Deploying Advanced Wireless Services With The Cisco Mobility Services Engine

Deploying Advanced Wireless Services using Cisco Mobility Services Engine
BRKEWN--2012
Session Objective
This session focuses on design and deployment fundamentals, as well as operational best practices to optimize the performance and accuracy of Cisco ContextAware Services. Troubleshooting techniques for resolving issues related to tracking client and active RFID tags will be covered. You will learn the advantages of deploying wIPS to secure your wireless deployment and how it provides greater visibility over threats and mitigation for your wireless network. Finally the optimum deployment and redundancy mechanisms for the MSE appliance will be discussed.
Presentation_ID
2011 Cisco and/or its affiliates. All rights reserved.
Cisco Public
Agenda
Technology Background System Architecture Deploying Context Aware Services MSE 7.0-MR1 Enhancements and New Features Best Practices Guidelines
Presentation_ID
Cisco Public
Technology Background
Cisco Wireless Topology with CAS

WCS Cisco WCS (Client Browser) HTTPS 3rd-party location application
Location API via SOAP/XML over HTTPS Cisco Wireless LAN Controller NMSP over SSL Cisco Catalyst Switch Access Point Cisco Mobility Services Engine (MSE)
Active RFID Tag

Presentation_ID
Wireless Client
Wired Client
Cisco Public
Context-Aware Architecture
Application and Management
Context-Aware Applications
Asset Visibility Business Process Network Visibility Telemetry
Mobility Services Engine
Cisco Wireless Control System
Si
Cisco MSE Context Aware Service

Provides contextual information of wired and wireless IP enabled devices Contextual information provided through: SOAP/ XML API
Presentation_ID
Si
Cisco Catalyst Switches
Network
Cisco Wireless LAN Controller
Cisco Aironet Access Point
Chokepoint
Tag and Devices
Active RFID Tags

Cisco Public
Wireless network devices
Wired network devices
Context-Aware Services (CAS) Use Cases

Network Visibility & Control Enhanced WLAN Security CleanAir Asset Management Telemetry Worker Safety/ Workflow
CUP Worker Safety
Medianet Medianet
NETWORK VISIBILITY
ASSET VISIBILITY
Presentation_ID
Cisco Public
Network Visibility
Context Aware Services provide a single view showing clients, rogues, tags
client tag:
Presentation_ID
Rogue AP: Rogue clients:

2011 Cisco and/or its affiliates. All rights reserved. Cisco Public
CleanAir Detecting Interference Sources
Interferer Details
Presentation_ID
Cisco Public
NMSP Connection Status and Details
NMSP status
Services that are utilizing NMSP
Exchanged NMSP messages

Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public
10
What is CleanAir Technology?

Locate
WCS, MSE
Classification processed on Access Point Classification processed on Access Point Interference impact and data sent toimpact for Interference WLC and data sent action real-time to WLC for realtime action WCS and MSE store data and MSE store WCS data for location, history, for location, history, and and troubleshooting troubleshooting
Mitigate
Wireless LAN Controller
POOR GOOD
Maintain Air Quality
Visualize and Troubleshoot
CH 1
CH 11
AIR QUALITY
PERFORMANCE
Cisco CleanAir
11
Cisco CleanAir Components

Product
AP3500
Licensing Requirements
None
Functionality
Multi-interferer Detection & Classification AirQuality Monitoring Self-Healing Event Driven RRM AirQuality Aware RRM Self-Learning Persistent Device Avoidance Spectrum Expert Connect AirQuality and Interferer Alerts Interferer Tracking & Zone of impact Merging or correlating interferers from multiple WLCs (psuedo MAC) Location Calculations History Storage Remote Client Troubleshooting AirQuality Visualization and Mapping Forensics Tools Location Visualization Impact Analysis History Playback
12
Wireless LAN Controller
Standard per AP
Mobility Services Engine (MSE)
Context Aware endpoints required for each interferer tracked MSE adds support for 100 interferers when AP3500 present (5 per AP, license is additive) Standard per AP count WCS: Plus required for MSE NCS: Single license model (CleanAir supported by default)
WCS/NCS
Presentation_ID
Cisco Public
System Architecture
Cisco Context Aware Mobility Solution

Tracking Tags and Clients
Tracking tags (indoor and outdoor/ outdoor-like) Context-aware engine for tags (Cisco or partner engine) Utilizes:
CAPWAP infrastructure for indoor environments Wi-Fi TDOA receivers for outdoor and outdoor-like environments Partner HW/SW managed by System Manager (partner) and Cisco WCS
Context Aware Engine for Tags
Application and Management
Cisco MSE Cisco WCS Context Aware Engine for Clients

Si
Context Aware Software
Network
Wi-Fi TDOA Receiver
Tracking clients (indoor) Context aware engine for clients (Cisco engine) Utilizes CAPWAP infrastructure Managed by Cisco WCS
AeroScout
Chokepoint 125 kHz
Tag and Devices

14
Receive Signal Strength Indication (RSSI) Overview

Cisco RSSI-based location tracking solution based on network-side RSSI measurements Requires min. of three AP s; optimal accuracy requires more than 3 AP s Best suited for indoor office-like environments (carpeted, low ceiling, i.e. < 20 feet) Main factors affecting accuracy:
AP density AP placement RF environment
15
Time Difference of Arrival (TDoA) Overview

Based upon relative differences in time measurement Requires clock synchronization at receivers, but not the mobile device Requires min. of three time-synchronized TDoA receivers Time for message to be received at different receivers is proportional to length of transmission path between the mobile device and each receiver
Presentation_ID
Cisco Public
16
Outdoor Location
TDOA Receivers challenges
costly require extra synchronization require License require third party software platform for configuration MSE successfully connects to WLC with mesh APs RFID tags detected by mesh APs and are shown on the campus map Location Accuracy Tool works with Mesh APs nearest AP support device will be displayed near the AP (with higher RSSI)
Cisco Outdoor Mesh APs can be used
Recommendations
RFID tags should be placed at some height (4 to 5 ft.) above ground to avoid any blockage follow Mesh AP s deployment guidelines
Presentation_ID
Cisco Public
17
Cisco Context Aware Tag Tracking

Building
Wi-Fi (RSSI, Chokepoint)
Access Points or Chokepoints
Important Points
Only CCX Tags can be tracked Tags vendors have implemented CCXv1 Tags only operate in 2.4 GHz band Need Third Party Tag Activator to program Tags May need Third Party tools for Calibration
Wi-Fi Devices or Active Tags

(Battery Powered) Price Between $50$80 Telemetry Capabilities
Calculation Method
Received Signal Strength Indication Chokepoint for Zone Level Location
Presentation_ID
Cisco Public
18
MSE Evaluation Mode

Evaluation license ships by default on MSE Without a license, MSE provides try before you buy functionality for 60 days
20 wIPS APs 100 Location clients 100 tags
100 Permanent Interferers licenses are embedded in MSE. These Interferer Licenses open up as Clean Air APs (AP3500) are detected, in stages of 5 per 3500 AP Once the license is installed it is usage based, depending upon the service is enabled/disabled
Presentation_ID
Cisco Public
19
MSE-3310 Service Support Matrix

wIPS and Context Aware
2000
1000
Y Y Y
0
Clients / Tags
Y Y
1000
Y
2000
wIPS Monitor Mode APs

20
MSE-3350/3355 Service Support Matrix wIPS and Context Aware

18000
12000 6000 0
Y Y Y Y
0
Clients / Tags
Y Y Y
1000
Cisco Public
Y Y
2000
Y
3000
21
wIPS Monitor Mode APs

Presentation_ID
System Scalability
MSE can be managed by only 1 WCS WCS can manage up to 5 MSE s 1 WLC can have up to 10 NMSP sessions
WLC with wIPS AP s cannot establish NMSP session with multiple MSE s
MSE can have up to 500 NMSP sessions (i.e. 500 WLC s)

Max. limit is based on client/tag count supported per WLC
Max. number of moving elements

MSE-3310: 150 elements/sec MSE-3350: 900 elements/sec
Max. number of coverage areas: 50/floor End-to-end latency: up to 6 seconds under full load APs per Floor: 100 (Limit on WCS side) Floors per Building in a campus: 20
22
WLC Device Tracking Capacity

WLC Model WLCM 2106/12/25 Catalyst 3750G with Integrated WLC 4402 4404 5508 WiSM/ WiSM-2
Presentation_ID
Client Capabilities 500 256
Tag Capabilities 256 500
Rogue AP Capabilities 125 125
Rouge Client Capabilities 100 100
2,500
1,250
625
500
2,500 2,500 7,000 10,000
1,250 5,000 5,000 5,000

Cisco Public
625 625 2,000 1,300
500 500 2,500 1,000

23
MSE 7.0-MR1 Enhancements and New Features
7.0 Maintenance Release MSE Enhancements

Enhancements in both SW and HW: MSE-3355 Cisco + 3rd party Tag Engine wIPS Enhance Local Mode CCX Calibration for Location MSE CAS Enhancements, Dashboard, Reporting
Presentation_ID
Cisco Public
25
Cisco MSE-3355 Platform
Cisco MSE 3355 Specification

MSE-3355 configuration and deployment is the same as 3310/3350 7.0-MR release: tracking performance @ 700-900 movements per second
IBM x3550M3 Platform / 1RU Form Factor 2 CPUs (Quad Core) Intel E5504 Nehalem, 4Mb L2 cache 16G DDR3 1333 MHz memory 4 x 146GB hot-swappable SAS drives / 10K RPM / RAID 1+0 Dual Gigabit Ethernet NICs Dual Hot-swappable Energy Star certified Power supplies Redundant internal cooling fans
27
Platform Overview
Latest Nehalem architecture based processor High Performance SAS disk drives 6 Gbps transfer rate High Performance RAID card with 512 MB onboard cache Four Disk drives in RAID1+0 configuration; double the throughput of a RAID1 configuration with same reliability Six internal redundant cooling fans in three zones (2 fans per zone) IMM based out-of-band management for trouble free monitoring and management
Presentation_ID
Cisco Public
28
Comparing MSE-3350 & MSE-3355

Feature # of disk drives RAID level MSE-3350 2 1 MSE-3355 4 ~290 GB 1+0 (also referred to as RAID 10) 6 Gbps 16 (DDR3) 2 (hot swappable) 512 Mb IMM - supported Disks, Fans, Power supplies, Event log
Storage Capacity 147 GB Disk transfer rate 3 Gbps Installed memory 8 (PC2-5300) Power supplies Management Monitoring 2 (hot swappable) iLo not enabled Disk only RAID card cache 256 Mb
Presentation_ID
Cisco Public
29
Appliance Monitoring Enhancements

All internal fans (6) are monitored for failure Each fan has TWO internal redundant motors If one motor fails, the other motor increases speed and the system continues to function normally
If both motors in a fan fail, the system shuts down
If a single motor in a fan fails, an alarm is sent to WCS and the box must be replaced Power Supply status is also monitored Physical Existence of both power supplies Both power supplies being active (connected to power source) Health of power supplies Failure in any of the above triggers an alarm to WCS
30
The Integrated Management Module (IMM)

Web-based user interface for monitoring and managing the server, regardless of the state of the server Access to IMM Shared access via the standard Ethernet ports Dedicated management port IMM Log is actively monitored If the IMM log reaches 90% capacity, it is archived and cleared
Presentation_ID
Cisco Public
31
Troubleshooting
Critical components (disk, power supply, fans) are actively monitored Scripts are run every 10-20 minutes to check health The Light Path Diagnostics Panel A unique accessory that provides critical information about the state of the hardware MSE Installation guide provides details on the various LEDs and conditions IMM is very reliable and easily accessible for monitoring the entire system System event log contains every event and can be viewed via IMM or using the ipmitool
32
7.0-MR1 MSE Tag Engine
Cisco Tag Engine

Same CAS license provides tracking of RFID tags (plus clients) Migration of AeroScout license to Cisco license is NOT supported Aeroscout SW on Cisco Engine, e.g. MobileView, is NOT Cisco Engine AeroScout Engine supported RSSI based client + tag location RSSI + TDOA tag location
Customers who wants to track both clients and tags Extend Rails and Regions Calibration to tag tracking Flexible tag vendor selection, with less support contract and licenses Existing AeroScout customers with large number of tags Requires both RSSI and TDOA for tags. Single vendor selection for tags, application and location engine.
Presentation_ID
Cisco Public
34
Cisco Tag Engine License

WCS managed, CAS license shared between client & tags count. AeroScout partner engine, SW versions, licensing, tests and support will be provided by AeroScout
Presentation_ID
Cisco Public
35
MSE and wIPS ELM
Cisco Adaptive Wireless IPS with Enhanced Local Mode (ELM)

Adaptive wIPS scanning via data serving access points, including HREAP Provides protection without needing a separate overlay network. Available as a free SW download for existing wIPS Monitor Mode customers. ELM supported APs: 1040, 1140, 1250, 1260 & 3500
Presentation_ID
Cisco Public
37
Benefits over Controller-Based IDS

Reduction in false positives
Only triggers an alarm when it detects attacks over the air that are causing damage to the wireless infrastructure network.
WLC
Alarm aggregation
Unique attacks seen over the air are correlated and aggregated into a single alarm.
Forensics
Provides the ability to capture attack forensics for further investigation and troubleshooting purposes.
Rogue detection Anomaly detection

Includes specific alarms pertaining to anomalies in attack patterns or device characteristics captured.
WCS
Default configuration profiles

Profiles can be further customized to address the specific needs of the prospective deployment.
38
Deployment Recommendation: Monitor Mode

Monitor-mode wIPS APs do not serve clients, thus have greater range Client-serving AP typically covers 3000-5000 square feet wIPS AP typically covers 15,00035,000 square feet Ratio of wIPS monitor-mode APs to local-mode traffic APs varies by network design, but 1:5 ratio is reasonable estimate wIPS APs can simultaneously run context-aware location in monitormode
Range
Placement, Density
39
Deployment Recommendation (contd)

Option A: LM + MM
Local Mode
Option B: ELM
Enhanced Local Mode
WIPS Monitor Mode/ CleanAir MMAP + WIPS MM
wIPS Monitor Mode or CleanAir MM + wIPS MM on CleanAir AP: Recommendation Ratio of 1:5 MMAP to Local Mode APs
Turn on ELM on all APs (including CleanAir)
40
wIPS ELM Profile

wIPS profile provide ELM signatures info Magnifying glass icon means Monitor Mode AP signatures support
ELM off-channel scanning only
MM signatures MM signatures ELM off-channel
Error from pushing profile to WLC

Check NMSP connection Check clocks (WLC is UTC)
MSE> /opt/mse/wips/bin/wips_cli wIPS> show profile assignment
Presentation_ID
Cisco Public
41
Enhanced Local Mode wIPS

AP CLI> show capwap am alarm <id>
1 2 3
ELM Local AP detects attack MSE generates alarm WLC/WCS notifications
2
MSE> /opt/mse/wips/bin/wips_cli wIPS> show alarm list
Presentation_ID
Cisco Public
42
7.0-MR1 MSE CCX Calibration
CCX Enhancements
CCXv5 creates a path loss measurement (PLM) request by an AP to be sent to the client which then causes the clients to send bursts of path loss measurement frames at regular intervals back to the AP Enable MSE to get more periodic data for cleaner client RSSI values. Compensates missing RSSIs and RSSI variations from challenging environment. Wireless adapter with optional CCXv5 features is Cisco AIR-CB21AG-A-K9. CCXv4 is more common, e.g. laptops with Intel wireless NICs w/ CCX V2+ capable.
Presentation_ID
Cisco Public
44
CCX Calibration
Does not require MSE
MSE only needed when apply and sync calibration to map.
Client needs to be associated WCS may show associated but WLC must show client is in run state. Client must be CCxV2 and above.
Intel PROSet/WIFI settings enable CCX - radio management Cisco CB21ABG w/ ADU
Presentation_ID
Cisco Public
45
CCX Data Collection

Common issue of getting stuck Timer now sets 2 minutes then cancel if no data is received. One band is performed at a time. Take strongest AP samples, combined with other samples from nearby APs within 100ft Take 10 samples from each AP.
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the le again. If the red x still appears, you may have to delete the image and then insert it again. The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the le again. If the red x still appears, you may have to delete the image and then insert it again.
Presentation_ID
Cisco Public
46
CCX Logs
Location is \Prog~ \WCS-7.0-MR\webnms \logs Download log file includes calibration data. Validate connected client Check if CCX is enabled, e.g. CCX Radio Measurement
Presentation_ID
Cisco Public
47
Logs
Validating client card Calibration model name Instantiating = Start
Priming samples CCX Samples
Total time (secs)
X,Y Location
Samples collected
Priming samples
Access Points
Radio (0=b/g, 1=a)
10 samples per AP
48
7.0-MR1 Context Aware Enhancements
Context Aware Dashboard

Troubleshoot location history
Element counts
Rogue index
License Capacity
Top MSEs
Presentation_ID
Cisco Public
50
Independent Rogue Tracking and Limiting

Enable/disable Rogue AP/Rogue Clients tracking/ limiting independently
Presentation_ID
Cisco Public
51
Location History
History logging must be enabled MSE tracks transition changes Filter history based on time period or state Movement, client association, network status
Enable logging for location history
Filter history based on time period or state
Client status
52
Map Enhancement
Additional icons: rogue client, guest Troubleshooting Notes section added to map
Troubleshooting notes
Rogue AP
Presentation_ID
Rogue Client
Guest
53
Context Aware Reports
Filter by specific floor
Context Aware Reports
Missing device & Device In/out notification reports

54
Deploying for Context-Aware Services
Deploying a Context Aware Capable Infrastructure WLAN Design

Access Point Density (Office) Use smaller, overlapping cells
For wireless data only deployments: 10% AP cell overlap For wireless data + voice deployments: 20% AP cell overlap
~60 ft
Location coverage & capacity
For good location fidelity, access points should be located 50-70 linear feet apart (15-22m) Typically about one access point every 2500 5000 square feet (230 460 sqm) APs/antennas height should be from 10 ft to 20 ft Enable antenna diversity AP s placed too close to each other can cause co-channel interference
Presentation_ID 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Public
56
AP Positioning
Optimal AP positioning can greatly improve accuracy Even distribution of APs provides better stability and repeatability of the data points
Wi-FI device
Presentation_ID
Cisco Public
57
Location Readiness Tool

A point on floor map is location-ready if:
min. of 4 AP s are deployed min. of 3 AP s are within 70 ft. At least 1 AP placed in each of at least 3 surrounding quadrants.
Presentation_ID
Cisco Public
58
Coverage Gaps Voice and Location

Tracking Optimized Monitor Mode APs
TOMM Local TOMM
Local mode AP placement and density may be sufficient for data/voice applications Normal Coverage Deployment places the Local Mode Aps in the Centre of the Bldg Good for periphery of buildings to improve location accuracy without adding extra traffic that may impact voice or client services Use TOMM AP s to fill in coverage gaps
59
Wi-Fi device
Local TOMM Local
TOMMs act as dedicated sensors for location tracking
Channels on TOMM AP s should be same as the local mode AP s

CleanAir Deployment Recommendations

Customer Needs/Has:
New or Upgrading to 802.11n New areas for ongoing 802.11n deployments Networks severely impacted by non-WiFi interference
Customer Needs/Has:
Existing 802.11n deployments 1140, 1250 Competitive Installed 802.11n deployments
Deploy:
Pervasively deploy 3500 in local mode
Deploy:
Sprinkle In 3500 in monitor mode (1 monitor AP for 5 data APs)
Self Healing Troubleshooting Location

o Do not sprinkle in local mode 3500s. Local mode 3500s scan data serving channel only.
Self Healing Troubleshooting Location

o CleanAir Technology required in AP for Self Healing
60
Rails and Regions

Allows for certain regions in map to be defined as within or outside the scope of valid location area improving location accuracy Corridors or rooms where people or assets are constantly changing positions can be especially challenging Three types of regions can be specified
Location inclusion region: tracked device cannot be outside of this polygon (examples: outside of building outer walls) Location exclusion region: tracked device cannot be inside of this polygon (examples: open atrium) Rails: tracked device must be within defined area with narrow band. Typically used within exclusion region (examples: conveyor belt).
Regions defined in WCS and pushed (via synchronization process to MSE) In MSE, it works for only clients. Cells & Masks feature in Aero Scout Systems Manager can be used for tags
61
Location Accuracy
WCS Location Readiness Tool
Yes 7m, 90%
Presentation_ID
Cisco Public
62
WCS Location Quality Tool

Under tools select Location accuracy tool Define OnDemand or Scheduled scan Select and position device
Wait for 60 sec Run the test for 2 minutes
7m, 90%
Report in CSV or PDF file format
Presentation_ID
Cisco Public
63
Understanding Cumulative Probability Distribution

~60% of devices within 7m
90%/13.6m
50%/7.0m
Presentation_ID
Cisco Public
64
Improving Accuracy
Comparison of Client Drivers Features

Starting Point Better
Legacy
Non CCX Or CCXv1 APs do not know Tx Power of the probes Aps do not know channel frequency of the probes Probes can be detected on a wrong channel at a reduced power Probes transmitted infrequently Path Loss Model can show very large scale RSSI variations
CCXv2
CCXv2 or higher APs do not know Tx Power of the probes Aps do not know channel frequency of the probes Probes can be detected on a wrong channel at a reduced power Frames scheduled periodically Path Loss Model can show RSSI variations- but variations are averaged as more frequent info available
Cisco Public
CCXv4
Presentation_ID
66
WCS Planning Tool

WCS has the ability for planning and simulating RF propagation for data, voice and location services primarily in indoor office or similar areas
Supports Cisco APs and antenna only Provides a 2 dimensional prediction model and report Automatic or manual AP deployment Does not consider obstacles or wall attenuation when calculating AP positions
True RF coverage pattern including obstacles and wall attenuation
Presentation_ID
Cisco Public
67
WCS Map Editor

1st Verify map is to scale
Use scaling tab to reset map scale
Use horizontal or vertical drag & drop to select distance
Note! A warnng notification usually indicates the building requires resizing
Presentation_ID
Cisco Public
68
Wall and Partition Properties

Use obstacle type to define dB loss
Note: These values are recommendation only
Use obstacle tab to Select wall properties
Multiple lines can be combined to obtain required loss!
-1dB Cubicle -1.5dB Glass -2dB Light Wall -4dB Light door -13dB Thick Wall -15dB Heavy Door
Presentation_ID
Cisco Public
69
Calibration Models
After installation, calibration function available within WCS can be used for higher location accuracy
pre-defined models
WCS provides a way for user to calibrate signal characteristics for a particular indoor environment or similar areas More accurate the model used, the results in better location accuracy Point calibration: client at fixed location. One location at a time Linear calibration: data collected between two different points (straight line) Calibration with non CCX clients is not supported
Monitor > Clients > Client Details to verify CCX version
70
Calibration Point Mode

Data Points
Represents completed calibration area
Disable RRM AP Power mode Calibration should be performed for every band
71
Calibration Point Mode

Data Points
Calibration date collected for entire floor space
MSE is not involved during Calibration process After calibration model is created, the following steps are essential: Apply this model to the floor map(s) Synchronize WCS with MSE
72
Location Quality Inspector

Launch from Calibration Detail Page after calibration to check on how good the data points collected are and how much improvement is achieved for the desirable accuracy
Calculated Location Test Point Participating Aps displayed with RSSI values
Scrolling mouse pointer on the area displays test points and also identifies the APs who participated in calibration as blue with RSSI values
73
Event Notifications
Types of Notifications
Notifications from MSE can be classified into 2 broad categories. Northbound Notifications - applicable only for Tags. Conditional Notifications or Track Event based Notification applies to tags, wireless clients, rogues APs and clients and interferers. (Note: not wired clients)
Presentation_ID
Cisco Public
75
Northbound Notifications
Applicable to only Tags. Configuration done using the Notification Parameter page on the Context Aware Service -> Advanced Submenu under MSE on WCS. Note: The advanced Parameter settings on the same page do not apply to Northbound notifications.
Can also be configured MSE API Configurable parameters include:
Trigger - On what condition should the notification be triggered Contents The data of interest to the destination in the notification Destinations Destination IP or hostname, Port and http/https option. (This can only be a SOAP destination)
Contents Destinations
Trigger
Presentation_ID
Cisco Public
76
Frequently Seen Problems

No notification received Not getting all notifications Getting only 1 of 5 notifications Too many notifications Not getting notifications for Clients, rogues, interferers and wired clients Missing some notification
Presentation_ID
Cisco Public
77
Troubleshooting: No Notifications Received

Check whether TAGS are detected by MSE. Check whether the destination specified is a SOAP destination Check whether the destination IP is pingable from MSE Check whether the destination port is pingable from MSE.
Presentation_ID
Cisco Public
78
Troubleshooting: Not Receiving all Notifications

Check the Notification Statistics page under Context Aware Service menu. Investigate summary page and details page for errors in communication or stress on MSE. Analyze queue limits, queue usage percentage, average response time and delay. Check if all the trigger conditions that are expected are enabled.
Presentation_ID
Cisco Public
79
Troubleshooting: Getting only 1 of 5 notification

This usually happens when the client or destination do not have correct implementation This happens due to the term asynchronous notifications from MSE. The notifications are sent using SOAP which is a request/ response based protocol. The destinations need to send an acknowledgement of the received notification. This can be a null or an empty soap response. This behavior can be observed from the notification statistics page from the Awaiting Response count statistics.
Presentation_ID
Cisco Public
80
Troubleshooting: Too Many Notifications

Yes, this is a problem for the application and can crash the application. There is nothing the MSE can do. Suggest removing trigger conditions that are not important. Scalability on the application is the best solution.
Presentation_ID
Cisco Public
81
Troubleshooting: Not Getting Notifications for Clients, Rogues, Interferers and Wired clients Only tags are supported. Suggest setting up track group events with a generic condition (explore) for other devices.
Presentation_ID
Cisco Public
82
Troubleshooting: Missing or dropped notification

Analyze the Notification Statistics page for the dropped rate/count and response time. If the drop is slow and can be corrected if the queue size could accommodate little more, then increase the queue size using Notification Parameters page Advanced Settings. If the response time is slow, the generate rate and send rate will differ significantly. Suggest improving application response time to acknowledge notifications faster. The MSE may be running beyond its potential and no config change on MSE will help. Suggest splitting load on MSE or reducing the unnecessary notification triggers.
83
Track Group Notifications

These are applicable to all devices except Wired Clients. There are some predefined conditions to configure for a device. Supported destination types are: SOAP, SNMP, SMTP and Syslog. Some parameters can be configured using Advanced Settings on the Notification Parameters page. For details on parameters refer config guide. General tips are to keep things at default. For complaints about notification delays increase set the refresh time, rate limit and retry count to 0. Increase Queue Size with care, this may not solve but just delay the problem.
SOAP, Syslog, SMTP and SNMP (v2 & v3)
84
Problems with Track Group Notifications

No notifications received Missing notifications Dropped notifications
Presentation_ID
Cisco Public
85
No Notifications Received
Check whether the track group event definition was enabled Check whether the track group was synchronized with the MSE and any errors during sync. Check whether the destination IP and port is pingable from MSE. Check the correctness of the event definition. Check whether the device is detected by the MSE.
Presentation_ID
Cisco Public
86
Missing Notification
Check correctness of event definition and whether they are all enabled. Check errors during sync. Check whether the devices configured in the events definitions are detected by MSE. If the WCS is the notification receiver then the first notification will show up as an Alarm on the Notification Summary page and subsequent notifications will show up as events.
Presentation_ID
Cisco Public
87
Dropped notification
Analyze the Notification Statistics. Other troubleshooting steps similar to that of Northbound notification
Presentation_ID
Cisco Public
88
SNMP v3
Enhanced to support SNMPv3 trap capability in the following areas: Location Event Notifications:
SNMPv3 transport will be supported in addition to SNMPv2 Track Group SNMP transport definition will be extended to support SNMPv3 configuration
MSE System Event Notifications:

NMSP Connection status changes Licensing threshold crossover notifications Appliance related alarms generated by hardware monitoring tools WIPS Alarm Notifications
Presentation_ID
Cisco Public
89
Summary of Best Practices for Location Deployment

Proper AP density and placement Create an AP perimeter Use CCXv4 or CCXv5 clients Calibrate the environment Use Rails & Regions Minimize interference level where possible Use chokepoints to prevent inter-floor location problem and provide room level accuracy When using active RFID tags, configure channels 1, 6 and 11 with 3 repetitions/channel (motion enabled & chirp rate configured
90
Important Configuration Steps
MSE System Configuration

Use the following command which starts setup script to guide the user in setting the system parameters
/opt/mse/setup/setup.sh
/opt/mse/setup/setup.sh must be used set/change:

Host name / Domain name changes Changing system IP address/subnet Dual homing Routes configuration Console/ssh access settings Root password changes WCS user password changes
For managing Context Aware Engine for Clients

Start command: /etc/init.d/msed start Status command: /etc/init.d/msed status Stop command: /etc/init.d/msed stop Restart command: /etc/init.d/msed restart
92
getserverinfo Command
Total Active Elements(Wireless Clients, Tags, Rogue APs, Rogue Clients, Interferers, Wired Clients): 381 Active Wireless Clients: 206 Active Tags: 58 Active Rogue APs: 50 Active Rogue Clients: 50 Active Interferers: 17 Active Wired Clients: 0 Active Elements(Wireless Clients, Rogue APs, Rogue Clients, Interferers, Wired Clients, Tags) Limit: 2100 Active Sessions: 1 Wireless Clients Not Tracked due to the limiting: 0 Tags Not Tracked due to the limiting: 0 Rogue APs Not Tracked due to the limiting: 390 Rogue Clients Not Tracked due to the limiting: 31 Interferers Not Tracked due to the limiting: 0 Wired Clients Not Tracked due to the limiting: 0 Total Elements(Wireless Clients, Rogue APs, Rogue Clients, Interferers, Wired Clients) Not Tracked due to the limiting: 421-----------Context Aware Sub Services ------------Subservice Name: Cisco Tag Engine Admin Status: Enabled Operation Status: Up
Presentation_ID
Cisco Public
93
Troubleshooting NMSP Issues

Common Issue (certificate exchange) seen with NMSP
Time synchronization/configuration Key hash template Key exchange WCS communication password mismatch NMSP status on the WLC NMSP status on the MSE NMSP status on the WCS
Presentation_ID
Cisco Public
94
Time Synchronization/Configuration
possible symptom of clock discrepancy between WLC and MSE: can t establish NMSP connection after adding MSE to the system suggested course of action:
Use NTP server for synchronizing clocks (recommended) Manual configuration (controller time should be equal to or ahead of time on MSE)
Presentation_ID
Cisco Public
95
Establishing NMSP Connection

MSE
root@mse ~]# cmdshell cmd> show server-auth-info invoke command: com.aes.server.cli.CmdGetServerAuthInfo ---------------Server Auth Info ---------------MAC Address: 00:1e:0b:61:35:60 Key Hash: 5384ed3cedc68eb9c05d36d98b62b06700c707d9 Certificate Type: SSC
==============================
MAC address and key hash for authenticating NMSP session between MSE and WLC
WLC (Cisco controller) >config auth-list add lbs-ssc <MSE Ethernet MAC> <MSE key hash> (Cisco Controller) >show auth-list! Mac Addr ----------------------00:1e:0b:61:35:60 ! Cert Type ---------LBS-SSC Key Hash! ------------------------------------------! 5384ed3cedc68eb9c05d36d98b62b06700c707d9!
MSE MAC address

Presentation_ID
MSE Key Hash

96
WCS Communication Password Mismatch

WCS-to-MSE communication password is NOT the same as MSE ssh password WCS communication password is set in MSE during initial set up running setup script . Default is admin/admin Use the same password while adding MSE to the WCS To fix the mismatch, run the setup script again using /opt/mse/setup/setup.sh
Presentation_ID
Cisco Public
97
Verifying NMSP Connection Status (WLC/MSE)

(Cisco Controller) >show nmsp status!
LocServer IP -------------172.20.224.17 ! ! TxEchoResp ----------18006
------------Context Aware Service ------------Total Active Elements(Clients, Rogues, Interferers): 129 Active Clients: 34 Active Tags: 29 Active Rogues: 66 Active Interferers: 0 Active Wired Clients: 0
!RxEchoReq !--------!18006
TxData -------163023
RxData! ------- ! 10 !
# of active NMSP sessions
Active Elements(Clients, Rogues, Interferers) Limit: 100 Active Tag Limit: 100 Active Wired Clients Limit: 0 Active Sessions: 1
Presentation_ID
Cisco Public
98
NMSP Status on WCS for MSE

Navigate to Services>Mobility Services>MSE>Status WLC could have been added, but NMSP status can be Inactive Troubleshooting Tab provided next to Inactive button
Presentation_ID
Cisco Public
99
NMSP Status Troubleshooting Tab

Provides status of common NMSP issues
Presentation_ID
Cisco Public
100
Synchronization History
Synchronization History shows
Automatic Synchronization Automatic Controller Selection/Assignment Smart Synchronization
Navigate to Services > Synchronization Services
Presentation_ID
Cisco Public
101
Enabling Element Tracking
If checked (Enabled), only then: Devices will be tracked History will be available
102
History Parameters
Number of days to save history is not limited in WCS UI
Limited by disk space and system performance
History of an element is recorded only if:

Element moves more than 10m (30 ft) Tag: emergency or panic button is pressed Tag: passes by an exciter Floor changes, i.e. element moves between floors
Element is declared inactive if it remains inactive for an hour. If it remains inactive for 24 hours, it is removed from tracking table , and it is not possible to see elements historical location on the WCS Monitoring page. Absent Data Cleanup Interval helps to control tracking table .
103
Minimizing Latency
Tag notification frame interval for stationary tag 3-5 minutes Tag notification frame interval for moving tags <10sec WLC NMSP aggregation window is 2 sec by default Correct aggregation window should be set to make sure that WLC has received updates from all the APs, before sending data to MSE via NMSP From WLC CLI aggregation window can be set independently for clients, tags, rogue APs, rogue clients and Rfids
(Cisco Controller) >config nmsp notification interval rssi ? clients rfid rogues
Presentation_ID
Measurement interval for clients. Measurement interval for rfid tags. Measurement interval for rogue APs and rogue clients
104
Immediate Notification from MSE

Business Application
SOAP/XML API
Context-Aware Software
MSE
Context Aware Engine for Clients

RSSI RSSI / TDOA
Context Aware Engine for Tags
Si
Si
Mobile User Voice over 802.11 Smart Phone
802.11 Clients
802.11 CCX Tags
Indoor Environment
Presentation_ID
Indoor & Outdoor Environments

Cisco Public
105
Immediate Notification from MSE

With 7.0 code MSE can forward the tag info straight to third party Setting the first parameter to true will cause the MSE to immediately send the notification to Mobile View or any other application. This however will have old or no location. After the location calculation another notification will be fired with the latest location value If the location is not needed at all, then the second parameter should be set to true. Note the MSE will just act as a forwarding engine in this case and no location calculations will be computed
106
Wired Location Detection

Si
MSE - Location Service with wireless/wire map database
Network Management Service Protocol (NMSP)
Switches report to MSE switch port mapping of connected devices MSE actively tracks communicated information and location of both devices and chassis MSE maintains history of device connect, connection location, and device disconnect MSE provides SOAP XML API to external systems that are interested in location of chassis or endpoint devices Applications can query or receive async events when devices or chassis move location
C3750-E
CDP/LLDPMED
Presentation_ID
Cisco Public
107
Wired Location with MSE

MSE tracks loca-on history of wired clients Loca-on informa-on congured using switch CLIs
Dene the loca-on iden-er Enable ip device tracking ABach the iden-er to the switch interface
Switch and MSE communicate using NMSP Switches no-fy MSE of wired client associa-on / disassocia-on Switches supported - Catalyst 2960, 3750, 3750E, 3560, 3560E, 4500, 4900 Required soRware versions
Catalyst switches 12.2(50)SE WCS 6.0.x onwards MSE 6.0.x onwards
108
Deployment Checklist
Follow proper AP placement guidelines (location and density) Configure NTP server on both WLC and MSE or manually synchronize both the devices (and preferably WCS) with the correct time and time zone. Check the NMSP connection status on the controller Ensure that tracking is enabled for the right devices Ensure that the maps and AP positions are synchronized between the WCS and MSE Ensure that location calculations are taking place either on the tracking page or the MSE console For Clients Verify tracking is enabled on MSE Verify clients are detected by controller Max calculation time taken into account For Tags Verify tracking is enabled on MSE Verify tags are detected by controller Max calculation time taken into account
109
Key Takeaways
Cisco Mobility Services Engine enables the deployment of advanced services (Context Aware, CleanAir, wIPS) Implementing Context Aware Services requires following a set of best practices for optimal results 7.0-MR1 software release has a number of feature enhancements specific to the MSE and associated services
Presentation_ID
Cisco Public
110
Recommended Reading
Cisco Mobility Services Engine - Context Aware Mobility Solution Deployment Guide http://www.cisco.com/en/US/products/ps9742/ products_tech_note09186a00809d1529.shtml Cisco Context-Aware Service Configuration Guide http://www.cisco.com/en/US/products/ps9742/ products_installation_and_configuration_guides_list.html Cisco 3300 Series Mobility Services Engine Licensing and Ordering Guide http://www.cisco.com/en/US/prod/collateral/wireless/ps9733/ps9742/ data_sheet_c07-473865.html WiKi Page External http://www.cisco.com/en/US/products/ps9806/ products_qanda_item09186a0080af9513.shtml AeroScout Support Page http://support.aeroscout.com
Presentation_ID
Cisco Public
111
Thank you.
Presentation_ID
Cisco Public
112

Deploying Advanced Wireless Services With The Cisco Mobility Services Engine

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Deploying Advanced Wireless Services With The Cisco Mobility Services Engine

Caricato da

Copyright:

Formati disponibili

Deploying Advanced Wireless Services using Cisco Mobility Services Engine

2011 Cisco and/or its affiliates. All rights reserved.

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Wireless Topology with CAS

Active RFID Tag

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Wireless Control System

Cisco MSE Context Aware Service

Cisco Catalyst Switches

Cisco Wireless LAN Controller

Cisco Aironet Access Point

Tag and Devices

Active RFID Tags

Wireless network devices

Wired network devices

2011 Cisco and/or its affiliates. All rights reserved.

Context-Aware Services (CAS) Use Cases

CUP Worker Safety

2011 Cisco and/or its affiliates. All rights reserved.

Rogue AP: Rogue clients:

CleanAir Detecting Interference Sources

2011 Cisco and/or its affiliates. All rights reserved.

NMSP Connection Status and Details

Services that are utilizing NMSP

Exchanged NMSP messages

What is CleanAir Technology?

Maintain Air Quality

Visualize and Troubleshoot

Cisco CleanAir Components

Wireless LAN Controller

Mobility Services Engine (MSE)

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Context Aware Mobility Solution

Application and Management

Cisco MSE Cisco WCS Context Aware Engine for Clients

Context Aware Software

Wi-Fi TDOA Receiver

Chokepoint 125 kHz

Tag and Devices

Receive Signal Strength Indication (RSSI) Overview

Time Difference of Arrival (TDoA) Overview

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Outdoor Mesh APs can be used

2011 Cisco and/or its affiliates. All rights reserved.

Cisco Context Aware Tag Tracking

Access Points or Chokepoints

Wi-Fi Devices or Active Tags

2011 Cisco and/or its affiliates. All rights reserved.

MSE Evaluation Mode

2011 Cisco and/or its affiliates. All rights reserved.

MSE-3310 Service Support Matrix

wIPS Monitor Mode APs

MSE-3350/3355 Service Support Matrix wIPS and Context Aware

wIPS Monitor Mode APs

MSE can have up to 500 NMSP sessions (i.e. 500 WLC s)

Max. number of moving elements

WLC Device Tracking Capacity

Client Capabilities 500 256

Tag Capabilities 256 500

Rogue AP Capabilities 125 125

Rouge Client Capabilities 100 100

2,500 2,500 7,000 10,000

1,250 5,000 5,000 5,000