Mais conteĂșdo relacionado
Semelhante a Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWave (20)
Mais de Aruba, a Hewlett Packard Enterprise company (20)
Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWave
- 1. WLAN Management & Troubleshooting
with AirWave
Carl Mower, VP Network Management Engineering
November 2013
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
1
#airheadsconf
- 2. Agenda
Everything in this presentation
is from AirWave 7.7, unless
specially noted by:
AirWave overview
Diagnosing client RF problems
Coming
soon in
8.0
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
2
#airheadsconf
- 4. Agenda
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
4
#airheadsconf
- 5. AirWave manages it all
Aruba
WLAN
Wired
Legacy
WLAN
Aruba
Networks
Controllers &
APs
Instant
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
Any MIB-II
compliant
device
Migrate from
Cisco
Motorola
Legacy
5
Outdoor /
Mesh
Monitor
network activity
Aruba
Users &
Devices
Aruba AP175
Classification &
reporting
Integration with
MDM
Aruba
AirMesh
#airheadsconf
- 6. Aruba Management Architecture
AirWave
âąâŻ Long-term History & Trending
âąâŻ WLAN Troubleshooting
âąâŻ Visualization & Reporting
Controller (or VC)
âąâŻ Centralized Radio Management
âąâŻ Role based Policy Enforcement
APs / AMs
âąâŻ 802.11 radios
âąâŻ Integrated IDS/IPS
âąâŻ Spectrum Analysis
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
6
#airheadsconf
- 7. Data Flow to AirWave
Airwave
Email, SNMP, Syslog
Controller
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
NMS
Virtual
Controller
7
#airheadsconf
- 8. AirWave Groups & Folders
Groups
Define Configuration Standard
Devices share config in Group
Defines polling intervals and protocol
Share same Firmware level on devices
Groups are non-hierarchical
Folders
Similar to Directory structure on your PC
Common monitoring, alerting
Control role based access
Hierarchical based organization
No limit on level depth
Every device associated with ONLY ONE Group and Folder
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
8
#airheadsconf
- 10. AirWave 7.7 & 8.0
AirWave 7.7
AirWave 7.7.6
â⯠10 new visibility features (see next)
â⯠IAP GUI config
â⯠Application visibility
â⯠7.3 switch config profiles
â⯠No more Flash graphs
â⯠Zero-touch config for switches
â⯠Support 11ac, new APs, AOS 6.3
â⯠Support for IAP 3.3
â⯠SNMP Ă ï AMON for client & AP data
â⯠VisualRF speedup
AirWave 8.0
Coming
soon in
8.0
â⯠Separate firmware download & reboot
â⯠Support for IAP 3.4 & 4.0
â⯠Integration w/ Image Server
â⯠Multi-server AirWave
â⯠Added Cisco 1600 & 2600
â⯠UI refresh including migration of
VisualRF to HTML5
â⯠Run commands repeatedly
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
10
#airheadsconf
- 11. New Visibility Features Added in 7.7
1.⯠Watched Clients â to show status of VIP clients
2.⯠RF capacity dashboard â to show heavily-used radios/APs
3.⯠Anomaly detection â to find anomalies in client counts or bandwidth used
4.⯠Client steering table & report â to show ARM3.0 steering events
5.⯠Graphs no longer in Flash â to enable AirWave on iPads
6.⯠AppRF â to show PEF session data over time
7.⯠Client health metric added to existing RF performance dashboard
8.⯠Client health indications displayed for clients on VisualRF floorplans
9.⯠Summarize reports by folder âshow heaviest usage by folder/geography
10.âŻTrigger enhancements â eliminate stale events
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
11
#airheadsconf
- 12. AirWave 7.7: New Aruba Support
Support for new APs
âąâŻ AP224/AP225 (802.11ac), RAP155/155P
AOS 6.3 Support
âąâŻ Configuration of new and updated profiles
Real time monitoring for controllers
âąâŻ Client monitoring data (state and stat)
Aruba Instant
âąâŻ Support for IAP 3.3
âąâŻ Threshold to mark VC down (similar to SNMP threshold)
âąâŻ Show the AP acting as VC in lists
âąâŻ Firmware upgrade improvements: Image Server Integration, group enforce flag
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
12
#airheadsconf
- 13. AirWave 7.7: Other Enhancements
Trigger Enhancements
âąâŻ Auto acknowledgement of up/down alerts
âąâŻ NMS integration now supports SNMPv3 informs
âąâŻ Radio up trigger
Reporting Enhancements
âąâŻ Folder level summarization in Device Summary reports
âąâŻ Wired bandwidth in Network Usage Report
âąâŻ Quarterly reports (reports every n months)
âąâŻ Email CSV reports
âąâŻ API to get report data in XML format (XHTML)
Usability and workflow enhancements
âąâŻ 30x improvement in time taken for nightly audit (login to controller once for all the APs)
âąâŻ Import config from controller/switch when added into group (like Instant)
âąâŻ Show device name everywhere (no more mac addresses in AP names)
âąâŻ Split up image download and reboot
âąâŻ First discovering AP/time in the rogue list
âąâŻ
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
13
#airheadsconf
- 14. AirWave 7.7: VisualRF
Features
âąâŻ Identify planned APs on a floor plan
âąâŻ Show notes field (read only)
âąâŻ New AP Support (AP224, RAP155)
Performance and Scalability Improvements
âąâŻ Loading VisualRF page is faster
âąâŻ Optimized for better handling of channel utilization and interface metrics
âąâŻ Better logging and diagnostics
âąâŻ Better defaults for http timeouts
âąâŻ Handle OOM issues better
âąâŻ Location Accuracy Tool for better troubleshooting
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
14
#airheadsconf
- 16. Agenda
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
16
#airheadsconf
- 18. User âgmurphyâ calls helpdeskâŠ
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
18
#airheadsconf
- 26. Client Match Events - Detail
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
26
#airheadsconf
- 29. Client Detail
Detailed information
for the selected client:
âąâŻ Device info
âąâŻ Current association
âąâŻ Graphs
âąâŻ Current location (VRF)
âąâŻ Alerts for that client
âąâŻ Client match events
âąâŻ Radios that hear client
âąâŻ Association history
âąâŻ Device events
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
29
#airheadsconf
- 32. All Graphs in 7.7 Now HTML5
Graphs in AirWave 7.6 and earlier were Flash-based
All graphs in AirWave 7.7 are converted from Flash to HTML5
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
32
#airheadsconf
- 33. All Graphs in 7.7 Now HTML5
By clicking on a graph, can then zoom in/out, pan,
and hover (to get values for each point)
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
33
#airheadsconf
- 35. Run CLI command(s) at intervals
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
35
#airheadsconf
- 37. Agenda
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
37
#airheadsconf
- 39. Application Visibility
Collections of 9-tuples:
âąâŻ Source-IP
âąâŻ Source-port
âąâŻ Destination-IP
âąâŻ Destination-port
âąâŻ Protocol
âąâŻ Device type (Win7, iPad, iPhoneâŠ)
âąâŻ Role (employee, guestâŠ)
âąâŻ ESSID (production, guestâŠ)
âąâŻ Location (folder)
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
39
#airheadsconf
- 41. Application Visibility: by Destination
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
41
#airheadsconf
- 47. RF Capacity
2 radios were
âheavily utilizedâ
80-100% of the
time.
(âHeavily utilizedâ is
80%+ utilization).
(Only âon timeâ is
considered. That is,
blocks of time the
radio is doing
something, not the
middle-of-the-night).
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
47
#airheadsconf
- 50. Client overview &
VIP dashboard
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
50
#airheadsconf
- 54. Network Deviations
Anomalies illustrated for
clients and bandwidth.
Shown here, the current
reading (blue, green),
plotted against 40-week
average +/â one
standard deviation.
Average for any given
period of time, (for
example, noon-12:10 on
a Friday), is calculated
for that same time-period
(noon-12:10) for the
previous 40 Fridays.
(Average is NOT simply
the previous few days).
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
54
#airheadsconf
- 56. Agenda
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
56
#airheadsconf
- 61. VisualRF 8.0: FlashĂ ï HTML5 for iPad
In AirWave 8.0, VisRF moves to HTML5.
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
61
Coming
soon in
8.0
#airheadsconf
- 65. Agenda
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
65
#airheadsconf
- 66. Custom & Pre-Defined Reports
20 pre-defined reports to choose fromâŠ
âŠor make a custom report from any combination of the 170+ âsectionsâ available above
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
66
#airheadsconf
- 67. Custom Reports
Filter custom reports by:
âąâŻ Folder
âąâŻ Group
âąâŻ [Infrastructure] Device type
âąâŻ ESSID
âąâŻ End-user role
âąâŻ Client: OS, chipset, manufacturer
Also:
âąâŻ Pick report range (start, end)
âąâŻ Schedule recurring report execution
âąâŻ Email report
âąâŻ HTML, CSV, PDF
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
67
#airheadsconf
- 68. Custom & Pre-Defined Reports
Now to highlight 4 reportsâŠ
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
68
#airheadsconf
- 82. Client Steering Report
Client match actions by:
âąâŻ Folder
âąâŻ AP
âąâŻ Client
Details of each match
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
82
#airheadsconf
- 83. Client Steering Report
Client Steering Report
âąâŻ Steers by device type
âąâŻ By steering reason
âąâŻ By band (11ac, n-5G, n-2.4)
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
83
#airheadsconf
- 85. PCI Compliance Report
Shows results of an audit
of the WLAN against
specific PCI
requirements.
For each PCI
requirement, shows
failing cases, (if any).
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
85
#airheadsconf
- 86. New report:
most by folder
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
86
#airheadsconf
- 87. Most by Folder (Region) Report
Summarize max
concurrent clients and
utilization by folder.
When each folder
represents a geographic
location, useful to find
âbusiestâ locations.
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
87
#airheadsconf
- 89. Agenda
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
89
#airheadsconf
- 92. Triggers
Configurable attributes common to all triggers:
âąâŻ Severity (normal, warning, minor, major, critical)
âąâŻ Limit by folder
âąâŻ (If folder specifiedâŠ) do/do-not include sub-folders
âąâŻ Limit by group
âąâŻ Notes
âąâŻ Alert via Email (if so: specify sender Email and 1+ recipients)
âąâŻ Alert to NMS (if so: select 1 or more destinations)
âąâŻ Optionally suppress future alerts until first is acknowledged
Also, limiting conditions unique to each trigger type
A few select triggers and their unique conditions are highlightedâŠ
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
92
#airheadsconf
- 95. Triggers
Device Down
âąâŻ Limit number of outstanding down events
âąâŻ Must be down X minutes
âąâŻ Suppress thin-AP-down when controller down
âąâŻ Suppress device-down when upsteam device is down
âąâŻ By device type (AP, controller, RAP, switchâŠ)
âąâŻ Minutes down threshold
Device Up
âąâŻ Auto acknowledge corresponding down event
âąâŻ Match by device type (AP, controller, RAP, switchâŠ)
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
95
#airheadsconf
- 96. Triggers
AP Usage
âąâŻ Direction: up, down, combined
âąâŻ Threshold & duration to measure
Channel Utilization
âąâŻ Interference %
âąâŻ By radio type (11ac, 11a, 11b, 11g, 11n, âŠ)
âąâŻ Time busy, receiving, transmitting
Radio Noise Floor
âąâŻ By device type (AP, controller, RAP, switchâŠ)
âąâŻ Noise floor
âąâŻ By radio type (11ac, 11a, 11b, 11g, 11n, âŠ)
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
96
#airheadsconf
- 97. Triggers
Device Event
âąâŻ Event contains sub-string
âąâŻ Event type (syslog, SNMP trap)
âąâŻ SNMP trap category (HW, IDS, client security, AP security, rogueâŠ)
âąâŻ Syslog category and/or severity
Radio Down / Radio Up
âąâŻ By radio type (11ac, 11a, 11b, 11g, 11n, âŠ)
802.11 Frame Counters / 802.11 QoS Counters
âąâŻ 110+ different counters by threshold
New client discovered
New device discovered
âąâŻ By device type (AP, controller, RAP, switchâŠ)
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
97
#airheadsconf
- 98. Triggers
Interface Usage
âąâŻ Interface label, mode, name
âąâŻ Interface speed in / out (Mbps)
âąâŻ Interface type
âąâŻ By radio type (11ac, 11a, 11b, 11g, 11n, âŠ)
Config Mis-match
Device Resources
âąâŻ By device type (AP, controller, RAP, switchâŠ)
âąâŻ CPU or memory threshold
Rogue Device Classified
âąâŻ By classification (valid, neighbor, rogue, âŠ)
âąâŻ Confidence level
âąâŻ Threat level
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
98
#airheadsconf
- 102. Agenda
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
102
#airheadsconf
- 105. Rogue: Add a Rule
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
105
#airheadsconf
- 106. Rogue: Rules
Detected on WLAN, LAN
Detecting AP Count (at least, at most)
Encryption Type
Network Type (Infrastructure, AdHoc)
Signal Strength
SSID (matches, does not match, regex)
Detected Client Count
IP Addresss
Manufacturer
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
106
#airheadsconf
- 108. Rogue: List Columns
Classification (rogue, neighbor, valid)
Threat Level
Classifying Rule
Controller Classification
Heard on Wire?
Number of Detecting APs
SSID
Signal Strength
Encryption Type
Wireless Channel
Radio Vendor
First, Most-recent Discovering AP
First, Most-recent Discovery Date/Time
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
108
#airheadsconf
- 110. Agenda
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
110
#airheadsconf
- 112. IGC: Just like Instant embedded UI
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
112
#airheadsconf
- 113. IGC: can add a note to any field
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
113
#airheadsconf
- 118. Zero-Touch Provisioning
Site A - Configuration A
Site B â Configuration B
Site C â Configuration C
Instant AP connects to AirWave
server via HTTPS and
associates to the Site A group
Instant AP connects to Aruba
Activate via HTTPS and
downloads provisioning
details
Aruba Activateâą
1
Secure Data Center
2
10 a.m.
Site C
Site B
Site A
10:02 a.m.
3
AirWaveâą
10:07 a.m.
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
AirWave pushes the latest
software image and Site A
configuration
118
Aruba Instantâą
#airheadsconf
- 120. Device Configuration Management
Discover Devices
Analyze Device
Audit
Configuration
AirWave can Discover, Audit and
Fix configuration mismatches or
settings to the managed devices
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
120
#airheadsconf
- 123. Agenda
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
123
#airheadsconf
- 125. Current single-server architecture
UI
report gen
swarm handler
database
SNMP trap recvr
AMON recvr
SNMP pollers
AW-RRD
config gen/audit
work
queue
ALC workers
Visual RF
message bus
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
125
#airheadsconf
- 126. Multi-server architecture
Coming
soon in
8.0
database
database master
database backup
OpenTSDB
OpenTSDB
OpenTSDB
worker machine #1
UI
worker machine #2
worker machine #3
config gen/audit
report gen
Visual RF
Visual RF
Visual RF
ALC workers
ALC workers
ALC workers
AMON recvr
swarm handler
SNMP pollers
SNMP trap recvr
work queue via [distributed] RabbitMQ message bus
CONFIDENTIAL
© Copyright 2013. Aruba Networks, Inc.
All rights reserved
126
#airheadsconf