#clmel

Cloud Managed Networking with Meraki

BRKEWN-2013

Peter Stephan – Cloud Networking Systems Engineer

Cisco Meraki Cloud Networking

3

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

About Cisco Cloud-managed Networking

Cisco Meraki: a complete cloud-managed networking solution

- Wireless, switching, security, and EMM, centrally managed over the web

- Built from the ground up for cloud management

- Integrated hardware, software, and cloud services

Leader in cloud-managed networking

- Among Cisco’s fastest-growing portfolios: over 100% annual growth

- Tens of millions of devices connected worldwide

Recognised for innovation

- Gartner Magic Quadrant, InfoWorld Technology of the Year, CRN Coolest Technologies

Trusted by thousands of customers worldwide:

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Cisco On-premises and Cloud-ManagedPrimary Positioning

Network-as-a-ServiceNetwork-as-a-Platform

Cisco Cloud Managed Networking

• Easy to deploy and manage over the

web

• Out-of-the-box optimised feature set

• Ongoing managed upgrades and

enhancements

• Optimised for lean IT, with limited

requirement for 3rd Party integration

Cisco On-Premises Networking

• Flexible deployment and configuration

options

• Highly customisable and advanced

feature set

• Advanced professional services,

extended support

• Extensive integration capabilities

The Cisco Meraki Cloud Infrastructure

6

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Cloud-managed Networking Architecture

Network endpoints securely

connected to the cloud

Cloud-hosted centralised

management platform

Intuitive browser-based

dashboard

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Out of Band Cloud Management

Scalable

– Unlimited throughput, no bottlenecks, scale to any size

– Add devices or sites in minutes

Reliable

– Highly available cloud with multiple data centres

– Network functions even if connection to cloud is interrupted

Secure

– No user traffic passes through cloud

– Fully HIPAA / PCI compliant (level 1 certified)

– 3rd party security audits, daily penetration testing

Future-proof

– New features pushed through firmware, guided by customer feedback

– Automatic firmware and security updates (user-scheduled)– Reliability and security information at meraki.cisco.com/trust

Management

data (1 kb/s)WAN

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

All-in-one Solution – Network as a Service (NaaS)

Cloud-based solution includes

Centralised management and network-wide visibility and control

Seamless firmware and security updates

Phone support and lifetime warranty (except outdoor APs)

Meraki solution =

Hardware Licence

+

1:1 ratio of hardware : licence

1-yr, 3-yr, 5-yr, 7-yr, and 10-yr

options

All licences co-terminate

Cisco Meraki Full Stack

10

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Cisco Meraki MR

Wireless LAN

Cisco Meraki MX

Security Appliances

Cisco Meraki MS

Ethernet Switches

Cisco Meraki SM

Mobile Device

Management

Cisco Meraki Full Stack

All Meraki products can integrate with any vendor’s network

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Cisco Meraki MR Wireless Access Points

Product Overview

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

MR Wireless Access Points

7 models including indoor / outdoor, high performance and value-priced

Enterprise-class silicon including RF optimisation, PoE, voice / video support

Lifetime warranty on indoor APs

BYOD policies

Application traffic shaping

Guest access

Enterprise security

WIDS / WIPS

Location analytics

Layer 7 visibility

Feature highlights

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

14

Outdoor APs

3 Stream Triple-Radio

802.11ac

1.75 Gbit/s

MR18 MR26

2 Stream Triple-Radio

802.11a/b/g/n

600 Mbit/s

3 Stream Triple-Radio

802.11a/b/g/n

900 Mbit/s

MR66

2 Stream Dual-Radio

802.11a/b/g/n

600 Mbit/s

MR34

MR Wireless Access Points Family

2 Stream Quad-Radio

802.11ac

1.2 Gbit/s

MR32

2 Stream Quad-Radio

802.11ac

1.2 Gbit/s

MR72

IndoorAPs

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

External Antennas

Omni Directional SectorSemi-Directional Patch

ANT-20 ANT-25 ANT-21/23

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Dedicated 3rd Radio for Improved RF Visibility

Radio dedicated to scanning and protecting RF environment

- Detects and mitigates interference, vulnerabilities, and attacks on all channels

- 3rd radio enables full-time scanning with full-performance client access on 2.4 GHz

and 5 GHz radios while using WIDS/WIPS

Deeply-integrated with cloud-based software solutions:

Air Marshal (WIDS/WIPS), Auto RF (channel planning and interference

avoidance)

No added cost or complexity

- Typical deployments: radio operates in background (zero-config)

- Power users: rich tools available for security and RF management

- No added cost: no extra hardware, software, or licenses

- Most models require no extra power, full functionality with 802.3af

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

MR Wireless SummaryQuickly swap between architectures as needed

Direct access, remote access, tunneled or distributed

Rich policy management functionality

Time-based group policies, MDM & ISE integration

Management and reporting for distributed enterprise

Office, region, country, world wide reporting and analytics

Managed service provider integration tools

Hotspot 2.0, custom branding and helpdesk integration

Scale from 1 to 10,000 APs with minimal to no extra infrastructure

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Simplified Analytics and Engagement with Cloud CMX

Built-in location

analytics dashboard

Built-in CMX

analytics

Automatic summary

reports

WiFi with Facebook

Login

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Meraki APIs & Integration with Third Parties

19

CMX API EXCAP API

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Dashboard Tools to Troubleshoot Wireless Issues

Access Point’s signal quality at the client (my.meraki.com)

Client signal quality at the Access Point

Channel utilisation from Dashboard

Meraki built-in RF Spectrum

Switched related issues (VLAN, ARP, DHCP and DNS)

WIPS/WIDS by Meraki Air Marshal

Live Demonstration - Wireless

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Bluetooth Low Energy (BLE) and Beacons

Included in the MR32 and MR72

Location Engagement

Provide better consumer experience

with opt-in mobile app integration using beacon technology

Asset Tracking

Track beacon-tagged assets with

Bluetooth scanning and location estimation

• BLE is a form of Bluetooth designed for very low–power applications

• Beacons use BLE to enable location–based services like mobile payment, couponing,

and indoor navigation (iBeacon is Apple’s BLE trademark)

• Beacons identify themselves using unique codes (similar to MAC addresses)

• Gaining traction as an opt-in alternative to WiFi-based location services

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

So What Are Beacons and iBeacons Transmitting?

• Beacons are very simple Bluetooth Low Energy (BLE) messages which are transmitted or heard by BLE compatible devices. This device could be a computer, a phone, a wireless AP, or a tag, to name just a few possible devices.

• This message has three basic components:

– Universally Unique Identifier (UUID)

– Major

– Minor

• These components of the beacon can be configured with information the operator wants to communicate to other BLE-compatible devices. Typically this is in a non-human friendly form but it can be interpreted by a listening device. For example, in a retail environment it could be interpreted as:

– Retail Brand (UUID)

– Shop Location (Major)

– Product Category (Minor)

23

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Use Case: Location Engagement with Beacons

Seamless deployment by

integrating Beacons into

the AP

Better consumer

experience with opt-in

mobile app integration

Increased customer

visibility with both WiFi and

Bluetooth analytics built-in

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Use Case: Asset Tracking with Bluetooth

Seamless site-wide

deployment with Bluetooth

integrated into the AP

Track Beacon-tagged assets

with Bluetooth scanning and

location estimation

Increased administrative

visibility with both WiFi and

Bluetooth inventory built-in

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Meraki Beacon System

802.11ac WiFi and integrated Bluetooth Radio

- Wide-area beaconing

- Client inventory & macro location analytics

- Remote beacon fleet monitoring

Remote beacon overlay

- “Immediate zone” beaconing

- Micro-location mapping (<1m)

Mobile app integration

- Beacon-aware SDKs

Technology Partners

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Cisco Meraki Systems Manager MDM

Product Overview

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Systems Manager Mobile Device Management

Device Management controls iOS, Android, Mac, and Windows devices

Cloud-based - no on-site appliances or software, works with any vendor’s network

Full integration – seamless integration with Meraki WLAN products

Available for free - available at no cost to any organisation, sign up at meraki.cisco.com/sm

Centralised app deployment

Device security

Dynamic Profile Support

Rapid provisioning

Backpack™ file sharing

Asset management

Feature highlights

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Systems Manager Enterprise Summary

Active Directory Integration

Automatically enrol devices,

with relevant network group

policies based on Active

Directory groups.

Cisco ISE Integration

Meraki EMM adds device posture

assessment and automates

enrolment with Cisco ISE

Open-in Containerisation

Whitelist and blacklist apps as well

as utilise per-app VPN using

native OS tools.

Android Samsung Knox

SupportIncreased configuration options

with Samsung devices

including kiosk mode.

RemediationThrough Group Policy

Automatically limit the reach of

jail broken and non-compliant

devices

24/7 Enterprise Support

Utilise our team of specialists day

or night to keep your SME network

running smoothly.

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Cisco Meraki MX Security Appliances

Product Overview

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

A Complete Unified Threat Management Solution

31

Application ControlWAN Optimisation, Traffic

Shaping, Content Filtering

SecurityNG Firewall, Client VPN,

Site to Site VPN, IDS/IPS

NetworkingNAT/DHCP, 3G/4G Cellular,

Static Routing, Link Balancing

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Why Customers Choose the Cisco Meraki MXIntuitive centralised management

• No training, no command line

• Templates to configure at-scale

• Packet capture, built-in tools and

diagnostics

Industry-leading visibility

• Fingerprints users, applications, and devices

• Network-wide monitoring and alerts

• Full stack: APs, switches, Security, MDM

Designed for distributed enterprises

• Single pane of glass visibility

• Zero-touch provisioning

• Seamless updates from the cloud

• Site-to-site IPSec VPN in 3 clicks

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Ironclad Security

Best IPSSOURCEfire IDS / IPS, updated every day

Content Filtering

4+ billions URLS, updated in real-time

Geo-basedsecurity

Block attackers from rogue countries

AV / anti-phishing

Kaspersky AV, updated every hour

PCI compliance

PCI L1 certified cloud-based management

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Cisco Meraki MS Switches

Product Overview

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Make data driven decisions with traffic analytics

Meraki Layer 7 Visibility

35

Industry First Application Visibility

– Identify hundreds of applications

down to hostname visibility

– Identify bandwidth roadblocks

– 100% built-in: no separate hardware

or software needed

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Reduce truck-rolls and improve IT staff efficiency

Meraki Remote Live Tools

36

Remote Live Tools

– Identify cable issues remotely and

avoid hours in the wiring closet

– Packet capture to diagnose and reduce truck-rolls

– Test switch throughput, ping clients, and reboot PoE clients remotely

Live Demonstration

What Next?

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Call to Action

39

• Visit the Meraki booth in the World of Solutions

• Subscribe to the Meraki blog

– https://meraki.cisco.com/blog/

• Visit our YouTube channel

– https://www.youtube.com/user/milesmeraki

• Try any product for free

– https://meraki.cisco.com/form/trial

• Get a free access point!

– https://meraki.cisco.com/webinars

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Interested in Learning About Next Gen Solutions?

• Have your account team setup a meeting in our Whisper Suites

• Requirements

– Cisco Account Team Presence

– Cisco NDA in Place

• Please use the address if you have any queries…

pestepha@cisco.com

40

Q & A

© 2015 Cisco and/or its affi liates. All rights reserved.BRKEWN-2013 Cisco Public

Give us your feedback and receive a

Cisco Live 2015 T-Shirt!

Complete your Overall Event Survey and 5 Session

Evaluations.

• Directly from your mobile device on the Cisco Live

Mobile App

• By visiting the Cisco Live Mobile Site

http://showcase.genie-connect.com/clmelbourne2015

• Visit any Cisco Live Internet Station located

throughout the venue

T-Shirts can be collected in the World of Solutions

on Friday 20 March 12:00pm - 2:00pm

Complete Your Online Session Evaluation

Learn online with Cisco Live! Visit us online after the conference for full

access to session videos and

presentations. www.CiscoLiveAPAC.com