This webcast provides an overview of Cisco Prime Infrastructure (Prime) with Cisco expert Tejas Shah. He explains common concepts and terminology, how to use configuration templates, and how to use the Cisco Prime Infrastructure in order to troubleshoot and manage your converged wireless and wired network. He also performs a live demo.
Tejas Shah is a senior technical marketing engineer for Cisco Prime Infrastructure and Collaboration products. He has deployed Cisco Prime Collaboration Manager at various customer sites to help customers monitor and troubleshoot their video infrastructure. In addition, he has been part of the Network Operations Center (NOC) team at Cisco Live events for six years. Shah joined Cisco in 1995 and has been in the Technical Assistance Center (TAC) team supporting various network management system products for more than six years.
Q. We have a mix of Cisco and non-Cisco equipment. Can Prime be used to administer the non-Cisco switches as well?
A. Absolutely. Prime Infrastructure supports both Cisco and non-Cisco devices. Non-Cisco devices are managed through Simple Network Management Protocol (SNMP) (Read Only). Discovery, inventory, and fault management are supported for third-party devices.
Q. When is Prime 2.0 to be released?
A. Prime Infrastructure Release 1.3 is already available; Prime Infrastructure is planned to be released this summer.
Q. What is the default time delta for Progress Indicator (PI) to update its data?
A. It depends on the type of data. If you are monitoring data, then that can be controlled through the template, and then you can define as low as one (1) minute for how often you want to poll the devices. You can control how often you want to achieve all the configurations.
Q. Is there any integration with Access Control Server (ACS) instead of Identity Services Engine (ISE)?
A. Yes, there is integration with ACS. Terminal Access Controller Access Control System Plus (TACACS+) and Remote Authentication Dial-In User Service (RADIUS) are supported. These are planned to be enhanced in Release 2.0 as well.
Q. When Prime analyzes logs, does it look at a device's native log, or is Prime configured as a syslog server?
A. Prime can be configure as syslog server. It can also be configured as trap receiver. All the events can go through the Prime, and the log shows you in real-time, troubleshooting that are shifted or grip with client MAC addresses that are obtained from various controllers.
Q. Can Prime use Wireshark output from, for example, Nexus, as a troubleshooting tool?
A. The question is whether or not you can download the packet capture (PCAP). Yes; when you perform the packet capture with Network Access Protection (NAP), you take the output of the PCAP that can be leveraged with Wireshark. The Wireshark feature on Nexus has not yet been integrated, but it is on the roadmap.
Q. Does this have support for video endpoints? If so, does it support models from other manufacturers, such as Polycom?
A. Cisco has an entire range of products with Prime collaboration that can be used to manage video endpoints. As a video proceeds, you can run a media trace example between the two devices where the video endpoints are connected and give a media trace, and so on. However, Prime does not directly manage video endpoints.
Q. Can Cisco Product Introduction (CPI) also be used to migrate a configuration from an end-of-life device to a new device, for example, from Cisco PIX Firewall to a more robust firewall?
A. First, you must check whether the new devices are supported in the Prime Infrastructure as far as configuration goal. If it is, then yes, it should be possible to migrate the configuration. There is no any wizard to do this; therefore, it must be done manually. Configuration support must be present in both devices.
Q. Is context aware licensing required on Mobility Services Engine (MSE) in order to allow rogues and clients to be placed on maps?
Q. When will the management of security devices such as Adaptive Security Appliance (ASA) become available? Is this part of the rumored 2.0 version, and when will that version be released?
A. ASA's are supported in Prime Infrastructure Release 2.0, which is scheduled for a June release.
Q. Regarding Regulatory Compliance, are there any templates for Payment Card Industry/Data Security Standard (PCI/DSS), Health Insurance Portability and Accountability (HIPAA), and so on, or do we need to build the rules ?
A. Today, Prime does not currently support compliance for industry standards. However, this is a supported feature in Prime LAN Management Solution (LMS), which is bundled with Prime Infrastructure. Compliance is planned for Prime Infrastructure, but it is not yet confirmed which release this will be available.
Q. What about third-party device support on Prime?
A. Third-party devices are currently supported within Prime Infrastructure. This is done through SNMP. You can also report against Management Information Base (MIB/MIB2).
Q. What type of L3/L2 mapping functions are available with this?
A. L3/L2 topology is not currently available in Prime. However, this is a high priority, and this feature is currently in progress with a target availability by the second half of 2013.
Q. How can we do exception-based capacity reporting for Wireless LAN Controllers (WLCs) and access points (APs) if we look back one month and forecasting forward?
Q. Will Prime Release 2.0 include more best practice-based Out of Band (OOB) templates?
A. Yes, Prime Release 2.0 greatly expands on the best practices and templates that are currently available with Release 1.2 and Release 1.3.
Q. We are migrating L2L tunnels from Cisco PIX Release 6.3 to ASA. Can Prime Release 1.2 or Release 1.3 provide detailed PIX information, such as connections, Network Address Translations (NATs), and so on?
A.Prime LMS is a separate application that is focused on wired devices (Cisco and non-Cisco). Prime Infrastructure is the next generation management solution that provides single system management for wired and wireless devices.Prime LMS is currently bundled with Prime Infrastructure. However, the goal is to move toward Prime Infrastructure when full feature parity is achieved with LMS.
Q. In a situation with multiple level of operating, for example, Level 1 or Level 2 and Level 3 support, can user rights be limited through Prime for troubleshooting purposes?
A. Yes, Prime has role-based access control (RBAC) security that allows you to control access. Full RBAC support will be available in Release 2.0 that allows this level of control to individual users.
Q. What is the meaning OOB comes under configuration archive?
A. OOTB stands for "Out of the Box". I'm sure we will be changing this to something more intuitive ;-).
Q. Will Prime Infrastructure Release 2.0 completely replace LMS?
Q. Can we have two Prime Infrastructures that back up each other, such as a primary and secondary concept?
A. For a High Availability (HA) type of deployment, this is available. If the setup is Active/Passive (only one instance actively that collects data), then you do not need additional licenses.
Q. If we have Software Application Upgrade (SAU) coverage on NCS Release 1.3, can we upgrade to NCS Release 2.0 with the support contract, or do we need to pay extra?
A. SAU provides access to all releases for the duration of the contract. This includes Prime Infrastructure Release 2.0 that is scheduled for June 2013.
Q. Any there any current beta views? Will the mapping feature that is in development be comparable to something like "Netbrain” that we are looking in current version as well?
A. Topology module is still in works, and will be in Beta to gather more feedback. I'm not sure what aspects of NetBrain were you comparing, but it will have a basic topology view with drill-down capabilities.
Cisco Prime Infrastructure Upgrade
Q. Will the upgrade from Prime Release 1.3 to Release 2.0 be a direct upgrade; for example, will there be any intermediary steps to go from Release 1.3 to Release 2.0 or will you just directly upgrade with no additional steps required?
A. It will be a direct upgrade.
Q. If I am at Release 1.2.1.012, and I upgrade to the next version, will I have to re-license?
A. If you upgrade to Prime Release 1.3, the licenses are identical to Release 1.2.x. You do not need to re-license, unless you move the system to a new host.
Q. When will the licensing of this product change, so that I do not have to re-license after I upgrade?
A. Prime Infrastructure is licensed per managed Cisco device. If you are an existing WCS, Network Control System (NCS), or LMS customer and upgrade to Prime, then your licenses are converted to lifecycle licenses.
Q. If I upgrade Prime to Release 1.3 from 1.2, do I have to upgrade my WLC to a specific version (currently running Release 7.2)?
A. Yes, Prime Infrastructure moves with the LAN controller itself. It does not mean that you must upgrade, but it really is meant for people who moved to WLC Release 7.2 or 7.3. If you want to leverage more features, then you should use Prime Infrastructure Release 1.3. It is not about moving from Release 1.2 to Release 1.3; it is really about moving your controller from Release 7.2 to something else. If so, then you need Prime Infrastructure Release 1.3.
Q. When upgrading APs that are deployed in hundreds of sites, but on the same controller, is there a way to limit the upgrade to only certain sites until the new code is verified?
Q. We are a current user of Cisco Prime LMS Release 4.1. Is Prime a no-cost upgrade/migration, or is it a completely different product?
A. If you have an active support contract on your Prime LMS system, then you can use the Product Upgrade Tool to upgrade to the latest version of Prime LMS Release 4.2.x or to Prime Infrastructure Release 1.2. There are feature differences between Prime and LMS. These are documented in these White Papers.
Q. I currently run Prime NCS Release 188.8.131.52. Can I upgrade to Prime Infrastructure?
A. Yes, you can upgrade to Prime Infrastructure Release 1.2 or 1.3. If you have an active support contract, then you can upgrade through PUT (Product Upgrade Tool at http://www.cisco.com/upgrade. )
Cisco Prime Infrastructure for Wireless Networks
Q. Will Prime be able to archive configurations for WLCs? I would like to be able to view the configuration and archive copies of the configuration.
A. This feature was broken in Prime Release 1.2. This issue is addressed in Prime Release 2.0.
Q. Can you easily use Prime to troubleshoot co-channel interference problems in the 802.11g spectrum?
Q. Is there a template to shut down the radios of any new AP that joins a controller for first time? This is in order to avoid new and unconfigured APs to propagate the controller's service set identifier (SSID).
A. These are the logs that are obtained from the controller. All the logs have been consolidated from the controller into one place. For example if AP is flapping between the two controllers and has not been able to join for some reason, troubleshooting is simplified in order to identify to which controller the AP talks. This is why all the controllers can vary, and all of the logs are consolidated.
Q. Where can I find the AP Troubleshooting Panel in Prime Release 1.3 with Lifecycle in order to enable them?
A. Go to Operate > Operational Pool > then go to the Wireless section. You will find all the troubleshooting tools for wireless.
Q. What is required in order to check PCI compliance on wired and wireless devices with Prime Infrastructure?
A. There is a PCI report available with Prime Infrastructure Release 1.2 and Release 1.3. However, this is not a full compliance level of support. Currently, only Prime LMS has compliance capability, but this is a purchasable license under Prime.
Q. Do you have any Cisco links to assist with the migration from WCS Release 184.108.40.206 to Prime Infrastructure NCS Release 1.1?
Q. We currently use WCS Release 220.127.116.11. We plan to upgrade from 4402s to a 5508 this summer and need to upgrade from WCS. We are a Hyper V shop and run WCS on Hyper V successfully. Can we use the VMware player to run Prime?