Breakout - Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWave
-
Upload
aruba-networks-an-hp-company -
Category
Business
-
view
961 -
download
3
Transcript of Breakout - Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWave
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 1 #airheadsconf#airheadsconf
WLAN Management & Troubleshooting with AirWave
Carl Mower, VP Network Management EngineeringNovember 2013
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 2 #airheadsconf
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
Agenda
Coming soon in
8.0
Everything in this presentation is from AirWave 7.7, unless
specially noted by:
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 4 #airheadsconf
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
Agenda
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 5 #airheadsconf
AirWave manages it all
Aruba WLAN
Aruba Networks
Controllers & APs
Instant
Wired
Aruba
Any MIB-II compliant
device
Legacy WLAN
Migrate from
Cisco
Motorola
Legacy
Users & Devices
Classification & reporting
Integration with MDM
Monitor network activity
Outdoor / Mesh
Aruba AirMesh
Aruba AP175
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 6 #airheadsconf
Aruba Management Architecture
APs / AMs• 802.11 radios• Integrated IDS/IPS• Spectrum Analysis
Controller (or VC)• Centralized Radio Management• Role based Policy Enforcement
AirWave• Long-term History & Trending• WLAN Troubleshooting• Visualization & Reporting
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 7 #airheadsconf
Data Flow to AirWave
SNMP
Trap
sAM
ON
Airwave
ControllerH
TTPS
VirtualController
NMSEmail, SNMP, Syslog
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 8 #airheadsconf
AirWave Groups & Folders
GroupsDefine Configuration StandardDevices share config in GroupDefines polling intervals and protocolShare same Firmware level on devicesGroups are non-hierarchical
FoldersSimilar to Directory structure on your PCCommon monitoring, alertingControl role based accessHierarchical based organizationNo limit on level depth
Every device associated with ONLY ONE Group and Folder
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 10 #airheadsconf
AirWave 7.7 & 8.0
AirWave 7.7
– 10 new visibility features (see next)
– Application visibility
– No more Flash graphs
– Support 11ac, new APs, AOS 6.3
– Support for IAP 3.3
– SNMP AMON for client & AP data
– VisualRF speedup
– Separate firmware download & reboot
– Integration w/ Image Server
– Added Cisco 1600 & 2600
– Run commands repeatedly
AirWave 7.7.6
– IAP GUI config
– 7.3 switch config profiles
– Zero-touch config for switches
AirWave 8.0
– Support for IAP 3.4 & 4.0
– Multi-server AirWave
– UI refresh including migration of VisualRF to HTML5
Coming soon in
8.0
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 11 #airheadsconf
New Visibility Features Added in 7.7
1. Watched Clients – to show status of VIP clients
2. RF capacity dashboard – to show heavily-used radios/APs
3. Anomaly detection – to find anomalies in client counts or bandwidth used
4. Client steering table & report – to show ARM3.0 steering events
5. Graphs no longer in Flash – to enable AirWave on iPads
6. AppRF – to show PEF session data over time
7. Client health metric added to existing RF performance dashboard
8. Client health indications displayed for clients on VisualRF floorplans
9. Summarize reports by folder –show heaviest usage by folder/geography
10.Trigger enhancements – eliminate stale events
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 16 #airheadsconf
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
Agenda
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 18 #airheadsconf
User “gmurphy” calls helpdesk…
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 19 #airheadsconf
Client Diagnostic View
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 20 #airheadsconf
Overlay: Client Location
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 21 #airheadsconf
Overlay: Heatmap
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 22 #airheadsconf
Overlay: Data Rate
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 23 #airheadsconf
Overlay: Client Health
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 25 #airheadsconf
Client Match Events
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 26 #airheadsconf
Client Match Events - Detail
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 28 #airheadsconf
Client Detail
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 29 #airheadsconf
Detailed information for the selected client:
• Device info
• Current association
• Graphs
• Current location (VRF)
• Alerts for that client
• Client match events
• Radios that hear client
• Association history
• Device events
Client Detail
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 30 #airheadsconf
Radio Diagnostics
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 32 #airheadsconf
All Graphs in 7.7 Now HTML5
Graphs in AirWave 7.6 and earlier were Flash-basedAll graphs in AirWave 7.7 are converted from Flash to HTML5
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 33 #airheadsconf
All Graphs in 7.7 Now HTML5
By clicking on a graph, can then zoom in/out, pan, and hover (to get values for each point)
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 35 #airheadsconf
Run CLI command(s) at intervals
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 37 #airheadsconf
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
Agenda
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 39 #airheadsconf
Application Visibility
Collections of 9-tuples:
• Source-IP
• Source-port
• Destination-IP
• Destination-port
• Protocol
• Device type (Win7, iPad, iPhone…)
• Role (employee, guest…)
• ESSID (production, guest…)
• Location (folder)
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 40 #airheadsconf
Application Visibility: Overview
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 41 #airheadsconf
Application Visibility: by Destination
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 42 #airheadsconf
Application Visibility: by ESSID
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 44 #airheadsconf
RF Performance
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 45 #airheadsconf
RF Performance
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 47 #airheadsconf
RF Capacity
2 radios were “heavily utilized” 80-100% of the time.
(“Heavily utilized” is 80%+ utilization).
(Only “on time” is considered. That is, blocks of time the radio is doing something, not the middle-of-the-night).
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 48 #airheadsconf
RF Capacity
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 49 #airheadsconf
RF Capacity
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 51 #airheadsconf
Watched Clients
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 53 #airheadsconf
Network Deviations
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 54 #airheadsconf
Network Deviations
Anomalies illustrated for clients and bandwidth.
Shown here, the current reading (blue, green), plotted against 40-week average +/– one standard deviation.
Average for any given period of time, (for example, noon-12:10 on a Friday), is calculated for that same time-period (noon-12:10) for the previous 40 Fridays.
(Average is NOT simply the previous few days).
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 56 #airheadsconf
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
Agenda
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 58 #airheadsconf
VisualRF
Review Coverage Heatmaps
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 59 #airheadsconf
VisualRF
Visualize Rogue AP Location
Locate Interference sources
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 60 #airheadsconf
VisualRF
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 61 #airheadsconf
VisualRF 8.0: FlashHTML5 for iPad
In AirWave 8.0, VisRF moves to HTML5.Coming soon in
8.0
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 62 #airheadsconf
VisualRF 8.0: HTML5
Coming soon in
8.0
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 63 #airheadsconf
VisualRF 8.0: HTML5
Coming soon in
8.0
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 65 #airheadsconf
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
Agenda
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 66 #airheadsconf
Custom & Pre-Defined Reports
20 pre-defined reports to choose from…
…or make a custom report from any combination of the 170+ “sections” available above
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 67 #airheadsconf
Custom Reports
Filter custom reports by:
• Folder
• Group
• [Infrastructure] Device type
• ESSID
• End-user role
• Client: OS, chipset, manufacturer
Also:
• Pick report range (start, end)
• Schedule recurring report execution
• Email report
• HTML, CSV, PDF
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 68 #airheadsconf
Custom & Pre-Defined Reports
Now to highlight 4 reports…
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 70 #airheadsconf
RF Health Report
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 71 #airheadsconf
RF Health Report
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 72 #airheadsconf
RF Health Report
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 73 #airheadsconf
RF Health Report
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 75 #airheadsconf
Client Session Report
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 76 #airheadsconf
Client Session Report
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 77 #airheadsconf
Client Session Report
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 78 #airheadsconf
Client Session Report
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 79 #airheadsconf
Client Session Report
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 80 #airheadsconf
Client Session Report
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 82 #airheadsconf
Client Steering Report
Client match actions by:
• Folder
• AP
• Client
Details of each match
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 83 #airheadsconf
Client Steering Report
Client Steering Report
• Steers by device type
• By steering reason
• By band (11ac, n-5G, n-2.4)
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 85 #airheadsconf
PCI Compliance Report
Shows results of an audit of the WLAN against specific PCI requirements.
For each PCI requirement, shows failing cases, (if any).
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 87 #airheadsconf
Most by Folder (Region) Report
Summarize max concurrent clients and utilization by folder.
When each folder represents a geographic location, useful to find “busiest” locations.
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 89 #airheadsconf
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
Agenda
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 91 #airheadsconf
Triggers
35 different trigger types.
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 92 #airheadsconf
Triggers
Configurable attributes common to all triggers:
• Severity (normal, warning, minor, major, critical)
• Limit by folder
• (If folder specified…) do/do-not include sub-folders
• Limit by group
• Notes
• Alert via Email (if so: specify sender Email and 1+ recipients)
• Alert to NMS (if so: select 1 or more destinations)
• Optionally suppress future alerts until first is acknowledged
Also, limiting conditions unique to each trigger typeA few select triggers and their unique conditions are highlighted…
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 93 #airheadsconf
Triggers
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 94 #airheadsconf
Triggers: Device Down
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 95 #airheadsconf
Triggers
Device Down
• Limit number of outstanding down events
• Must be down X minutes
• Suppress thin-AP-down when controller down
• Suppress device-down when upsteam device is down
• By device type (AP, controller, RAP, switch…)
• Minutes down threshold
Device Up
• Auto acknowledge corresponding down event
• Match by device type (AP, controller, RAP, switch…)
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 96 #airheadsconf
Triggers
AP Usage
• Direction: up, down, combined
• Threshold & duration to measure
Channel Utilization
• Interference %
• By radio type (11ac, 11a, 11b, 11g, 11n, …)
• Time busy, receiving, transmitting
Radio Noise Floor
• By device type (AP, controller, RAP, switch…)
• Noise floor
• By radio type (11ac, 11a, 11b, 11g, 11n, …)
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 97 #airheadsconf
Triggers
Device Event
• Event contains sub-string
• Event type (syslog, SNMP trap)
• SNMP trap category (HW, IDS, client security, AP security, rogue…)
• Syslog category and/or severity
Radio Down / Radio Up
• By radio type (11ac, 11a, 11b, 11g, 11n, …)
802.11 Frame Counters / 802.11 QoS Counters
• 110+ different counters by threshold
New client discovered
New device discovered
• By device type (AP, controller, RAP, switch…)
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 98 #airheadsconf
Triggers
Interface Usage
• Interface label, mode, name
• Interface speed in / out (Mbps)
• Interface type
• By radio type (11ac, 11a, 11b, 11g, 11n, …)
Config Mis-match
Device Resources
• By device type (AP, controller, RAP, switch…)
• CPU or memory threshold
Rogue Device Classified
• By classification (valid, neighbor, rogue, …)
• Confidence level
• Threat level
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 100 #airheadsconf
Alerts
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 102 #airheadsconf
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
Agenda
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 104 #airheadsconf
Rogue: Rules
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 105 #airheadsconf
Rogue: Add a Rule
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 106 #airheadsconf
Rogue: Rules
Detected on WLAN, LAN
Detecting AP Count (at least, at most)
Encryption Type
Network Type (Infrastructure, AdHoc)
Signal Strength
SSID (matches, does not match, regex)
Detected Client Count
IP Addresss
Manufacturer
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 107 #airheadsconf
Rogue: List
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 108 #airheadsconf
Rogue: List Columns
Classification (rogue, neighbor, valid)
Threat Level
Classifying Rule
Controller Classification
Heard on Wire?
Number of Detecting APs
SSID
Signal Strength
Encryption Type
Wireless Channel
Radio Vendor
First, Most-recent Discovering AP
First, Most-recent Discovery Date/Time
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 110 #airheadsconf
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
Agenda
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 112 #airheadsconf
IGC: Just like Instant embedded UI
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 113 #airheadsconf
IGC: can add a note to any field
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 114 #airheadsconf
IGC: multi-edit
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 116 #airheadsconf
Switch config
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 118 #airheadsconf
Zero-Touch Provisioning
AirWave pushes the latest software image and Site A
configuration
Instant AP connects to AirWave server via HTTPS and
associates to the Site A group
Instant AP connects to Aruba Activate via HTTPS and downloads provisioning
details
12
3
Aruba Activate™
10 a.m.
10:02 a.m.
10:07 a.m.
Site A - Configuration ASite B – Configuration BSite C – Configuration C
AirWave™
Secure Data Center
Site C
Site B
Site A
Aruba Instant™
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 120 #airheadsconf
Device Configuration Management
Discover Devices
Analyze Device
Audit Configuration
AirWave can Discover, Audit and Fix configuration mismatches or settings to the managed devices
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 121 #airheadsconf
Config Compliance Graph
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 123 #airheadsconf
AirWave overview
Diagnosing client RF problems
Proactive management
Visual RF
Reports
Triggers & Alerts
Rogue detection
Configuration
AirWave 8.0 Multi-Server
Agenda
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 125 #airheadsconf
Current single-server architecture
SNMP trap recvr
AMON recvr
SNMP pollers
swarm handler
work queue
ALC workers
database
AW-RRD
UI
report gen
config gen/audit
Visual RF
message bus
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 126 #airheadsconf
Multi-server architecture
database backup
SNMP trap recvr
SNMP pollersswarm handler
work queue via [distributed] RabbitMQ message bus
UI report gen config gen/audit
Visual RF
database
database master
ALC workers ALC workers ALC workers
Visual RFVisual RF
worker machine #3worker machine #2worker machine #1
AMON recvr
OpenTSDBOpenTSDBOpenTSDB
Coming soon in
8.0
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 127 #airheadsconf#airheadsconf
Thank You
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 128 #airheadsconf#airheadsconf128
Macau 2013