Mobility Update - Uninett

Marcus Barman

Cisco Norge Mobility Team

Januar 2019

Uninett

Mobility Update

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

AgendaIntent Based Networking everywhereCatalyst Expansion to Wireless

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Intent-based networking infrastructure

Powered by intent. Informed by context.

TranslationCapture business intent, translate to policies, and check integrity

ActivationOrchestrate policies and configure systems

AssuranceContinuous verification, insights, and visibility, with corrective actions

Always on Secure Deploy anywhere

DNA Center™


Principles of intent-based networking infrastructure

Powered by Cisco IOS® XE

Physical and virtualinfrastructure

Application-specific integrated circuit (ASIC)

Applications

APIs

Domain controllers

DNA Center™Bridging intent-based networking portfolio

Built-in security, streaming telemetry, and rich analytics

Open programmable architecture


User experience starts with the access network

Access switchesAccess points Aggregation switches Wireless controllers

9200, 9300, 9400 Series

Cisco® Catalyst® Cisco Catalyst9500 Series

Cisco Catalyst9800 Series

Automation Security AnalyticsBuilt for intent-

based networking

The full experience, end to end


New Cisco Catalyst 9800 Series Wireless Controllers

Deploy anywhereAlways on

• Software updates with no disruption

• Rolling AP upgrades

• Seamlessly add new AP models

Secure

• Detect encrypted threats with Cisco® Encrypted Traffic Analytics (ETA)

• Automated macro and micro segmentation with Cisco Software-Defined Access (SD-Access)

• WPA3 support*

• On-premises, private or public cloud, embed wireless on a switch

• GovCloud ready

• Scale as you grow

Powered by Cisco IOS® XEOpen and programmable

Trustworthy solutionsModular operating system

* future

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential G l o b a l

S a l e s Tra i n i n g

Translate business intent into network policy andcapture actionable insights with DNA Center™

Cisco Aironetaccess points (APs)

Works with Cisco Aironet® 802.11ac Wave 1 and Wave 2 APs

DNA Center

Cisco Catalyst 9800 Series Wireless Controllers

Cisco Catalyst 9800-40Cisco® Catalyst® 9800-80

Cisco Catalyst 9800 for cloud Cisco Catalyst 9800 embedded wirelessfor Cisco Catalyst 9000 platform


S a l e s Tra i n i n gG l o b a l


Cisco Catalyst 9800Wireless Controller Appliances



17.3” (439.42 mm) wide, 3.5” (88.9 mm)tall (2RU), and 22.0” (558.8 mm) deep )

17.3” (mm) wide, 1.75”(mm) tall (1RU), and 18.3”(mm) deep

C9800-40-K9: 2000 APs, 32000 Clients C9800-80-K9: up to 6000 APs, 64000 Clients

Appliance: Cisco Catalyst 9800 Wireless Controller

C9800-40-K9

AIR-CT-5508-K9

AIR-CT-5520-K9




EXTERNAL INTERFACES

• RJ-45 Console Port• Mini USB Console Port• 2 External USB Ports • RJ-45 Ethernet Management Port (SP)• RJ-45 Ethernet Redundancy port (RP)• SFP Gigabit Ethernet Port• BUILT-IN-6x10GE/2x1GE or 10GE• C9800 Modules

LEDs

• Power Status LED• Alarm LED• High availability LED• USB console LED• 10/100/1000 RJ45 Link LED• 10/100/1000 RJ45 Activity LED• SSD Activity LED • System Status LED

• Power Supply (PEM 0)• Power Supply (PEM 1)• Power Switch

C9800-80-K9 Front Panel

C9800-80-K9

8540

Dimensions of C9800-80-K9: 17.3” (439.42 mm) wide, 3.5” (88.9 mm)tall (2RU), and 22.0” (558.8 mm) deep

Gigabit SFP RP Port

(Compared to 30.8 “ for 8540)


C9800-80: Modular wireless controller with 100 GE modular uplink and seamless software updates

Redundant

power supply

AC or DC

SP/RP port

Fiber RP port8x 10 GE

uplinks

Modular uplinks:

1 GE, 10 GE, 40 GE, 100 GEUSB 3.0

Up to 6000 APs Up to 64,000 clients 80 Gbps

Fully programmable multicore network processor Support for NetFlow, Application Visibility and Control (AVC), and ETA

OrderableNov 2018


C9800-40: Fixed wireless controller with seamless software updates

4x 1 GE/10 GE ports

SP/RP port Fiber RP portUSB 3.0Console

Up to 2000 APs Up to 32,000 clients 40 Gbps

Fully programmable multicore network processorSupport for NetFlow, Application Visibility and Control (AVC),

and ETA

OrderableNov 2018


Unprecedented throughput with the Cisco Catalyst 9800 Series

2xThroughput option now available

with C9800-80 going up to 80 Gbps

Always on:High availability and seamless

software updates

accuracy with ETA and Cisco Stealthwatch® integration

Cisco® Catalyst® 9800 Series Wireless Controllers

C9800-40 and C9800-80

Open standards-based programmability with

model-driven telemetry

Scale options for your campus

Programmable multicore network processor

Investment protection with modular uplinks

99%+

Industry’s first 100 GE uplink100


Scale to 6000 APs and 64,000 clients*

Centralized, Cisco FlexConnect®, Fabric

Open and programmable

Scale to 1000 APs and 10,000 clients

Cisco FlexConnect Local Switching

Open and programmable

Cisco Catalyst 9800 Series for private and public cloud

Cisco® Catalyst® 9800 for private cloud Cisco Catalyst 9800 for public cloud

*Only with FlexConnect and Fabric mode for 6,000 AP support

OrderableNov 2018


Cisco Catalyst 9800 embedded wireless on the 9000 switch platform

Install Cisco Catalyst 9800 embedded wireless on your existing branch infrastructure

SD-AccessOptimized for SD-Access with an always-on fabric

Cisco Catalyst 9300Supported on Cisco Catalyst 9300 Series Switches

Up to 4000 clientsSupports up to 200 APs and 4000 clients


Cisco Catalyst 9800 Series Wireless Controllers - Deploy the way you want to

Cisco Catalyst 9800-806000 APs, 64,000 clients, 80 Gbps

Cisco Catalyst 9800-402000 APs, 32,000 clients, 40 Gbps

Cisco Catalyst 9800-CL6000 APs, 64,000 clients^

Cisco® Catalyst® 9800-CL+

1000 APs, 10,000 clients

Cisco Catalyst 9800embedded wireless*200 APs, 4000 clients

Cisco Catalyst 9800-CL3000 APs, 32,000 clients

200 APs 1000 APs 6000 APs2000 APs 3000 APs

*SD-Access only+Cisco Catalyst 9800 for public cloud with Cisco FlexConnect® only

^Only with FlexConnect and Fabric mode for 6,000 AP support

SD-Access ready

ENCS



CMX 10.5.1 /DNA Space

- Connect / Detect / Engage- Hyperlocation- BLE

Cisco Catalyst 9800 Wireless as a solution!

Prime Infrastructure 3.5- Configuration- Monitoring

ISE 2.2/2.3/2.4- BYOD- Guest Access

DNAC 1.2.8- Automation- Assurance- Maps & topology

What Wireless controllers are

supported ?

- Physical: Cisco Catalyst C9800 Series Appliances

- Cloud: Private and Public Offering- Catalyst 9800 SD-Access Embedded

Wireless

What modes are supported?- Local, Flex, Fabric, Cisco Catalyst 9800 on

ME (Future)What are the Differentiating features?- High Availability, Patching, ETA

Programmability, Telemetry

Cisco Catalyst 9800Wireless Controller 16.10

Access Points Supported- 11ac Wave2- 11ac Wave1- 11ax (Future)


Cisco Catalyst 9800 Series: Always on

Deploy anywhereSecure

• Detect encrypted threats with Cisco® Encrypted Traffic Analytics (ETA)

• Automated macro and micro segmentation with Cisco Software-Defined Access (SD-Access)

• WPA3 support*

• On-premises, private or public cloud, embed wireless on a switch

• GovCloud ready

• Scale as you grow

Powered by Cisco IOS® XEOpen and programmable

Trustworthy solutionsModular operating system

Always on

• Software updates with no disruption

• Rolling AP upgrades

• Seamlessly add new AP models

* future


Cisco Catalyst 9800 embedded wireless*

Cisco Catalyst 9800-80

Cisco Catalyst 9800-40

Deploy anywhere

*SD-Access only; Available on Cisco Catalyst 9300 Series+Cisco Catalyst 9800 for public cloud: Cisco FlexConnect® only

Cisco Catalyst 9800 for cloud+




Catalyst 9800 for Cloud



❑ Customer has unique access to dedicated DC virtualized or physical resources

❑ The resources are onPrem DC or hosted by a Colo provider

❑ WLC as a Virtual Machine

Some definitions first…

❑ Customer doesn’t own the infrastructure (computing, storage, networking).

❑ WLC is consumed as Infrastructure as a Service (IaaS)

❑ Simply the reality…❑ Customer will have

both Private and Public cloud deployments for some time



Catalyst 9800 Wireless Controller for Cloud

ISE / AD DNA Center (1.2.8)

ASSURANCE

AUTOMATION

One image: choose the scale – 1k, 3k, 6k APs

Internet

Public Cloud

AD

Managed VPN

Enterprise network

NFVIS

ENCS

Hypervisors: ESXi, KVM, NFVIS on ENCS

All deployments mode: Centralized, SDA, FlexConnect, Mesh

ESXi

1,000 APs / 10,000 Clients

Amazon AWS with Managed VPN

FlexConnect local switching only

ISE/AAA

802.11ac

Access Points



Campus

Catalyst 9800 Wireless Controller for Cloud▪ Customer value prop:

o “Deploy wireless controller where you want it, how you want it”

o No AP mode or feature limitation vs. appliance

▪ Supporto VMware ESXi , KVM and ENCSo Wave 2 and Wave 1 APso All deployments and all AP modeso Centrally switched traffic <= 2.5 Gbpso VM Large: 6k APs, 64k clients at FCS is Flex local switching

and SDA. Limited scale with Local mode: 3K APs, 32K clients

o ESXi vCenter or KVM Virt-Mgr for VM provisioningo Automated VM bootstrap flow (ESXi vCenter only)

▪ Migration: o Migration tool (standalone and 9800 WebUI)o Prime & DNAC automation and migration flows

Corporate WAN

(MPLS /SD-WAN)

BranchFlex APs

Flex AP

OnPrem DC

Branch

ESXi / KVM/

CAPWAP

ISP owned device

Customer owned device

Local mode AP




Private Cloud – VMware ESXi



▪ Supported hypervisor: VMware ESXi 6.0 and higher

VMware specifications

Model Configuration Small (16.10) Medium(16.10) Large(16.10)*

Maximum Access Points 1,000 3,000 6,000

Maximum Clients Support 10,000 32,000 64,000

Minimum Number of vCPUs 4 6 10

Minimum Memory (GB) 8 16 32

Required Storage (GB) 8 8 8

Virtual NICs (vNIC) -3nd NIC is for High Availability

2 /(3) 2 /(3) 2 /(3)

vNIC driver VMXNET3 VMXNET3 VMXNET3

Virtual bridge Vswitch Vswitch Vswitch

vMotion, vNIC teaming, L2 LAG, SRIOV Planned for 16.11 Planned for 16.11 Planned for 16.11

*Limited scale with Local Mode and Flex Central switching : 3K APs, 32K clients



C9800-CLAireOS vWLC

26

C9800-CL brings in the best of appliance features to Private Cloud

NoSSO High Availability Yes

Flex OnlyDeployment Modes Flex, Local, Fabric

NoGuest Anchor Yes

NoDNA-C Automation & Assurance Yes

500 MbpsMax Throughput 2.5 Gbps

3k APs, 32k ClientsMax AP and Client Scale 6k APs, 64k Clients

MultipleInstallation Image Single for any scale

vs.


At any scale

200 APs 1000 APs 2000 APs 3000 APs 6000 APs

40 Gbps 80 Gbps

4000 clients 10,000 clients 32,000 clients 32,000 clients 64,000 clients

C9800-CLC9800 for private cloud^

C9800embedded wireless*C9800 on Cisco® Catalyst®

9000 platform

C9800-CLCisco Catalyst 9800 for

public+ and private cloud

C9800-80Cisco Catalyst 9800

on-premises

C9800-40Cisco Catalyst 9800

on-premises

C9800-CLC9800 for private cloud

*SD-Access only^Only with FlexConnect and Fabric mode for 6,000 AP support

+Cisco Catalyst 9800 for public cloud: Cisco FlexConnect® only



Lead with Catalyst 9800 Wireless ControllersSuperior features and attractive offers for new customers

✓ Support for cloud

✓ Open & Programmable

✓ ETA

✓ 3rd Party integration

✓ Rolling AP Upgrades

✓ Patching

✓ AP Pack

✓ Higher Scale

✓ Higher Performance

Catalyst 9800 Series Wireless Controllers

AireOS

Wireless Controllers

*GCP EFT Only



What else the C9800 does better?C9800AireOS WLC

YESReboot after applying DAY 0 configuration NO

limitedURL domain ACLs YES

NoDynamic ACLs (dACLs) Yes (local mode)

YESAP reboot to apply

major config changesNO

(CAPWAP reset)

ALWAYSDisable radio globally

to apply changesLIMITED

NOSimple copy/edit/search of the configuration via CLI

YES

NOGUI troubleshooting tools YES

vs.

NONetflow export for Flex APs YES


Agenda

Welcome

1 DNA Assurance Introduction

2 DNA Assurance Demo

3 DNA Assurance Key Use Cases

5 DNA Center Wrap Up

4 DNA Assurance Test Drive

Resources and Close


Right Place: Problem Isolation

Right Time: Problem Replication

Right Action: Problem Resolution

Wi-Fi iOS Analytics

Everything as a Sensor provides insights into

240+ failures)Everything as

a Sensor

Insights into a client view of the RF network (RSSI,

failure reasons)AirSense

Auto PCAPs

14 days of history with full context with 90 day

averagingNetwork Time

Travel

Enhance Anomaly detection by auto capturing packets

Identify the right insights using the right data

generated at the right time

Step by step remediation in the right order of

suggestion

ActionableInsights

GuidedRemediation

Helping IT Get to the Right Action -- Faster


Network quality is a complex, end-to-end problem

* Both = Join/roam and quality/throughput

Access points

Local WLCs

Network services data center

Office site

Cisco ISE

Mobile clients

Cisco® Unified CM

Client firmware

AP coverage

WAN uplink usage End-user services

RF noise/interf

Cisco Prime®

Configuration

Authentication

WLC capacity

WAN

Client density

Affects join/roam

Affects quality/throughput

Affects both*

DHCP

Addressing

WAN QoS, routing, ...

100+ points of failure between user and appWith 50,000+ permutations!

What is the problem?

Where is the problem?

How can I fix the problem fast?


In This Environment, Context is Key

Devices Applications

Users Network

Time

Location

Rich Context Increase Business Productivity and Frees Up IT Time

Cisco Context

360-degree Visibility

Data Granularity

Historical, Real-time, Future


DNA Assurance

Telemetry and Sensors at SourceClients | Applications | Wireless | Switching | Routing

Network TelemetryContextual Data

Correlation Complex Event

ProcessingIssues Insights

Guided Remediation

IPAM

CMXAppD

IPSLA

SNMP

OID

Telnet

DNS

MIB

Ping

CLI

DHCP

WirelessAAA

Syslog

Router

Netflow

Traceroute

Metadata extraction

Complex correlation

Steam Processing

001110101100110

1010110010

00101101

0110100

1101101

00101101

10101100110

101011000110011

Clients Baseline

Application Network


Agenda

Welcome

1 DNA Assurance Introduction

2 DNA Assurance Demo

3 DNA Assurance Key Use Cases

5 DNA Center Wrap Up

4 DNA Assurance Test Drive

Resources and Close


© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

360◦ view across clients, network and applications

Network Time Travel - 14 days of contextual history

100+ correlated insights with guided remediation

Event driven telemetry from the wireless infrastructure

Proactively test drive the network using Aironet 1800s Sensor

Intelligent Capture with auto packet captures and real-time state of the network

Apple iOS analytics that provides client perspective

Predictive trends before they become problems

Future: Close loop or automated remediation

Right Place Right Time Right Action

DNA Assurance – Key Wireless Usage


Key Use Cases on Wireless Assurance in 1.2.5

Client Onboarding

Actionable Dashboards: Onboarding Sankey charts

for better analysis

Real-time Correlation: Correlate Onboarding events

with poor RF and client location for RCA

Intelligent Capture:Onboarding failures with In-

service PCAPs

1

2

3

Sankey chart


Key Use Cases on Wireless Assurance in 1.2.5Client and Network Experience

Health Dashboard:Near-Real time Client

tracking (<60 sec) and Top N AP analytics

Client 360:Historical Time travel with

client RF correlated with the Onboarding events

Intelligent Capture:On-Demand AP stats for Wi-

Fi troubleshooting

1

2

3


Key Use Cases on Wireless Assurance in 1.2.5

Sensor based SLA Monitoring

Simulate Client perspective:1800s Sensor is mobile with

floor re-assignment

Active Testing:Test the cloud app

performance and Real-time AppX assessment

SLA Dashboard:Onboarding, Network Services, Cloud App

Performance and IP SLA

1

2

3

Documents

Mobility Update - Uninett