Upload
others
View
25
Download
0
Embed Size (px)
Citation preview
Cisco Cloud Networking Workshop Session 1
Jay Bradford CNG Systems Engineer
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Agenda
Welcome and Introduction
Dashboard Demo
Local MX, MS and MR configuration
MX | Security Appliances Lab
MS | Access Switches Lab
MR | Wireless Access Points Lab
SM | System Manager Demo
Q&A and Wrap-Up
3
About Cisco Cloud Networking
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Cisco Cloud Networking Overview
5
Cisco Meraki: a complete cloud-managed networking solution
– Wireless, switching, security, WAN optimization, and MDM, centrally managed over the web
– Built from the ground up for cloud management
– Integrated hardware, software, and cloud services
Leader in cloud-managed networking
– Among Cisco’s fastest-growing portfolios: over 100% annual growth
– Tens of millions of devices connected worldwide
Recognized for innovation
– Gartner Magic Quadrant, InfoWorld Technology of the Year, CRN Coolest Technologies
Trusted by thousands of customers worldwide:
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Bringing the Cloud to Enterprise Networks
6
Meraki MS
Ethernet Switches
Meraki SM
Mobile Device
Management
Meraki MR
Wireless LAN Meraki MX
Security Appliances
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Cloud and On-Premise Deployment Configurations
Cisco
Cloud Managed
Mid-Market Business Enterprise and Mid-Market Business
Optimized for Ease of Management Optimized for Flexibility and Control Hybrid
Cisco Cloud
Managed Edge
Cisco Enterprise
Core / Datacenter Cisco Enterprise
Campus & WAN
Cisco Cloud
Managed Branch
Cisco
Enterprise
7
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Out-of-Band Management in Every Product
8
Management
data (1 kb/s)
WAN
Scalable – Unlimited throughput, no bottlenecks
– Add devices or sites in minutes
Reliable – Highly available cloud with multiple datacenters
– Network functions even if connection to cloud is interrupted
– 99.99% uptime SLA
Secure – No user traffic passes through cloud
– Fully HIPAA / PCI compliant (level 1 certified)
– 3rd party security audits, daily penetration testing
– Automatic firmware and security updates (user-scheduled)
Reliability and security information at meraki.cisco.com/trust
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Cloud Licensing Model is Simple
9
Simple Cloud Licensing model
No per-feature or per-user licenses
Licensing options: 1 Year, 3 Year, 5 Year, 7 Year & 10 Year
Cloud License price is all inclusive
Cloud Management UI
24 x 7 phone support
Automated software updates
Advanced hardware replacement (NBD in US)
All features built on the platform
All new features
Dashboard Demo
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Hands-on Labs
11
dashboard.meraki.com username: [email protected] password: Meraki! X is on front of printout
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Your Individual Lab Lives in San Francisco
12
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Lab Network Overview
“X” is your lab station number
VLAN1 (Corp)
Subnet: 10.0.[x].0/24
Gateway (MX LAN IP): 10.0.[x].1
VLAN30 (Voice)
Subnet: 10.0.[30+x].0/24
Gateway (MX LAN IP): 10.0.[30+x].1
VLAN100 (Guest)
Subnet: 10.0.[100+x].0/24
Gateway (MX LAN IP): 10.0.[100+x].1
Username: [email protected]
Password: Given by facilitator
YOU
MX60
MS220-8P switch
MR34
LAN IP: 10.0.X.1
LAN IP: 10.0.X.n2
LAN IP: 10.0.X.n1
WAN IP: (DHCP)
13
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
MX Security Appliance Lab
14
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
MX Security Appliances
15
Zero-touch site to site VPN
WAN optimization
NG firewall
Content filtering
WAN link bonding
Intrusion detection
Feature highlights
7 models scaling from small branch to campus / datacenter
Complete networking and security in a single appliance
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
About Cisco Cloud Networking
16
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Scenario: Configure VPN, Content Filtering and Group-Based Policies for Remote Branch Location
17
Verify that your MX is operational (i.e. WAN uplink is healthy, MX is viewable in
dashboard, etc.)
Create VLANs 1, 30, and 100 (per diagram) for your network
Create global policies to block BitTorrent, traffic shape online backups and software
updates and restrict adult websites.
Create a group-based policies for guest users to add rate limiting and additional blocked
categories.
Apply group policy to VLAN 100.
Enable network alerts if the MX goes offline for more than 5 minutes and if the switch
goes offline at any point.
Enable split-tunnel, mesh site-to-site VPN, check VPN health & status
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
MS Switch Lab
18
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
MS Edge and Aggregation Switches
19
Layer 2 & 3 Gigabit switches in 8, 24, and 48 port configurations with available PoE
Enterprise-class performance and reliability including non-blocking Gigabit performance, 802.3at/af PoE on all ports, 10GbE uplinks, and voice and video QoS
Voice and video QoS
Layer 7 app visibility
Virtual stacking
PoE / PoE + on all ports
Enterprise security
Remote packet capture, cable testing
Feature highlights
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
MS Switching Portfolio
20
MS220 MS320
• Layer 3
• 10Gb SFP+ uplinks
• Hot-swappable, redundant PSU (with
integrated fans)
• 24, 48 port models
• Layer 2
• Gigabit SFP uplinks
• Supports rack-mounted RPS 23001
• Integrated fans
• 8, 24, 48 port models
• Layer 3
• 10Gb SFP+ interfaces
• Hot-swappable, redundant PSUs
• Field-replaceable fans
• Management port
• 24, 48 port models
Ideal for:
— Access switching at branch sites
— Deep visibility into clients, applications
— Energy savings (PoE/PoE+ models)
Ideal for:
— Mission critical access switching
— Fast uplink requirements
— High availability environments
— Next-generation 802.11ac wireless (MR34)
— Deep visibility into clients, applications
— Energy savings (PoE/PoE+ models)
Ideal for:
— Campus aggregation switching
— Unified management from
access to aggregation layer
— Space-constrained locations
MS420
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Scenario: Configure Ports for VoIP Phone Use, Perform a Cable Test and PCAP, Set an Energy-Saving Port Policy
21
Verify that your MS switch is operational (green status, passing traffic)
Name your MS switch, and tag it with useful descriptors (e.g. “VoIP” or “Phone”)
Configure ports 4 and 5 for VoIP phone access
Create an energy-saving port schedule to turn off ports during off hours
Search for VoIP switch ports by tag, and then apply port schedule
Find live client device (e.g. MR16) and perform cable test, then perform a packet capture to
CloudShark
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
MR Access Point Lab
22
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
MR Wireless Access Points: Models
23
Indoor
APs
Outdoor
APs
3 Stream Triple-Radio
802.11ac
1.75 Gbit/s
MR12 MR18 MR26
Single-Radio
802.11b/g/n
300 Mbit/s
2 Stream Triple-Radio
802.11a/b/g/n
600 Mbit/s
3 Stream Triple-Radio
802.11a/b/g/n
900 Mbit/s
MR62 MR66
Single-Radio
802.11b/g/n
300 Mbit/s
Dual-Radio
802.11a/b/g/n
600 Mbit/s
MR34
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Scenario: Create Isolated Guest SSID With Splash Page
24
Verify that your AP is operational (green status, passing traffic)
Create two new SSIDs —one for corporate, one for isolated, secure guest access,
On your corporate SSID, use a PSK and attach it to your data VLAN.
On the guest SSID, ensure users sign on via a splash page that refreshes every half hour (customize and
preview your splash page). Attach to your guest VLAN. Use group policy to block all Android devices.
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Systems Manager: Mobile Device Management
25
Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public
Systems Manager Overview
26
Device Management controls iOS, Android, Mac, and Windows devices
Cloud-based - no on-site appliances or software, works with any vendor’s network
100% free - available at no cost to any organization, sign up at meraki.cisco.com/sm
Centralized app deployment
Device security
Rapid provisioning
Backpack™ file sharing
Asset management
Feature highlights
Systems Manager Demo
Q&A