Cisco dCloud

Cisco Prime Infrastructure 2.1 v1.1

Last Updated: 23-OCT-2014

About This Cisco Solution

Part of the Cisco Prime for IT solution portfolio, Cisco Prime Infrastructure provides a single integrated solution for comprehensive
lifecycle management and application performance visibility that helps enable network managers to maintain, operate, and deliver
applications and services that meet the demands for a quality end-user experience.

Prime Infrastructure consolidates different technologies such as NBAR2, Flexible NetFlow, Medianet, and AVC and simplifies their
enablement.

For more information about Cisco Prime Infrastructure, visit http://www.cisco.com/go/primeinfrastructure.

About This Demonstration

This preconfigured demonstration includes:

 One-Click AVC
 Device Configuration
 AVC Reporting
 The 360 Experience
o User 360 (Requires Endpoint Kit)
o Device 360

 Assurance Management

Demonstration Requirements
The table below outlines the requirements for this preconfigured demonstration.

Table 1. Demonstration Requirements

Required Optional
Monitoring Workstation Endpoint Kit
 Laptop with AnyConnect Preferred Endpoint Router
 819W router, registered and configured for dCloud
Supported Endpoint Router/AP
 Router, registered and configured for dCloud
 Cisco Aironet Series Access Point (3000, 2000, 1000 series)
User Devices
 Tablet / Smartphone / Laptop

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 23
 Demonstration Configuration
Below are the devices that can be accessed within this demonstration, and the credentials needed for each.

Table 2. Device Credentials

Device IP Address Access Method Username Password

Prime Infrastructure Private: 198.18.133.65 Wkst1 Browser
Session Owner Session ID
Public: See Session Details Local Browser

vWLC Private: 198.19.11.10 Wkst1 Browser

Session Owner Session ID
Public: See Session Details Local Browser

Wkst1 198.18.133.36 WebRDP or AnyConnect administrator C1sco12345

AD1 198.18.133.1 WebRDP or AnyConnect administrator C1sco12345

CSR 198.18.133.213 Putty admin C1sco12345

ISE 198.18.133.27 Putty admin C1sco12345

NOTE: If your username contains invalid characters, such as @, your login may fail. A generic username of “dcloud” is provided
and can be used with the unique Session ID as password if needed.

Figure 1. Session Details

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 23
 Demonstration Topology
This demonstration includes both hardware and VM components. Most of the components are fully configurable using the
administrative level account. Administrative account details are included in the script steps where relevant.

Figure 2. Demo Topology

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 23
 Demonstration Preparation
BEFORE DEMONSTRATING

We strongly recommend that you go through this process at least once, before presenting in front of a live audience. This will allow
you to become familiar with the structure of the document and the demonstration.

PREPARATION IS KEY TO A SUCCESSFUL CUSTOMER PRESENTATION.

Follow the steps below to schedule your demonstration and configure your demonstration environment.

1. Browse to dcloud.cisco.com, select the location closest to you, and then login with your Cisco.com credentials.

2. Register and configure your endpoint router, if this is the first time you will be using your router for dCloud. [Show Me How]

3. Schedule a demonstration. [Show Me How]

4. Test your bandwidth and confirm necessary ports are open from the demonstration location before performing any
demonstration scenario. [Show Me How]

5. Verify your demonstration has a status of Active under My Demonstrations on the My Dashboard page in the dCloud UI.

 It may take up to 25 minutes for your demonstration to become active.

NOTE: Some features of this demonstration require the demo to be Active for at least one hour. To demonstrate all features of
this solution, schedule your demo to start one hour before your customer presentation.

6. Connect your router and laptop. [Show Me How]

7. If using an AP-only (3000, 2000, 1000 series without an endpoint router), the vWLC management interface must be configured
with the session-specific Public IP. [Appendix A]

8. If using an AP (integrated or external), configure the AP to be in FlexConnect mode. [Appendix B]

NOTE: The vWLC in this demo will push 8.0.100 code to your AP if required. This upgrade may take up to 20 minutes.

Connect to Prime Infrastructure

9. Connect using ONE of the following methods:

 Using your local, supported browser, connect to the Public IP address of Prime Infrastructure). [Appendix]

OR

 Connect to the Demonstration Workstation (wkst1), using Cisco dCloud Remote Desktop client. [Show Me How]

NOTE: Accessing Prime Infrastructure with your local, supported browser is the recommended method. Using WKST1 may result
in noticeable delay and possible timeout issues.

10. From a supported browser (Chrome recommended), login to Prime Infrastructure with the credentials from the Session
Details tab of your Active session as shown in Table 2.

 Username = Owner

 Password = Session ID

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 23
 Scenario 1: One-Click AVC
Application Visibility and Control (AVC) can recognize 1000+ applications and categorize them. It can then compute the application
performance and finally help shape or control the traffic. AVC leverages multiple core technologies found in the Cisco Aggregation
Services Routers:

 Flexible NetFlow to show traffic statistics

 NBAR2 which is a DPI technology that can identify over 1300 applications

 Performance Agent which is used to collect ART metrics

 Medianet to collect voice and video statistics

One-click AVC is useful when you would like to turn on AVC for a particular supported device with all the AVC configuration options
included in the pre-configured template. The prerequisite is that the device on which you would like to enable AVC should already
be managed by Cisco Prime Infrastructure.

Demonstration Steps
1. From the Prime Infrastructure main menu, go to Operate > Device Work Center.

2. In the list of devices, select csr1.dcloud.cisco.com.

3. Select the Configuration tab.

4. Expand the Application Visibility folder and select Interfaces.

NOTE: It may take 20 seconds or more for the list of interfaces to load the first time. To avoid this delay, navigate to this page
before your customer demonstration.

5. In the list of interfaces, note that the Default AVC Policy has been applied to GigabitEthernet2 and GigabitEthernet3. In the
next steps you will apply the default policy to GigabitEthernet1.

Figure 3. Interfaces

6. Click the checkbox next to GigabitEthernet1.

7. Click the Enable Default AVC button.

8. Select the IPV4 Default Policy.

This one-click action will enable AVC on the interface chosen.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 23
 Figure 4. AVC Policy

 After a few moments, AVC will be applied and the screen will refresh to indicate that both Inbound and Outbound policies
are active on all interfaces.

Figure 5. AVC Applied

The AVC default policy has been applied. In later sections, you will generate traffic from a user device to inspect AVC reporting.

HIGHLIGHT: The data provided by AVC can be used for multiple purposes, such as proactive monitoring, capacity planning, and
troubleshooting both infrastructure and application performance issues. The types of reports which can be generated by AVC
include top applications, top clients, top servers, top URLs, throughput, and application performance.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 6 of 23
 Scenario 2: Device Configuration
In this scenario, you will deploy a new SSID using Prime Infrastructure. You will then connect a user device to the new SSID and
generate some interesting traffic.

NOTE: The steps below will assume the use of an endpoint kit and iPad, menu items for other user devices might be located and
named differently.

1. From a wireless user device, such as an iPad, go to Settings > Wi-Fi. Note the current SSIDs.

NOTE: If the demo SSIDs are not visible, ensure that your AP has been set to FlexConnect mode as outlined in the Appendix.

2. Open a new browser tab to the vWLC.

a. If connecting via WKST1, use the browser bookmark.

b. If connecting from your local browser, navigate to the vWLC Public IP address.

3. Login using the credentials from the Session Details of your Active session.

Figure 6. Session Details

4. Go to WLANs using the top menu. Note that only one WLAN is configured: Demo_Internal.

Figure 7. Current WLANs

5. Return to the browser tab connected to Cisco Prime Infrastructure.

6. Go to Deploy > Configuration Tasks.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 7 of 23
 7. In the left panel expand the My Templates folder.

8. Select the dcloud-ssid-creation template.

9. Select the Name link for the template to open the template details.

Figure 8. SSID Template

 Navigate through the tabs to show all of the features that can be configured for an SSID deployment.

10. Close the Template Details window.

11. Check the box next to the template and then click Deploy.

Figure 9. Templates

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 8 of 23
  This template will push a new SSID (dcloud-test) to the WLC when deployed.

12. In the Template Deployment popup, click the arrow next to All and select the vwlc1 device.

Figure 10. Device Selection

13. Click OK to deploy the template.

14. Go to Administration > Jobs Dashboard to view the status of the template.

NOTE: You may need to refresh the pane (using the circular arrow) to see the status.

IMPORTANT! Due to a bug in the current version of Prime Infrastructure, the SSID deployment will fail the first time. Select the
radio button next to the failed job and click the Run button. The second deployment will succeed.

15. Return to the browser tab open to vWLC1.

16. Select WLANs. Refresh the page if necessary to show the newly deployed SSID.

Figure 11. New WLAN

Connect Wireless User Device

17. From the wireless user device, go to Settings > Wi-Fi and toggle Wi-Fi to Off.

18. After a few seconds, toggle Wi-Fi to On. You should now see the dcloud-test SSID in the list of networks.

19. Select the dcloud-test network. When prompted, log in as doctor/C1sco12345. Accept any certificates.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 9 of 23
 NOTE: If you receive a notification that the device is unable to join the network, ensure that you AP has been configured for
FlexConnect mode as shown in Appendix B.

The user device is now connected to the network via the newly deployed SSID.

NOTE: If you have multiple wireless devices, you can login as another user on the other device. This will make for a more
interesting demonstration. The list of users can be found in Table 2.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 10 of 23
 Scenario 3: AVC Reporting
You have now enabled AVC using the one-click method and have provided users with a new SSID to connect to the network. In
order to see AVC in action, generate interesting traffic. The steps below are suggestions, however, you can generate traffic based
on the apps available on your device.

NOTE: The Detail Dashboards will not populate with traffic data until after the demo has been active for about 15 minutes.

1. PC1 within the demo is generating HTTP and FTP traffic. This requires no interaction. The traffic will be generated every 5
minutes while the demo is active.

2. To see additional data in the dashboards, generate interesting traffic from the wireless user device. Below are some
suggestions:

 Open Pandora and play a song.

 Launch WebEx and start a 1-Click meeting.

 Check your email using the device email app.

 Navigate to your current location using Google Earth.

NOTE: The quality and variety of the traffic you generate with the wireless device(s) will directly affect the quality of the AVC
reports.

3. From Cisco Prime Infrastructure, go to Operate > Detail Dashboards.

From the Site tab, you will see an overview of the site.

 In the Top N Applications, you will see details of the traffic generated by PC1 and your wireless device. Note the applications
identified by AVC.

 The Top N Clients should include the IP address assigned to your wireless device, if one was connected.

NOTE: It may take a few minutes for the traffic from the wireless user device show up in the dashlets.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 11 of 23
 Scenario 4: 360 Views
User 360

NOTE: User 360 requires an endpoint kit and wireless user device.

Prime Infrastructure includes a global search tool. This tool can be used to search all of Prime Infrastructure for devices, IP
addresses, users, alarms, etc. The search will return all relevant data related to the search term.

1. In the search field in the upper right corner, enter “doctor” as the search term. Press Enter to run the search.

Figure 12. Search Tool

A Search Results window will open displaying all relevant findings.

NOTE: It may take a moment for the user to appear within Prime.

2. Click the View List link to navigate to the Clients and Users list. Note that the list is filtered to display only results that
matched the search term.

Figure 13. Search Results

NOTE: If you have multiple devices and users, navigate to Operate > Clients and Users to view the full list of users.

3. Hover over the doctor User Name and a white circle will appear. Click on this circle. This will launch the User 360 View.

Figure 14. User 360 Icon

From the User 360 View, you can see detailed information about the user. For example, which devices the user is currently using
as well as devices that have previously been seen by this user. Other information includes what IP(s) are assigned to the user’s
devices, and any Alarms/Applications. If the user is logged in from multiple devices, you can select each device to see information
for that device.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 12 of 23
 4. Click the Applications tab in the User 360 View window. Depending on the traffic you generated from your wireless device,
you will see details of that traffic here.

Figure 15. User 360 Applications

5. Click the Client Details icon to view detailed information about the user for the selected device.

Figure 16. Client Details

The additional information available for the client includes data that can help in troubleshooting user experience issues.

Device 360

6. Navigate to Operate > Detail Dashboards > Site.

7. Hover over the Device IP for the CSR device in the demo. Click the Device 360 icon that appears.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 13 of 23
 Figure 17. Device 360 Icon

A new window will open displaying the Device 360 View.

Figure 18. Device 360

 Along the top right of this popup are icons that allow you to navigate to information about alarms, browse the Cisco
Support Community for this device type, Open a TAC case regarding this device, or ping and traceroute to this device.

 The Device 360 View also includes information about the OS type and version as well as utilization metrics for the CPU
and memory.

8. Click the Support Request icon.

Figure 19. Support Request

9. When prompted, log in to Cisco.com with your CCO Username and Password.

10. Click the Create button.

The Contact and Device Information window will be prepopulated with information about your CCO account and device.

NOTE: The devices in this demo are not registered on Cisco.com for support, so you should not create an actual support case.

11. Click Cancel to exit the case creation process.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 14 of 23
 12. Close the Update or Create a Support Case window.

13. Go to Operate > Device Work Center.

14. From the device list, check the box next to the CSR device to open details about the device.

15. Select the Configuration Archive tab in the bottom section of the screen.

Figure 20. Configuration Archive

16. Click the arrow to expand the most recent archive in the list.

17. Select the Previous link in the Running Configuration row.

Figure 21. Previous Running Configuration

18. In the Configuration Comparison window, scroll down and select Difference Only.

Figure 22. Configuration Differences

This comparison will highlight the changes pushed to the CSR when you enabled AVC on interface GigabitEthernet1 in an earlier
step.

NOTE: Ignore any Crypto changes reported in the output.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 15 of 23
 Scenario 5: Assurance Management
1. Go to Home > Performance > Service Assurance.

Figure 23. Service Assurance

 This gives an overall idea about Top N Applications, Clients and the Server information in the enterprise.

2. Go to Operate > Applications and Services.

3. Click the Quick Filter icon in the upper right of the table.

4. In the Business Critical filter box, type Yes.

Figure 24. Business Critical Traffic

 The list will be filtered to show those applications that have been identified as business critical.

 Traffic identified as business critical is tracked for Service Health.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 16 of 23
 5. Go to Home > Performance > Service Health.

Figure 25. Service Health

NOTE: For data to be displayed in Service Health, there must be at least one hour of data. To ensure that your dashlet has data
points, start the demonstration at least an hour before your customer presentation.

 The Service Health dashboard displays the sites and their business critical applications. Each application for a site is
given a score for each of the KPIs (Key Performance Indicators) that are available in the system.

 The data displayed in the Service Health dashboard is computed using health rules.

 Red (Critical) - data value exceeds the specified Critical value.

 Yellow (Warning) - data value exceeds the Warning value.

 Green - health rule does not exceed the specified Critical or Warning values.

6. Click within the colored bar for one of the applications.

Figure 26. Application Health Details

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 17 of 23
 7. Select one of the metrics that has yellow or red.

Figure 27. Select Metric

8. Click within the colored Status bar next to the Metric type.

Figure 28. Performance Scores

9. Hover over points in the graph to see the details for the data point.

Figure 29. Data Point Details

10. Close the site details window.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 18 of 23
 Appendix A: Configure vWLC Management Interface IP Address
If you are using an AP-only (AP without an endpoint router), each time you run a demo, the vWLC management interface must be
configured with a NAT IP Address. This address is the Public IP address provided in the Session Details.

1. From the Session Details tab of your Active demonstration, locate the Public Address assigned to the vWLC. Note that this
address is session specific.

Figure 30. Public Address

Configure AP

2. Ensure that your country has been enabled. [Show Me How ]

3. Connect one end of a console cable to the AP and the other end to the serial port of the laptop.

4. Launch the terminal emulation application on the laptop.

5. Connect the AP to a power outlet or to a PoE source.

NOTE: If you are not familiar with or comfortable with using the Command Line Interface (console connection) to the AP, we highly
recommend using a Cisco dCloud endpoint router. You may also consider using an OEAP 600.

The AP will boot up. You can observe the boot sequence using the terminal emulation application. After the AP has completed
booting, you will see a message that the AP is available.

6. Press the Enter key. You will be prompted for a username and password.

7. Enter the default username and password.

Username: Cisco
Password: Cisco

8. Enter privileged EXEC mode.

AP> enable
Password: Cisco

Figure 31. AP login screen

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 19 of 23
 Configure the AP with the Public IP address of the WLC.

9. From the CLI connection to the AP, enter the following command and press Enter.

AP# capwap clear lwapp private-config

AP# capwap ap controller ip address IP_Address

Figure 32. Configuring the controller IP Address

10. Enter the show capwap ip config command to verify that the WLC IP address entered correctly.

Figure 33. Verifying IP address was accepted

Back to Demo Prep

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 20 of 23
 Appendix B: Configure FlexConnect Mode on AP
1. From WKST1, launch Firefox.

2. Navigate to Cisco Prime Infrastructure at https://prime.dcloud.cisco.com.

3. Login using the credentials from the Session Details of your Active session.

Figure 34. Session Details

NOTE: If you receive a message about license expiration, click OK to dismiss the popup.

4. Go to Operate > Device Work Center.

5. Expand the Device Type folder and select Unified AP.

6. Select your AP from the list.

7. Select the Configuration tab.

8. In the AP Mode dropdown, select FlexConnect.

9. In the Primary Controller Name dropdown, select vwlc1.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 21 of 23
 Figure 35. FlexConnect Mode

10. Click Save.

11. The AP will reboot. Click OK to confirm. Click OK again to continue.

The AP will reboot. This may take a few minutes.

12. After the AP reboots, refresh the Unified AP list to confirm that the AP is now in FlexConnect mode.

Figure 36. AP Mode Confirmation

NOTE: The AP will remain in FlexConnect mode until the configuration is changed. Other demonstrations may require Local mode.
If you will be using your AP in other demonstrations, it is advisable to return the AP to Local mode when you complete this
demonstration.

Back to Demo Prep

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 22 of 23
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 23 of 23