Aparajita Sood, Technical Marketing Engineer
BRKEWN-2670
Introduction to Cisco Catalyst 9800 Wireless Controller
Questions? Use Cisco Webex Teams to chat with the speaker after the session
Find this session in the Cisco Events Mobile App
Click “Join the Discussion”
Install Webex Teams or go directly to the team space
Enter messages/questions in the team space
How
1
2
3
4
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Webex Teams
TECEWN-2005 3
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda
Why Catalyst 9800 ?
Platform Support | Software Interoperability | IRCM
Cisco Catalyst 9800 Wireless Controller Appliances
Cisco Catalyst 9800 Wireless Controller Public and Private Cloud
Cisco Catalyst 9800 Series Wireless Controller for SDA
Embedded Wireless Controller on Catalyst 9100
Differentiators
High Availability
Security
Programmability and Telemetry
Adoption
New Configuration Model
Migration Strategies
TECEWN-2005 4
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
INTENT CONTEXT
Intent-based Network Infrastructure
Intent-Based Networking (IBN) strategy
CONTEXT
LEARNING
SECURITY
INTENT
DNA Center
Policy Automation Assurance
TECEWN-2005 5
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Best Access Experience for IT and IoTstarts with the Catalyst Access Network
Automation Security AnalyticsBuilt for intent-based networking
Fully Integrated End to End
Access SwitchesAccess Points Distribution/Core Wireless Controller
9200/9300/9400
Catalyst Catalyst9500/9600 Series
Catalyst9800 Series
Catalyst9100 Series
Most comprehensive mGig portfolio
Wi-Fi 6
Campus Optimized 25G/40G/100G
Industry’s only modular WLC with 40G/100G
uplinks
Wi-Fi 6, 802.3bt Ready
48P 5G + 25G/40G uplinks
Wi-Fi 6
Wi-Fi 6
Wi-Fi 6
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 9800 Wireless Controllers
Cisco Catalyst 9100 Access Points
Cisco’s Next Gen Wireless Stack is Ready for Scale Deployments
7TECEWN-2005
Enabling next-generation mobility powered for Wi-Fi 6
Resilient Secure Intelligent
Translate business intent into network policy and capture actionable insights
Cisco DNA Center Cisco DNA Spaces
Digitize people, spaces and things
Managed by Digitized by
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst Wireless Stack Innovations
8TECEWN-2005
Catalyst 9800 Launched
WLC SMUAP SP and AP DPProgrammability
Encrypted Traffic AnalyticsSoftware Define Access
iPSK, Rogue, wIPS
Cisco DNA-C Assurance
AI/ML Base AnalyticsApp Visibility and Experience
Intelligent CaptureNetwork Sensor
Apple, Samsung Analytics
Innovations on Wireless Stack
ISSUIoT Gateway
Open RoamingBLE Management
11ax Analytics
Catalyst 9100Launched
11ax features like OFDMA, MUMIMO, BSS Coloring, TWT,
Spectrum IntelligenceDevice Eco System
Cisco DNA Spaces
Partner App integrationRoom Finder
Location AnalyticsGuest portal management
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
C
2,000+ unique customers
ENCS
7000+ units sold
Catalyst 9800 - Fastest Ramping Wireless Controller
9TECEWN-2005
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
QFPQuantumFlow Processor
UADPUnified Access Data Plane
▪ Advanced, Multi-Core, Feature-Rich
▪ Fully Programmable
▪ Scalable
▪ Advanced on-chip QoS
▪ Secure
▪ Extensible Architecture
▪ Flexible, Programmable, High-Performance
▪ Fully Programmable
▪ Scalable
▪ Advanced on-chip QoS
▪ Secure
▪ Extensible Architecture
100% Cisco-developed Flexible Silicon – Unlocking the Power of DNA at Hardware Speeds
Cisco Catalyst 9800 – Next Gen Wireless ArchitectureIBN starts from a strong Hardware Foundation
Powered by IOS-XE
C9800 applianceC9800 embedded in Catalyst 9000
TECEWN-2005 10
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Managed (Cisco DNAC/Prime)Fully ProgrammableCisco DNAC Automation Cisco DNAC AssuranceHot and cold patchesZero downtime software upgrades
Built from scratch, modular, highly available, scalable, multi-process, wirelesssoftware architecture
No MC/MA complex tunnelingIndirect AP Support
Policy abstraction: no VLAN/IP/ACLsL2 mobility made easy
Stretch subnet without spanning VLANs
Control Plane is always centralizedOptimize data plane for Enterprise
(options: CAPWAP, VXLAN, 802.1q)
Network Architecture
Software Architecture
SDA vs. CAManagement &
Operations
What makes C9800
different?
Cisco Catalyst 9800 – Next Gen Wireless ArchitectureNext gen Software architecture
11TECEWN-2005
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Next Generation Wireless Infrastructure For Any Scale
12TECEWN-2005
Catalyst 9800-80 6000 APs, 64K clients80 Gbps
Catalyst 9800-402000 Aps, 32K Clients, 40 Gbps
Catalyst 9800-L250 APs, 5K Clients, 5 Gbps
Catalyst 9800 Embedded Wireless*100 APs, 2K Clients
Catalyst 9800Embedded Wireless**200 APs, 4K Clients
Catalyst 9800-CL***
1000 APs, 10K Clients
Up to 250 APs Up to 3000 APs Up to 6000 APsUp to 100 APs
*Supports Local Switching only**SD-Access only
***Catalyst 9800 for Public cloud FlexConnect only
Up to 1000 APs
Distributed Branch & Small Campus Medium Campus Large Campus
Catalyst 9800-CL1000, 3000 or 6000 APs10K, 32K or 64K Clients
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Best in Class
Introducing Catalyst 9130AX Access Point
13TECEWN-2005
Cisco DNA Assurance withiCAP
Integrated or external antenna SKUsBluetooth 5 USB
Mission criticalIdeal for small to medium deployments
9117AX
• 8x8 + 4x4• MU-MIMO, OFDMA (only DL)• Spectrum intelligence• 1 x 5 mGig• TWT• Integrated Antenna only
9115AX
• 4x4 + 4x4• MU-MIMO, OFDMA• Spectrum Intelligence• 1 x 2.5 mGig• TWT
9120AX
• 4x4 + 4x4• Cisco RF ASIC• Dual 5GHz, HDX• RF Layer 1 detail• IoT ready (Zigbee, Thread)• Application Hosting• 1 x 2.5 mGig• TWT
Powered by Cisco RF ASIC
9130AX
• 8x8 + 4x4 or 4x4 + 4x4 + 4x4• Tri-radio (Dual 5GHz + 2.4GHz), HDX• Cisco RF ASIC• RF Layer 1 detail, Application Hosting• Decrypted data packet iCAP• IoT ready (Zigbee, Thread)• Industry-first 8x8 AP with external
antennas• 8 port Smart Antennas• 1 x 5 mGig
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Unprecedented throughput with C9800 appliances
2xThroughput option now
available with C9800-80 going up to 80 Gbps
Always-on:High availability and seamless software
updates
Accuracy with Encrypted Traffic Analytics
and Stealthwatch integration
Catalyst 9800 Series Wireless Controller Appliances
C9800-40 and C9800-80
Open standards based programmability with
model-driven telemetry
Scale options for your campus
Programmable multi-core network processor
Investment protection with modular uplinks
99%+
Industry’s 1st
100GE uplink100
Globa l
Sa les Tra in ing
EXTERNAL INTERFACES
• RJ-45 Console Port• Mini USB Console Port• 2 External USB Ports • RJ-45 Ethernet Management Port (SP)• RJ-45 Ethernet Redundancy port (RP)• SFP Gigabit Ethernet Port• BUILT-IN-6x10GE/2x1GE or 10GE• C9800 Modules
LEDs
• Power Status LED• Alarm LED• High availability LED• USB console LED• 10/100/1000 RJ45 Link LED• 10/100/1000 RJ45 Activity LED• SSD Activity LED • System Status LED
• Power Supply (PEM 0)• Power Supply (PEM 1)• Power Switch
C9800-80-K9 Front Panel
C9800-80-K9
8540
Dimensions of C9800-80-K9: 17.3” (439.42 mm) wide, 3.5” (88.9 mm)tall (2RU), and 22.0” (558.8 mm) deep
Gigabit SFP RP Port
(Compared to 30.8 “ for 8540)
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
SFP/SFP+ Support for C9800-80-K9
• GLC-BX-D
• GLC-BX-U
• GLC-LH-SMD
• GLC-SX-MMD
• GLC-ZX-SMD
• GLC-TE
Note:
SFP-GE-S, SFP-GE-L and SFP-GE-Z are End-of-Sale, and will not be officially
supported
10G ports will operate in 1GE mode but will not support operation at 10/100M.
Hence the 10G ports will not support the following SFPs for 10/100M:
• GLC-GE-100FX=
• SFP-GE-T
• GLC-TE
• SFP-10G-SR
• SFP-10G-SR-X
• SFP-10G-LR
• SFP-10G-LRM
• SFP-10G-LR-X
• SFP-10G-ER
• SFP-10G-ZR
• SFP-H10GB-ACU7M
• SFP-H10GB-ACU10M
• DWDM-SFP10G-30.33 –DWDM-SFP10G-61.41
SFP MODULES SFP+ MODULES
TECEWN-2005 17
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Industry’s First Controller with Modular 100G Uplink
• C9800-18X1GE
Eighteen 1GE-ports that support small form-factor pluggable (SFP) optical transceivers to provide network connectivity. Ports are numbered 0 – 17
C9800 Modules Support
• C9800-2X40GE• C9800-1X40GE
• C9800-1X100GE
• C9800-10X10GE
Ten 10GE-ports that support small form-factor pluggable (SFP+) optical transceivers to provide network connectivity. Ports are numbered 0 – 9.
• QSFP-40G-SR4• QSFP-40G-LR4• QSFP-40GE-LR4• QSFP-40G-ER4• QSFP-40G-SR4-S• QSFP-40G-LR4-S• QSFP-40G-SR-BD• QSFP-40G-BD-RX
QSFP MODULES
TECEWN-2005 18
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Evolution of Wireless Controllers Enterprise Campus and Full-Service Branch
•6000 APs, 64000 Clients•40 Gbps Throughput
THEN 8540
NOW C9800-80-K9
•6000 AP Groups•2000 FlexConnect Groups,• 100 Flex APs/FCG
•4096 VLANs, 512 Interface Groups•64000 PMK Cache•512 WLANs
•50000 RFIDs•6000 APs/RRM Group•320000 AVC Flows
• 6000 APs, 64000 Clients
• 80 Gbps Throughput
• 4096 VLANs, 4096 Interface Groups
• 128000 PMK Cache
• 4096 WLANs
• 64000 RFIDs
• 12000 APs/RRM Group
• 800000 AVC Flows
• 6000 Policy Tags
• 6000 Site Tags,
• 100 Flex APs/Site
TECEWN-2005 19
Globa l
Sa les Tra in ing
EXTERNAL INTERFACES
• RJ-45 Console Port• Mini USB Console Port• 2 External USB Ports • RJ-45 Ethernet Management Port (SP)• RJ-45 Ethernet Redundancy port (RP)• SFP Gigabit RP Port• 4 x 10GE/1GE SFP and SFP+ ports
LEDs
• Power Status LED• Alarm LED• High availability LED• USB console LED• 10/100/1000 RJ45 Link LED• 10/100/1000 RJ45 Activity LED• SSD Activity LED • System Status LED
C9800-40-K9 Front Panel
Gigabit SFP RP Port
Dimensions : 17.3” (439 mm) wide, 1.75”(44.4 mm) tall (1RU), and 18.3”(464 mm) deep*
*compared to 30.98” (786 mm) in 5520
C9800-40-K9
AIR-CT-5508-K9
AIR-CT-5520-K9
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Evolution of Wireless Controllers Enterprise Campus and Full-Service Branch
•1500 APs, 20000 Clients•20 Gbps Throughput
THEN 5520
NOW C9800-40-K9
•1500 AP Groups•1500 FlexConnect Groups,• 100 Flex APs/FCG
•4096 VLANs, 512 Interface Groups•40000 PMK Cache•512 WLANs
•25000 RFIDs•3000 APs/RRM Group•320000 AVC Flows
• 2000 APs, 32000 Clients
• 40 Gbps Throughput
• 4096 VLANs, 100 VLAN Groups
• 64000 PMK Cache
• 4096 WLANs
• 32000 RFIDs
• 4000 APs/RRM Group
• 400000 AVC Flows
• 2000 Policy Tags
• 2000 Site Tags,
• 100 Flex APs/Site
TECEWN-2005 21
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
C9800- L: Industry’s first fixed Wireless Controller with Seamless software Updates
4 x 2.5G Ports
SP/RP Port10G/ mgig PortsUSB 3.0
Up to 250 APs Up to 5,000 Clients 5 Gbps
Fully programmable multi-core network processor Support for Netflow, AVC and ETA
Console
TECEWN-2005 23
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
C9800-L Racking tray
Fit 2 units in 1RU with a ‘toolless' snap-in rackmount installation (with exception to the rack screws)
TECEWN-2005 24
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Evolution of Wireless Controllers
• 150 APs, 3000 Clients• 4 Gbps Throughput
3504
NOW C9800-L
• 150 AP Groups• 100 FlexConnect Groups,• 100 Flex APs/FCG
• 4094 VLANs, 512 Interface Groups• 14000 PMK Cache
• 600 Rogue APs, 1500 Rogue Clients, 1500 RFIDs• 500 APs/RRM Group
• 250 APs, 5000 Clients
• 5 Gbps Throughput
• 4096 VLANs, 4096 Interface Groups
• 10000 PMK Cache
• 4096 WLANs
• 5000 RFIDs
• 1000 APs/RRM Group
• 4096 Policy Tags
• 250 Site Tags
• 250 Flex APs/Site
TECEWN-2005 25
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Embedded Wireless Controller on Catalyst 9100 Ready for Enterprise deployments
Use Mobile App, WebUIand DNA-C to Deploy, Manage and Monitor
Flexible Management Options
HA, SMU, aWIPS, Umbrella, NetFlow, ICAP
Supports Advanced Enterprise Feature Set
Modern OS, scalable, open and programmable, supports telemetry
Runs C9800 IOS-XEWireless Controller on Catalyst Access Points
Migrate Access Points to controller for more than 100 Access Points
Investment Protection
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
SMU(patching) support for both Controller and Access Point
aWIPS*, Rogue detection, identification and mitigation
Cloud Delivered Enterprise Security with Cisco Umbrella*
Walled Garden & DNS Blocking1
Embedded Wireless Controller ready for Enterprise Branch Deployments
Redundancy with Active & Standby Controllers running simultaneously on
two Access Points
Resilient
Secure
Intelligent & IT Simplicity PnP, Automation and
Assurance
DNA Center
Open standards based programmability with NETCONF,
YANG
Simplified WebUI for Monitoring, Provisioning and
Day-N Operations
Active to Standby switchover in a few seconds
<10seconds
* IOS-XE 17.1
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
EWC - Management options
DNA Center(On-Prem)
AnalyticsPolicy Automation
Standards Based Interoperability
SDN Controllers
CI/CD Tools
NMS Systems
Intent-basedNetwork Infrastructure
Embedded Wireless Controller
WebUI/Mobile App
Use App to Deploy,
Monitor and Manage
Featue rich, yet simple
Mobile App for iOS and
Android devices
Wizard driven provisioning
flows
TECEWN-2005 29
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Embedded Wireless Controller - WLAN Deployment Next-Gen Wi-Fi designed for Single or Multi-Site Small to Medium Size Enterprises
Single Office Distributed Office Distributed Enterprise
Mobile App or WebUI
Embedded Wireless Controller
DNA Center
AssuranceAutomationPolicy Security CMXISE
Embedded Wireless ControllerController in CampusEmbedded Wireless Controller
in Branch
TECEWN-2005 30
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Embedded Wireless Controller Catalyst 9100 Access Points
C9117AX-EWC
• 50 Access Point, 1000 Clients• 8x8 + 4x4• MU-MIMO, OFDMA (only DL)• Spectrum intelligence• Bluetooth 5• 1 x 5 mGig• USB• Integrated Antenna only
C9115AX-EWC
• 50 Access Point, 1000 Clients• 4x4 + 4x4• MU-MIMO, OFDMA• Spectrum intelligence• Bluetooth 5• 1 x 2.5 mGig• USB• Integrated or External antenna
C9120AX-EWC
• 100 Access Point, 2000 Clients• 4x4 + 4x4• MU-MIMO, OFDMA• Cisco RF ASIC• Dual 5GHz, HDX• RF signature capture• 1 x 2.5 mGig• Integrated or External antenna
Nov ‘19
Nov ‘19
Nov ‘19
Software Feature Parity across APs
Supports up to 100 APs, 2000 Clients
Supports Wave 2 APs as client serving
C9130AX-EWC
• 100 Access Point, 2000 Clients• 8x8 + 4x4 or 4x4 + 4x4 + 4x4• Tri-radio (Dual 5GHz + 2.4GHz), HDX• Cisco RF ASIC• RF signature capture• Decrypted data packet iCAP• 1 x 5 mGig• 8 port Smart Antennas
Nov ‘19
Mission Critical Best in Class
Powered by Cisco RF ASIC Powered by Cisco RF ASIC
Best suited for High Density Enterprise Branch Deployments
Ideal for single or multi-site small to medium Enterprise deployments
Cisco DNA Assurance with ICAP
TECEWN-2005 31
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
What about 802.11ac Wave 2 Access Points?Supports client serving mode
Mission criticalIdeal for small to medium-sized deployments
ALL 11ac Wave 2 Access Points can connect to Embedded Wireless Controller
1815W 1815I, 1815M 1832 1852
1540 1560
2802 3802 4800
Outdoor
Indoor
1842
TECEWN-2005 32
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AP support on ME and EWC-AP Deployments
ME APs Subordinate APs (no ME)
AIR-AP1815 C9100 (Release 8.9.111.0 +)
AIR-AP1832 AP1700/2700/3700 Series APs
AIR-AP1840 AP1800i
AIR-AP1852 AP1810w
AIR-AP2802 AP700 Series APs
AIR-AP3802
AIR-AP4802
AIR-AP1542
AIR-AP1562
APs Supported in Cisco AireOS Mobility Express
EWC APs Subordinate APs (no EWC)
C9100 (16.12.2 +) All C9100
AIR-AP1815
AIR-AP1832
AIR-AP1840
AIR-AP1852
AIR-AP2802
AIR-AP3802
AIR-AP4802
AIR-AP1542
AIR-AP1562
Cisco APs Supported in Cisco Catalyst EWC-AP
• Only C9100 APs can be EWC-AP i.e. running controller functionality• 11AC Wave2 APs can be subordinate APs • No EWC-AP support on 11AC Wave 2
• Only 11AC Wave2 APs can have ME functionality• C9100 Series and 11AC Wave1 APs can be subordinate APs• No AireOS ME on C9100 Series APs 33
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Embedded Wireless Controller on C9100 Interoperability Matrix
IOS-XE 16.12.2
ISE 2.3 DNA Center 1.3.2 DNA Spaces
DNA Ready for Small to Medium Size, Single or Multi site Deployments
TECEWN-2005 34
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
❑ Customer has unique access to dedicated DC virtualized or physical resources
❑ The resources are onPrem DC or hosted by a Colo provider
❑ WLC as a Virtual Machine
Some definitions first…
❑ Customer doesn’t own the infrastructure (computing, storage, networking).
❑ WLC is consumed as Infrastructure as a Service (IaaS)
❑ Simply the reality…❑ Customer will have
both Private and Public cloud deployments for some time
TECEWN-2005 36
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800 Wireless Controller for Cloud
ISE / AD Cisco DNA Center
ASSURANCE
AUTOMATION
Cisco DNA Center 1.3 Wi-Fi 6, W1 & W2 802.11ac APs
Internet
Public Cloud
AD
Managed VPN
Enterprise network
NFVIS
ENCS
Hypervisors: ESXi, KVM, NFVIS on ENCS
All deployments mode: Centralized, SDA, FlexConnect, Mesh
ESXi
3,000 APs / 32,000 Clients (starting 16.11)
Amazon AWS with Managed VPN
FlexConnect local switching only
ISE/AAA
TECEWN-2005 37
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Campus
Catalyst 9800 Private Cloud deployment
▪ Customer value prop: • Deploy wireless controller where you want it,
how you want it• All AP modes supported• Feature parity with appliance (only exception
is GuestShell)
▪ Support• VMware ESXi , KVM and ENCS• Wi-Fi 6, Wave2 and Wave1 APs• Centrally switched traffic <= 1.5 Gbps• ESXi vCenter or KVM Virt-Mgr for VM
provisioning• Automated VM bootstrap flow (ESXi
vCenter only)
Corporate WAN
(MPLS /SD-WAN)
BranchFlex APs
Flex AP
OnPrem/Colo provider DC
Branch
ESXi / KVM/
CAPWAP
ISP owned device
Customer owned device
Local mode AP
TECEWN-2005 39
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
VMware specifications
40TECEWN-2005
• Supported hypervisor: VMware ESXi 6.0 and higher
Model Configuration Small (16.10) Medium(16.10) Large(16.10)
Maximum Access Points 1,000 3,000 6,000
Maximum Clients Support 6,000 32,000 64,000
Minimum Number of vCPUs 4 6 10
Minimum Memory (GB) 8 16 32
Required Storage (GB) 8 8 8
Virtual NICs (vNIC) -3nd NIC is for High Availability
2 /(3) 2 /(3) 2 /(3)
vNIC driverVMXNET3, E1000E,
E1000VMXNET3, E1000E,
E1000VMXNET3, E1000E,
E1000
Virtual bridge Vswitch Vswitch Vswitch
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
KVM specification
41TECEWN-2005
▪ Supported Linux distribution: RHEL 7.1 & 7.2, Ubuntu 14.04, 16.04 LTS
Model Configuration Small(16.10) Medium(16.10) Large(16.10)
Maximum Access Points 1,000 3,000 6,000
Maximum Clients Support 6,000 32,000 64,000
Minimum Number of vCPUs 4 6 10
Minimum Memory (GB) 8 16 32
Required Storage (GB) 8 8 8
Virtual NICs (vNIC)3nd NIC is for High Availability
3 3 3
vNIC driver VIRTIO VIRTIO VIRTIO
Virtual bridgeOVS
Linux bridge (brctl)OVS
Linux bridge (brctl)OVS
Linux bridge (brctl)
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Public Cloud deployment models
Infrastructure
Application services
Application
Stack components
User interface,Dashboard
OS, Database, APIs, APP Svr, Monitoring, etc..
Network, Servers, Firewall, Storage, etc..
Service model Responsibility
IaaSP
aaS
SaaS
Vendor Vendor V
endor
User Login, registration
Custo
mer
Custo
mer
Custo
mer
Network Services
TECEWN-2005 43
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Pioneering IaaS Public Cloud Play : 9800-CL
44TECEWN-2005
Infrastructure
Application services
Application
Stack components
User interface,Dashboard
OS, Database, APIs, APP Svr, Monitoring, etc..
Network, Servers, Firewall, Storage, etc..
Service model Responsibility
IaaSP
aaS
SaaS
Vendor Vendor V
endor
User Login, registration
Custo
mer
Custo
mer
Custo
mer
Network Services
C9800-CL for Public Cloud
Cisco Catalyst 9800 in the Cloud
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Advantages of C9800-CL in Public Cloud
Up to 50%Cost Savings seen by a large
enterprise by deploying C9800-CL for Private Cloud
7minutesTime taken to deploy C9800-CL for AWS
$0The C9800-CL Wireless
Controller price
VMware® VMotion
No more planned / unplanned outages
Host the Catalyst 9800 Series controller in AWS’ FedRAMP
certified GovCloud
Global Footprint
Scale based on network size
Cost Effective
Agility - simple to deploy
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800 Wireless Controller for Cloud
Internet
Public Cloud
AD
Managed VPN
Enterprise network
Smart License Management &DNA subscription based AP licenses
Amazon AWS with Managed VPN
3,000 APs / 32,000 Clients
ISE/AAA
FlexConnect local switching only
ISE and AD typically on Prem
N+1 high availability
TECEWN-2005 46
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Public Cloud – Managed VPN
Cloud Provider
VPN-GW
VPN connection
Corporate NetworkCustomer Router/FW
Flex APsVPC
Internet
C9800-CL
TECEWN-2005 47
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
On ApplianceOn Private CloudOn Switch
• Cisco IOS® XE Software
• C9800-CL• 1k AP, 10k Clients• 3k AP, 32k Clients• 6k AP, 64k Clients^
• Scale on demand
• Optimized for mobility
• Designed for IoT
• Always on Fabric with robust HA
• Cisco IOS® XE Software
• C9800-40-K9• 2k APs, 32k Clients
• C9800-80-K9• 6k APs, 64k Clients
• Optimized for mobility
• Designed for IoT
• Always on Fabric with robust HA
• Cisco IOS® XE Software
• Cat 9300• 200 AP, 4k Clients
• SD-Access wireless with Cat9800 Software Package
• Indirect AP Support
• Optimized for Mobility
• Centralize Control Plane
• Always on Fabric with robust HA
Small and Medium Campus Medium and Large CampusOptimized for Distributed Braches
SD-Access Everywhere
^Future
TECEWN-2005 49
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
c
Catalyst 9800 SD-Access WirelessIntroducing SD-Access Multi-Site Wireless Solution
c
Cisco DNA Center
AnalyticsPolicy Automation
IoT
SD-Access
SD-Access Wireless Campus
User Mobility
Policy stays with user
Embedded Wireless“Cat 9k Switch”
Policy stays with user
Seamless Mobility
SD-WAN
(Viptela)
MPLS | Metro
4G/5G/LTE | Internet
SD-Access Wireless Distributed Sites
Highly Secure and Optimized Solution for Campus and Distributed Sites
C9800 Appliance or Private Cloud
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
c
C9800-SW
Co-Located Border & Control Plane
Extended Nodes
Ente
rprise
Cam
pus
Exte
nded
Ente
rprise Extended Nodes
Dis
trib
ute
d
Bra
nch
Exte
nded
Bra
nch
Fabric in a Box with Wireless
SD-WAN
(Viptela)
MPLS | Metro
4G/5G/LTE | Internet
Fabric Edge
Border + CP + Wireless
Border + CP + Fabric Edge + Wireless
Function Catalyst
Fabric in a Box (with Wireless Controller)
9300 (16.11) + DNAC 1.39400 (16.11) + DNAC 1.3 DNA Center
AnalyticsPolicy Automation
Catalyst 9800 SD-Access Embedded WirelessDNAC 1.3
C9800-SW
Highly Secure and Optimized Solution for Branch and Small Campus
Function Catalyst
Co-located Border and Control +
Wireless Controller
9300 ( 16.11) + DNAC 1.39400 (16.11) + DNAC 1.39500 (16.11) + DNAC 1.3
Fabric Edge 9300 (16.11) + DNAC 1.39400 (16.11) + DNAC 1.39200 (16.11) + DNAC 1.3
SDA Compatibility Matrix: https://www.cisco.com/c/en/us/solutions/enterprise-networks/software-defined-access/compatibility-matrix.html
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
SD-Access Support
52TECEWN-2005
Digital Platforms for your Cisco Digital Network Architecture
WirelessRoutingSwitching Extended
Catalyst 3560-CX
Cisco IE 4K/5K
ISR 4430
ISR 4451
ISR 4330
BETA
AIR-CT5520AIR-CT8540
AIR-CT3504
Cisco Digital Building
Catalyst 9200Catalyst 9400
Catalyst 9300NEW
Catalyst 3650 & 3850
Catalyst 9500 Catalyst 9800
NEW
Catalyst 4500E Catalyst 6800 Nexus 7700
For more details: cs.co/sda-compatibility-matrix
ASR-1000-X
ASR-1000-HXNEW
NEW
Wave 2 APs (1800,2800, 3800)
4800
Wave 1 APs* (1700,2700,3700)ENCS 5400
NEW
NEW
Wave 2 outdoor APs (1540, 1560)*
(*) only supported in Local mode no mesh
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Wave 2 APAireOS WLC Catalyst 9800 Wave 1 AP*
• AIR-CT3504
• AIR-CT5520
• AIR-CT8540
• Catalyst 9800-40/80
• Catalyst 9800-CL
• C9K Embedded WLC
• 1800/2800/38001500 and 4800
• 802.11ac Wave2
• 1G/mG RJ45 (Uplink)
• 1700/2700/3700
• 3600 with 11ac
• 802.11ac Wave1
• 1G/mG RJ45 (Uplink)
SD-Access PlatformsFabric Enabled Wireless
For more details: cs.co/sda-compatibility-matrix
NEW
* No IPv6, AVC, FNFNEW
TECEWN-2005 53
Cisco Recommended ReleasesCatalyst 9800 and 3504/5520/8540 AireOS Wireless Controllers
54TECEWN-2005
Access Points
IOS-XE AireOS DNA-C Prime CMX ISE
C9115AX, C9117AX,
C9120AX, 9130AX16.12.2s 8.10.105.0 1.3.2 3.7MR1 10.6.2
2.22.42.6
Wave 2 16.12.2s 8.5.161.0 1.3.2 3.7MR1 10.6.22.22.42.6
Wave 2 4800 APs
16.12.2s 8.8.125.0 1.3.2 3.7MR1 10.6.22.22.42.6
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
How long can people survive without Internet ?
2,000,000 years
1990
5.26 min
Beginning of Time
Now
per Year !
TECEWN-2005 56
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AP Device PackNew AP Model
FlexiblePer-Site, Per-Model Updates
High Availability Reducing downtime for Upgrades and Unplanned Events
16.11
Controller Software UpdateSoftware Maintenance updates ( SMU^ )
Access Point UpdatesAP Updates and new AP models
Software Image UpgradesWireless controller image upgrades
Cold PatchHA install on
SSO Pair
Hot Patch(No Wireless
Controller reboot)
Auto Install on Standby
Rolling AP Update (No Wireless Controller
Reboot)
N+1 Hitless Rolling AP Upgrade
^ MD Release Only
Unplanned EventsDevice and network interruptions
16.10
SSO Stateful Switchover
N+1 High Availability
TECEWN-2005 57
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
High Availability – Stateful Switch Over (SSO)
A direct physical connection between Active and Standby Redundant Ports or Layer 2 connectivity is required to provide stateful redundancy within or across datacenters
Sub-second failover and zero SSID outageActive Wireless
Controller
Active Wireless Controller
Hot-Standby Wireless Controller
Hot-Standby Wireless Controller
Redundancy Port ConnectivityRP via L2
Redundancy Port ConnectivityRP Via L2
C9800-40-K9
C9800-80-K9
The only supported SFPs on Gigabit RP port are : GLC-SX-MMD and GLC-LH-SMD
Gigabit SFP RP port Gigabit SFP RP port
TECEWN-2005 58
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
vWLC1-Standby
vWLC2-Standby
High Availability – Stateful Switch Over (SSO)
vWLC1-Active
CP
DP
vswitch
vWLC2-Active
CP
DP
vWLC1-Standby
CP
DP
vswitch
vswitchvswitch
HA interface
CP
DP
vWLC1-Active
CP
DP
vswitch
Redundancy Port Connectivity
vswitch
HA interface
CP
DP
ESXi
C9800-CL-K9
Redundancy Port ConnectivityRP via L2
switch
switch
TECEWN-2005 59
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Enterprise network
Single VSS switch (or stack/VSL pair/modular switch)SSO HA pair
▪ For SSO HA, connect the Standby in the same way (same ports)
▪ Single L2 port-channel on each box. Ports connected to Active and ports connected to Standby must be put in different port-channel
▪ Enable dot1q to carry multiple VLANs
▪ IMPORTANT: only LAG with mode ON is supported
▪ IMPORTANT: spread the uplinks across the VSS pair and connect the RP back to back (no L2 network in between)
▪ Make sure that switch can scale in terms of ARP and MAC table entries
▪ This is the recommended topology
VSS/vPC pair
L2 port channels+ dot1q trunk
Active Standby
RP port RP port
TECEWN-2005 60
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Enterprise network
Dual Distribution switches with HSRP (before 17.1)SSO HA pair
▪ For SSO HA, connect the Standby in the same way
▪ Single L2 port-channel on each box. Ports connected to Active and ports connected to Standby must be put in different port-channel
▪ Enable dot1q to carry multiple VLANs
▪ IMPORTANT: only LAG with mode ON is supported
▪ IMPORTANT: connect RP port to the same distribution switch as the uplinks and not back to back
▪ Make sure that switch can scale in terms of ARP and MAC table entries
▪ This is a supported topology
L2 port channel+ dot1q trunk
Active Standby
RP port RP port
HSRP Active HSRP Standby
L2 link
TECEWN-2005 61
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Enterprise network
Dual Distribution switches with HSRP (17.1 and higher)SSO HA pair
▪ For SSO HA, connect the Standby in the same way
▪ Single L2 port-channel on each box. Ports connected to Active and ports connected to Standby must be put in different port-channel
▪ Port-channel PagP and LACP supported
▪ Enable dot1q to carry multiple VLANs
▪ Make sure that switch can scale in terms of ARP and MAC table entries
▪ This is a Recommended topology
L2 port channel+ dot1q trunk
Active Standby
RP port RP port
HSRP Active HSRP Standby
L2 link
TECEWN-2005 62
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Controller and AP software upgrades
Controller Updates
Controller update or bug fixes
New AP Model Support
Hot-patchable support for Device Pack
PSIRTs, fixes on APs
AP update or bug fixes
FutureSMU on MD Release only
Contain impact within releaseFixes for defects and security issues without need to requalify a new release
Faster resolution to critical issuesProvide fixes to critical issues found in network devices that are time-sensitive
SMU AP Service Pack AP Device Pack
TECEWN-2005 64
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Wireless Controller SMU
Wireless Controller SMU installation Options
Hot Patch(No Wireless Controller reboot)
Auto Install on Standby
Cold PatchWireless Controller Reboot
Hot-Patching
Inline replace of functions without restarting the process
On SSO Systems, patch will be applied on both active and standby without any reload
Cold Patching
Install of a SMU will require a system reload
On SSO systems, SMU updates can be installed on the HA Pair with zero downtime
▪ Software Maintenance Update (SMU) is the ability to apply patch fixes on a software release in the customer network
▪ Current mechanism relies on Engineering Specials• Entire image is rebuilt and delivered to
customer
✓ SMUs for C9800 are available starting the first MD Release 16.12
TECEWN-2005 66
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
User selects % of APs to upgrade in one go [5, 15, 25]For 25%, Neighbors marked = 6 [Expected number of iterations ~ 5]For 15%, Neighbors marked = 12 [Expected number of iterations ~ 12]For 5%, Neighbors marked = 24 [Expected number of iterations ~ 22]
Neighbor Marking
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
802.11v
Client Steering
• Clients steered from candidate APs to non-candidate APs
• 802.11v BSS Transition Request
• Dissociation imminent
• If clients do not honor this, they will be de-authenticated before AP reload
TECEWN-2005 71
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Per-site / Per-model AP Service Pack
Update on Subset APsFix applied on a subset of APs in the deployment using a site-filter
Per-AP model Service PackAPSP can have a subset of APs that are affected by the update
Controlled PropagationEnables user to control the propagation of APSP in the network
AP
Serv
ice P
acks
Supported on all platforms and all
deployment scenarios (Flex, Local and
Fabric)
Pre-downloaded to and activated on the affected AP
models only
Per-model APSP works in conjunction
with site-specific rollout
TECEWN-2005 73
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
ap image site-filter file <file> add <site-tag>
APSP Activation Success Workflow
CLI APsWLC
Install add
Install prepare activate
Install activate
SUCCESS
Download Images to AP based on AP model and Site-tag filter
Per-site per-model rolling AP upgrade
Install commitTECEWN-2005 74
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
ap image site-filter file <file> add <site-tag>
APSP Activation Fail Workflow
CLI APsWLC
Install add
Install prepare activate
Install activate
FAIL
Download Images to AP based on AP model and Site-tag filter
Per-site per-model rolling AP upgrade
Install rollbackTECEWN-2005 75
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
SiteCSiteA
APSP Workflow Applying APSP for 3800/2800 APs on per-site and per model basis
3800 APs 2800 APs
ap image site-filter file APSP1 add SiteAInstall prepare activate Install activate Install commit
Apply on Site A in rolling AP fashion
ap image site-filter file APSP1 add Site Bap image file APSP1 site-filter apply
Not applicable for building with 9115AX
SiteB
3800 APs 2800 APs9115AX APs
TECEWN-2005 76
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Note : Even if new AP software supports extra wireless functionality, only the functionality supported by WLC will be enabled.
AP Device Pack
78TECEWN-2005
Traditionally ..
Reduce Lifecycle delaysFaster deployment of latest AP hardware and technology
Contain Impact within releaseDeploy new hardware without need to requalify a new controller release
Zero Network Downtime Applied as HOT patch on the controller with no service impact for APs and Clients
Plan for Upgrading
entire network
New AP hardware models need new
WLC software
Wait for CCO version and re-
qualify new release
With A
P D
evic
e P
acks
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
APDP Installation Workflow
CLI New APWLC
Install add
Install activate
New AP Joins WLC
Install commit
TECEWN-2005 79
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
APDP Installation Workflow
3800 APs
Install add file new-dp.binInstall activate file new-dp.binInstall commit
Add Building/New site with newer AP model
9115AX APs
Note: Fixes for the AP installed via APDP will be via AP Service packs like a baseline supported AP
TECEWN-2005 80
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AP
Version : X Version: X+1
1. Device auto selects candidate APs based on selected % and RRM AP Neighbor Map
2. Upgrade process kicks-in • Image download to Primary
Wireless Controller• Image pre-download to APs• Selective redirect of clients using
11v• APs moved to N+1 Wireless
Controller in rolling manner• Primary Wireless Controller Reboot• APs moved back to Primary
Wireless Controller (optional)
3. Monitor progress on the Device
Version : X+1
Primary
Trigger Rolling Upgrade
Upgraded N+1
N+1 Rolling AP UpgradeWireless Controller image upgrade using N+1 staging Controller
Mobility Group
TECEWN-2005 82
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Intent-based wireless networks to secure the Air, Devices and Users with Catalyst 9800
Air UsersDevices
Rogue detection & Mitigation
Enhanced threat detection with ETA
Seamless BYOD onboarding with ISE
Standards compliance with WPA3*
Identity based segmentation with SDA
Secure device management with iPSK
- Enhanced security on open Wi-Fi- Robust password protection - Superior data protection- Seamless customer migration
*Future
TECEWN-2005 84
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Security and Threat Mitigation
Lower Risk
P2PBlocking
Client Exclusion
802.1x WPA2/AES
WPA3
AAA Override VLAN, ACL, QoS
Local Policy w/QoS and AVC
802.11w
TrustSecSGT, SXP
ETA
MAC Auth Rogue Detection
BYOD NAC RADIUS
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Custom DevelopmentCisco DNA CenterStandards Based Interoperability
Flexible management options with Cisco Catalyst 9800 Wireless Controllers
AnalyticsPolicy AutomationZero Touch Provisioning
Guest Shell (On Box Python)
Model Driven Programmability
YANG Data Models
App HostingSDN Controllers
CI/CD Tools
NMS Systems
Intent-basedNetwork Infrastructure
Catalyst 9800Wireless Controllers
TECEWN-2005 87
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
YANG Data Models
NETCONF RESTCONF* gNMI* gRPC*
Device Features
Interface BGP QoS ACL …
SNMP
Open Native
Configuration and Operation
Intent-based Network Infrastructure
The NETCONF, RETCONF, gNMI and gRPC are programmatic interfaces that provide additional methods for interfacing with the device
YANG data models define the data that is available for configuration and streaming telemetry
*Future
Wireless Programmability “Stack”
TECEWN-2005 88
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
2011
NETCONF Interface
2010
V 1.1
• RFC 6241
Base NETCONF Protocol
• RFC 6242NETCONF over SSH
“NETCONF is a protocol defined by the IETF to install, manipulate, and delete the configuration of network devices”
2006
V 1.0
• RFC 4741
Base NETCONF Protocol
• RFC 4742NETCONF over SSH
Extensions
• RFC 5277 Notifications
• RFC 5717 Partial Locking
• RFC 6243 With defaults
• RFC 6020 YANG
https://tools.ietf.org/html/rfc6241
• Transactional• Either all configuration is applied or nothing
• Avoids inconsistent state
• Both at Single Device and Network-wide level
• Error Management• OK or error code
• Capability Exchange
• Models Download from a Device
ssh -p 830 [email protected] -s netconf
NETCONF
C3850-1#conf tEnter configuration commands, one per line. End with CNTL/Z.C3850-1(config)#aaa new-modelC3850-1(config)#aaa authentication login default localC3850-1(config)#aaa authorization exec default localC3850-1(config)#username admin password cisco
C3850-1(config)#netconf-yangC3850-1(config)#
TECEWN-2005 89
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Config vs Operational YANG data models
90TECEWN-2005
Config-data Operational-data
Examples:switch> show run interface Loopback0switch(config)# interface Loopback0
Examples:switch> show interface Loopback0
‘snmpget’ results
• What the device is told to do
• It’s the way you express intent
• What the device is actually doing
• It’s what you see from most show commands
access-pointclientfqdn
lisp-agentmcastmesh
mobilitynmsp
rf-profilerfid
roguerrm
apapf
cts-sxpdot11fabricflexfqdn
generallocationmesh
mobilitymstream
rfrfid
roguerrm
securitysitewlan
Cisco-IOS-XE-Wireless: Config models Cisco-IOS-XE-Wireless: Oper models
https://github.com/YangModels/yang
https://github.com/openconfig
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Model Driven Telemetry
NETCONF RESTCONF* gNMI*
Device Features
Interface BGP QoS ACL …
SNMP
Physical and Virtual Network Infrastructure
Programmable
Interfaces
Collector
SubscriptionPeriodic or on-change
tcollector
YANG Data Models
Open Native
Configuration and Operation
*Future
TECEWN-2005 91
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Network Subscription
A subscription is a contract between the network device and a subscriber that
specifies the type of data, the frequency, and
CollectorSubscribe to ietf-yangpush.yang
Specify xpath/KPI (defined within data model)
Instruction on:
• What data to collect
• Where and how to send
• How often and how much
sh telemetry ietf subscription 100 receiver
Subscription ID: 100
Address: 10.10.105.10
Port: 47870
Protocol: netconf
Profile:
State: Connected
Explanation:
<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id=”id" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<establish-subscription xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"
xmlns:yp="urn:ietf:params:xml:ns:yang:ietf-yang-push">
<stream>yp:yang-push</stream>
<yp:xpath-filter>/wireless-location-oper:location-oper-data/location-rssi-measurements</yp:xpath-filter>
<yp:period>1000</yp:period>
</establish-subscription>
</rpc>
TECEWN-2005 92
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Wireless Basic Configuration Model
WLAN
Profile
Policy
Profile
Policy Tag
AP
Join
Profile
RF
Profile 2.4
GHz
RF
Profile
5 GHz
Site Tag
RF Tag
Site 1
Site N
Global Site
#Tags and Policies created
behind the Scenes
Flex
Profile
• Creation of Local and
Remote sites
• Creation of Custom
Policy, RF and Site
Tags and profiles in the
backend
TECEWN-2005 96
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Local Site Definition
and Client Density
Selection
Wireless Basic Configuration – Adding Local Site
Add existing WLANs to
the site OR define a
new one
TECEWN-2005 97
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Wireless Basic Configuration – Adding Remote Site
Remote Site
configuration with site
specific Native VLAN
ID and AAA Servers
Local switching and
Local authentication
options for WLANs
defined local to remote
site
TECEWN-2005 98
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Adding Remote Site - behind the scenes
WLAN
Profile
Policy
Profile
Policy Tag
AP
Join
Profile
RF
Profile 2.4
GHz
RF
Profile
5 GHz
Site Tag
RF Tag
Site 1
Site N
Global Site
#Tags and Policies created
behind the Scenes
Profile
• User simply creates a
remote site
• Creation of remote Site
involves creation of
Flex Profile in the
backend.
• Flex Profile is added to
Site Tag automatically
TECEWN-2005 99
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Access Points
2. Provision
Provisioning APs to Site
WLAN
Profile
Policy
Profile
Policy Tag
AP
Join
Profile
Flex
Profile
RF
Profile 2.4
GHz
RF
Profile
5 GHz
Site Tag
RF Tag
Site 1
Site N
Global Site1. Design + Policy
#Tags and Policies created
behind the Scenes
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Select from available
APs to the Associated
AP list for this site
Static AP MAC
Address list to add APs
not yet joined to the
controller
Wireless Basic Configuration – Provisioning APs to Site
TECEWN-2005 101
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Benefits of New Configuration Model
Reusability
Config modularized as
objects
Simplicity
No inheritance or
containers
Easy Provisioning
With AP attribute
Tagging
Rule-based
Tagging
For easy Day 1
configuration
Change Management
Site based filtering
TECEWN-2005 102
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
High Density HDX
Data Rates
DCA, TPC, CHDM
Profile threshold for traps
Client Distribution
AireOS vs. Catalyst 9800 Config Model
Granular & simplified
What Policies on which Sites
with what RF characteristics
Going towards a more Modularized and Reusable model with Logical decoupling of configuration entities
Basic Wireless
Advanced Wireless
Wireless Security
Switching Policy
Network Policy
WLAN AP Group Flex Group
Network Policies
Wireless site settings
RF Parameters
Site Specific Policies
RF Profiles
Network Policies
Wireless security
Remote Site Config
Remote site parameters
Switching Policies
RF Profile
High Density HDX
Data Rates
DCA, TPC, CHDM
Profile threshold for traps
Client Distribution
WLAN
Policy
Profile
Flex
Profile
AP Join
Profile
Basic Wireless
Advanced Wireless
Wireless Security
Switching Policy
Network Policy
Wireless site settings
Site Specific Policies
Remote Site Config
Remote site parameters
High Density HDX
Data Rates
DCA, TPC, CHDM
Profile threshold for traps
Client Distribution
RF Profile
Policy
Tag
Site
Tag
RF Tag
Decouple
Modularize
AireOS Config Model
Policy Tag
b/g
a/n/ac
Site Tag
RF Tag
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Important facts:
▪ C9800 has a multi-process software architecture
▪ APs are load-balanced across Wireless Network Controller processes (WNCd) within a C9800
▪ The number of WNCd varies from platform to platform
▪ Load balancing of APs (and clients) gives better scale and performances
▪ Today the load balancing is done based on SITE tags
▪ If using default site tag, the APs are load balanced across WNCd instances in round robin fashion
Design: recommended use of AP Site Tags
Enterprise network
WNCd(1)
WNCd Ops data
WNCd(2)
WNCd Ops data
...
...
IOSd Config DBDB
Manager Ops DB
WNCd(n)
WNCd Ops data
...
...
...
...
...
...
Catalyst 9800
Bldg. 1
Site tag
Bldg. 2
Site tag
Bldg. N
Site tag
...
TECEWN-2005 104
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Design Recommendation:
▪ The pb: 11k/v, CHD (and in general everything proximity based) are managed within the WNCd. So these features will break if neighbor APs are on different WNCds
▪ For best performance use site tag to group APs at a roaming domain level > SITE TAG = Roaming Domain
▪ Also make sure that the max number of APs per site tag doesn’t exceed 400-500 APs
▪ A good design choice would be to choose the site tag corresponding to a building.
▪ Do not use site tag per floor it could break roaming
▪ NOTE: roaming (and fast roaming) works fine across site tags
Design: recommended use of AP Site Tags
105TECEWN-2005
Enterprise network
WNCd(1)
WNCd Ops data
WNCd(2)
WNCd Ops data
...
...
IOSd Config DBDB
Manager Ops DB
WNCd(n)
WNCd Ops data
...
...
...
...
...
...
Catalyst 9800
Bldg. 1
Site tag
Bldg. 2
Site tag
Bldg. N
Site tag
...
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Recommended use of AP Site Tags
What if my customer has a building with more than 400 APs?
Recommendation: split the building in two from a site tag perspective
UP
Site tag
UP
Site tag
What if customer has a roaming domain that spans across multiple buildings with more than 400 APs?
Recommendation: configure a site tag per building. Roaming will work
BLDG1
Site tag
BLDG2
Site tag
What if customer has multiple buildings with less than 400 APs?
Recommendation: configure just one name site tag and don’t use the default site tag
CAMPUS
Site tag
TECEWN-2005 106
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Components of Policy Tag
WLAN
Profile
Policy
Profile
Policy Tag
VLAN - Mgmt. Vlan
Session timeout – 1800
Idle time out - 300
AVC profile - null
Client Qos(input/and output) – default
BSSID Qos(input/and output) – default
ACL – None
Local switching – disabled (all other
related parameters are disabled)
Central switching – enabled
Central DHCP – disabled
Central Assoc – disabled
Central Authentication – enabled
Local profiling – disabled
Policy map - none
Authentication - Central
Components of Policy Profile
Profile Name
Status
WLAN ID
SSID
Broadcast SSID
L2 Security
L3 Security
AAA Servers
Coverage Hole detection
Aironet IE
Diagnostic Channel
P2P blocking
Max Client connections
11v BSS transition Support
Off channel Scan defer
Load Balance
Band Select
Components of WLAN Profile
TECEWN-2005 107
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Components of Site Tag
AP Join
Profile
Flex
Profile
SiteTag
Com
pon
ents
of
Fle
x P
rofi
le
AP
Jo
in P
rofi
le -
def
au
lts
LED state – Enable
Heartbeat timer– 30 secs
Primary discovery timer – 120 sec
Primed join timeout – 0 seconds
Discovery timeout - 10 secs
Fast heart beat timer – 1 sec
Fast heart beat – disabled
TCP/MSS - enabled (set to 1250)
Retransmit count – 5 secs
Retransmit interval – 15 secs
Dot1x authentication – disabled
UDP lite – disabled
11u venue group – unspecified
Username/password – “current default”
Preferred mode – IPV4
11u venue type – unspecified
Client QinQ – disabled
DHCP QinQ – disabled
Reset - Disable
Static nameserver/domain name – current
default
Backup primary/secondary – current default
Core dump – “current default”
Syslog - “current default”
Hyperlocation – disable
Native VLAN ID
HTTP Proxy Port
HTTP Proxy IP Address
Fallback Radio Shut
ARP Caching
Efficient Image Upgrade
Local Authentication
Local Auth Users
Policy ACL
VLAN Name and ID
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Data Rates
MCS Settings
Maximum and Minimum Power Level Assignment
Power Threshold v1/v2
DCA Channel Width
DCA Foreign AP Interference Avoid Enable
DCA Channel list
Coverage Hole Detection Parameters (Data/Voice
RSSI, Coverage Exception, Coverage Level)
Profile Threshold for Traps
(Interference/Clients/Noise/Utilization)
Maximum Clients
Multicast Data Rates
Rx Sop Threshold
Load Balancing (window & denial)
Band Select Parameters (Applicable only for
802.11bg)
Components of RF Tag
RF
Profile 2.4 GHz
RF Tag
RF
Profile
5 GHz
Components of RF Profile
TECEWN-2005 109
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Guided UI Configuration Workflow
WLAN
Profile
Policy
Profile
Policy Tag AP Join
Profile
Flex
Profile
SiteTag
RF
Profile
2.4 GHz
RF Tag
RF
Profile 5
GHz
TECEWN-2005 111
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
WLAN Profile
List of WLANs
created, including
those at Day 0
Create new WLAN or
edit existing WLAN for
General, Security and
Advanced knobs
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Policy ProfileAdd new Policy profile
or use default-policy-
profile
Access Policies, QoS,
AVC, mobility and
other advanced
network policy
settings
TECEWN-2005 113
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Policy TagWLAN Profile + Policy Profile
SSID to Policy Profile
Mapping to define
behavior of client
policy
Default Policy Tag
containing default-
policy profile
TECEWN-2005 114
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AP Join profile
AP Management
features such as AP
Dot1x Credentials
CAPWAP parameters
such as CAPWAP and
retransmit timers, N+1
configuration
TECEWN-2005 115
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Flex Profile
Local authentication
EAP Profile and local
auth user entries
CAPWAP parameters
such as CAPWAP and
retransmit timers, N+1
configuration
TECEWN-2005 116
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Site Tag
• AP Join Profile + Flex Profile ( only for Remote Site )
Enable Local Site for
sites in the Campus.
Associate AP Join
profile
Disabling Local Site
implies a remote site
and a Flex Profile can
be added to the Site
Tag
TECEWN-2005 117
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
RF Profile
Pre-canned RF
profiles for Low,
Typical and High
Density on 2.4 and
5GHz
802.11, RRM and
Advanced RF features
TECEWN-2005 118
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
RF Tag2.4 RF Profile + 5 GHz RF Profile
Default RF Tag is a
combination of Global
Configurations on 2.4
and 5GHz
Custom RF Tags can
have Custom RF
Profiles for 2.4 and
5GHz Band
TECEWN-2005 119
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Tagging Access Points
AP Tagging with
Policy, Site and RF
Tags
TECEWN-2005 120
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Static assignment of AP
MAC address to Policy,
Site and RF Tags
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Rule Based filter to
map AP MAC address
to Policy, Site and RF
Tags
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Best Practices
• Infrastructure• Security• RF Management• Apple Devices
• In Cisco IOS-XE Release 16.12 and higher
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Wireless Controller Positioning and TransitionRefresh old 2504, 5508, 8510 to 9800 and position 9800 in new opportunities
Medium Campus
Large Campus C9800-80C9800-CL
C9800 for cloud
C9800-CLC9800 for cloud
150 to 1500 APs
1500 to 6000 APs
Up to 100 APs
3504 Wireless Controller
C9800-CLC9800 for cloud
100-150 APs
5508, 5520Wireless Controller
C9800-L
7510, 8510, 8540Wireless Controller
C9800-40
SMB, Small Campus and branch
2504 Wireless Controller
Distributed Branch, Small Campus
Embedded Wireless in Catalyst APsMobilityExpress
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800
AireOS to C9800 migration - Roaming
• Mobility Group provides seamless roaming between wireless controllers
• Mobility Group between AireOS and IOS-XE WLCs is only supported on:
• 3504, 5520, 8540 with 8.8.111 and higher
• 5508 and 8510 with 8.5.151 special
• This is because C9800 only support CAPWAP based mobility tunnels (Secure Mobility)
• Note: Secure Mobility is NOT supported on WISM2, 7510, 2500
Catalyst 9800Deployment
AireOS WLC
AireOS Deployment
Secure Mobility(CAPWAP)
AireOS8.8.111
8.5.151 S
TECEWN-2005 128
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800
AireOS to C9800 migration - Roaming
• All client roaming between AireOS WLC and C9800 are L3 roaming
• The client session will be anchored to the first WLC that the client joined
• For centrally switched SSIDs it is IMPORTANT to map them to different VLANs on the two controllers, otherwise customer may see some dropped packets as user roam from C9800 to AireOS
Catalyst 9800Deployment
AireOS WLC
AireOS Deployment
Secure Mobility(CAPWAP)
Seamless roaming*
AireOS8.8.111
8.5.151 S
TECEWN-2005 129
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AireOS to C9800 migration - Roaming
• For migration with older AireOS WLC it is necessary to use a 5520/8540/3504 to “bridge” the mobility gap and form a mobility group with the C9800
AireOS Deployment(8.8.111+ or
8.5.151)
Catalyst 9800
Catalyst 9800Deployment
Seamless roaming
WISM2
WISM2 AireOS Deployment
Seamless roaming
Secure Mobility(CAPWAP)
EOIP-basedMobility
AireOS8.8.111
8.5.151 S
Seamless roaming not supported TECEWN-2005 130
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AireOS to C9800 migration - Mobility Group
• Configure both sides to create the mobility tunnel
• IMPORTANT: Secure Mobility (CAPWAP Control Plane encryption) must be always enabled on AireOS. Data Link encryption is optional. Group name must match for seamless mobility
• Hash is needed only is peering with a C9800-CL (VM). To get the hash, use the following CLI on the C9800: “show wireless management trustpoint”
Secure Mobility needs to be ENABLED
Data Encryption is optional
C9800 AireOS
TECEWN-2005 131
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800
AireOS to C9800 migration - Guest
• For Guest, AireOS WLC running 8.8.111 and higher can talk both tunneling protocols
• It can provide Guest Anchor functionalities for both the new C9800 based deployments and the legacy AireOS based network
Catalyst 9800Deployment
AireOS WLC
AireOS Deployment
EOIP-basedMobility
AireOS Guest Anchor
AireOS8.8.111
Also supported on AireOS 8.5.151 Son 5508 and 8510
Secure Mobility(CAPWAP)
TECEWN-2005 132
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800
AireOS to C9800 migration - common RF Group
AireOS WLC
common RF Group
name
AP group = Floor1RF tag = Floor2
Policy tag = Floor 2
RRM works in a mixed controller environment and we can have one RF master:
• C9800 and AireOS controllers can create one RF domain and share a common RF plan
• The RF group name on both AireOS and C9800 controllers needs to match
• 8.8 is required on AireOS (8.8.111 recommended)
• A RF leader is elected (based on controller capacity) and common channel and power plan will be used for all APs
• APs will be not show up as rogue on the other controller
• NOTE: in a scenario where you want to have custom RF profiles or enable FRA, then the leader ( e.g. C9800 controller) needs to have Policy and RF tags matching the names of the AP Group names on AireOS WLC. Of course the settings of RF profiles on both controllers need to match as well.
CAPWAP tunnel
RF tag = Floor2Policy tag = Floor2
RF tag = Floor1Policy tag = Floor1
RF Leader
AP Group = Floor1
TECEWN-2005 133
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Things to keep in mind:
• Make sure the AP can join the C9800 (W1/W2/AX APs)
• To move the AP from AireOS to C9800:
from GUI:
from CLI: “capwap ap primary-base <name> <IPaddress>”
• The first time you move an AP from AireOS to C9800 (or vice versa), the AP will download the new image, reboot and join the new controller
• If the AP has the image as a backup because had already joined that controller, then there is no download
AireOS to C9800 migrationMoving APs between Controllers
SW download
Catalyst 9800
AireOS WLC
common RF Group
name
AP group = Floor1RF tag = Floor2
Policy tag = Floor 2
CAPWAP tunnel
RF Leader
AP migration should happen in chunks (floor or roaming domain/building)
TECEWN-2005 134
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Migration tool
• Migration tool is now alive and managed by TAC
• Tool is available here https://cway.cisco.com/tools/WirelessConfigConverter/
Tool provides following config:• Translated• Unmapped• Unsupported• Not Applicable
• AireOS CLIs and the correspondent translated IOS-XE commands
• Always recommended to analyze the translated config before paste it
TECEWN-2005 136
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AireOS Config Translator
137TECEWN-2005
To access the tool, go under Configuration > Services > AireOS Config Translator
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Migration from AireOS WLC to C9800 with DNAC
• It covers AireOS to C9800 migration using DNAC
• Step by step configuration
• Note: DNAC only learns a subset of configurations from AireOS, the ones that are mapped to the Design flow
• Direct link
TECEWN-2005 138
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AireOS Config Translator on PI 3.5
1 Select Source and Target Wireless Controllers
TECEWN-2005 140
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AireOS Config Translator on PI 3.5
2 Translate and Verify/Update Passwords, Shared Secrets, IP and ports
TECEWN-2005 141
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AireOS Config Translator on PI 3.5
Configuration pushed to Wireless Controller after “Deploy”
Deploy Translated and Updated Configuration 3
TECEWN-2005 142
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
AireOS Config Translator on PI 3.5
Discover Templates from migrated Wireless Controller 4
TECEWN-2005 143
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 9800 Wireless Controllers
Cisco Catalyst 9100 Access Points
Cisco’s Next Gen Wireless Stack is Ready for Scale Deployments
145TECEWN-2005
Enabling next-generation mobility powered for Wi-Fi 6
Resilient Secure Intelligent
Translate business intent into network policy and capture actionable insights
Cisco DNA Center Cisco DNA Spaces
Digitize people, spaces and things
Managed by Digitized by
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Don’t miss the Cisco Wireless book!
It’s an e-book and you can download it from herehttps://www.cisco.com/c/dam/en/us/products/collateral/wireless/nb-06-wireless-wifi-starts-here-ebook-cte-en.pdf
TECEWN-2005 146
Additional Resources
• Deployment guides
• Configuration Examples and Tech notes
• Cisco Wireless YouTube channel
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
References for Compatibility Matrix
• Compatibility Matrix https://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html
• https://www.cisco.com/c/en/us/support/cloud-systems-management/dna-center/products-device-support-tables-list.html
• Recommended IOS XE releases https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/214749-tac-recommended-ios-xe-builds-for-wirele.html
• Recommened AireOS releases https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/200046-tac-recommended-aireos.html
And TAC Recommended releases
TECEWN-2005 148
#CLEMEA
MOBMobility Track
11:00
BRKEWN-2010Introduction to Next Generation Wireless
Stack
09:00Opening Keynote
14:30
LTREWN-2030Hands-on Solutions
Lab on Catalyst Wireless 9800
Controllers
17:00Guest Keynote
18:30Cisco Live
Celebration
09:00
BRKEWN-2027Design and
Deployment of Outdoor Wireless
Networks
11:00
BRKEWN-2020Cisco SD-Access
Wireless Integration
14:45
BRKEWN-2016Design and Deployment
of Wireless for Branch and Remote Offices
08:30
BRKEWN-2670Introduction to Cisco
Catalyst 9800 Wireless Controller
08:30
BRKEWN-2003Optimize your WLANs
for Small and Mobile Devices (Phones, Tablets and alike)
Every day
LABEWN-1098Walk in Lab: IOS-XE Embedded WLC on
AP 9100 series
Every day
LABEWN-1038Walk in Lab: Migrate
from AireOS to Cat9800 (IOS-XE)
Portfolio & Design
#CLEMEA
11:00
BRKEWN-3010Cisco Catalyst RF Innovations, WiFi6
and Beyond!
09:00Opening Keynote
14:30
BRKEWN-2017RF Fundamentals
from WiFi to WiFi6 (11ax) Wireless
Networks
17:00Guest Keynote
18:30Cisco Live
Celebration
16:45
BRKEWN-24397 New ways to Fail as
a Wireless Expert...
08:30
BRKEWN-3010Cisco Catalyst RF
Innovations, WiFi6 and
Beyond!
14:45
BRKEWN-2017RF Fundamentals
from WiFi to WiFi6
(11ax) Wireless
Networks
RF Optimization
MOBMobility Track
#CLEMEA
09:00Opening Keynote
14:30
BRKEWN-2006Advancements in Wireless Security
17:00
BRKEWN-2005Securely Designing Your Wireless LAN
for Threat Mitigation, Policy and BYOD
17:00Guest Keynote
18:30Cisco Live
Celebration
14:45
BRKEWN-2014Be my guest! -
Design and Deploy Wireless Guest
Access that Works
11:15
BRKWEN-2028Meraki Wireless under the hood
Security
MOBMobility Track
#CLEMEA
09:30
LTREWN-2673Lab: Build your
Wireless Network Programmability & Telemetry solution
from scratch!
09:00Opening Keynote
17:00
BRKEWN-2050Telemetry and
Programmability in the Next Generation
Wireless Stack
17:00Guest Keynote
18:30Cisco Live
Celebration
14:45
BRKEWN-2033Next generation WifiNetworks enhanced
with Cisco DNA Analytics and
Machine Learning
16:45
BRKEWN-2034Cisco DNA Wireless
Assurance: Isolate problems for faster
troubleshooting
11:15
BRKEWN-2026Wireless Network
Automation with Cisco DNA Center
Management, Analytics & Assurance
MOBMobility Track
#CLEMEA
Opening Keynote 09:00
14:00
PSOEN-2817Cisco DNA Spaces -
Wi-Fi as a behavior sensor enabling
business outcomes
Every day
17:00
BRKEWN-2012Design and Use
Cases of a location enabled Wi-Fi
network, supported by Cisco DNA Spaces
LABEWN-2127Walk in Lab:
Integration of DNA Spaces with Aironet and Catalyst Based
wireless networks
Services
MOBMobility Track
#CLEMEA
Every day
LABEWN-1505Cisco 9800 Controllers
- Understanding, deploying and
troubleshooting
09:00Opening Keynote
17:00Guest Keynote
18:30Cisco Live
Celebration
09:00
BRKEWN-3013Advanced
Troubleshooting of Cisco Catalyst 9800 Wireless Controller
11:00
BRKEWN-3011Advanced
Troubleshooting of Wireless LANs
16:45
BRKEWN-2480Plan, design and
troubleshoot your Cisco DNA driven 9800 WLC wireless network: Best Practices and lessons
learnt from the field
14:45
BRKEWN-2809The Final Fails. 6 for
(WiFi) 6
Troubleshooting
MOBMobility Track
#CLEMEA
MOBMobility Track
11:00
BRKEWN-2010Introduction to Next Generation Wireless
Stack
09:00Opening Keynote
14:30
LTREWN-2030Hands-on Solutions
Lab on Catalyst Wireless 9800
Controllers
17:00Guest Keynote
18:30Cisco Live
Celebration
09:00
BRKEWN-2027Design and
Deployment of Outdoor Wireless
Networks
11:00
BRKEWN-2020Cisco SD-Access
Wireless Integration
14:45
BRKEWN-2016Design and Deployment
of Wireless for Branch and Remote Offices
08:30
BRKEWN-2670Introduction to Cisco
Catalyst 9800 Wireless Controller
08:30
BRKEWN-2003Optimize your WLANs
for Small and Mobile Devices (Phones, Tablets and alike)
Every day
LABEWN-1098Walk in Lab: IOS-XE Embedded WLC on
AP 9100 series
Every day
LABEWN-1038Walk in Lab: Migrate
from AireOS to Cat9800 (IOS-XE)
Portfolio & Design
FRITHUWEDTUE
#CLEMEA
MOBMobility Track
11:00
BRKEWN-3010Cisco Catalyst RF Innovations, WiFi6
and Beyond!
09:00Opening Keynote
14:30
BRKEWN-2017RF Fundamentals
from WiFi to WiFi6 (11ax) Wireless
Networks
17:00Guest Keynote
18:30Cisco Live
Celebration
16:45
BRKEWN-24397 New ways to Fail as
a Wireless Expert...
08:30
BRKEWN-3010Cisco Catalyst RF
Innovations, WiFi6 and
Beyond!
14:45
BRKEWN-2017RF Fundamentals
from WiFi to WiFi6
(11ax) Wireless
Networks
RF Optimization
THUWEDTUE
#CLEMEA
MOBMobility Track
09:00Opening Keynote
14:30
BRKEWN-2006Advancements in Wireless Security
17:00
BRKEWN-2005Securely Designing Your Wireless LAN
for Threat Mitigation, Policy and BYOD
17:00Guest Keynote
18:30Cisco Live
Celebration
14:45
BRKEWN-2014Be my guest! -
Design and Deploy Wireless Guest
Access that Works
11:15
BRKWEN-2028Meraki Wireless under the hood
Security
THUWEDTUE
#CLEMEA
MOBMobility Track
09:30
LTREWN-2673Lab: Build your
Wireless Network Programmability & Telemetry solution
from scratch!
09:00Opening Keynote
17:00
BRKEWN-2050Telemetry and
Programmability in the Next Generation
Wireless Stack
17:00Guest Keynote
18:30Cisco Live
Celebration
14:45
BRKEWN-2033Next generation WifiNetworks enhanced
with Cisco DNA Analytics and
Machine Learning
16:45
BRKEWN-2034Cisco DNA Wireless
Assurance: Isolate problems for faster
troubleshooting
11:15
BRKEWN-2026Wireless Network
Automation with Cisco DNA Center
Management, Analytics & Assurance
THUWEDTUE
#CLEMEA
MOBMobility Track
Opening Keynote 09:00
14:00
PSOEN-2817Cisco DNA Spaces -
Wi-Fi as a behavior sensor enabling
business outcomes
Every day
17:00
BRKEWN-2012Design and Use
Cases of a location enabled Wi-Fi
network, supported by Cisco DNA Spaces
LABEWN-2127Walk in Lab:
Integration of DNA Spaces with Aironet and Catalyst Based
wireless networks
Services
TUEMON
#CLEMEA
Every day
LABEWN-1505Cisco 9800 Controllers
- Understanding, deploying and
troubleshooting
09:00Opening Keynote
17:00Guest Keynote
18:30
Cisco Live Celebration
09:00
BRKEWN-3013Advanced
Troubleshooting of Cisco Catalyst 9800 Wireless Controller
11:00
BRKEWN-3011Advanced
Troubleshooting of Wireless LANs
16:45
BRKEWN-2480Plan, design and
troubleshoot your Cisco DNA driven 9800 WLC wireless network: Best Practices and lessons
learnt from the field
14:45
BRKEWN-2809The Final Fails. 6 for
(WiFi) 6
Troubleshooting MOBMobility Track
FRITHUWEDTUE
Complete your online session survey • Please complete your session survey
after each session. Your feedback is very important.
• Complete a minimum of 4 session surveys and the Overall Conference survey (starting on Thursday) to receive your Cisco Live t-shirt.
• All surveys can be taken in the Cisco Events Mobile App or by logging in to the Content Catalog on ciscolive.com/emea.
Cisco Live sessions will be available for viewing on demand after the event at ciscolive.com.
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco PublicTECEWN-2005 162
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Related sessions
Walk-In LabsDemos in the Cisco Showcase
Meet the Engineer 1:1 meetings
Continue your education
163TECEWN-2005