《可扩展的 Meraki 接入交换.pdf》由会员分享,可在线阅读,更多相关《可扩展的 Meraki 接入交换.pdf(72页珍藏版)》请在三个皮匠报告上搜索。
1、#CiscoLive#CiscoLiveBrennan Martin,Senior Technical Marketing EngineerehFramesJeff Lasser,Technical Marketing EngineerBRKMER-1415Scalable Meraki Access Switching 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnter your personal notes hereCisco Webex App Questions?Use Cis
2、co Webex App to chat with the speaker after the sessionFind this session in the Cisco Live Mobile AppClick“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter messages/questions in the Webex spaceHowWebex spaces will be moderated by the speaker until June 9,2023.12343htt
3、ps:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicBRKMER-14153Agenda 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicIntroductionsDevice&PlatformCore NetworkingSecurity&Zero TrustCatalyst&MerakiWrap upBRKMER-14154Who is this funny guy,eh?2023 Cisco and/or its aff
4、iliates.All rights reserved.Cisco PublicBased in Saskatoon,Saskatchewan Canada 16 years in the field deploying networksCCIE R/S#50782More time underground than in data centers Ask me about potashIm a Canadian that loves building networksBRKMER-14156 2023 Cisco and/or its affiliates.All rights reserv
5、ed.Cisco Public 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicJeff is cool.This picture is not Jeff.We miss you,Jeff.Jeffs not here.Not Jeff BRKMER-14157 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicMeraki Switching is evolving 2023 Cisco and/or its affiliates.
6、All rights reserved.Cisco Public#CiscoLiveOur vision for the Meraki Switching ExperienceIntelligent platform as the foundationIntelligent platform as the foundationA predictable,scalable,intelligent platform as the foundation for our switching user experiencesIntuitive,rapid to deploy,and comprehens
7、ive network security,policy,and visibilitySecurity&Security&Zero trust Zero trust Intuitive,flexible networking Intuitive,flexible networking Feature-rich and robust networking solutions for enterprise cloud-managed networks of any scaleDeliver a predictable,feature-rich,and secure switching platfor
8、m that evolves with the needs of the modern network.BRKMER-141510Device&Platform 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveMS specific alertsalerts and issuesissues that need attentionMS Switching OverviewA NEWNEW birds eye view panelbirds eye view panel provides a s
9、napshot of your switching health and utilization.EventsAlertsPoE,data,and Switchport usageEvents and errorsEarly Access ProgramPublic BetaNetwork-wide Clients Switches HealthUsageBRKMER-141512 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFeaturesFeaturesUptime visibilit
10、yLast known reboot with timestamp Reboot reasonsLink to event log Available via APIBenefitBenefitCustomers can see device uptime in the dashboardCustomers can learn events that relate to device rebootReboot reasons like“Dashboard Initiated”,Reboot reasons like“Dashboard Initiated”,“Other”,and“Firmwa
11、re Upgrade”“Other”,and“Firmware Upgrade”Device Uptime is coming BRKMER-141513 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDigital Optical MonitoringSolution CapabilitySolution CapabilityReal-time light levels*Temperature*Voltage*Historical viewAvailable via APIBenefitB
12、enefitTroubleshooting past and present eventsHistorical graphs for RCA of events*Different telemetry availability depending on module supportBRKMER-141514 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLivePort Management at Scale with Port Profiles15Building-blocks containin
13、g configuration settings for a switchport that can be applied to one or thousands of ports.Assign per port range once and save countless hours during initial deployment and for the lifespan of the environmentCreate dynamic rulesets based on learned information including RADIUS attributes,MAC OUIs,an
14、d Discovery Protocols(CDP/LLDP)*Early Preview available now*Dynamic available via a later releaseSite 1Site 2Site nIoT DeviceBRKMER-141515Port Profiles Demo 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveImproved Staged Upgrades adds flexibilityBetter Upgrade MonitoringDe
15、fer,Reschedule,and RollbackReusable SequencesFull API supportBRKMER-141517Independent Firmwarefor Meraki and Catalyst 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveTo each their ownMS and new CS firmware releasesBRKMER-141519MS14MS15CS15MS For Meraki SwitchesMS For Merak
16、i SwitchesCS For CatalystCS For Catalyst-based Switchesbased SwitchesMS15MS16CS16MS1xx,2xx,3xx(excluding MS390),4xxMS390+Future Catalyst-based hardware platformsComing soonRelease AgilityFirmware will independently be released for“CS”and“MS”switchesWhat?Ensures release agility for both platforms in
17、the portfolio as our Catalyst-based lineup expandsWhy?2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveWhat will it look like?BRKMER-141520CatalystMerakiMS model switches will continue to run MS firmwareMS390 and other Catalyst-based switches will upgrade to and run CS firm
18、wareCS CS 15.21.115.21.1MS MS 15.21.115.21.1 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicTopology 2.0Enhance your network monitoring and troubleshooting with an intuitiveintuitiveand interactiveinteractive overhauled network topology map,designed to give you more visibilityvisib
19、ility and controlcontrol over your networkBRKMER-141521 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveTopology 2.0An enhanced versionenhanced version of your network topology map that is more interactivemore interactive andand intuitive.intuitive.Work In ProgressLaunch T
20、BDUpdated IconsNew Frontend FrameworkVisio ExportEnhanced TroubleshootingEnhanced Filtering and ViewsEnhanced VisibilityDisclaimer:The screenshots are from design mockups and are subject to change in the final launched versionBRKMER-141522 2023 Cisco and/or its affiliates.All rights reserved.Cisco P
21、ublic#CiscoLiveEnhanced Visibility Health visibilityDevice level detailsClient level detailsDisclaimer:The screenshots are from design mockups and are subject to change in the final launched versionEnhanced network topology map,providing unparalleled visibilityvisibility and controlcontrol over your
22、 networkBRKMER-141523 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnhanced Troubleshooting Troubleshooting without needing to navigate to other pagesConnectivity pathIssue detailsTroubleshooting toolsDisclaimer:The screenshots are from design mockups and are subject to
23、 change in the final launched versionBRKMER-141524 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFirmware Upgrade Status provides visibilityUpgrade Statuses:Upgrade Statuses:PendingStartedSkippedCancelledCompletedBRKMER-141525 2023 Cisco and/or its affiliates.All rights
24、reserved.Cisco Public#CiscoLiveAuto StackingNo,I didnt connect stack cables by accidentYou rack,Dash stacksAutomatic stack namingLike CatalystBRKMER-141526 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSwitch Stack RoleOne of three states:ActiveStandbyMemberAll MS switch
25、esMS 15.18+BRKMER-141527 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveMeraki Early Access ProgramEasily test-drive new featuresBRKMER-141528Core Networking 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLivePort Mirroring from LAG bundlesBRKMER-1
26、41530 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveAlternate Management InterfaceAMIMeraki Management TrafficRADIUSSyslogSNMPISERADIUS,Syslog,SNMP on secondary interfaceFollows the datadata-plane path plane path vs primary management interfaceSeparationSeparation of clo
27、ud from infrastructure managementBRKMER-141531 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDuration selection-1,3,5 minutesAutomatic local file downloadComing in SW16Local Status Page Packet CaptureTake PCAPs from the LSP to assist when troubleshooting dashboard connec
28、tivityBRKMER-141532 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveNamed VLANs automates translation for youSingle VLAN ID to NameGroup of VLANs to NameRADIUS based assignment*Static Assignment*Also available for MR beginning in MR30*Coming soonBRKMER-141533Security&Zero
29、TrustSecurity Fundamentals 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSecurePort securely automates Wi-Fi expansionAutomating AP switchports securelyConsistent configurationconfiguration of portsTLS credential-based verification verification of the APBRKMER-141536 202
30、3 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveThis is how SecurePort worksMR physically connected to MSMS permits Meraki dashboard connection for MR?MR requests certificate from Cisco PKIMR authenticates with acquired certificateMS authorizes port for MR accessBRKMER-141537
31、 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnforce Segmentation with Group Policy ACLISEFilter-ID Dashboard Group-PolicyPerPer-sessionsession 802.1X inbound ACL enforcementenforcementNamed ACL orchestrationACL orchestrationOnOn-thethe-flyfly ACL updateupdate(no CoA r
32、equired)BRKMER-141538 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLow impact endpoint remediationUse Failed-Auth VLAN for quarantined accessISE*VLAN must be configured with limited accessFailed Auth VLAN Assignmentlow impact remediation low impact remediation into limi
33、ted access VLAN*BRKMER-141539 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCritical VLAN keeps devices online during outagesCritical service availability when your auth server isnt reachableISECritical Voice and Data Critical Voice and Data connectivity during RADIUS ou
34、tageBRKMER-141540 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDont compromise security for energy savings802.1X Control DirectionEnergy SavingsPut those cash registers to sleep and then wake-on-lan!SecurityRobust AuthenticationDefault 802.1X policy blocks both directio
35、nsNew option inbound-only to block traffic from host prior to authorizationBRKMER-141541 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveIts not nice to do it twiceDuplicate ACE detection for ACLsBRKMER-141542Security Visibility 2023 Cisco and/or its affiliates.All rights
36、reserved.Cisco Public#CiscoLiveMS390 Device sensor adds granular profilingRADIUS Accounting EnhancementsISEGranular profiling data made for Cisco Identity Services EngineLLDPLLDP,CDPCDP,HTTPHTTP,and DHCPDHCPattributesUpdatesUpdates done dynamicallydynamicallyover RADIUS accountingBRKMER-141544 2023
37、Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveNetFlow&Encrypted Traffic AnalyticsNetFlow v10(IPFIX)with IPv4/IPv6/Adaptive Policy/NBAR/ETA*should work with any standard up-to-date collector*When integrated with Cisco Secure Network and/or Cloud AnalyticsRequires Advanced Lice
38、nsingAVC NetFlow*AVC NetFlow*IPv4 and v6 records built for Cisco Secure AnalyticsNetFlow and ETANetFlow and ETAevery port on every supported switch in the networkEncrypted Traffic Encrypted Traffic Analytics*Analytics*for in-depth analysis of traffic without MiTM decryptionAdaptive Policy*Adaptive P
39、olicy*Export of Source Security Group Tags(SGTs)BRKMER-141545 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveAdaptive Policy&Secure AnalyticsInformed policy creation and validationCell DetailsUp to 90 Days of Historical dataGroup based policy and traffic flow trackingflow
40、 trackingGlobal flow visibilityvisibility and contextcontextBRKMER-141546 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveACL Hit CounterMS16MS16Live ToolVisibility into PoliciesReal-time monitoring of ACL hitsBRKMER-141547Catalyst+Meraki=M 2023 Cisco and/or its affiliates
41、.All rights reserved.Cisco Public#CiscoLiveEnd to end visibility,including CatalystFurther Visibility into client path when Catalyst is in the pathBRKMER-141549 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFor the first time:Catalyst together with MerakiCloud Monitoring
42、 for CatalystMonitoring and AlertsConfiguration VisibilitySingle Pane-of-GlassBRKMER-141550 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveThis is the same intuitive Meraki monitoring experienceCentralized view of the entire networkRealtime status of switch healthLayer 7
43、visibility*Network topologyRemote monitoring*(DNA Advantage License required for full feature set)BRKMER-141551 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveWhat does Cloud Monitoring for Catalyst mean?Best in class cloud monitoringLow-overhead hybrid designs Maintainin
44、g CLI managementBring your own configFlexible managementMBRKMER-141552 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveThese are the currently supported platformsModelsModelsCatalyst9200/L/CX9300/L/LM/X9500/XFirmwareFirmwareIOS-XE 17.3+LicensingLicensingAdvantageEssentials
45、 BRKMER-141553 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveHere are the licensing considerationsAdvantage LicensingClient Tracking and Traffic AnalyticsEssentials LicensingClient Tracking OnlyRead-only configurationConverged client viewPort bandwidth usageAlerts&live t
46、-shoot toolsFirmware/config trackingUnified topology viewBRKMER-141554 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCloud monitoring in the tiered use caseMCloud MonitoredComplex CoreCloud ManagedAccess LayerBRKMER-141555 2023 Cisco and/or its affiliates.All rights rese
47、rved.Cisco Public#CiscoLiveCloud monitoring in the hybrid orgMMMMMMCloud MonitoredCampusCloud ManagedBranchesBRKMER-141556 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCloud monitoring securely streams telemetryMNETCONF TDL&YANG Telemetry StreamsNETCONF TDL&YANG Telemet
48、ry StreamsSSH/NETCONFSSH/NETCONFIPFIX File Upload(AVC)IPFIX File Upload(AVC)Syslog/SNMP Traps/SFTP(PCAPs)Syslog/SNMP Traps/SFTP(PCAPs)TLS Tunnel TCP/443Dashboard Tunnel Dashboard Tunnel EndpointEBRKMER-141557DemoCloud Monitoring for Catalyst Onboarding 2023 Cisco and/or its affiliates.All rights res
49、erved.Cisco Public#CiscoLiveIntegrated topologyCatalyst and MerakiUpdates automaticallyDynamically generatedBRKMER-141560 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveTroubleshooting consoleAllows read-only(show)commandsVisibility of info not in DashboardCLI experience
50、directly in DashboardBRKMER-141561DemoEmbedded Read-only CLI 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLivePacket captureNo manual configuration of EPC/SPANPort selection&filter applicationDirect download from Dashboard Packet captures directly in DashboardBRKMER-141563N
51、ow Available 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEvent logConsolidated view for all switches Filter by device,severity,specific textView syslog information in DashboardBRKMER-141564Coming Soon 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#Ci
52、scoLiveFirmware upgrades for CatalystView current version of IOS-XE for cloud-monitored Catalyst switchesSelect a target IOS-XE version for your networkUpgrade switches on your scheduleBRKMER-141565Coming Soon 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCloud Managemen
53、t for CatalystCatalystMeraki#1 in cloud management#1 in networkinghardwareSwitchesWirelessCloud PlatformEcosystemPublic preview:9x C9300 switches can migrate to Meraki management modeNow AvailableGetting StartedBRKMER-141566More to come!Q&A 2023 Cisco and/or its affiliates.All rights reserved.Cisco
54、Public#CiscoLiveFill out your session surveys!Attendees who fill out a minimum of four session surveys and the overall event survey will get Cisco Live-branded socks(while supplies last)!These points help you get on the leaderboard and increase your chances of winning daily and grand prizesAttendees
55、 will also earn 100 points in the Cisco Live Challenge for every survey completed.BRKMER-141569 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicContinue your educationVisit the Cisco Showcase for related demosBook your one-on-oneMeet the Engineer meetingAttend the interactive educat
56、ion with DevNet,Capture the Flag,and Walk-in LabsVisit the On-Demand Library for more sessions at www.CiscoL your next upgrade a staged upgradeCheck out the early access programOnboard a Catalyst into Meraki Dashboard!Thank you#CiscoLive 2023 Cisco and/or its affiliates.All rights reserved.Cisco Pub
57、lic#CiscoLive73Gamify your Cisco Live experience!Get points Get points for attending this session!for attending this session!Open the Cisco Events App.Click on Cisco Live Challenge in the side menu.Click on View Your Badges at the top.Click the+at the bottom of the screen and scan the QR code:How:123473 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicBRKMER-1415#CiscoLive