Cisco Tech-Know Day Frankfurt 2009 Wireless Networking Cisco Mobility Solutions Jürgen Braun Cisco Eschborn jubraun@cisco.com Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential Agenda Transforming the Business Mobility Experience Introducing the Unified Wireless Network Cisco Wireless Product Portfolio More Solutions Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential Business Mobility in Transition Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential Capturing Market Transitions Nomadic/ Mobile Devices Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Collaboration Cisco Confidential Wireline/ Wireless Growth in Mobile Devices Mobile Device Growth Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Create Greater IT Risks Cisco Confidential Unified Wired and Wireless Network Intelligent Network Services 2005+ Mobile E-Mail  Common services platform  Greatest efficiencies and lowest TCO  Extensive application support common across entire network Video Surveillance Guest and Identity Voice and UC RFID and Location Outdoor Unified Network Services Unified Wired and Wireless Network Enterprise Communications Infrastructure 2000–2005  Converged IP network lowers TCO  Some application efficiencies, not optimized  Overlay wireless support and management burden Converged Network Services Wireless Services Converged Network Wireless Enterprise Communications Infrastructure 1980s–2000  Separate communications networks  No common services  High support costs and limited efficiency  Siloed applications Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Data Services Voice Services Video Services Data Voice Video Enterprise Communications Infrastructure Cisco Confidential Agenda Transforming the Business Mobility Experience Introducing the Unified Wireless Network Cisco Wireless Product Portfolio More Solutions Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 11 Cisco Tech-Know Day Frankfurt 2009 Centralized WLAN Network Design Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 12 Centralized WLAN Solution Overview Wireless Controller Intuitive GUI for easy configuration, monitoring, and troubleshooting Much of the traditional WLAN functionality moved from AP to centralized controller Wireless Control System Mobility Services Engine e.g high-resolution location tracking and history for clients, asset tags, and rogues Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Lightweight Access Points Cisco Confidential Access Points are controlled by a centralized WLAN controller 13 Standalone Access Point Monitoring and Migration  Free basic and alarm monitoring of standalone (autonomous) access points  Monitor all Cisco IOS®-based Cisco Aironet standalone models  Monitor Integrated Services Router access points 800, 1800, 2800, and 3800 series  Easily upgrade and migrate Cisco Aironet standalone access points (individually or as groups) aIOS aIOS aIOS WLAN Controller Migrate Standalone Access Points Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential CAPWAP 53 Security Monitoring and Status Customizable Security Display Security Index Provides Quick Assessment Easily Address Rogue Devices Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 55 Rules-Based Rogue Management Wireless LAN Controller Template Legend: Malicious (Threat or Alert) Automatically Classify Rogues as: Malicious or Friendly Known Friendly  Open  Managed SSID Unknown  Any SSID  Minimum RSSI  Time duration  Number of rogue clients Quickly Locate Rogues Auto Detect Threat, Alert or Fault State Using RLDP or Rogue Detector Threat—Requires Attention Now Alert—Put It in the Queue Fault—Put It in the Queue Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 56 Troubleshooting Dynamic Resources Aid Effective Troubleshooting Identify, Isolate, and Resolve Problems Across All WLAN Components Streamlined Workflows  Workflows support seamless linkage between all tools, alarms, alerts, searches, and reports  Built-in client and infrastructure tools support: – Quick assessment of service disruptions Client Mobility Client Troubleshooting Tool – Receipt of notices about performance degradation – Streamlined research and quick action for resolution  RF troubleshooting with Cisco M-Drive technology, Cisco CleanAir, and Client Link Access Point Connection Information Benefits • More clearly understand underlying operational nuances occurring in the wireless network • Quickly discover events occurring outside baseline parameters • Efficiently assess and reestablish optimal network performance Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 57 Cisco-Compatible Extensions The Standard for Client Advancement Over 90% of Client Devices Are Cisco Compatible Client Devices Features  Assured compatibility with 400+ devices  Standards-based Compatible  Enhanced security, mobility, and performance  Supports Mobility Services, i.e location, voice Benefits  Accelerates innovation  Supports diverse enterprise applications  Ensures multi-vendor interoperability  Enables simplified deployment of mobile WLAN clients http://www.cisco.com/go/ciscocompatible/wireless Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 59 Agenda Transforming the Business Mobility Experience Introducing the Unified Wireless Network Cisco Wireless Product Portfolio More: Guest Access & Office Extend Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 69 Cisco Tech-Know Day Frankfurt 2009 Wireless Guest Access Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 70 Components of a Guest Access Solution Network Segmentation User Policy Management User Provisioning User Login Portal Reporting, Billing Presentation_ID © 2009 Cisco Systems, Inc All rights reserved  Tunnels or VLANs Guest IT Admin Functions  Differentiated access by user  Guest provisioning Employee Function web portal Guest User Function  Guest user intercept web auth portal  Audit trails IT Admin Function  Billing integration Cisco Confidential 71 Guest Access WLAN Controller Deployments with EoIP Tunnel  Use of EoIP tunnels to logically segment and transport the guest traffic between edge and anchor controllers Internet WCS EtherIP ―Guest Tunnel‖  Other traffic (Employee for example) still locally bridged on the corresponding VLAN Emp  Original Guest’s Ethernet frame maintained across LWAPP and EoIP tunnels © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential Emp LWAPP  EoIP supported across all WLAN Controllers Presentation_ID EtherIP ―Guest Tunnel‖ Campus Core  No need to define the Guest VLANs on the switches connected to the edge controllers  2106 model can’t terminate EoIP connections (no anchor role) Guest WLAN Controller (Anchor) LWAPP Wireless VLAN’s Guest Emp Guest Emp 72 Guest Tunneling N+1 Redundancy  Using EoIP Pings (data path) functionality Anchor WLC reachability will be determined Internet Guest WLAN Controllers (Anchors) WCS  Foreign WLC will send pings at configurable intervals to see if Anchor WLC is alive EtherIP ―Guest Tunnel‖ EtherIP ―Guest Tunnel‖ Campus Core  Once a Anchor WLC failure is detected a DEAUTH is send to the client Emp Emp  Remote WLC will keep on monitoring the Anchor WLC  Under normal conditions roundrobin fashion is used to balance clients between Anchor WLC’s Primary link Redundant link Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential LWAPP LWAPP Wireless VLAN’s Guest Emp Guest Emp 73 Cisco Tech-Know Day Frankfurt 2009 Office Extend Solution Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 74 OfficeExtend AP Highlights Features OfficeExtend AP  Scalable up to 250 APs per Wireless Controller 1140 AP 1130 AP 5508 Wireless Controller  WCS provisioning for mass deployment  Personal SSID for non-corporate use  Ease of deployment with no special configuration needed on the Wireless Controller Key Benefits  Secure, simple, cost-effective mobile teleworker solution enabling a consistent mobility experience  Encryption of data at line rate, no encryption module needed  Supports UC wireless phones Solution Elements  Ease of deployment for IT; plug and play for end user  5508 Wireless Controller  802.11n ready 1140 AP and 1130 AP supported  Management through WCS Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential  1130 AP; 1140 AP  OfficeExtend AP is available with the WPlus software package 75 OfficeExtend AP New Offering for Teleworkers and Remote Deployments Corporate Asset Secure Transfer of Corporate Traffic Corp WLAN DTLS VPN Corporate Network Internet Locally defined WLAN Router OfficeExtend e.g Linksys AP Non-corporate Assets e.g Wii, DVR Broadband Modem NG Appliance Controller  Extend office wireless work environment to remote sites: corporate SSIDs available in remote site  Ideal for telecommuting, home-sourcing, outsourcing applications  Quickly and securely blanket remote area with corporate WLAN: temporary work space, new branch office or acquisition etc  Create locally significant SSID directly on OfficeExtend AP; unique SSID can be created for each location; not managed by IT  DTLS VPN between AP and controller  Available on 1131 and 1140 Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 78 Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 79 Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 80 ... 20 802 .11 n Ratification Draft 1. 0 May ’06 Draft 2.0 Mar ’07 WFA Draft 2.0 Inter-op Jun ’07 AP1250 ships Oct ’07 Draft 11 .0 Jun ’09 Sept ’08 IEEE 802 .11 n Standard Ratified Sep ’09  Sept 11 , 2009... Group, Q1CY’09 Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 21 802 .11 n Ratification  Customers can deploy 802 .11 n technology with confidence!  Final 802 .11 n is... Presentation_ID © 2009 Cisco Systems, Inc All rights reserved Cisco Confidential 28 Existing 802 .11 n Solutions Beam Strength Not Directed to Client 802 .11 a/g 802 .11 n 802 .11 a/g Client Connection