View
0
Download
0
Category
Preview:
Citation preview
Policy Based Automation John Mead - July 2019
cnMatrixCloud Managed Access
Cambium Networks
Cambium Networks
Agenda
• Introduction to Cambium Switching Portfolio – cnMatrix• HW & SW Overview
• cnMatrix Roadmap – What’s next• Policy Based Automation – Intro• Policy Based Automation – Example• Policy Based Automation – Summary• cnMaestro on boarding with PBA – Live Demo• Summary
Copyright 2014 Cambium Networks, Ltd. All rights reserved.
2
cnMatrix - Purpose Built for Target Deployment Use Cases
Copyright 2019 Cambium Networks, Ltd. All rights reserved.
3
Enterprise Indoor Access Switch
Q4 2018
WISP Tower
In Development
Video Surveillance & Smart City Deployments
In Development
HW & SW Overview cnMatrix
cnMatrix – Enterprise Switches (EX 2K) – HW Overview
Copyright 2019 Cambium Networks, Ltd. All rights reserved.
5
• HW Overview• Cambium designed switch - NOT an OEM switch• Silicon based Switching Solution
• Dedicated HW data plane- L2 & L3 line rate processing• Rich L2 & L3 functionality - Extensive QoS, ACL, & Filtering
• 4 Models Available• 8 Port & 24 port models with and without PoE+
• 24 Port – 4 SFP+(10GE) Uplinks• 8 Port – 2 SFP(1GE) Uplinks
• USB, OOB/MGMT, & RJ45 console port• Fan-less: All models except the 24 port PoE SKU
Future proof the network with cnMatrix
Copyright 2019 Cambium Networks, Ltd. All rights reserved. 6
Future Proof Your Network
Zero Touch Provisioning
Fully Managed
Fully Featured
Advanced Features
Intelligent PoE
10G Uplinks
• Fully Featured Switches– Layer 2, Layer 3 – Extensive ACL’s, Filters, & QoS support– Security
• Fully Managed– Web GUI, CLI, & SNMP– NMS - cnMaestro Cloud/On-Prem
• Uplinks– 10G uplinks as compared to 1G
• Intelligent PoE– 8/24-Port PoE+– Healthy Power Budget– Complete Control – Enable, disable, monitor, prioritize, automate
• Advanced Features– Layer 3 – Static and Dynamic Routing– Automatic Device Profiling– Policy Based Automation
• A true Zero Touch Experience– Initial Deployment– Day to day operations with Automation
Get all for a low all-inclusive price!
Market Positioning cnMatrix
cnMatrix EX 2K - Enterprise Campus – 3 Tier Network Architecture
2017 Copyright Cambium Networks, Ltd. All Rights Reserved
8
Distribution Distribution Switch
Distribution Switch
Access ………...L2/L3 Switch
AP AP…
L2/L3 Switch
AP AP…
………...L2/L3 Switch
AP AP…
L2/L3 Switch
AP AP…
Users/DevicesD … D D … D D … D D … D D … D D … D D … D D … D
CoreNetwork Core
Switches
cnMatrix
cnPilot
TAM $14 Billion
On Premise Network
Management
Cloud Based Network
ManagementcnMaestro cnMaestro
Roadmap cnMatrix
cnMatrix Roadmap
Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan
2018 2019
Copyright 2019 Cambium Networks, Ltd. All Rights Reserved CONFIDENTIAL RESTRICTED11
Rel 2.0 R1• Current
Manufacturing Release
PLAN OF INTENTSUBJECT TO CHANGE
July 11,, 2019
Rel 2.0.1 R3- Web GUI Cleanup
Rel 2.0.4-R1 - Maintenance Release- cnMaestro Phase 1
Rel 2.2 (Minor SW)• cnMaestro Object
based configuration
2020
Rel 2.1.0 (Major SW Release)• Dynamic Routing RIP, OSPF• USB Support• Enhanced PBA• Reload command - Rollback• Enhanced Web-GUI• Troubleshooting Utilities• cnMaestro Phase 2
• Enhanced Monitoring• Additional Trouble shooting utilities• Additional Statistics• Enhanced topology view
Rel 2.0.5-R1 - Maintenance ReleaseCompleted Gate 2
Committed Gate 7In Planning Gate 10Evaluating Gate 13Candidate Gate 15
Rel 3.0 (New HW & SW)• Supports all cnMatrix HW• New HW Platforms
• EX 2052R-P• EX 2052-P• EX 2052• EX 2016M-P
• New SW• TBD
New Enterprise SKUs cnMatrix
Enterprise Switching Portfolio – cnMatrix EX 2k
2019 Copyright Cambium Networks, Ltd. All Rights Reserved15
C o ns o le
9
10
1 3 5 7
2 4 6 8cnMaestro
USB
console
PoE+
cnMatrix | EX2010-P
MGMTSFP
C o ns o le
9
10
1 3 5 7
2 4 6 8cnMaestro
USB
console cnMatrix | EX2010
MGMTSFP
1 3 5 7
2 4 6 8 10 12 14 16 18 20 22 24
17 19 21 23
26 28
25 27
cnMaestroUSB
console
PoE+ PoE+
9 11 13 15
PoE+MGMT
cnMatrix | EX2028-P
SFP+SFP+
1 3 5 7
2 4 6 8 10 12 14 16 18 20 22 24
17 19 21 23
26 28
25 27
cnMaestroUSB
console
9 11 13 15
MGMT
cnMatrix | EX2028
SFP+SFP+
16
15
cnMaestroUSB
console
uPoE
9 10
MGMT
cnMatrix | EX2016M-P
uPoE
11 12
uPoE
13 14
10/100/1G/2.5G
SFP+
1 3 5 7
2 4 6 8PoE+
MGMT
14 16 18 20 22 24 26 28
21 23 25 27
50 52
49 51
cnMaestro
13 15 17 19cnMatrix | EX2052-P
1 3 5 7
2 4 6 8PoE+
USB
console9 11
10 12 30 32
29 31
34 36
33 35
38 40
37 39
42 44
41 43
46 48
45 47
SFP+
EX2052-P
MGMT
MGMT
14 16 18 20 22 24 26 28
21 23 25 27
50 52
49 51
cnMaestro
13 15 17 19cnMatrix | EX2052
1 3 5 7
2 4 6 8USB
console9 11
10 12 30 32
29 31
34 36
33 35
38 40
37 39
42 44
41 43
46 48
45 47
SFP+
EX2052
MGMT
Policy Based Automation
A True Zero Touch Experience cnMatrix
cnMatrix – A True Zero Touch Experience
2018 Copyright Cambium Networks, Ltd. All Rights Reserved17
‘Zero Touch’Automating Configuration
Configuration required for
ongoing Network changes
Examples• Static VLANs• Uplink Ports• Link Aggregation• IP address• Static Routes• QoS, ACLs• Radius Server• 802.1x• etc
Examples• Connecting APs• Connecting Cameras• Connecting Printers• Connecting IoT devices• Removing devices• Moving devices
Configuration for Initial
Deployment
Solution: cnMaestro
Solution: Policy Based Automation
cnMatrix – Policy Based Automation (PBA)
• User created Policies that will automate switch and port configuration• Policies can be created via any Management interface
• cnMaestro configures all switches simultaneously• Policies have 2 components
1. Match Criteria• LLDP information• MAC information
2. Actions• VLANs, QoS, ACLs, Security, PoE Priority, Port Labeling
• Configuration as a result of policies is dynamic – Auto cleaned upon:• Link down, Device disconnects• Match criteria is no longer valid• Policy is disabled
2019 Copyright Cambium Networks, Ltd. All Rights Reserved18
Example: Required Switch Configuration when connecting an AP
cnMatrix(config)# interface gigabitethernet 0/5cnMatrix(config-if)# switchport mode hybridcnMatrix(config-if)# switchport acceptable-frame-type allcnMatrix(config-vlan)# exitcnMatrix(config)# vlan 50cnMatrix(config-vlan)# port add gigabitethernet 0/5cnMatrix(config-vlan)# exitcnMatrix(config)# vlan 60cnMatrix(config-vlan)#port add gigabitethernet 0/5cnMatrix(config-vlan)#exitcnMatrix(config)# vlan 40cnMatrix(config-vlan)# port add gigabitethernet 0/5cnMatrix(config-vlan)#exitcnMatrix(config)# interface gigabitethernet 0/5cnMatrix(config-if)# switchport pvid 40cnMatrix(config-if)# end
2019 Copyright Cambium Networks, Ltd. All Rights Reserved19
cnMatrix(config)# auto-attach policy E430 match LLDP-ANY 430 set vlan 40,50,60 pvid 40
Example: Needed Switch Configuration - VLANs, 40, 50, 60: PVID 40: port 5 – Hybrid Mode
cnMatrix – Policy Based Automation – Key Take Aways
• Automates ‘Adds’, ‘Moves’, and ‘Changes’• Eliminates error prone manual configuration
• Simplifies and reduces trouble-shooting• Every port is treated equally• Enhances security by auto segmenting devices • Little or no IT needed for deploying new devices• Reduce expenses required to deploy and manage
201 Copyright Cambium Networks, Ltd. All Rights Reserved20
Policy Based Automation
On Boarding with cnMaestro cnMatrix
cnMatrix Live Demo - Zero Touch with cnMaestro and PBA
• Cambium’s ‘Cloud Managed Access’• cnMaestro – cloud based Network Management Solution• cnMatrix – Access layer switching (1 EX2010-P)• cnPilot – Access layer WiFi (2 E430s)
• A True Zero touch experience• Covers Initial Deployment• Covers Day to Day operations
• 3 Simple Steps1. Create Configuration file (cnMaestro)2. Claim Device(s) (cnMaestro)3. Connect devices to network4. Finished!!
2018 Copyright Cambium Networks, Ltd. All Rights Reserved22
cnMatrix – Demo details
• Step 1 – Create Configuration File/Template• Configuration can be as large or as small as you want• My example template – ‘cnMatrix – Johns Demo’
• Create VLAN 10, All ports a member of VLAN 10• Create Policy for Cambium WiFi APs
• Step 2 – Claim Devices• Open up your cnMaestro account• Claim devices of purchased Cambium equipment
• You do not need to have received the equipment• Claim devices by entering serial #s• Select configuration template and then approve device
• Step 3 – Connect devices to network• When ready – days, weeks, or months after Step 2• Power on Switch(es)• Connect switch to network – in default state – NO NEED TO PRE-CONFIGURE• Connect devices to switch• Switch(es) will be auto discovered and auto configured.• As devices (that are covered by policies) are added, switch will be auto configured
2018 Copyright Cambium Networks, Ltd. All Rights Reserved23
cnMatrix – cnMaestro Configuration Template
2019 Copyright Cambium Networks, Ltd. All Rights Reserved24
Creates VLAN 10 and makes ports 1-8 a member of VLAN 10
Creates a rule that uses LLDP to detect Cambium cnPilot APs
Creates an action that:1) Makes port a member of VLANS 20,30,402) Sets the PoE priority of port to ‘Critical’3) Sets uplink port to port 8
Auto labels port with LLDP sys name
Creates policy using Action and Rule
### begin script### Create VLAN 10 ### Add all ports as tagged to vlan 10config terminal vlan 10 port add gigabitethernet 0/1-8end ### Now set up a PBA Policyconfigure terminal # set port descriptionauto-attach update-port-desc lldp-sys-name# Create Ruleauto-attach rule Pilot430-rule LLDP-ANY Pilot# Create Actionauto-attach action Pilot430-action vlan 20,30,40 poe-priority critical uplink Gi0/8 # Create Policyauto-attach policy Pilot430-policy match rule Pilot430-rule set action Pilot430-action end
cnMatrix – Go To Demo
2018 Copyright Cambium Networks, Ltd. All Rights Reserved25
cnMatrix – Policy Based Automation – Key Take Aways
• Automates ‘Adds’, ‘Moves’, and ‘Changes’• Eliminates error prone manual configuration
• Simplifies and reduces trouble-shooting• Every port is treated equally• Enhances security by auto segmenting devices • Little or no IT needed for deploying new devices• Reduce expenses required to deploy and manage
201 Copyright Cambium Networks, Ltd. All Rights Reserved26
cnMatrix – Summary
• Enterprise Grade Layer 2 & Layer 3 Functionality• Cloud Management with cnMaestro• Ease of Use – Zero Touch Provisioning
• Initial Deployment – On boarding with cnMaestro• Policy Based Automation – Automation of device dependent configuration
• Enhanced Security – Device profiling and segmentation• Complete Access Layer – cnMatrix+cnPilot+cnMaestro• Limited Lifetime Warranty & Best in Class Support• Best in Class TCO
Copyright 2014 Cambium Networks, Ltd. All rights reserved.
27
Cambium NetworkscnMaestro + cnPilot + cnMatrix
2017 Copyright Cambium Networks, Ltd. All Rights Reserved28
Q & A
Policy Based AutomationAgendacnMatrix - Purpose Built for Target Deployment Use CasesHW & SW OverviewcnMatrix – Enterprise Switches (EX 2K) – HW Overview Future proof the network with cnMatrixMarket PositioningcnMatrix EX 2K - Enterprise Campus – 3 Tier Network ArchitectureRoadmapcnMatrix RoadmapNew Enterprise SKUsEnterprise Switching Portfolio – cnMatrix EX 2kPolicy Based Automation ��A True Zero Touch Experience�cnMatrix – A True Zero Touch ExperiencecnMatrix – Policy Based Automation (PBA)Example: Required Switch Configuration when connecting an APcnMatrix – Policy Based Automation – Key Take AwaysPolicy Based Automation ��On Boarding with cnMaestro�cnMatrix Live Demo - Zero Touch with cnMaestro and PBAcnMatrix – Demo detailscnMatrix – cnMaestro Configuration TemplatecnMatrix – Go To DemocnMatrix – Policy Based Automation – Key Take AwayscnMatrix – SummaryCambium Networks�cnMaestro + cnPilot + cnMatrixSlide Number 29
Recommended