Академический Документы
Профессиональный Документы
Культура Документы
BRKAGG-2011
Presentation_ID
Cisco Public
Session Agenda
WCSs Role in the Network
Life Cycle of a Network
Planning and Deploying a Network Monitoring a Network Tools and Troubleshooting Trending and Reporting
BRKAGG-2011
Cisco Public
Session Objective
The objective of this session is to show WCSs role in the network and its lifecycle, and to demonstrate WCS features and how they can be used to perform practical tasks; the session also provides suggestions and best practices on topics where appropriate For an introduction to Enterprise Wireless LAN concepts, please review: BRKAGG-101
BRKAGG-2011
Cisco Public
Reporting Troubleshooting
Monitoring
BRKAGG-2011
Cisco Public
BRKAGG-2011
Cisco Public
Controller Auto-Provisioning
Configuration Auditing Methods
BRKAGG-2011
Cisco Public
PlanningOverview
Launching the Planning and Editing Tools
Create a new Campus/Building Create a floor you want to plan for (import floor plan) Pick Planning Mode or Map Editor from the drop-down menu
BRKAGG-2011
Cisco Public
Planning ToolOptions
Specify AP Prefix and AP Placement method (automatic vs. manual) Selecting AP type determines the antenna choices available for both the 2.4GHz and 5GHz band Select the protocol (band) and minimum desired throughput per band thats required for this plan Enable planning mode for advance options for data, voice, location and others
Location with monitor-mode factors in AP(s) that could be deployed to augment location accuracy Both the Demand and Override options allow for planning for any special cases where theres a highdensity of client presence such conference rooms or lecture halls
Data and Voice provide safety margins for design help. Safety margins help design for certain RSSI thresholds (detailed in online help). Location typically requires a denser deployment than data and the location checkbox helps plan for the advertised location accuracy
BRKAGG-2011
Cisco Public
Clicking an AP in the plan allows customization (added, deleted or simply modify properties) before a proposal may be generated
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
10
Planning ToolProposal
Proposal Contents:
Floor Plan Details Disclaimer/Scope/Assumptions Proposed AP Placement Coverage and Data Rate Heatmap Coverage Analysis
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
11
ConfigurationConfig-Groups Overview
What Are They?
An easy way to group controllers logically Manage devices with similar configurations
Extract templates from existing controller or WCS to provision Schedule Configuration sets
Cascade Reboot
12
Select and add later: Only create the config group and then add controllers and templates at another time Copy Templates from controller: Copy templates from one of the controllers currently in WCS and then apply them to controllers in this config group. Note, if controllers templates are not already discovered, they can be discovered from the Configure Controllers page
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
13
Adding Controllers: Controllers in WCS are presented and can be moved over to the newly config group Applying Templates: Discovered or already present template(s) can then be applied to controller Auditing: Ensure template-based audit is selected in audit settings and then audit controllers in group to ensure they comply with policies
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
14
BRKAGG-2011
Cisco Public
15
ConfigurationTemplates Overview
What Are They?
Are sets of configurations that may be applied to WLCs at the system/global level May be re-used to modify already applied configurations May be used to replicate configuration to other WLCs added subsequently May be to used to schedule configuration changes
Types of Templates
Controller templates Lightweight AP templates
BRKAGG-2011
Cisco Public
16
Template LaunchPad
All-in-one, high-level view of template categories in WCS which may be expanded or collapsed for easier navigation and viewing
Each template provides a callout icon which, on mouse-over, provides easy to understand description of what the template is and how it may be used to configure certain attribute(s).
Cisco Public
BRKAGG-2011
17
BRKAGG-2011
Cisco Public
18
BRKAGG-2011
Cisco Public
19
BRKAGG-2011
Cisco Public
20
ConfigurationAuditing
Easy way to identify configuration gaps between WCS and WLC
Manual on-demand audit capability Automatic audits based on configuration sync background task
Allows easy reconciliation in the event of a configuration mismatch Helps ensure WLCs comply with configuration policies
BRKAGG-2011
Cisco Public
21
Audit Summary
Restore or Maintain Config
BRKAGG-2011
Cisco Public
22
Audit Settings
Audit Settings
Audit Mode
Basic Audit: Perform an audit on current WLC configuration and compare it with the configuration in WCS Template-Based Audit: Perform an audit on current WLC configuration with respect to applied templates, config groups background templates and then the configuration in WCS
Audit On
All Parameters: Audit on entire WLC configuration Selected Parameters: Audit on selected parameters from the templates
BRKAGG-2011
Cisco Public
23
ConfigurationAuto-Provisioning
What Is Auto-Provisioning?
Ability to automatically detect and configure new WLCs (locally or at remote sites) Allows detection based on multiple criterion: Hostname, MAC Address or Serial number
Limited IT resources
Streamline operations and eliminate configuration mismatches
BRKAGG-2011
Cisco Public
24
Monitor Only: Controllers matched by this filter will not be configurable by WCS in the auto provision process Filter Mode: Choose from hostname, MAC Address or Serial number to match the WLC Config Group Name: Add the auto-provisioned WLC(s) to their own config group for easier management since these might share common policies Input Device: Select from single or multiple devices to provision. Selecting CSV option provides a link to download a sample file to understand the syntax. Device Configuration: Other device parameters that can be configured at this stage.
After hitting Submit, the filter is saved with one entry for the member you just added. At this point, you may add other members (WLCs) to this filter as well. This filter also creates a WLC config file in WCSs TFTP directory. Ensure your DHCP servers option 150 points to WCS Server
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
25
ConfigurationMaps
Why Maps?
Track wireless clients and tags, and play location history across campus Track and mitigate rogue devices Display Chokepoints Display Mesh AP relationships Integrate with Google Earth Represent wireless coverage on campus, and plan for growth View Channel and Tx Power plans provisioned by RRM View AP and RF Profile at the floor level Provision and display coverage areas, markers and other objects and use them with location notifications Post-Deployment: View VoWLAN and Location Readiness
BRKAGG-2011
Cisco Public
26
Maps Layout
Default View of Campus, Buildings, and Floors can be easily changed with the Quick Filters
Adding Campus or Buildings are made easy with the drop-down menu actions through an easy wizard that walks you through provisioning floor plans and APs
Building view provides a quick glance in to floors status and alarm summary for easier troubleshooting
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
27
Quickly Add/Remove Layers that may be placed on the floor plan and heat maps Mouse-over on objects on the map provides quick object summaries
BRKAGG-2011
Cisco Public
28
Allows users to be mapped to separate virtual domains at the time of creation Separate Reports, Controllers, Access Points, Search, Templates, Config Groups, Alarms and other objects Objects may be assigned to multiple domains at the same time root domain is a superset of all subdomains Only the root domain may location, and any other email notifications
Avoid changing configurations from multiple domains management simple Not all objects are available at the root level objects such as Search and Reports are domain specific For more caveats, visit: http://www.cisco.com/en/US/docs/wireless/w cs/5.2/configuration/guide/5_2virtual.html
29
BRKAGG-2011
Cisco Public
Monitoring
BRKAGG-2011
Cisco Public
30
Client-Related Monitoring
Client Details and Client List Pages Client Dashboard
31
BRKAGG-2011
Cisco Public
32
BRKAGG-2011
Cisco Public
33
BRKAGG-2011
Cisco Public
34
BRKAGG-2011
Cisco Public
35
System-Level to Drill-Down
BRKAGG-2011
Cisco Public
36
Use Quick Filters or Column Sorting to arrange information relevant to the task
BRKAGG-2011
Cisco Public
37
Searches can be performed on partial input Search output provides configuration and monitor links based on device type found Search parameters include IP Address, Usernames, MAC Addresses, SSIDs ,Rogues and AP Names
Advanced searches can be saved for easy future reference and use
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
38
MonitoringClient-Related Workflow
Common Steps in a Troubleshooting Scenario:
Lookup a client: MAC Address, Username, IP Address, Client type, Client state, From AP Details Page (example below) Where is the client now (and how is their RF profile) Where has this client been (Location playback, session and AP history) Active troubleshooting
BRKAGG-2011
Cisco Public
39
Basic Client Propertiescan be expanded for further details Client Association and Session History, From AP Pages too
BRKAGG-2011
Cisco Public
40
Client Statistics
BRKAGG-2011
Cisco Public
41
42
BRKAGG-2011
Cisco Public
43
BRKAGG-2011
Cisco Public
44
Customizable Layout
BRKAGG-2011
Cisco Public
45
BRKAGG-2011
Cisco Public
46
AlarmsThings to Remember
Its common to ignore email configuration in WCS WCS sends email notifications for Major events only! Acknowledged alarms suppress email notifications even if the severity changes Help! My alarms seem to have disappeared!
Alarms that get cleared move in to the Cleared state so be sure to check cleared alarms (or look under event history)
Clearing an alarm does not remove it from WCS database (deleting it does) Alarm severities can be customized from Administration SettingsAlarms Alarm acknowledgement works on individual alarm instance (and not on category or condition) Even if traps are disabled on WLC, WCS could generate alarms from the regular polling it performs
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
47
BRKAGG-2011
Cisco Public
48
BRKAGG-2011
Cisco Public
49
BRKAGG-2011
Cisco Public
50
BRKAGG-2011
Cisco Public
51
Client TroubleshootingExamples
Identify whether the problem occurs at 802.11 or higher layers Suggestions on where to look and how to potentially resolve the error condition(s)
BRKAGG-2011
Cisco Public
52
Client TroubleshootingExamples
Advance options are enabled in presence of CCXv5 clients. Additional analysis and messaging is possible provided client diagnostics is enabled on the WLAN
Analyzing logs from ACS and viewing latest client and AP events
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
53
BRKAGG-2011
Cisco Public
54
Voice AuditExample
Customizable Rules
BRKAGG-2011
Cisco Public
55
Simple, post-deployment tool to verify or correct AP deployment and provides a way to determine VoWLAN readiness by band, and RSSI cutoff values
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
56
BRKAGG-2011
Cisco Public
57
Location ReadinessExample
Simple, post-deployment tool to verify or correct AP deployment and provides information on what areas are under the Cisco recommended estimates
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
58
Reporting
BRKAGG-2011
Cisco Public
59
Report Scheduling
BRKAGG-2011
Cisco Public
60
Report LaunchPad
Report LaunchPad Easy Drill-Down
BRKAGG-2011
Cisco Public
61
Report Customization
Multi-Level Filters
Customized Reports
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
62
Graphical Reporting
Graphical Summaries
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
63
BRKAGG-2011
Cisco Public
64
wIPS Components
wIPS Monitor Mode APattack detection (scanning at 250ms per channel)
Controllermanages wIPS APs, forwards wIPS data to MSE MSE with wIPS Serviceattack archival and alarm aggregation WCScentralized configuration and monitoring
Over-the-Air Detection
wIPS AP Management
Monitoring, Reporting
BRKAGG-2011
Cisco Public
65
BRKAGG-2011
Cisco Public
66
3. Passed transparently to MSE via NMSP 4. Logged into wIPS Database on MSE
Sent to WCS via SNMP trap
5. Displayed on WCS
BRKAGG-2011 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
67
BRKAGG-2011
Cisco Public
68
1. wIPS Profiles are configured on WCS 2. Profile is pushed via SOAP/XML to MSE 3. Profile is pushed to Controller via NMSP
A controller can only use one wIPS profile for all its associated wIPS APs
69
wIPSExample Alarm
70
wIPSIntegrated Encyclopedia
Available for each alarm Provides text and visual description of attack Provides potential remediation steps
BRKAGG-2011
Cisco Public
71
BRKAGG-2011
Cisco Public
72
BRKAGG-2011
Cisco Public
73
High-AvailabilityThings to Know
Both the primary and failover WCS servers should run the same software version Both the primary and failover WCS servers should be running on the same OS type (cant mix Windows and Linux installs) Email server and receiver must be configured (used for notifications) Communication between the primary and failover WCS must be enabled on HM port if firewall is in the path Failover mode must be carefully selected (and remembered): manual vs. automatic Authentication key is created during the install, and is used by the primary and failover WCS servers for communication (and also logging into the HMweb page) HM available at: https://ip.address:HMport (example: https://10.10.10.200:8082)
BRKAGG-2011
Cisco Public
74
High-AvailabilityThings to Know
Available in release 5.2 and above
75
Helpful Links
WCS Datasheet
http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps6305/product_data_she et0900aecd802570d0.html
Configuration Guides
http://www.cisco.com/en/US/products/ps6305/products_installation_and_configuration_guides_ list.html
BRKAGG-2011
Cisco Public
Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center.
Dont forget to activate your Cisco Live Virtual account for access to all session material, communities, and on-demand and live activities throughout the year. Activate your account at the Cisco booth in the World of Solutions or visit www.ciscolive.com.
77
BRKAGG-2011
Cisco Public
BRKAGG-2011
Cisco Public
78