Upload
vodiep
View
223
Download
2
Embed Size (px)
Citation preview
Territory Business Manager – Florida Territory
Cisco Customer Education
Brian Avery
Cisco Prime: Transform Your Network with Cisco
This session was recorded via Cisco WebEx! You can watch the live session recording HERE.
Presentation Agenda► Welcome from Cisco
► Digital Transformation in Enterprise
► Q&A, Conclusion
► SDN, DNA and Unified Access
► Cisco Prime and MerakiPriors:Cisco Sales and Channels (11.5 yrs)President and CEO (6 yrs) - Cisco Premier Partner Director of Sales (2 yrs) - Cisco Silver PartnerFinancial Analyst (7 yrs) - Sprint Corporation
About Your HostBrian AveryTerritory Business ManagerCisco Systems, [email protected]
► Digital Disruption
CCE is an educational session for current and prospective Cisco customers
Designed to help you understand the capabilities and business benefits of Cisco technologies
Allow you to interact directly with Cisco subject matter experts and ask questions
Offer assistance if you need/want more information, demonstrations, etc.
What Is the Cisco Customer Education Series?
Cisco Confidential 5
Computer scientists, Len Bosack and Sandy Lerner found Cisco Systems
Bosack and Lerner run network cables between two different buildings on the Stanford University campus
A technology has to be invented to deal with disparate local area protocols; the multi-protocol router is born
1984
WellFleet
SynOptics
3Com
ACC
DEC
Proteon
IBM
Bay Networks
Newbridge
Cabletron
Ascend
Fore
Xylan
3ComNortel
Ericsson
Alcatel
JuniperLucent
Siemens
NECFoundry
Redback
Riverstone
Extreme AristaHP
Avaya
Juniper
Huawei
Aruba
Brocade
Checkpoint
Fortinet
ShoreTel
Polycom
Microsoft
F5
Riverbed
Dell
Internet of Everything
1990 – 1995 1996 – 2000 2001 – 2007 2008 – Today
The Landscape is Constantly
Changing
Leading for Over 30 Years
2016
Cisco Confidential 7
Who Is Cisco?
Chuck Robbins,CEO, Cisco
• Dow Jones Industrial AverageFortune 100 Company (AAPL, CSCO, INTC, MSFT)
• $154B Market Capitalization
• $48.9B in Revenue
• $10B in Annual Net Profits
• $34B More Cash than Debt
• $6.3B in Research and Development
http://finance.yahoo.com/q/ks?s=CSCO+Key+Statistics
No. 1Voice
41%
No. 1TelePresence
50%
No. 1Web
Conferencing43%
No. 1Wireless LAN
50%
No. 2x86 Blade Servers
29%
No. 1RoutingEdge/Core/
Access
47%
No. 1Security
31%
No. 1SwitchingModular/Fixed
65%
No. 1Storage Area
Networks47%
Market Leadership Matters
Digital Disruption Impact to Business
Of incumbents are at risk of being displaced
in the next 5 years
40%
Digital Vortex: How Digital Disruption Is Redefining Industries. Global Center for Digital Business Transformation, 2015.
Of digital value at stake across private industries
between 2013-22
$14T
Cisco estimates $14.4 Trillion of digital value at stake across private industries between 2013-22 Where to
begin your journey to digital value in the private sector.
How much more profitable are
organizations that master digital
26%
Leading Digital: Turning Technology into Business Transformation
HealthcareGovernment Manufacturing Education Financial
Cisco Confidential
Digitization Impacts All Sectors
Digital Transformation is Moving IT to the Boardroom
UPS My ChoiceDelivery Control
Personalized Service
Customer ExperiencePhysical and Virtual
RFID Content
Workforce EfficiencyWIP Inventory and
Part Tracking
American ExpressPersonalized Service
Through Mobile
Starbucks AppsOrder AheadSkip the Line
…And Creating New Priorities for Digital Organization
Simplify / Automate Processes
Faster Time to MarketLeaner Operations
Empower Workforce Efficiency and Innovation
Increased ProductivityBetter Retention
Personalize Customer/ Citizen Experience
Increased LoyaltyGreater Insight
IoTMobility Analytics CloudMobile traffic will Exceed
wired traffic by 2017IoT Devices will triple by 2020
75% of companies planning to or investing in Big Data
80% of organizations will primarily use SaaS by 2018
Network Requirements for the Digital Organization
Insights &Actions
Drive Business Innovations
Security & Compliance
Real-time & Dynamic Threat Defense
Cisco Digital Network Architecture (DNA)
Automation& Assurance
Speed, Simplicity and Visibility
Network Enables New Capabilities
Secure the Enterprise AutomationEngage CustomersMobilize the Workforce
Digital WorkforcePersonalized Workspaces
Effective Collaboration
Omni-channel ExperienceEnhanced Points of ServicePersonalized Experiences
Accelerate the BranchRollout services faster
Application performance
Faster threat detectionContinuous complianceSecure mobile access
Built on the Network as a Platform for the Digital Organization
Faster network services
provisioning1
85%Software value vs.
ala-carte with license portability3
2XBreach
Protection4
99.2%Reduced network installation costs2
79%Energy savings and
reduced building maintenance cost5
80%
GreaterBusiness Agility
Lower Costs
Investment Protection
Reduced Risk
Resource Optimization
1 Based on IWAN App - Estimate based on workflow changing from 900 CLI lines to 10 GUI clicks.2 PnP App - Based on average installation cost for SWM, Rolls Royce Engines and Kaiser Permanente installation costs.3. Cisco ONE Software Buying Model for Access and WAN Based on Cisco Threat Centric Infrastructure Study , 2015
4 Based on Cisco Threat Centric Infrastructure Study , 20155 Cisco Energy Management Solution with Philips LED Systems
DNA Delivers Real Business Benefits
Customer Journey for Digitization
BaseAutomation
Immediate value to existing network
environments
Targeted Policy Services
Active control for critical use cases:
IWAN, QoE
Security
Network as a Sensor / Enforcer
Complete Software Control
E2E policy based automation
Digital Services
Enable Line-of-Business
SDA begins here
Business Networks today are Complex…
VLAN Based
HQ
Wired Wireless Badges
VLAN 1 VLAN 2 VLAN 3
RemoteVLAN C
Branch B
VLAN B
Branch A
WAN
VLAN A
Lighting
BMS
| Disparate Networks | Complex Provisioning | Not Scalable
..and have multiple Operational Challenges
Policy Violations Due to Human Error
Network Changes Performed Manually
95% 70%
OpEx spent on Network Visibility
and Troubleshooting
75%
Source: 2016 Cisco Study
Traditional Networking CANNOT Keep Pace with the Demands of Digital Business
Cisco Confidential 22© 2013-2014 Cisco and/or its affiliates. All rights reserved.
The Big LieThe Big Lie
Competitors Say:
“The Network Is a Commodity”
Cisco Confidential 23© 2013-2014 Cisco and/or its affiliates. All rights reserved.
The Big LieThe Big Lie
Cisco Confidential 24© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Typical Multi-Vendor NetworkSwitching Routing Security Wireless Voice
Cisco
HPDell3ComDlinkNetGearLinksys
Cisco
3ComJuniperHuwaiAdtran
Cisco
WatchguardSonicwallFortinetCheckpointNetGearDlinkPalo Alto
Cisco
3ComHPAerohiveAruba
Cisco
NortelAvayaMitelSiemensShoretelSamsungPanasonicToshibaIntertelComdialNECAlcatel
Cisco Confidential 25© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Results in The Frankenstein Effect!
Switching Routing Security Wireless Voice
Cisco
HPDell3ComDlinkNetGearLinksys
Cisco
3ComJuniperHuwaiAdtran
Cisco
WatchguardSonicwallFortinetCheckpointNetGearDlinkPalo Alto
Cisco
3ComHPAerohiveAruba
Cisco
NortelAvayaMitelSiemensShoretelSamsungPanasonicToshibaIntertelComdialNECAlcatel
Reliability challenges
Inconsistent warranties
Higher maintenance costs
No single point of support
Basic levels of integration
Easily enforce policies across wired, wireless, and WAN
Enable sophisticated network capabilities with simplicity
Predictably administer changes and add capabilities
Deliver service innovation more quickly
Get instant view of issue location to speed remediation
Treat the network as a single sophisticated system
Policy-Driven Automated Agile
What if you could…
A Fundamental Shift in Networking is Needed
Cisco Confidential 28© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Transform Your Network!
Access Is Where Users and the Network Come Together…• User gateway to information
• Business engages users and customers
• Contextual policy is applied
• 360° view of users, devices and applications
The Network is the Foundation of the Digital Business The Strategy to Succeed in a Digital WorldAccess is a Key Element to that Network Strategy
NETWORK
Simple: Agility to Align to the Digital Business
Single Management
Wired and wireless orchestration, lifecycle
management and troubleshooting
Central Policy
Contextual policy for all users,
devices and locations
Consistent Performance
Functional parity from wireless to wired that
improves user and application experience
Flexible Deployment Models
Aligns to any operational model to meet any
business needs
Smart: Improve Digital Business Experiences
Intelligent Power
Control things from the wired infrastructure to
reduce cost and improve experience
Wireless Excellence
Optimized connections, airspace, performance
and roaming
Accurate Location Data
Up-to 1 Meter locations accuracy for better
analytics and end-user engagement
Fastest Wired and WirelessMulti-gigabit
performance from wireless to wired
High-Availability
Gain sub-second recovery to assure
highest network reliability
Secure: Protect The Digital Business
End Device Security
Integration with industry-leading
EMM/MDM solutions to meet compliance
End-to-End Verification
Consistent contextual policy validation from
access to core to WAN
Anomaly Identification
Deep visibility into unknown devices,
unusual traffic patterns and unexpected
behavior
AttackContainmentEnforce policy
and segmentation or quarantine
anomalous traffic
Compliance Everywhere
Extend policies outside the physical
environment with secure remote access
Software Defined Access(SDA)
Consistent Policy
On-DemandServices
SimplifiedProvisioning
Programmable Enterprise Innovations over an Orchestrated Secure Fabric
Enterprise IT Today
VLAN Based
HQ
Wired Wireless Badges
VLAN 1 VLAN 2 VLAN 3
RemoteVLAN C
Branch B
VLAN B
Branch A
WAN
VLAN A
Lighting
BMS
| Disparate Networks | Complex Provisioning | Not Scalable
Lighting
BMS
WAN
Branch B
Remote
Branch AHQ
Digital IT of Future: Logical Virtual Network
Private & PublicCloud Resources
Users & Devices
Building Devices
Agile Fabric ServicesMobility Collaboration Security
APICEM
Software Defined Access Vision
FabricServices
Orchestration and Policy
Infrastructure
Endpoints
SecurityCollaboration
Fabric ServicesMobility Mobility
Seamless roamingElastic WLC
CollaborationQuality of experience (QoE)Voice/Video performance
SecurityIdentity, NAC, EncryptionDevice Onboarding
Branch
Programmable Custom ASICs
Industry LeadingWired & Wireless | Stacking | TrustSec | SDN
Advanced FunctionalityProgrammable Pipeline | VSS | Stack Power
Optimized for CampusIntegrated Stack | Visibility | Security
Future ProofedLong Life Cycle | Investment Protection
`
Network Enabled ApplicationsCollaboration | Mobility | IoT | Security
Automation and AnalyticsController | Visible | Programmable | Open
VirtualizationMPLS | Campus Fabric | Segmentation
Designed for EvolutionStrong Foundational Capabilities | HA
Converged Software Services
Foundational Pillars of SDA
+
Driving Innovations Through Technology Investments
Benefits of SDASimplified ProvisioningConsistent Policy RolloutFlexible User/Device GroupsSecure Network Segmentation
Investment ProtectionGreenfield/BrownfieldSignificant OPEX reductionFuture-proofed
Automation and AssuranceDay 0/1/N Workflow AutomationOpen/3rd Party ApplicationsOrchestrated Data Models
Business Transformation for Programmable Enterprise
Agile ServicesOn Demand Service OnboardingSingle Pane of ManagementContextual Analytics
Mobility Collaboration Security
Endpoints
APICEM
Branch
Secure FabricSecure Segmentation
• Flexible User/Device Grouping• Basic Segmentation• Micro Segmentation
Simplified Provisioning• Device Onboarding• Automated Workflows• Consistent Policy
Monitoring & Troubleshooting• Easy Management• Proactive Network Health Monitoring• Contextual Analytics
Mobility Collaboration Security
Endpoints
APICEM
Branch
Next Generation Mobility for Digital EnterpriseMobility
as aService Elastic
ControllerWired / Wireless
ConvergenceSeamlessRoaming
Mobility as a ServiceWired/Wireless Convergence
• Group Based policies for wired & wireless• Seamless roaming in Fabric domain• Consistent User experience
Simplified Mobility• Flexible controller option – Integrated,
Appliance, VM based• Segmentation for Wireless• Easy IP Addressing
Service Onboarding• Common Guest Services• Extend Identity/NAC/Webauth to wireless• Integrated Analytics for wired & wireless
Collaboration Security
Endpoints
APICEM
Branch
Mobility
Automates Operations
Scales Enforcement
Increases Visibility
User & Device Onboarding
User devices Building devices
Access Control & Segmentation
PCI DevicesGroup
GuestGroup
Advanced Threat Defense
Before During After
DiscoverEnforceHarden
Detect Block Defend
AssessContain
Remediate
Network-based Security
Collaboration as a Service
IntelligentPolicy
Dynamic QoS
ContextualAnalytics
Unprecedented User Experience
Mobility
Collaboration as a ServiceEasy QoS Provisioning
• Automated best practices CVD template• Consistent QoS policies• Controller based rollout
Rich User Experience• Application Driven QoS• Dynamic Policy management• Performance monitoring
Easy Monitoring and Troubleshooting• Flow based analytics• Contextual insights• 3rd party tools
Security
Endpoints
APICEM
Branch
Collaboration
Identify Prioritize Accelerate
See 1000+ apps running on your network
Automate app priority based on business policies
Boost app performance
Securely on any connection or platform for all users
Cisco Intelligent WANApplication-centric SD-WAN
Automation & Assurance
3rd PartyApplications
OpenStandards
On-DemandServices
Controller based Eco-system for Programmable Enterprise
TODAYCLIs and scriptsManual configurationsScript maintenanceWired access onlyStatic network environmentsSlow and unpredictable workload changeHardware-centric
FUTURESimple user interfaceAutonomic with control and visibilityOrchestration with data modelsExtensibility with native 3rd party app hostingOpen sourced programmable interfacesSeamless wired and wireless accessProgrammable using software
Standards Based Object Model APIs
TCO Savings
Enterprise Automation Key Benefits
TCO Savings
Software Defined Access Summary
Begin Your Digital Journey Today
Mobility Collaboration Security
Endpoints
APICEM
Branch
BusinessAgility
AutomatedEnterprise
ConsistentPolicy
InvestmentProtection
Cisco Confidential 54© 2013-2014 Cisco and/or its affiliates. All rights reserved.
This MUST be Autobot
technology.
Cisco Unified Access Portfolio
Policy – Identity Services Engine
Management – Cisco Prime Infrastructure
Small-Med Wireless Controller
Med-Large Wireless Controller
Stackable Switches
Stackable Converged Access
Switches
Converged Access Switch
Platform
Network as a Sensor and Enforcer
End-to-End Policy Orchestration
Fundamental Wireless
Wireless Access Points With HDX
Wireless Access Point With HDX and Modularity
Low-Profile Outdoor Access
Points
High-PerformanceOutdoor Access
Point
Access Deployment ModesMobility Express | Centralized | Converged | FlexConnect
Comprehensive, Integrated Wired-Wireless Solution
Cisco Leadership With Innovation in PoE
Wider Choice of End Points
Efficient Power Delivery
Extend HA to critical devices
Universal RJ45
Lower CapEx/OpEx
2000 2003 2007
7WInline Power
15W (PoE)
30W(PoE+)
2011
60W(UPOE)
A Historical Perspective
Industry Standard IEEE 802.3af (15W PoE)
Industry Standard IEEE 802.3at (30W PoE+)
Virtual Desktop
Trading Floor Healthcare
Building Management
Campus, Retail,
Hospitality
Telepresense
Compact Switches
DEP Lighting
5 Gigabit Port
Enabling Next Generation MobilityMultigigabit Technology for 802.11ac Wave2
Cisco MultigigabitStandard Cat 5e/Cat6 Cables
1 Gigabit Port
Delivers up to 5X Speeds in Enterprise WithoutReplacing Cabling Infrastructure
Supports PoE Up to 60W
5 Gigabit Port
Available on 3800
Cisco Multigigabit Ethernet Key Differentiators
Adaptive Rate Technology (FE, 1G, 2.5G, 5G, and 10G)
Future proofed for higher speeds
Supports 5G speeds up to 100m distance over Cat5e cabling in Brownfield
Supports higher speeds over Cat6a cabling in Greenfield deployments
Cisco Innovation over 10GT standard to support high end point power needs
1G and 10G BaseT IEEE standards, intermediate speeds standards in progress
Maintain Switch to AP Reach at Higher Speeds
Infrastructure Investment Protection
POE / POE + / UPOE
Standards Compliant
Smart OperationsLower TCO
Zero Touch Deployments and Maintenance
NG Plug n PlaySmart Install
Instant Access
• Software image & Configuration downloaded
• Consistent for Devices & PIN
• On-going Image Update and Configuration Backup
Easy Configurations for endpoints
Auto Smart PortsAuto Conf
Interface Templates
• Port Configuration: Applied
• QoS Policy: Enforced
• Security Policy: Enforced
Monitor and troubleshoot
Smart Call HomeIPSLA
• Proactive diagnostics• Real time Alerts• Web-based reports• Routed to TAC team
Program the network
EEM, XMLProgrammability
• Ability to take custom actions based on syslogs/triggers
• Enhanced Flexibility and control
Reduce energy consumption
Energywise and EEE
• EEE ready• Energywise – Time of the
day policy based on/off of access devices
• 0 $ SKUs for energy management
APIC EM
Sleep Sleep Sleep
High AvailabilityProtecting Business Continuity
StackPower Stateful SwitchOver Virtual Switching System
Physical Redundancy
• Redundant Power Supplies
• StackPower with 3850• Redundant Fan Trays for
Chassis Systems• Redundant Supervisors
for Chassis Systems
StatefulSwitchover
• Stackable Support: 3850 and 3650
• Intra-chassis support: 6800, 6500 and 4500
• Inter-Chassis support: with VSS
Network Resiliency
• NSF support for OSPF, EIGRP, ISIS, BGP
• NSF reduces forwarding table churn
• BGP PIC• Graceful Restart for IPv4
& IPv6 with various routing protocols
• OSPFv3 Non-Stop Routing
Upgrade Management
• ISSU for hitless software upgrade
• EFSU for minimal disruption during software upgrade
Infrastructure Redundancy
• VSS• Instant Access• Multi-chassis
EtherChannel (MEC) provides hardware-based failover
• VSS Quad-Sup SSO with Sup2T
FlexStack+
Flexible Radio AssignmentAdjust radio bands to better
serve the environment.
Innovations Only Cisco DeliversRadio Frequency Excellence for High-Density Environments
Optimized RoamingIntelligently connects the proper Access point as people move
Turbo PerformanceScales to support more devices
running high bandwidth apps.
Zero Impact AVCHardware-based application visibility and
control without impact to performance.
Cisco CleanAir®
Remediates device Impacting interference
Cisco ClientLink Improves performance of Legacy and 802.11ac devices.
Expandability Add functionality via module, Smart Antenna Port or USB Port
Multi-Gigabit UplinksFree up wireless with faster wired
network offload Gb+
Flex Dynamic Frequency SelectionAutomatically adjusts so as not to interfere with other radio systems
Connected Mobile Experiences
Anonymous data about every visitor
Detect
Guest WiFi optimized for branding
Connect
APIs for real-time location based apps
Engage
User Analytics and Engagement
• Location Analytics
Optimize marketing and business operations
Analyze capture rate, dwell time, and new/repeat visitors to measure the impact of advertising, promotions, site utilization, etc.
Built-in location analytics Integrated in the WLAN; no extra sensors, appliances, or software
Extensible API Integrate location data with CRM, loyalty programs, and custom applications for targeted real-time offers
`
Intelligent WAN (IWAN) Solution Components
WAASAkamai
PfRv3
IPSec WAN overlayConsistent operational model
DMVPN, PKI
Management and Orchestration
MPLS
Internet
3G/4G-LTE
PrivateCloud
VirtualPrivate Cloud
PublicCloud
IWAN APP
Cisco Prime™
Branch
AVC
TransportIndependence
Optimal application routingEfficient use of bandwidth
Performance Routing(PfR) QoS
Intelligent Path Control
Performance monitoringOptimization and caching
AVC, WAAS, Akamai
Application Optimization
NG strong encryptionThreat defense
Suite-B, ZBFW, AMP, Umbrella, Stealthwatch
Secure Connectivity
Cisco IWAN Deployment ModelsDual MPLS Hybrid Dual Internet
Highest Service Level (SLA) x Inflexible for new servicesx Expensive
Consistent VPN Overlay enables Security across Transition
Enable SaaS and/or high BW apps Balanced Service Level (SLA) Up to 99.999% Reliability
Best price/performance IT Managed Service Levels Up to 99.999% Reliability
Public Public Enterprise
Internet MPLS Internet Internet
Internet
MPLSMPLS
A Threat-Centric Security Model
Network as an Enforcer
Network as a Sensor
BEFOREDiscoverEnforce Harden
AFTERAccessContain
Remediate
Detect Block
Defend
DURING
A T T A C K C O N T I N U U M
Security—User Device Onboarding
User and Device Profiling Authentication
Mobile Device Management
Voice Employee
Supplier BYOD
Non-Compliant
Guest
Visibility with Cisco Identity Services Engine (ISE)Discover Known and Unknown in Your Network
ACCESS POLICY
Network / User Context
How
WhatWho
WhereWhen
Partner Context Data
PxGrid
Consistent Secure Access Policy Across Wired, Wireless, and VPN
Security – Access Control & Segmentation
Group Based Policy Elastic Services
PCI DevicesGroup
GuestGroup
BMS DeviceGroup
IoT DeviceGroup
Network SecuritySegmentation with Cisco TrustSec
Data Center Firewall
Voice Data Suppliers Guest Quarantine
Access Layer
Data Tag
Supplier Tag
Guest Tag
Quarantine Tag
Aggregation Layer
Business Policy:
SourceDestination
Exec PC
HR Database
HR Database Prod HRMS Storage
Exec BYOD X XX XX
X
• Who can talk to whom• Who can talk to what systems• What systems can talk to other systems
• Simplifies policy implementation• Simplifies security operations• Accelerates business agility• Lowers network cost and
complexity
Cisco Application SensorsInnovative approach for Application Awareness and Control
Granular knowledge of appsPerformance monitoringGranular Network Security
QoS – Optimize ApplicationsRate-limit non-business criticalDisallow malicious applications
Proactively identify application degradationVisualize and determine problem
Awareness: move from Reactive to Proactive
Visibility Applications Control
Cisco AVC: The Key to Contextual Insights and Assurance
Cisco AVC ecosystem
Cisco AVC
Device Sensors/Platforms Orchestration/Management
3rd Party Visualization 3rd Party Security/Billing
Switch Router AP Controller FW VM
APIC-EM Prime Web GUI
Full NetFlow
APICEM
Quarantine & Remediation
Secure Fabric
PxGrid
Network/User Context
APIC-EMCloud Threat
Telemetry
Corporate Network PerimetersMalware dropped via backdoorVictim clicks phishing email link
Lateral movement to find admin
Escalate privilege to become admin
Data exfiltration using admin privilege
Security—Advanced Threat Defense
Network as a Security Sensor & EnforcerFull NetFlow with Lancope Integration | FirePOWER Services | Rapid Containment
Reconnaissance
Information monetized after breach
Cisco Stealthwatch: Ubiquitous visibility via flow telemetry
76
… your infrastructure is the source:
InternetAmador
Delta
Solano
Border
DMZ
Virtual Hosts
PerimeterDatacenter
WAN Hub
WAN
Access
IDFDatacenter
WAN
DMZ
Access
FlowFlow
Flow
Flow
Flow
Flow
Flow
Flow
Flow
Flow
Flow
Flow
Flow
Flow
FlowFlow
76
enterprise network
Attacker
Perimeter(Inbound)
Perimeter(Outbound)
Infiltration and Backdoor establishment
1
C2 Server
Admin Node
Reconnaissance and Network Traversal
2
Exploitation and Privilege Elevation
3
Staging and Persistence (Repeat 2,3,4)
4
Data Exfiltration
5
Anatomy of a Data Breach
Architecting a Secure NetworkCombining Network as a Sensor / Network as an Enforcer
Network Sensor(Lancope)
Campus/DCSwitches/WLC
Cisco Routers / 3rd Vendor Devices
Threat
PxGRID
Network Sensors Network EnforcersPolicy & Context Sharing
Cisco Collective Security Intelligence
ConfidentialData
NGIPS
PxGRID
ISE
NGFW
TrustSecSoftware-Defined
Segmentation
Prime InfrastructureEnd-to-End Lifecycle Management
Centralized lifecycle management -discovery, inventory, configuration, SWIM, and proactive/reactive monitoring
NEW: Compliance Baseline* Audit device configurations
Customizable configuration templatesbased on Cisco validated designs and guided workflows
Rapid device support through Device Packs for new Cisco® network devices
Advanced troubleshooting of wired and wireless infrastructure issues
Cisco Unified Access™ management and client tracking• Integration with Cisco® Identity Services Engine (ISE) for simplified troubleshooting
• Integration with Cisco® Mobility Services Engine (MSE) for location-based service and rogue detection
*requires Pro OVA or Gen2 hardware appliance
Prime InfrastructureUser Application Experiences
Simplified troubleshootingof applications and client access issues
QoS configuration and monitoring applied to interfaces and class-based traffic patterns
Multi-NAM management• Traffic analysis• Application response-time
metrics • Packet capture and decode
End-to-end visibility for service-aware networking
Out-of-the-box support for Cisco® advanced technologies
Service health dashboardallows quick check on your business-critical applications
Visibility Support Dash-board
Trouble-shooting QoS Multi-
NAM
Why Choose Cisco Prime Infrastructure?The Cisco Advantage
WhyPrime?
To simplify management and automationof network operations
Single pane of glass for campus, branch, and data center
Out-of-the-box templates
Compliance baseline
Plug-and-Play (PNP) app integrated with APIC-EM
Read/write API
Topology view of devices, links, and alarms
IWAN configuration and monitoring
Rapid device andtechnology support
Application Visibility and Control (AVC)
Integration with Cisco® MSE and ISE
Cisco Unified Access Portfolio
Policy – Identity Services Engine
Management – Cisco Prime Infrastructure
Small-Med Wireless Controller
Med-Large Wireless Controller
Stackable Switches
Stackable Converged Access
Switches
Converged Access Switch
Platform
Network as a Sensor and Enforcer
End-to-End Policy Orchestration
Fundamental Wireless
Wireless Access Points With HDX
Wireless Access Point With HDX and Modularity
Low-Profile Outdoor Access
Points
High-PerformanceOutdoor Access
Point
Access Deployment ModesMobility Express | Centralized | Converged | FlexConnect
Comprehensive, Integrated Wired-Wireless Solution
Cisco ONE for Unified Access
* Requires software support service
In Deployment• Access to ongoing
innovation*• Improved management
At Refresh• Lower cost due to
license portability*• Simplifies management
and saves time
At Purchase• Simplified purchase with
all licenses in 1 SKU• Outcome driven: licenses
detached from hardware• Better together pricing
and lower TCO
Comprehensive, Integrated Wired-Wireless Solution
Cisco Meraki Cloud-managed Portfolio
Policy – Meraki, Identity Services
Engine
Virtual and Physical Stackable Switches
Aggregation Switches
Access Switches
Indoor Access Points
Outdoor Access Points
Teleworker Gateway Security Appliance /UTM MDM
Management –Meraki Dashboard
Network as a Sensor and Enforcer
Comprehensive, Integrated Wired-Wireless Solution End-to-End Policy Orchestration
Intuitive web-based dashboard
Site wide search
Client location
Traffic analytics
Real-time control
Client fingerprints
Single pane of glassmanagement
Phone
BYOD/CYOD and Guest
Simple.Establish contextual policy and deploy high-performance infrastructure
Smart.Streamline on-boarding with EMM integration
Secure.Enforce policy across wired and wireless
Application and Device Performance
Simple.Deploy multi-gigabit wired and wireless environment
Smart.Optimize the wireless environment and align applications to business priorities
Secure.Link policy to management data to better resolve client and application issues
Analytics and User Engagement
Simple.Quickly scale wireless environments to capture employee and customer insight everywhere
Smart.Improve location data accuracy and display reports to make better business decisions
Secure.Identify rogue access point and interferers with up to 1 meter accuracy
Simple.High-availability wired and wireless infrastructure
Smart.Leverage available switch ports to create a more inviting environment and reduce cost
Secure.Detect new IP devices when they come online for compliance
Power Things
Network as a Sensor and Enforcer
Simple.Validate traffic against security policy from access to WAN
Smart.Identify anomalies and trends and segment potential malicious traffic
Secure.Quickly identify, mitigate and correct the impact of malicious activity
0% Financing with Easy Pay
Accelerate Digital Network Architecture transformation
It’s easy• Divide 90% of total product cost
by 36 months; make 36 monthly payments at 0% interest
• Finance Cisco Services at 0%
Flexible end-of-term options• Return and refresh your
technology• Extend the lease• Purchase the product solution at
10% of the original cost
Customers can use our funds and stay ahead of the curve.
Thank You and Next Steps
Brian [email protected]
Contact Your Cisco Partnerhttps://tools.cisco.com/WWChannels/LOCATR/performBasicSearch.do
www.
Learn more about DNA and Unified Access:www.cisco.com/go/unifiedaccess/
• CCE sessions are held weekly on a variety of topics
• CCE sessions can help you understand the capabilities and business benefits of Cisco technologies
• Watch replays of past events and register for upcoming events!
Visit http://cs.co/cisco101 for details
Join us again for a future Cisco Customer Education Event