cisco prime network management overview
TRANSCRIPT
1© 2010 Cisco and/or its affiliates. All rights reserved.
Jim PavlichekSystems EngineerUSMC Team
Cisco Prime Network Management Overview
© 2010 Cisco and/or its af f iliates. All rights reserv ed. BYOD PartnerFIRST 2
•• Independent "point" ndependeIproducts
•• Untimely device and Untimely device and Utechnology support
•• Reliance on highly Reliance on hRskilled staff
•• Inconsistent user nconsistent Iexperience
•• Difficult to install, Difficult to install, Dadminister, and administermaintain
•• Integrated d workflows and • IntegratedI d orkflwCommon user Common useexperience
•• Integrated Smart • Integrated SmIInteractions
mart Smss with Interactionss
cisco.com
•• Single solution and Single solution anSvirtual appliance
•• Dayay-y-one e device support • DaDayy- neono e evicdefor the Cisco
voo®
e support iceicoo® Advantage
•• Use of Cisco best • Use of Cisco beUpractices and practices and knowledgebase
The Old Way The Cisco Primee™™ Way
Cisco © 2012 Cisco and/or its affiliates. All rights reserved. 3Cisco Prime NAM Cisco Prime Infrastructure
Cisco Prime DCNM CCiisco PPriime DDCCNNMM
© 2012 Cisco and/or its affiliates. All rights reserved.CCiissccoo PPrriimmee NNAAMM© 2012 Cisco and/or its affiliates. All rights re© 2012 Cisco and/or its affiliates. All rights re Cisco Prime InfrastructureCiscoCisco 33
Cisco Prime LMS
Cisco Prime Collaboration
coCisco PPrime
Cisco © 2012 Cisco and/or its affiliates. All rights reserved. 4
One Management
One Policy Ma
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco 5
Comprehensive Manageability
– Customizable out-of-the-box Cisco best practices and validated design configuration templates for wired/wireless devices
– RF planning and optimization
– Manage L2/L3 services, DMVPN, GETVPN, Zone-based Firewall, ScanSafe
– Plug-in-play Automated Deployment
– 360° End-user connectivity and application experience monitoring & troubleshooting
– Multi-NAM management
– Infrastructure lifecycle reports – EoX & PSIRT : 2.1
– 3rd party device support
– Scalable, deployable, extensible
•Comprehensive Lifecycle mgmt – simplify end-to-end network operations
•Deep application visibility and performance Assurance
•Rich compliance auditing and reporting
•One install – Single-pane-of-glass solution
Integrated Platform
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco 6
• A bundled solution for complete wired and wireless lifecycle management
• Converged user and access management
• Configuration, change and compliance management
• Monitoring, troubleshooting and reporting
Converged, simplified solutiong p
Easy to order with investment protection
C
p g
© 2012 Cisco and/or its affiliates All rights reser
y pSmooth upgrade and migration paths
Cisco Prime LMS
Cisco Prime Infrastructure
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco 7
Cisco Prime InfrastructureRealizing the Vision of One Management
Convergence Consolidation Cisco Advantage
LifecycleConverged managementwith integrated best Practices
Data CenterSimplified operations management
AssuranceEnd-to-end application experience and visibility
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco 8
Base License
Prime Infrastructure Management Node(physical or virtual appliance)
LifecycleManagement
Licenses (per device)
Compliance Management
Licenses(per device)-
LMS Only
AssuranceManagement
Licenses (per device)
One and only one base license required for each
management node (physical or virtual
appliance)
Available in incremental bundle sizes of 25,50,
100, 500, 1K, 2.5K, 5K, and 10K Devices
Available in incremental bundle sizes of 25, 50, 100, 500, 1K, 2.5K, 5K,
and 10K Devices
Available in incremental bundle sizes of 25, 50, 100, 500, 1K, and 5K
devices
LicenseDependency
Automated Deployment
Gateway(per Gateway
instance)
UCS Server Management
(per chassis/blade)
Available in incremental bundle sizes of 100
(UCS server does not consume a LF license,
but LF is required
HA License
(p y
PI Operations Center
(per PI Instance )
Licensed per managed PI instance or PI HA pair
© 2012 Cisco and/or its affiliates. All rights reserved. 9© 2012 Cisco and/or its affiliates. All rights reserved. 9
Prime InfrastructureLifecycle Management
© 2012 Cisco and/or its affiliates. All rights reserved. 10
• Centralized Discovery, Inventory, Configuration Management, SWIM, and Proactive/Reactive Monitoring
• Accelerated Troubleshooting of Wired/Wireless Infrastructure Issues
• Greater device coverage: 3850/5760 (including templates and guided workflows), ASAs, IOS-XR and IDU
• Customizable out-of-the-box Cisco best practices and validated design configuration templates for wired/wireless devices
• Unified Access Management and Client Tracking
• Infrastructure lifecycle reports – EoX & PSIRT (2.1)
• Plug & Play for Automated Deployment
• 3rd party device support
© 2010 Cisco and/or its affiliates. All rights reserved. 12
Out-of-the-box TrustSec2.0 Readiness Assessment
Configure Security Mode using easy wizards !!!
© 2010 Cisco and/or its affiliates. All rights reserved. 131
Hub with PfRv3 Master Controller & Border Routers
ub with PfRv3 aster Controller Border Routers
Spoke with Single Router and Dual Router Branch
© 2010 Cisco and/or its affiliates. All rights reserved. 14
• Model-based templates are provided for:
Security ( ACL, DMVPN, ScanSafe , GetVPN …)NAMWireless controller
• User can create his own CLI templates which can contains:
parameters (prompted during deploy)scripting construction in Apache Velocity Template Language (VTL)
• User can define composite templates (template of templates)
• User can import existing Cisco Prime LMS templates
Lot more data types are now available in PI 2.2 !!!
© 2010 Cisco and/or its affiliates. All rights reserved. 15
Get to the user association history in couple of clicks !!!
IPv6 VisibilityRecognition of IPv6 Global and Link Local Addresses
© 2010 Cisco and/or its affiliates. All rights reserved. 16
Device Identity or Profile from ISE Integration
Policy Information Including Posture
AAA Override Parameters Applied to
Client
Single pane of glass view and lifecycle management for Wired and Wireless
© 2010 Cisco and/or its affiliates. All rights reserved. 17
• Similar to Classic View• Classic view is deprecated• Maps and Topology at top level• Device Work Center optimized
© 2010 Cisco and/or its affiliates. All rights reserved. 18
• Archive and Versioning of Configuration Fetch & store all the configurations on network devices.Store multiple versions of configurations.Job based. for periodic archivalDetect changes done outside the PI server and archive the change
• Compare Configuration View configurationsCompare configurations between versions of same or different devicesReporting configuration mismatches
• Rollback Configuration RollbackUpdate the configuration on a device in the networkAbility to specify which configurations to download.Ability to specify options like reboot, write mem etc.Job based.
ions.
ss
i th t k
© 2010 Cisco and/or its affiliates. All rights reserved. 19
Import Analyze Distribute
© 2010 Cisco and/or its affiliates. All rights reserved. 20
Alarm indicator
trickle up the tree to identify the problem
area
Alarms can be expanded to see the de-duplicated
events
Use pre-defined or create your
own filters
Click on ad-hoc filter for keyword
based filtering
Take Actions -Assign,Annotate,
Notify
© 2010 Cisco and/or its affiliates. All rights reserved. 21
Launch the Device 360
Device Summary
© 2010 Cisco and/or its affiliates. All rights reserved. 22
•• Less time needed to resolve problems•
p• Communicate with other Cisco experts
Integrated Cisco service request management: Automates the service request process
Create support cases with Cisco-TAC and partners
Case status look-upAutomatic attachment of problem context to the support cases
© 2010 Cisco and/or its affiliates. All rights reserved. 23
© 2010 Cisco and/or its affiliates. All rights reserved. 24
• Hierarchical dash boards that reflect the converged network status in real time
• Drill down capabilities to troubleshoot and arrive at rich set of information in one click
• User defined dashboards that allows to create your own view
• Contextual Site, Device, Interface Application, End User experience dashboards to display dynamic network health status
• Service/Domain specific contents grouped in one view
© 2010 Cisco and/or its affiliates. All rights reserved. 25
• Contextual site based information from one view
• What services and users will be affected in my site –Assessed by looking at Devices that are down in a site
• My Applications are down, who are the users that are affected by that – Obtained by looking at Applications accessed by end users in a site
• What are the devices that needs to be replaced or requires maintenance in my site - Top N worst devices that are underperforming in a site
• Are other users in the site affected by latency in transaction time - Users having the most issues in the site
© 2010 Cisco and/or its affiliates. All rights reserved. 26
• Interface Centric View • What is my total over all In and
Out bandwidth through my WAN interface? – Interface Tx and Rx Utilization trend
• What application traffic occupies most bandwidth on a given interface– Assessed by looking at Top N Application
• Are most traffic through an interface Wireless or Wired -Obtained by looking at Top N Application traffic over time
• What is bandwidth savings on account of applying Class based Qos, how many packets got dropped-Obtained by looking at Class Map statistics
© 2010 Cisco and/or its affiliates. All rights reserved. 27
• Concise End-User information about devices from anywhere within the product
• 360 views available for wired and wireless Users
• On click shows the following OS version and statusLicense used/CapacityNumber of Active ApsNumber of Active ClientsCPU and Memory utilization
• Provides snapshot of device(s), alarms, and application used per device per user
),
© 2010 Cisco and/or its affiliates. All rights reserved. 28
• Realtime contextual device details from “device” perspective
•Device name, location and type with system uptime
•OS version and status•CPU and Mem utilization•Interface status type and
visibility of application traffic
• Provides quick snapshot to isolate and troubleshoot device related issues
© 2010 Cisco and/or its affiliates. All rights reserved. 29
• Concise wireless information about devices from anywhere within the product
• 360 views available for wireless Controller & APs
• On click shows the following •OS version and status•License used/Capacity•Number of Active Aps•Number of Active Clients•CPU and Mem utilization
• Provides snapshot of wireless interfaces, alarms and WLAN
© 2010 Cisco and/or its affiliates. All rights reserved. 30
Static Data
Device Affinity
Aggregation
Prime Infrastructure Instances
Network Data
rime Infrastri I f tPrP
Network Data
re InstancesII tructu
Network Data Network Data
Devi ffinityFan Out Queries
ic
Aggre
DDe iOuuuuuuttttt QQQQQQQQQQQQuuuuueeeeerrrrriiiiiiiiiieeeeeeeeeeeesssssss
De i A
egatio
ce
e
itffinitAffin
Single Pane Monitoring
• Unified Assets View
• Unified Alarms View
• Unified Clients views
• Consolidated Reports
• Consolidated Dashlets
• Consolidated Search
© 2010 Cisco and/or its affiliates. All rights reserved. 31
Operations Center Network Device Dashboard
© 2010 Cisco and/or its affiliates. All rights reserved. 32
Operations Center Consolidated Report Launch Pad
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 33
© 2012 Cisco and/or its affiliates. All rights reserved. 34
• End-to-End Visibility for Service-Aware Networking
− By applications, services and end-users
• Out-of-the-Box Support for Cisco Advanced Instrumentation
− Netflow, Flexible Netflow, AVC, NBAR, PA, Medianet, etc.
• Simplified End-to-End Visibility for Faster Troubleshooting
− Normalizes, correlates and aggregates data sources
• Automated Baselining with Dynamic Thresholds
• NBAR2 Custom Application Support
• Multi-NAM Management
• Service Health Dashboard
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 35
Identify the Congested Interface
View Applications and Clients over the Congested Interface
Change the QOS settings to shape traffic for non-critical applications
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 36
Application/Server Delay Client & Network Delay
Anal
ysis
Exp
erie
nce
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 37
Worst RTP Streams
QOS Policy
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 38
Per QoS Class Reporting -DSCP (Traffic, Drops) Over Time Period -Updates every 5 min
Pre queue, Post queue, dropstatistics from CBQoS MIB
Packet Drops % Per Class
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 39
Per QoS Class Reporting - DSCP (Traffic, Drops) Over Time Period
Top Applications Over Time – Per Application Level Drops
(One DSCP can have various applications)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 40
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 41
UCS Assurance Add UCS Fabric Interconnect & C Series Servers
Add UCS Fabric Interconnect to Manage
the UCS B-series Chassis and Servers
(Need SNMP and CLI Credentials)
Add UCS C Series using CMIC IP
(SNMP and CLI Credentials)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 42
UCS Assurance – Device ManagementCisco UCS Servers View - Schematic
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 43
UCS Assurance – Device ManagementUCS Servers Chassis View
Chassis
# of servers in each chassis
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 44
UCS Assurance – Device ManagementBlade Server 360 View
© 2010 Cisco and/or its affiliates. All rights reserved. 45
© 2012 Cisco and/or its affiliates. All rights reserved. 46
Every Week* Prime Demo Series Topic Same Time Same Place
Every Monday Cisco Prime IP Express
11:00 AM PSTSan Jose
Time(90 Min)
www.tinyurl.com/primedemo
No Registration Required
Every Tuesday Cisco Prime CollaborationAssurance & Provisioning
Every Wednesday Cisco Prime NAM & NGA
Every Thursday Cisco Prime Infrastructure(including Assurance)
AmericasEdition
EMEAREdition
Day Prime Demo Series Topic Same Time Same Place
See Schedule(bi-weekly)
Cisco Prime Infrastructure(including Assurance) 9:30 AM GMT
(90 Min)
www.tinyurl.com/prime-emear
Registration Required
Cisco Prime CollaborationAssurance & Provisioning
Prim
e D
emo
Ser
ies
* Exceptions: US Public Holidays and Cisco Shutdown
Free Trial Software www.cisco.com/go/nmsevals
APJCEdition
Every Week* Prime Demo Series Topic Same Time Same Place
Every 2nd Thursday Cisco Prime InfrastructureLifecycle Mgmt & Assurance
12:00 PM Singapore
Time(90 Min)
www.tinyurl.com/prime-APJC
No Registration Required
Every 2nd Thursday(alternating week)
Cisco Prime CollaborationAssurance & Provisioning
* Exceptions: Indian Public Holidays and Cisco Shutdown
Open to C
ustomers, P
artners and Cisco P
eople
Latest Prime Demo Series agenda will always be posted at www.cisco.com/go/prime-demo
© 2012 Cisco and/or its affiliates. All rights reserved. 47
• Instructor-Led Training (Fee)3-days’ training available from learning partners
www.cisco.com/go/primeinfrastructure under “Learn More”
• Electronic-Led Training (Free)3 hours+ training available on Cisco.com
www.cisco.com/go/primeinfrastructure under “Learn More”
• 18-segment “Prime Infrastructure Quick Start” VoDs (Free)
2 hours+ “How to” series
Available on Cisco’s YouTube Channel & PEC
http://bit.ly/PIQuickStartVODs
• Prime Demo Series (Free)
Cisco © 2011 Cisco and/or its affiliates. All rights reserved. 48
Prime Advanced Service PortfolioDC & Virtualization DC & Virtualization
CollaborationCCoollllaabboorraattiioonnBorderless Networks
Cisco 48Cisco 48© 2011 Cisco and/or its affiliates. All rights reserved.© 2011 Cisco and/or its affiliates All rights reserved
Borderless NetworksPrime Infrastructure --
Lifecycle Prime Infrastructure --
AssurancePrime LMS Deployment
2 Week Engagement 2 Week Engagement
• Develop application monitoring design
• Examples: Netflow, NBAR, NAM, Performance Agent
• Tuning of the alarms and thresholds for applications
2 Week Engagement
• Knowledge transfer (shadowing of deployment)
• Customized User Groups (Limited to 7)• Basic segmentation (Site, Device Group
and Virtual Domains--Limited to 15 ea)• Coordinate pre-discovery and device
requirements• Discovery of the network infrastructure
(supported devices only)• Troubleshooting discovery issues• Tuning of the alarms and thresholds
• Knowledge transfer (shadowing of deployment)
• Customized User Groups (Limited to 7)• Basic segmentation (Site, Device Group
and Virtual Domains--Limited to 15 ea)• Coordinate pre-discovery and device
requirements• Discovery of the network infrastructure
(supported devices only)• Troubleshooting discovery issues• Tuning of the alarms and thresholds
© 2012 Cisco and/or its affiliates. All rights reserved. 49
Cisco Prime
www.cisco.com/go/prime
Cisco Prime Infrastructure
www.cisco.com/go/primeinfrastructure
Cisco Prime Collaboration
www.cisco.com/go/ucmanagement
Prime Demos, s, VoDsDs, Online Training, Evaluations
www.cisco.com/go/prime-demo
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco 50
Thank you.
© 2010 Cisco and/or its affiliates. All rights reserved. 52
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 53Cisco 53Cisco 53© 2010 Cisco and/or its affiliates. All rights reserved.
Prime InfrastructureIntegration and IA features
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 54
• Virtual domains allows to control who has access to specific sites and devices
• Virtual domains can be based on physical sites, device types, user communities or any combinations
• By default one single Virtual domain exist called root-domain
PrimeInfrastructure
2.2
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 55
• Choose Authentication Method
• Use pre-defined Roles or Create you own
• Customizable Attributes for TACACS+/ RADIUS server integration
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 56
• Integrated Planning Tool– Import floor plans from 3rd-party tools
– Configure access point placement, coverage, and other variables
– Generate equipment proposal
• Hierarchical Maps– Design multiple buildings, floors,
regions• Location and Voice Readiness Tools
– View performance and coverage estimates
Easily Visualize the Ideal RF Environment
Planning Tool
Instant Access to Tools
Hierarchical Maps
56© 2010 Cisco and/or its affiliates All rights reserved Cisco© 2010 Cisco and/or its affiliates All rights reserved Cisco
• Eliminate improper RF designs and coverage problems • Built-in tools perform site-surveys, RF reassessments and RF readiness evaluation
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco 57
Zoom & Pan
Controls
Next-Gen Maps• Reduced Clutter• Faster Loading• Better Navigation• Scalable Vector
Graphics• High quality
images with zoom in/out
Active Rogue APs
802.11u location specific service
© 2012 Cisco and/or its affiliates. All rights reserved. 58© 2012 Cisco and/or its affiliates. All rights reserved. 58
Prime InfrastructureArchitecture & DeploymentTechnical Details
© 2012 Cisco and/or its affiliates. All rights reserved. 59
• Virtual ApplianceVirtual Appliances are supported on ESXi 4.1 and 5.0 and above with VMFS 3.1 and 5.0 resp.UCS B-Series with external storage is recommended way to deploy Prime Infrastructure
• Physical AppliancePrime Infrastructure Appliance comes pre-installed with Prime Infrastructure 2.2Deploying Cisco Prime NCS Virtual Appliance on CiscoWorks Wireless LAN Solution Engine (WLSE) models 1130-19 or 1133 is not supported.Physical Appliances are field upgradable
© 2012 Cisco and/or its affiliates. All rights reserved. 60
• PI supports High Availability in Active/Standby mode
• Failover can be automatic or manual
• Automatic failover is triggered by database check, Server check , Heartbeat
Prime Infrastructure
Primary
PrimaryHealth Monitor
Prime Infrastructure
Secondary
SecondaryHealth Monitor
Primary DB
SecondaryDB
Heartbeat(Every 5s ) /
3 times
Database SyncCheck
Database
© 2012 Cisco and/or its affiliates. All rights reserved. 61
Two Deployment options:
1) Plug and Play Gateway in a DMZ (w/ PI 1.3): devices connect to over the Internet without exposing Prime Infrastructure (see picture above)
2) Plug and Play Gateway integrated into Prime Infrastructure (w/ release PI 2.2)
Prime Infrastructu
re
P iPlug and Play Gateway
DMZ Network Operations Center (NOC)
Enterprise or SPBranch
Location
InternetPlRouter/Switch
supporting Plug and Play (with Cisco CNS)
© 2012 Cisco and/or its affiliates. All rights reserved. 62
Choose the session to
troubleshoot
Pin-point the device which originates jitter
Trace the path between Source and Destination
© 2012 Cisco and/or its affiliates. All rights reserved. 63© 2012 Cisco and/or its affiliates. All rights reserved. 63
Prime InfrastructureScalability & Hardware SizingTechnical Details
© 2012 Cisco and/or its affiliates. All rights reserved. 64
• Cisco UCS can be used as a virtual infrastructure deployment. i.e ESX/ESXi running on UCS should be okay if the VM requirements are met.
• Physical Appliances are field upgradable• Prime Infrastructure Appliance that comes pre-installed with Prime Infrastructure 2.2 ISO image
Physical Appliance Physical CPU Memory HDD Size Throughput (Disk I/O) Web Clients API Clients
Cisco Prime Appliance
8 Cores (16 Threads)
32 GB900 GB
(4x300GB RAID5)200 MBps 25 5
Virtual Appliance Size
Virtual CPU
Memory (DRAM) HDD Size Throughput
(Disk I/O)
Express 4 12 GB 300 GB 200 MBps
Express Plus 8 16 GB 600 GB 200 MBps
Standard 16 16 GB 900 GB 200 MBps
Pro 16 24 GB 1200 GB 200 MBps
Mapping of PI 1.x to 2.x OVA/Bundle/SKU
(In) PI 1.x (Maps to) PI 2.x
Small Express
Medium Express Plus
Large Standard
Extra Large Pro
© 2012 Cisco and/or its affiliates. All rights reserved. 65
Supported Scale for Express/Standard/Pro ConfigurationsParameter (Maximums) Express Express-Plus Standard Pro
Devices
Unified AP 300 2500 5000 20,000Autonomous AP 300 500 3,000 3,000
Controllers 5 50 500 1,000Wired Devices 300 1000 6000 13,000
NAMs 5 5 500 1,000
Max device count not to exceed 500 3,000 15,000 24,000Wired Clients 6,000 50,000 50,000 50,000Wireless Clients 4,000 30,000 75,000 200,000Changing Clients (every 5 minutes) 1000 5000 25,000 40,000Events Sustained Rate (events/sec) 100 100 300 1000Netflow Rate (flows/second) 3000 3000 16,000 80,000Concurrent GUI Clients 5 10 25 25Concurrent API Clients 2 2 5 5Number Sites/Campus 200 500 2,500 2,500Groups : (User Defined + Out of the Box + Device Groups + Port Groups)
50 100 150 150
Virtual Domains 100 500 1,000 1,000Interfaces 12,000 50,000 250,000 350,000NAM Data Polling enabled 5 5 20 40
© 20© 20© 20© 20© 2012 C12 C12 C12 C12 Ciscoiscoiscoiscoisco andandandandand/or/or/or/or/or itsitsitsitsits affiaffiaffiaffiaffiliatliatliatliatliateseseses.es. AllAllAllAllAll righrighrighrighrighg ts rts rts rts rts reseresereseresereservedvedvedved.ved.
Use Prime Server Sizing (http://prime-server-sizing.cisco.com) for updated numbers