-Access)
• WPA3 support*
• On-premises, private or public cloud, embed wireless on a switch
• GovCloud ready
• Scale as you grow
Powered by Cisco IOS® XEOpen and programmable
Trustworthy solutionsModular operating system
* future
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n g
Translate business intent into network policy andcapture actionable insights with DNA Center™
Cisco Aironetaccess points (APs)
Works with Cisco Aironet® 802.11ac Wave 1 and Wave 2 APs
DNA Center
Cisco Catalyst 9800 Series Wireless Controllers
Cisco Catalyst 9800-40Cisco® Catalyst® 9800-80
Cisco Catalyst 9800 for cloud Cisco Catalyst 9800 embedded wirelessfor Cisco Catalyst 9000 platform
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n gG l o b a l
S a l e s Tra i n i n g
Cisco Catalyst 9800Wireless Controller Appliances
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n g
17.3” (439.42 mm) wide, 3.5” (88.9 mm)tall (2RU), and 22.0” (558.8 mm) deep )
17.3” (mm) wide, 1.75”(mm) tall (1RU), and 18.3”(mm) deep
C9800-40-K9: 2000 APs, 32000 Clients C9800-80-K9: up to 6000 APs, 64000 Clients
Appliance: Cisco Catalyst 9800 Wireless Controller
C9800-40-K9
AIR-CT-5508-K9
AIR-CT-5520-K9
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n gG l o b a l
S a l e s Tra i n i n g
EXTERNAL INTERFACES
• RJ-45 Console Port• Mini USB Console Port• 2 External USB Ports • RJ-45 Ethernet Management Port (SP)• RJ-45 Ethernet Redundancy port (RP)• SFP Gigabit Ethernet Port• BUILT-IN-6x10GE/2x1GE or 10GE• C9800 Modules
LEDs
• Power Status LED• Alarm LED• High availability LED• USB console LED• 10/100/1000 RJ45 Link LED• 10/100/1000 RJ45 Activity LED• SSD Activity LED • System Status LED
• Power Supply (PEM 0)• Power Supply (PEM 1)• Power Switch
C9800-80-K9 Front Panel
C9800-80-K9
8540
Dimensions of C9800-80-K9: 17.3” (439.42 mm) wide, 3.5” (88.9 mm)tall (2RU), and 22.0” (558.8 mm) deep
Gigabit SFP RP Port
(Compared to 30.8 “ for 8540)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
C9800-80: Modular wireless controller with 100 GE modular uplink and seamless software updates
Redundant
power supply
AC or DC
SP/RP port
Fiber RP port8x 10 GE
uplinks
Modular uplinks:
1 GE, 10 GE, 40 GE, 100 GEUSB 3.0
Up to 6000 APs Up to 64,000 clients 80 Gbps
Fully programmable multicore network processor Support for NetFlow, Application Visibility and Control (AVC), and ETA
OrderableNov 2018
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
C9800-40: Fixed wireless controller with seamless software updates
4x 1 GE/10 GE ports
SP/RP port Fiber RP portUSB 3.0Console
Up to 2000 APs Up to 32,000 clients 40 Gbps
Fully programmable multicore network processorSupport for NetFlow, Application Visibility and Control (AVC),
and ETA
OrderableNov 2018
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Unprecedented throughput with the Cisco Catalyst 9800 Series
2xThroughput option now available
with C9800-80 going up to 80 Gbps
Always on:High availability and seamless
software updates
accuracy with ETA and Cisco Stealthwatch® integration
Cisco® Catalyst® 9800 Series Wireless Controllers
C9800-40 and C9800-80
Open standards-based programmability with
model-driven telemetry
Scale options for your campus
Programmable multicore network processor
Investment protection with modular uplinks
99%+
Industry’s first 100 GE uplink100
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Scale to 6000 APs and 64,000 clients*
Centralized, Cisco FlexConnect®, Fabric
Open and programmable
Scale to 1000 APs and 10,000 clients
Cisco FlexConnect Local Switching
Open and programmable
Cisco Catalyst 9800 Series for private and public cloud
Cisco® Catalyst® 9800 for private cloud Cisco Catalyst 9800 for public cloud
*Only with FlexConnect and Fabric mode for 6,000 AP support
OrderableNov 2018
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Catalyst 9800 embedded wireless on the 9000 switch platform
Install Cisco Catalyst 9800 embedded wireless on your existing branch infrastructure
SD-AccessOptimized for SD-Access with an always-on fabric
Cisco Catalyst 9300Supported on Cisco Catalyst 9300 Series Switches
Up to 4000 clientsSupports up to 200 APs and 4000 clients
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Catalyst 9800 Series Wireless Controllers - Deploy the way you want to
Cisco Catalyst 9800-806000 APs, 64,000 clients, 80 Gbps
Cisco Catalyst 9800-402000 APs, 32,000 clients, 40 Gbps
Cisco Catalyst 9800-CL6000 APs, 64,000 clients^
Cisco® Catalyst® 9800-CL+
1000 APs, 10,000 clients
Cisco Catalyst 9800embedded wireless*200 APs, 4000 clients
Cisco Catalyst 9800-CL3000 APs, 32,000 clients
200 APs 1000 APs 6000 APs2000 APs 3000 APs
*SD-Access only+Cisco Catalyst 9800 for public cloud with Cisco FlexConnect® only
^Only with FlexConnect and Fabric mode for 6,000 AP support
SD-Access ready
ENCS
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n g
CMX 10.5.1 /DNA Space
- Connect / Detect / Engage- Hyperlocation- BLE
Cisco Catalyst 9800 Wireless as a solution!
Prime Infrastructure 3.5- Configuration- Monitoring
ISE 2.2/2.3/2.4- BYOD- Guest Access
DNAC 1.2.8- Automation- Assurance- Maps & topology
What Wireless controllers are
supported ?
- Physical: Cisco Catalyst C9800 Series Appliances
- Cloud: Private and Public Offering- Catalyst 9800 SD-Access Embedded
Wireless
What modes are supported?- Local, Flex, Fabric, Cisco Catalyst 9800 on
ME (Future)What are the Differentiating features?- High Availability, Patching, ETA
Programmability, Telemetry
Cisco Catalyst 9800Wireless Controller 16.10
Access Points Supported- 11ac Wave2- 11ac Wave1- 11ax (Future)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Catalyst 9800 Series: Always on
Deploy anywhereSecure
• Detect encrypted threats with Cisco® Encrypted Traffic Analytics (ETA)
• Automated macro and micro segmentation with Cisco Software-Defined Access (SD-Access)
• WPA3 support*
• On-premises, private or public cloud, embed wireless on a switch
• GovCloud ready
• Scale as you grow
Powered by Cisco IOS® XEOpen and programmable
Trustworthy solutionsModular operating system
Always on
• Software updates with no disruption
• Rolling AP upgrades
• Seamlessly add new AP models
* future
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Catalyst 9800 embedded wireless*
Cisco Catalyst 9800-80
Cisco Catalyst 9800-40
Deploy anywhere
*SD-Access only; Available on Cisco Catalyst 9300 Series+Cisco Catalyst 9800 for public cloud: Cisco FlexConnect® only
Cisco Catalyst 9800 for cloud+
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n gG l o b a l
S a l e s Tra i n i n g
Catalyst 9800 for Cloud
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n g
❑ Customer has unique access to dedicated DC virtualized or physical resources
❑ The resources are onPrem DC or hosted by a Colo provider
❑ WLC as a Virtual Machine
Some definitions first…
❑ Customer doesn’t own the infrastructure (computing, storage, networking).
❑ WLC is consumed as Infrastructure as a Service (IaaS)
❑ Simply the reality…❑ Customer will have
both Private and Public cloud deployments for some time
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n g
Catalyst 9800 Wireless Controller for Cloud
ISE / AD DNA Center (1.2.8)
ASSURANCE
AUTOMATION
One image: choose the scale – 1k, 3k, 6k APs
Internet
Public Cloud
AD
Managed VPN
Enterprise network
NFVIS
ENCS
Hypervisors: ESXi, KVM, NFVIS on ENCS
All deployments mode: Centralized, SDA, FlexConnect, Mesh
ESXi
1,000 APs / 10,000 Clients
Amazon AWS with Managed VPN
FlexConnect local switching only
ISE/AAA
802.11ac
Access Points
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n g
Campus
Catalyst 9800 Wireless Controller for Cloud▪ Customer value prop:
o “Deploy wireless controller where you want it, how you want it”
o No AP mode or feature limitation vs. appliance
▪ Supporto VMware ESXi , KVM and ENCSo Wave 2 and Wave 1 APso All deployments and all AP modeso Centrally switched traffic <= 2.5 Gbpso VM Large: 6k APs, 64k clients at FCS is Flex local switching
and SDA. Limited scale with Local mode: 3K APs, 32K clients
o ESXi vCenter or KVM Virt-Mgr for VM provisioningo Automated VM bootstrap flow (ESXi vCenter only)
▪ Migration: o Migration tool (standalone and 9800 WebUI)o Prime & DNAC automation and migration flows
Corporate WAN
(MPLS /SD-WAN)
BranchFlex APs
Flex AP
OnPrem DC
Branch
ESXi / KVM/
CAPWAP
ISP owned device
Customer owned device
Local mode AP
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n gG l o b a l
S a l e s Tra i n i n g
Private Cloud – VMware ESXi
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n g
▪ Supported hypervisor: VMware ESXi 6.0 and higher
VMware specifications
Model Configuration Small (16.10) Medium(16.10) Large(16.10)*
Maximum Access Points 1,000 3,000 6,000
Maximum Clients Support 10,000 32,000 64,000
Minimum Number of vCPUs 4 6 10
Minimum Memory (GB) 8 16 32
Required Storage (GB) 8 8 8
Virtual NICs (vNIC) -3nd NIC is for High Availability
2 /(3) 2 /(3) 2 /(3)
vNIC driver VMXNET3 VMXNET3 VMXNET3
Virtual bridge Vswitch Vswitch Vswitch
vMotion, vNIC teaming, L2 LAG, SRIOV Planned for 16.11 Planned for 16.11 Planned for 16.11
*Limited scale with Local Mode and Flex Central switching : 3K APs, 32K clients
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n g
C9800-CLAireOS vWLC
26
C9800-CL brings in the best of appliance features to Private Cloud
NoSSO High Availability Yes
Flex OnlyDeployment Modes Flex, Local, Fabric
NoGuest Anchor Yes
NoDNA-C Automation & Assurance Yes
500 MbpsMax Throughput 2.5 Gbps
3k APs, 32k ClientsMax AP and Client Scale 6k APs, 64k Clients
MultipleInstallation Image Single for any scale
vs.
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
At any scale
200 APs 1000 APs 2000 APs 3000 APs 6000 APs
40 Gbps 80 Gbps
4000 clients 10,000 clients 32,000 clients 32,000 clients 64,000 clients
C9800-CLC9800 for private cloud^
C9800embedded wireless*C9800 on Cisco® Catalyst®
9000 platform
C9800-CLCisco Catalyst 9800 for
public+ and private cloud
C9800-80Cisco Catalyst 9800
on-premises
C9800-40Cisco Catalyst 9800
on-premises
C9800-CLC9800 for private cloud
*SD-Access only^Only with FlexConnect and Fabric mode for 6,000 AP support
+Cisco Catalyst 9800 for public cloud: Cisco FlexConnect® only
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n g
Lead with Catalyst 9800 Wireless ControllersSuperior features and attractive offers for new customers
✓ Support for cloud
✓ Open & Programmable
✓ ETA
✓ 3rd Party integration
✓ Rolling AP Upgrades
✓ Patching
✓ AP Pack
✓ Higher Scale
✓ Higher Performance
Catalyst 9800 Series Wireless Controllers
AireOS
Wireless Controllers
*GCP EFT Only
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l
S a l e s Tra i n i n g
What else the C9800 does better?C9800AireOS WLC
YESReboot after applying DAY 0 configuration NO
limitedURL domain ACLs YES
NoDynamic ACLs (dACLs) Yes (local mode)
YESAP reboot to apply
major config changesNO
(CAPWAP reset)
ALWAYSDisable radio globally
to apply changesLIMITED
NOSimple copy/edit/search of the configuration via CLI
YES
NOGUI troubleshooting tools YES
vs.
NONetflow export for Flex APs YES
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Agenda
Welcome
1 DNA Assurance Introduction
2 DNA Assurance Demo
3 DNA Assurance Key Use Cases
5 DNA Center Wrap Up
4 DNA Assurance Test Drive
Resources and Close
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Right Place: Problem Isolation
Right Time: Problem Replication
Right Action: Problem Resolution
Wi-Fi iOS Analytics
Everything as a Sensor provides insights into
240+ failures)Everything as
a Sensor
Insights into a client view of the RF network (RSSI,
failure reasons)AirSense
Auto PCAPs
14 days of history with full context with 90 day
averagingNetwork Time
Travel
Enhance Anomaly detection by auto capturing packets
Identify the right insights using the right data
generated at the right time
Step by step remediation in the right order of
suggestion
ActionableInsights
GuidedRemediation
Helping IT Get to the Right Action -- Faster
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Network quality is a complex, end-to-end problem
* Both = Join/roam and quality/throughput
Access points
Local WLCs
Network services data center
Office site
Cisco ISE
Mobile clients
Cisco® Unified CM
Client firmware
AP coverage
WAN uplink usage End-user services
RF noise/interf
Cisco Prime®
Configuration
Authentication
WLC capacity
WAN
Client density
Affects join/roam
Affects quality/throughput
Affects both*
DHCP
Addressing
WAN QoS, routing, ...
100+ points of failure between user and appWith 50,000+ permutations!
What is the problem?
Where is the problem?
How can I fix the problem fast?
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
In This Environment, Context is Key
Devices Applications
Users Network
Time
Location
Rich Context Increase Business Productivity and Frees Up IT Time
Cisco Context
360-degree Visibility
Data Granularity
Historical, Real-time, Future
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DNA Assurance
Telemetry and Sensors at SourceClients | Applications | Wireless | Switching | Routing
Network TelemetryContextual Data
Correlation Complex Event
ProcessingIssues Insights
Guided Remediation
IPAM
CMXAppD
IPSLA
SNMP
OID
Telnet
DNS
MIB
Ping
CLI
DHCP
WirelessAAA
Syslog
Router
Netflow
Traceroute
Metadata extraction
Complex correlation
Steam Processing
001110101100110
1010110010
00101101
0110100
1101101
00101101
10101100110
101011000110011
Clients Baseline
Application Network
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Agenda
Welcome
1 DNA Assurance Introduction
2 DNA Assurance Demo
3 DNA Assurance Key Use Cases
5 DNA Center Wrap Up
4 DNA Assurance Test Drive
Resources and Close
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
360◦ view across clients, network and applications
Network Time Travel - 14 days of contextual history
100+ correlated insights with guided remediation
Event driven telemetry from the wireless infrastructure
Proactively test drive the network using Aironet 1800s Sensor
Intelligent Capture with auto packet captures and real-time state of the network
Apple iOS analytics that provides client perspective
Predictive trends before they become problems
Future: Close loop or automated remediation
Right Place Right Time Right Action
DNA Assurance – Key Wireless Usage
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Key Use Cases on Wireless Assurance in 1.2.5
Client Onboarding
Actionable Dashboards: Onboarding Sankey charts
for better analysis
Real-time Correlation: Correlate Onboarding events
with poor RF and client location for RCA
Intelligent Capture:Onboarding failures with In-
service PCAPs
1
2
3
Sankey chart
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Key Use Cases on Wireless Assurance in 1.2.5Client and Network Experience
Health Dashboard:Near-Real time Client
tracking (<60 sec) and Top N AP analytics
Client 360:Historical Time travel with
client RF correlated with the Onboarding events
Intelligent Capture:On-Demand AP stats for Wi-
Fi troubleshooting
1
2
3
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Key Use Cases on Wireless Assurance in 1.2.5
Sensor based SLA Monitoring
Simulate Client perspective:1800s Sensor is mobile with
floor re-assignment
Active Testing:Test the cloud app
performance and Real-time AppX assessment
SLA Dashboard:Onboarding, Network Services, Cloud App
Performance and IP SLA
1
2
3