cisco wireless
TRANSCRIPT
Secure, Mobile, Converged, DNA READY
Kurt Sauter – Product Specialist - Mobility
1. Digital Network Architecture (DNA) 2. DNA – Wave 23. Cisco + Apple Partnership4. Wireless Portfolio5. Certs
Agenda
Digital Network Architecture - Mobility
Digital Transformation
Information Era: 2000-2015 Digital Business Era: 2015+
Human Scale
Physical Appliances
Manual Management
Centralized Enterprise and Web Apps
IoT Scale (People, Devices, Things)
Virtualized Services
Automation, Zero Touch, DevOps
Distributed SaaS, Mobile, & M2M Apps
Connectivitywith High Reliability
Platform for
Innovation, Agility, Security
NETWORK
Requires Network Evolution
TIMELINE
2010 2015 2020
BIL
LIO
NS
OF
DEV
ICES
0
10
20
30
50
Mobility + Cloud + Analytics + IoT
Adoption rate of digital infrastructure:
5X faster than electricity and telephony
25
12.5
7.26.8 7.6World Population
50 Billion Smart Objects
Inflectionpoint
The Problem: The DoD Digital Divide
Internet foundationRise of web and mobile
app economy
Internet embedded into everything, everywhere
2000 2017 Future1985
Servicemen Work & Learn Here
Servicemen Live & Play Here
The DoD Digital Divide
Prod
uctiv
ity
Opp
ortu
nity
Cos
t
Automation & OrchestrationOn demand Application/Service Delivery & Uncompromised, Secure Experiences Over Any Connection
Accelerating Digital TransformationThe Network is the Foundation of the Digital Business
Ensure Content ComplianceThreat Defense
Policy & Identity ControlNetwork Access Control,
Visibility & Threat Containment
Personalized MobileExperiencesGain Insights &
Engage Customers
Digital ReadyOptimized Investments &
Seamless Experiences
Virtualization On demand infrastructure and virtualized functions
Secure the New EdgeEnhanced Direct Internet Attach Security
Detect Threats FasterSecurity Everywhere
Network Transformation for the WANUncompromised & Secure Experiences Over Any Connection
Traditional network management cannot provide sufficient dynamic management
• Focus has been on Day0/1 automation
• CLI not built for volumes of changes in machine real time
Controller based networking supports dynamic policy change
• Controller allows network to be managed as a system
• Policy management is automated and abstracted
Digital Business DriversRequirement for Dynamic Policy Changes
Cisco Digital Network Architecturewww.cisco.com/go/dna
AutomationAbstraction & Policy Control
from Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service ManagementPolicy | Orchestration
VirtualizationPhysical & Virtual Infrastructure | App Hosting
AnalyticsNetwork Data,
Contextual Insights
FASTER INNOVATIONInsights & Experiences
REDUCED COST & COMPLEXITYAutomation& Assurance
LOWER RISKSecurity & Compliance
Network-enabled Applications
Cloud-enabled | Software-delivered
Principles
How do we simplify, yet build reliable and versatile networks?
Lowers OPEX: Simplicity without compromise
Defend from a critical vantage point
Increase IT value and meet any use case regardless of
organization size
Automation & Assurance Security & ComplianceInsights & Experiences
Wireless is the primary mode of access for users and things
Cisco Digital Network Architecture
AutomationAbstraction and Policy
Control from Core to Edge
Open and Programmable | Standards-based
Open APIs | Developers Environment
DNA Service ManagementPolicy | Orchestration
VirtualizationPhysical and Virtual Infrastructure | App Hosting
AnalyticsNetwork Data,
Contextual Insights
Insights and Experiences
Network-enabled Applications
Cloud-enabled | Software-delivered
Automation and Assurance
Security and Compliance
Principles
TOM
OR
RO
WTO
DAY
Prime ISEWLC UI APIC-EMBest in Class Wired
Best in Class Wireless
Single Pane of Glass Automation & Assurance
Launch Services• Elastic On-Demand Services• Manage Services Across
Fabric
SDA• Fabric Automation /
Orchestration• Simple User Group Policy
Instantly
Lower OpEx • Built on Existing Infras• Seamless Brownfield
Integration
Network Assurance• Pinpoint issue location &
impact• Speed Remediation
Automation Analytics
One Wired-Wireless Experience with Fabric
Cisco Digital Network Architecture for Wired-Wireless
Automation
• PnP for Centralized & Flex• EasyQOS• ISE: .1x, BYOD, Guest
Open APIs: Modular Aps with Restful APIs
Cloud Service Management• CMX 10.x with Context and Guest
Platforms & Virtualization
Assurance
• Netflow Export• Apple Network Optimization
& FastLane
Principles
DNA Center: Public and Private Cloud
• Modular AP’s with Restful API’s• DNA Optimized Controllers: 3504, 5520, 8540• Various VM Models: ESXi, KVM, HyperV, AWS
Software Defined Access and TrustSec SXP & SGT
Enterprise Mobility VisionIT has to deliver on
outcomes…Mobility is not just about
802.11…
LiFi
NFV
IoTintegration
5G
HDRadiooptimization
SW
BLELocationbasedServices
Networks are getting complex…
DNA – Wireless Architecture
Why Cisco Wireless: Simple and IntegratedWireless Controller
Identity Services Engine (ISE)
Authentication and Policy
Core
Why Cisco Wireless: Simple and IntegratedWireless Controller
Identity Services Engine (ISE)
Authentication and Policy
Cisco Prime Wired and Wireless Management
Cisco WebEx
End to End QoS End to End Visibility End to End Control
Core
Wireless Architecture
Autonomous FlexConnect Centralized Converged Access
Traffic Distributed at AP
Traffic Centralized at Controller
Traffic Distributed at SwitchStandalone APs
Target Positioning Small Wireless Network Branch Campus Branch and Campus
WAN
Converged Access – FoundationUADP
ASIC TechnologyIOS Catalyst 3650 (IOS XE Software)
IOS Catalyst 3850 (IOS XE Software)
- Up to (50) AP’s per stack [9] (IOS XE 3.7.1 or >)- Only (25) AP’s per stack [9] prior to IOS XE 3.7.1- Up to 1,000 wireless clients- Up to 40Gbps wireless throughput (48-port models)
- Up to (100) AP’s per stack [9] (IOS XE 3.7.1 or >)- Only (50) AP’s per stack [9] prior to IOS XE 3.7.1- Up to 2,000 wireless clients- Up to 40Gbps wireless throughput (48-port models)
Catalyst 3850 ─ Multigigabit Versions
48 Port Version 24 Port VersionDownlinks:36 x 1G LineRate 10/100/1000BASE-T, 12 x GE/mGig/10GT Line RatePoE/PoE+/UPoE, EEE, MACSec
Uplinks:4x10GE SFP+, 2 x 40G QSFP (NEW), 8x10G SFP+ (NEW)
Downlinks:24 x GE/mGig/10GTPoE/PoE+/UPoE, EEE, MACSec
Uplinks: 4x10GE SFP+, 2 x 40G QSFP (NEW), 8x10G SFP+ (NEW)
All 3850 Versions Can Stack with Each Other
The Solution:Cisco Multigigabit Ethernet
Delivers up to 5X Speeds in Enterprise without replacing cabling.
2.5-5G
Cat 5e CablesWiFi > 1G
MultigigabitSwitch
MultigigabitCapable AP
Is a game-changing technology allowing enterprise networks to
evolve beyond 1G
Enables 2.5 and 5 Gbps up to 100m on legacy cables
Supports all PoE standardsup to 60W
Cisco Multigigabit with
Cisco: Scale
Cisco: Scale
WAN
AP
Switch / Router
WAN
Controller
Local Services
Cisco: Scale
WAN
AP
Switch / Router
WAN
Controller
Local Services
Cisco: Scale
WAN
AP Flex Connect
Switch / Router
WAN
Controller
Local Services
DNA - 802.11ac Wave 2
Flexible Radio AssignmentSoftware defined radio automatically
adjusts to dual 5GHz to better serve high client environment
Optimized RoamingIntelligently Connects the Proper Access Point as People Move
Turbo PerformanceScales to Support More Devices Running High Bandwidth Apps.
Zero Impact AVCHardware Based Application Visibility and
Control without Impact to Performance.
Cisco CleanAir®
Remediates device Impacting Interference from other WiFi and non-WiFi devices
Cisco ClientLink Improves Performance of Legacy and 802.11ac Devices.
Future Proof Expandability Add Functionality Via Module, Smart Antenna Port or USB Port
Multi-Gigabit UplinksFree Up Wireless With Faster
Wired Network Offload Gb+
Flex Dynamic Frequency SelectionAutomatically Adjusts So Not to Interfere With Other Radio Systems
Wireless excellence and innovations delivered only byCisco Aironet 2800, 3800 Series Access Points
Apple Fast LaneAutomatically assures highest priority, fastest
performance for trusted apps on trusted Apple devices
LAS VEGAS TOKYO
Optimized RoamingRX-SOP
Pervasive Wi-Fi
HDX TurboPerformance
Event Driven RRM
XOR RadioFRA
Cisco CleanAir®
RF Profiles
RRM, DCA, TPC, CHDM
Load BalancingBand Select
Client Link 4.0
Off-Channel Scanning
Flex DFSDBS
5GHzServing
2.4GHzServing5/2.4GHzMonitor
RF Optimized Connectivity
XOR Radio and FRA2.4GHzServing
2.4-5GHzMonitoring
5GHz.Serving
5GHz.Serving
2.4GHzServing
5GHz.Serving
5GHzServing5Hz
Serving
2.4GHzServing
ü FRA-auto (default value) or Manual
ü Auto 2.4 -> 5GHz or Monitor Mode
ü Transition to 2.4 GHz if coverage drops
Micro ßà Macro Cell Transitions
-51 dBm
-65 dBm
-51 dBm-51 dBm≥ 55 dBm?
Probe Response
Client Steering
• 802.11v BSS Transition – Default Enable• 802.11k – Default Enable• Probe Suppression – Default Disable
Client Types
• 11v capable – 802.11v BSS Transition• Non-11v capable – 802.11k neighbor list +
disassociation• No 11k or 11v support – Probe Suppression Micro – 5GHz on XOR
Macro -- Dedicated 5 GHz
Optimize Wi-Fi with CleanAirQuickly Identify and Mitigate Wi-Fi Impacting Interference
Channel 48
48
4848
48
48
48
48
48
48
48
48
ü Interference on 20/40/80/160 MHz ü Air Quality and Interference by
AP/radio on WLCü AQ Threshold trap and Interference
Device trap (per radio) ü CleanAir-enabled RRM
Network Air Quality and Interference Location with PI 3.1.x and CMX
Interference Devices and Air Quality ReportCleanAir Enabled RRM
Mitigated RF interference for improved reliability and performance
Wi-Fi andnon-Wi-Fi
aware
Dynamic mitigationED-RRM
Granular spectrum
visibility and control
Air Quality Performance
Improved Client Performance
Complete Automatic Interference Mitigation Solution for Rogues and Non-Wi-Fi Interference
Maximize Channels When Radar Is PresentFlexible Dynamic Frequency Selection
5170MHz
5330MHz
36 40 44 48 52 56 60 64
20MHz.
40MHz.
80MHz.
160MHz.
5490MHz
5710MHz
100
104
108
112
116
120
124
128
132
136
140Channel Used
by Air Traffic Radar
See it on 160MHZ Band
Dynamic Frequency Selection FlexibleDynamic Frequency Selection
FlexDFS with Dynamic Bandwidth Selection
Identifies radar frequency to
1 MHz
FlexDFSisolates radar
event to 20MHz
DBS allows best channel
and width
Interference is impactingonly channel 60
FlexDFS + DBSAutomatic and intelligent use of spectrum
52 56 60 64
DBS combined with FlexDFS: Increased confidence in using wider channel bandwidth; reduced radio flapping
Primary20
Secondary 20
Secondary40
52 56 60 64
Optimizes HD Experience
Better Client Connectivity RXSOP, Load Balancing, Band Select
Fine-tuning HDX with RF Profiles
Wi-Fi Triggered ED-
RRM
OptimizedRoamingRXSOP
Dynamic Bandwidth Selection
TPC, DCACHDM
FlexDFS
CORE:
• CleanAir
• ClientLink 4.0
• Turbo Performance
ü Pre-canned RF Profilesü Client Distributionü Data Ratesü DCA, TPC, CHDMü Profile Threshold for
Trapsü High Density Features
Security and Threat Mitigation
Secure Access
P2PBlocking
Client Exclusion
802.1x WPA2/AES
AES256 Encryption
AAA Override VLAN, ACL, QoS
Local Policy w/QoS and AVC
MFP, 802.11w
TrustSec SXP Inline Tagging
wIDS, ELM
MAC Auth Rogue Detection
BYOD NAC RADIUS
8.4
8.3 MR1
5GHz. / 2.4GHz. .5GHz. / Security
Cisco Wireless Security Deployment with AP3800/2800 Maintains Capacity and Avoids Interference
Good Better Best
Features ELM Monitor Mode AP ELM with FRAMonitor Mode
Deployment Density Per AP 1 in 5 APs 1 radio per 5 APs
Client Serving with Security Monitoring
Y N Y
wIPS Security Monitoring 50 ms off-channel scan on selected channels on 2.4 and 5 GHz
7 x 24 All Channels on 2.4GHz and5GHz
7 x 24 All Channels on 2.4GHz and5GHz
CleanAir Spectrum Intelligence 7 x 24 on client serving channel 7 x 24 All Channels on 2.4GHz and5GHz
7 x 24 All Channels on 2.4GHz and5GHz
Serving channel Serving channelOff-Ch Off-Ch
Serving channel Serving channelOff-Ch Off-Ch
Enhanced Local ModeAccess Point
ü GOOD
2.4 GHz
5 GHz
t
t
Monitor ModeAccess Point
ü BETTER
2.4 GHz
5 GHz
t
t
Ch11Ch2
Ch38
Ch1
Ch36
…Ch11Ch2Ch1
…Ch11Ch2Ch1
…
…Ch161Ch157 Ch38Ch36
…… …
t
2.4 GHz
5 GHz
tCh11Ch2Ch1…
Ch38Ch36 Ch161Ch157…… …
ELM with FRA Wireless Security Monitoring
ü BEST
Serving channel Serving channelOff-Ch Off-Ch5 GHz t
ServeClienton2.4GHz
50ms off-channel
ServeClientson5
GHz
50ms off-channel
Rogue Detection and Mitigationü Rogue Classification and
Containment• Rogue Rules• Manual Classification –
Friendly/Malicious • Manual and Auto
Containment
ü CleanAir with Rogue AP Types
• WiFi Invalid Channel• WiFi Inverted
ü Rogue Location • Real-time with PI, MSE,
CleanAir• Location of Rogue APs
and Clients , Ad-hoc Rogue, Non-wifiinterferers
DataServingAP
Scan
1.2sperchannel
MonitorModeAP
FRAwithMM
ServeClientondedicated5
GHz
Scan1.2sperchannel
CSfC “Layered” Architectures for Classified• Architectural, defense-in-depth (e.g. “layers”), approach to security
• SECRET require 2 Layers of ‘countable’ Crypto mLoS 128• TOP SECRET requires 2 layers of ‘countable’ Crypto mLoS 192
• Example: 1+1 = 2 ‘countable’ layers sufficient for protecting SECRET information
Suite B VPN / Countable Layer #1
Suite B Application Layer Security / Countable Layer #2
Approved Encryption Technologies can vary at each Layer
Outer Tunnel
Service ReadyFeature Highlights
VideostreamMulticast VLAN
Per-Client/Per-SSID BW Contract
Local Profiling
Bonjour Apple Services
Service Ready
AVCNetflow
AAA Override ofAVC Profile
Voice Optimization, CAC, WMM Policy
Adaptive 11r ,11k, 11vFastLane
QoS ProfilesOKC, CCKM
Fast Roaming
8.3 MR1
Zero Impact Application Visibility and Control
Maintain Performance with Zero Impact AVC
Gain Visibility into the Network
Monitor Critical Applications
Control Application Performance
APP APP APP APP
APP APP APP APP
APP APP APP APP
APP APP APP APP
ü SettingupAVCprofilesandrulesü Drop/MarkforseveralvideoappslikeYouTubeandNetflixoniPhone,iPadü Drop/MarkforotherappssuchasJabberandWebexü Profileswithblockandpassrulescombinedü RateLimitingofVideo/Voiceappsü AAAoverride forAVCprofileü AVCProfilewithLocalPolicyClassification
Enterprise Infrastructure Feature Highlights
Fast SSID
Flex, Local, Sniffer, Monitor, ME
Certifications
Enterprise Infrastructure
Pre-Image Download
AP Multicast
WiFi Tagging
OEAPWebauth
Guest Access
Plug n Play
8.3 MR1 8.3 MR1
8.3
Cisco + Apple Partnership
Cisco + Apple Partnership
What are we trying to solve?
Scalability
Complex configuration of advanced features
Mobility
Sub optimal roaming for mobile devices and battery efficiency
Better integration between mobile devices and the network
Reliability
User experience is affected
Cisco-Apple partnership provides these benefitsOptimized Wi-Fi Connectivity Prioritized Mission applications
Intelligent, and efficient roaming is automatically configured
iOS and Cisco devices recognize each other and enable special capabilities
Mission data gets priority and speed even if network is congested
Reduces complexity - IT can focus on the mission – the network does the heavy lifting
What happens Today?
In 802.11, delay in roaming causes poor experience, especially for rich-media real-time applications. Interoperability increases complexity and prevents adoption.Standards to the rescue?• 802.11r – Fast Roaming• 802.11k – Neighbor List• 802.11v – BSS Transition
But• Operational Complexity• Multiple SSIDs – some clients cant
associate with SSIDs enabled with 11r
Optimized Wi-Fi Connectivity
Intelligent, and efficient roaming is automatically configured
Makes critical apps more reliable
iOS and Cisco devices recognize each other and enable special capabilities
802.11k, 802.11v, 802.11r help efficient roaming
802.11r enables fast roaming without complete reauth802.11k sends you list of neighbors802.11v BSS Transition sends you the new best AP Cisco-AP-2 to connect to
Association
Fast Transition (802.11r)Cisco-AP-1 Cisco-AP-2
Association
Cisco-Apple Optimized Roaming reduces management overhead by up to 50%
Legacy client cannotjoin the same SSID where 11r is enabled
I recognize that you are an Apple device11r is enabled for you
802.11k, 802.11v are on by default
Legacy client that does not support 11r/k/v canjoin the same SSID
Cisco-APNon-Cisco-AP
Roaming Performance : 10x Better end-user Browsing and App Experience
QoS, 802.11r/k/vNo QoS, No 802.11r/k/v
Time (s)*
*Time Interval between last packet on previous AP, and first packet on next AP
Benefits of Optimized Wi-Fi Connectivity
Automatic configuration reducing complexity for IT
Up to 50% reduced management overhead due to fewer SSIDs
86% reduction in network message load from the device during roaming
Investment protection -Leverage existing network design
Lower battery usage
66x reduction in probability of poor audio quality experience. 10x more successful end user browsing experience
What happens Today?
Inability to prioritize mission-critical real-time traffic all the way from clients to the destination
• Today IT Administrators can classify traffic ONLY at the access point. this implies:
• Inability to prioritize between the client and the AP.
• Burden on IT administrator to manage the applications across the enterprise
Prioritizing Business Apps
Prioritize mission critical apps and real time data
Turning on is easy
IT has control over which Apps get priority
Fast lane Configuration Profiles
A QoS configuration profile will ONLY be acted upon on an iOS 10 client
Uses standard Apple iOS Profiling techniques (MDM, email, Web-based)• Profile lists “whitelisted” applications in a dictionary file• Whitelisted applications are allowed to mark QoS (DSCP/UP) upstream• ‘Non-Whitelisted’ applications receive only BE/BK marking upstream
Used in Combination with Cisco and Apple mutual detection
Fast Lane only applies to Cisco-Apple Deployments
QoS Profile is not consideredApplications can only mark UP, not DSCP*
QoS Profile or no QoS Profile
If a Profile was received, All apps in White list Can mark QoS upstream
QoS Profile
Cisco-APNon-Cisco-AP
Supports Fast lane
* DSCP can be marked with IP_TOS/IPv6_TCLASS when SO_NET_SERVICE_TYPE is best effort
Fast Lane enables network administrator to prioritize applications per your environment
Supports Fast lane Admin can provision Apple IOS device with a QoS profile*
Applications in whitelist get QoS marking**Other applications get BE/BK
Supports Fast lane
My profile for this environment:Video Call = Real-time-interactivePokeman Go= BE
My profile for this environment:Netflix= BEJabber = Voice
Cisco-AP
Supports Fast laneSupports Fast lane
Cisco-AP*Without a profile, all applications are whitelisted by default in a Fast Lane cell
**Fast Lane does NOT override apps QoS, it either allow the app QoS or apply BE
App prioritization elements
QoS Profile
Voice QoS Trust
AutoQoS
Better EDCA
Helps determine which applications should receive QoS upstream
Trust upstream voice traffic, with ACM and without TSPEC
Benefits IT AdministratorConfigure optimal WLC QoS in one click
Ease of UseIEEE 802.11-2016 EDCA
No Fast Lane
Fast Lane delivers a reliable voice experience even in a congested environment
• In a congested environment, one voice packet is sent every 20 ms
• We measure the actual interval between voice packets in the upstream direction
Capture time (seconds)
Packet average interval is 40 ms (not so good)
Many glitches, of up to 0.6 second (poor audio experience)
Interval (seconds)
Fast Lane
Interval (seconds)Packet average interval is 20 ms (good)
Very few glitches, of up to 0.1 second(fair audio experience)
Benefits of App prioritization
Business data gets priority and speed even if network is congested
Reduces complexity - IT can focus on the mission – the network does the heavy lifting
Reliable mobility for mission use
Putting It All Together
Benefits of Apple-Cisco partnership
Simple, automated configuration of
Optimized Roaming & Fast lane
Faster client roams, lower battery usage and reduced network load
Enabled with a unique to Apple and Cisco mutual identification
Prioritizes mission-critical apps over
the air and network
What can we enable
All Wireless Office Manage growing network demands
Mobile access to real-time data
Prioritize mission critical apps
Improved voice and video communication
Recommended platforms
Networking infrastructure Caching iOS devices• Wireless controller: Running
AireOS 8.3, 8.3MR or connected to Meraki cloud
• 802.11ac Aironet and Meraki MR Access points
• Catalyst and Meraki MS Multigigabit-capable switches
• Meraki Systems Manager EMM• Software licenses, maintenance
& support
• ISR 4000 Series• WAAS – Wide Area Application
Services• Akamai Connect license• Software licenses, maintenance
& support
Optimized Efficient Roaming
• iPhone 6s and later• iPhone 6s Plus and later• iPad Air 2 and later• iPad mini 4 and later• iPad Pro and later• iPhoneSE
Fast Lane
• iPhone 5 and later• iPad mini 2 and later• iPad Air and later• iPad Pro• iPod touch (6th generation)
AP and WLC Portfolio
Cisco Aironet 802.11ac Wave 2 Portfolio Enterprise Mission Critical Best in Class
18101830
1850 (i/e)2800 (i/e)
3800 (i/e)
• Dual Band • 802.11ac Wave 2• Compact Design• 3x Gbps switch port• 1x Gbps uplink port• Wall Plate AP • Teleworker OEAP• 802.3af PoE out
• 802.11ac Wave 2: Most Cost-effective, 870 Mbps.
• 3x3:2SS 80MHz. • Spectrum Analysis*• Tx Beam Forming• 1 GE Port• USB 2.0• Centralized,
FlexConnect* and Mobility Express
• 802.11ac Wave 2: Cost-effective, 1.7 Gbps
• 4x4:4SS 80Mhz. • Spectrum Analysis*• Tx Beam Forming • 2 GE Ports• USB 2.0• Centralized,
FlexConnect* and Mobility Express
• 802.11ac W2: High-Performance 5Gbps
• Flexible Radio Assignment
• 4x4:3SS 160 MHz• 2 GE Ports• USB 2.0• Hyperlocation
(External Antenna)• CleanAir 160MHz. • ClientLink 4.0• Centralized,
FlexConnect* and Mobility Express
• 802.11ac W2: High-Performance 5Gbps.
• Flexible Radio Assignment
• 4x4:3SS 160MHz.• MU-MIMO• 2 GE or 1 GE + 1
mGig (5G)• Hyperlocation
(External Antenna)• CleanAir 160 MHz• ClientLink 4.0 • StadiumVision• Modularity• Centralized,
FlexConnect and Mobility Express
Cisco Aironet Portfolio – Outdoor APEnterprise Class Best in Class Cable Operators
1560• 802.11ac W2• 4 models (I/E/D/PS)• 3x3:3, 80MHz, 1.3G (I)• 2x2:2, 80MHz, 867M (D/E/PS)• MU-MIMO• SFP• Internal Directional Ant. (D)• 4.9 GHz (PS: Public Safety)• Flexible Antenna Ports• CleanAir 80 MHz• ClientLink 4.0 • Centralized, FlexConnect,
Mesh & Mobility Express
1572EAC• 802.11ac W1• 4x4:3 80 MHz; 1.3 G• External antenna• SFP• GPS• PoE-Out (803.2at) • Flexible Antenna Ports• CleanAir 80 MHz• ClientLink 3.0 • Modularity• Centralized, FlexConnect &
Mesh
1572IC/EC
• 802.11ac W1• 4x4:3 80 MHz; 1.3 G• Internal or External antenna• DOCSIS 3.0, 24x8• SFP• GPS• PoE-Out (803.2at) (EC)• Flexible Antenna Ports• CleanAir 80 MHz• ClientLink 3.0 • Modularity• Centralized, FlexConnect &
Mesh
1530• 802.11n• 2 models, low profile• 2G: 3x3:3; 5G: 2x3:2• Internal or External antenna• Flexible Antenna Ports• Centralized, FlexConnect, &
Mesh
* Future availabilityShipping ShippingFCSAugust 2016
Industrial Wireless IW3700 Series Access PointOptimized for Rail, Mining, Manufacturing, Oil & Gas
N-type antenna ports for 4x4 MIMO with three spatial streams and support for up to 13 dBigain antennas
10/100/1000Base-T, PoE and PoE+ in (M12)
10/100/1000Base-T, PoE out (M12)
10 to 60 VDC in (M12)Management console port (RJ-45 serial)
Integrated mounting ears
Diecast aluminum chassis with
integrated heatsinkand heaters
Meet Any Wi-Fi Use CaseExpandability and Investment Protection
Future Wi-Fi Standard
IOTIntegration
Custom ComputePlatform
Adv. Security and Spectrum
Analysis3G & LTESmall Cell
Bluetooth Beacon
Hyperlocation Antenna
Stadium Panel
Antenna
Self-Discover / Self-Configure
3G/LTEBackhaul
Directional Antennas
BluetoothIntelligence
Access Point Extensions (APeX)Third-party Development Framework
• Seamlessly Enable partnersü Cisco Wireless BEü Other Cisco Business Unitsü Strategic partnersü 3rd Party solutions vendors
• Facilitate both hardware and software based solutions
• Sustained differentiation of 3K Series APs
• Gain competitive advantage by enabling vertical specific solutions
MODULE PORT
A development framework to enable an ecosystem of expansion modules (HW module, USB or software) for Cisco Aironet AP 3800 Series
LoRA5G
NB-LTE 3.5GHz CBRS
ThreadLTE-U
BLE WiFi calling
Wi-Fi
BT
LTE
People + Things
Mobility and IT-OT Convergence
§ Right To Use Licensing, Ease of Enablement and Portability
§ Utilizes the NEW WLAN Express WEBGUI with best practices enabled
§ Allows administrator to easily migrate config from previous WLC
Simplified Migration and Manageability
§ Ability to host multiple services such as Application Visibility and Control, Bonjour
Services Directory, TrustSec, Guest, High Availability with SSO
§ Support for centralized, distributed and Mesh deployments
Services Ready
§ 5520 scales up to 1500 AP & 20,000 clients
§ 8540 scales up to 6000 AP & 64,000 clients
Built for addressing Scale of BYOD
§ 5520 supports 20 Gig of throughput
§ 8540 supports 40 Gig of throughput
Throughput to address needs of Wave-2 11ac
5520
8540
Introducing the Cisco 5520 and 8540Feature-Rich, Multi-mode and Ready for Wave 2 802.11ac
CMX & ISE
Create Connected Experiences with Cisco CMX
§ Presence and location§ Visibility (Wi-Fi, BLE)
§ Easy Wi-Fi login, custom or social§ Zone-based, custom splash pages
§ Electronic Customer engagement§ Context-aware in-venue experiences
Analytics
Detect Connect Engage
Cisco Location Tracking Roadmap
PresenceGreater customer
insights
Enhanced location
Hyperlocation
Bluetooth Low Energy
Accuracy 20m
Type In-zone Detection
Use Cases
Venue-level,Visitors, Dwell Time
Accuracy 10m
Type X,Y coordinates, Optimized refresh
Use Cases
Zone-levelCorrelation
Accuracy 1-3m
Type Real time refresh, app required
Use Cases
Way Finding / Indoor navigation / Proximity Marketing
Accuracy 1-3m
Type Refresh every 10 seconds, no app
Use Cases
Sub-zone-levelWork space optimization
Prime Infrastructure
Cisco WLAN
Controller
Systems Manager (MDM/EMM)
MDM Manager
Wired Network Devices
Cisco Catalyst Switches
Office Wired Access
Office Wireless Access
IdentityServices Engine
Remote Access
ASA Firewall
CSM / ASDM
Identity Services Engine – Policy Enforcement
Cisco Identity Services Engine (ISE)
Network ResourcesAccess Policy
Traditional Cisco TrustSec®
BYOD Access
Threat Containment
Guest Access
Role-BasedAccess
Identity Profilingand Posture
A centralized security solution that automates context-aware access to network resources and shares contextual data
NetworkDoor
Physical or VM
ISE pxGridController
Who
CompliantP
What
When
Where
How
Context
Threat (New!)
Vulnerability (New!)
Federal Certifications
What’s Certified:ü All Cisco 11ac and 11n Access Points ü All appliance and integrated
controllersü MSE 8.0, and PI 2.2 ü APL Listing for WLAS, WAB,WIDS
What’s unique to Cisco:ü Cisco ONLY Wireless vendor with DCE
and Common Criteria Certificationü Predictable wireless certification – MD
SW release gets certifiedü Common release both Enterprise and
Government customers – Feature consistency and deployment flexibility
Current Cisco Wireless Government CertificationsCertify every MD/long lived release
Certification 7.0 8.0 IOS 3.6
FIPS
CC
UCAPL
CSfC
USGv6
Comprehensive end-end solution certified !
What’s Certified:ü 11ac Wave 2 Access Pointsü 5520, 8540, 5508, 2504, WiSM2ü 3650 and 3850 switches/WLCü CMX 10.3ü APL Listing for WLAS, WAB,WIDSü Cisco SSL 6.x Integration w/AireOS
What’s the timeline:ü FCS – Nov ‘16ü JITC Eval Began Oct ‘16ü Estimate Completion Q2CY16
Roadmap - Cisco Wireless Government Certifications8.3 (MR1) and IOS 16.3 – Q3CY16
Certification 8.3 IOS 16.3
FIPS
CC
UCAPL
CSfC
USGv6
NGE and Wave 2 Certified Release!
Cisco Enterprise Networking…
• Network of Tomorrow – Digital Network Architecture• Automation• Security• Insights
• DNA – Mobility: Delivering services needed for the network of tomorrow
• 802.11ac Excellence• Services & Security ensure granular control & enforcement
• Complete Enterprise Solution built for the Government Customers• Certifications
Cisco Small Cell
Summary