- Preface
- Chapter 1: Overview
- Chapter 2: Adding and Deleting Systems
- Chapter 3: Synchronizing Mobility Services Engines
- Chapter 4: Configuring and Viewing System Properties
- Chapter 5: Managing Users and Groups
- Chapter 6: Configuring wIPS and Profiles
- Chapter 7: Monitoring the System and Services
- Chapter 8: Performing Maintenance Operations
- Appendix A: wIPS Policy Alarm Encyclopedia
- Appendix B: Rogue Management
- Appendix C: Radio Resource Management
- Appendix D : MSE System and Appliance Hardening Guidelines
- Index
Synchronizing Mobility Services Engines
This chapter describes how to synchronize Cisco wireless LAN controllers and Cisco WCS with mobility services engines.
This chapter contains the following sections:
•Synchronizing WCS and Mobility Services Engines
•Viewing Synchronization Information
Synchronizing WCS and Mobility Services Engines
This section describes how to synchronize WCS and mobility services engines manually and automatically.
After adding a mobility services engine to WCS, you can synchronize network designs (campus, building, and outdoor maps), controllers (name and IP address), specific Catalyst Series 3000 and 4000 switches, and event groups with the mobility services engine.
•Network Design—A logical mapping of the physical placement of access points throughout facilities. A hierarchy of a single campus, the buildings that comprise that campus, and the floors of each building constitute a single network design.
•Controller—A selected controller that is associated and regularly exchanges location information with a mobility services engine. Regular synchronization ensures location accuracy.
•Wired Switches—Wired Catalyst switches that provide an interface to wired clients on the network. Regular synchronization ensures that location tracking of wired clients in the network is accurate.
–The mobility services engine can be synchronized with Catalyst stackable switches (3750, 3750-E, 3560, 2960, IE-3000 switches), switch blades (3110, 3120, 3130, 3040, 3030, 3020), and switch ports.
–The mobility services engine can also be synchronized with the following Catalyst 4000 series: WS-C4948, WS-C4948-10GE, ME-4924-10GE, WS-4928-10GE, WS-C4900M, WS-X4515, WS-X4516, WS-X4013+, WS-X4013+TS, WS-X4516-10GE, WS-X4013+10GE, WS-X45-SUP6-E, and WS-X45-SUP6-LE.
•Event Groups—A group of predefined events that define triggers that generate an event. Regular synchronization ensures that the latest defined events are tracked. Event groups can also be created by third-party applications. For more information about third-party application-created event groups, see "Working with Third-Party Elements" section.
Note Be sure to verify software compatibility between the controller, WCS, and the mobility services engine before synchronizing. See to the latest mobility services engine release note at the following URL: http://www.cisco.com/en/US/products/ps9742/tsd_products_support_series_home.html
Note Communication between the mobility services engine, WCS and the controller takes place in Coordinated Universal Time (UTC). Moreover, ensure the MSE timezone is set to UTC. Configuring NTP on each system provides devices with the UTC time. The mobility services engine and its associated controllers must be mapped to the same NTP server and the same WCS server. An NTP server is required to automatically synchronize time between the controller, WCS, and the mobility services engine. However, the timezone for MSE should still be set to UTC. This is because wIPS alarms requires that the MSE time be set to UTC.
To synchronize network designs, a controller, a Catalyst switch, or event group with the mobility services engine, follow these steps:
Step 1 Choose Services > Synchronize Services.
The left sidebar menu contains the following options:
•Network Designs
•Controllers
•Event Groups
•Wired Switches
Step 2 Choose the appropriate menu option (network designs, controllers, event groups, or wired switches). See, Figure 3-1 for more information.
Figure 3-1 Mobility > Synchronize Services > Network Designs
Step 3 To assign a network design to a mobility services engine, in the synchronization page, choose Network Designs from the left sidebar menu.
Step 4 Choose all the maps to be synchronized with the mobility services engine.
Note Through Release 6.0, you can assign only up to a campus level to a mobility services engine. Starting with Release 7.0, this option is granular to a floor level. For example, you can choose to assign floor1 to MSE 1, floor2 to MSE 2, and floor3 to MSE 3.
Step 5 Click Change MSE Assignment.
Step 6 Select the mobility services engine to which the maps are to be synchronized. See, Figure 3-2 for more information.
Step 7 Click either of the following in the Choose MSEs dialog box:
•Save—Saves the mobility services engine assignment. The following message appears in the Messages column of the Network Designs page with yellow arrows icon:
To be assigned - Please synchronize.
•Cancel—Discards the changes to mobility services engine assignment and returns to the Network Designs page.
You can also select one or more maps and click Reset to undo the assignments for those maps.
Figure 3-2 MSE Assignment Page
Note A network design may include a floor in a campus or a large campus with several buildings, each monitored by a different mobility services engine. Because of this, you may need to assign a single network design to multiple mobility services engines.
Note Network design assignments also automatically picks up the corresponding controller for synchronization.
Step 8 Click Synchronize to update the mobility services engine(s) database(s).
When items are synchronized, a green two-arrow icon appears in the Sync. Status column for each synchronized entry.
You can use the same procedure to assign wired switches or event groups to a mobility services engine. To assign a controller to a mobility services engine, see Synchronizing Controllers with a Mobility Services Engine for more information.
Synchronizing Controllers with a Mobility Services Engine
You can assign an MSE to any wireless controller on a per-service (wIPS) basis.
Note Starting from MSE Release 7.0.116.0, you cannot synchronize a Contoller of version 5.0 or before to MSE.
To associate a mobility services engine with a controller, follow these steps:
Step 1 In the synchronization page, choose Controllers from the left sidebar menu.
Step 2 Choose the controllers to be assigned to the mobility services engine.
Step 3 Click Change MSE Assignment.
Step 4 Choose the mobility services engine to which the controllers must be synchronized.
Step 5 Click either of the following in the popup window:
•OK—Saves the mobility services engine assignment. The following message appears in the Messages column of the Controllers page with yellow arrows icon:
To be assigned - Please synchronize.
•Cancel—Discards the changes to mobility services engine assignment and returns to the Controllers page.
You can also select one or more controllers and click Reset to undo the assignments for those controllers.
Step 6 Click Synchronize to complete the synchronization process.
Step 7 Confirm that the mobility services engine is communicating with each of the controllers for only the chosen service. This can be done by clicking the NMSP status link in the status page.
Note•After Synchronizing a controller, verify that the timezone is set on the associated controller.
•Controller names must be unique for synchronizing with a mobility services engine. If you have two controllers with the same name, only one will be synchronized.
You can use the same procedure to assign Catalyst switches or event groups to a mobility services engine.
Note A switch can only be synchronized with one mobility services engine. However, a mobility services engine can have many switches attached to it.
To unassign a network design, controller, event group, or wired switch from a mobility services engine follow these steps:
Step 1 On the respective tabs, choose one or more elements and click Change MSE Assignment. The choose mobility services engine dialog box appears.
Step 2 Unselect the mobility services engine if you do not want the elements to be associated with that mobility services engine.
Step 3 Click Save to save the changes to the assignments.
Step 4 Click Synchronize. A two-arrow icon appears in the Sync Status column.
Working with Third-Party Elements
When you synchronize elements with MSE, there might be event groups on the MSE that have been created by third-party applications. You can either delete the unused elements or mark them as third-party elements.
To delete the elements or mark them as third-party elements, follow these steps:
Step 1 In the Synchronization page, choose Third-Party Elements from the left sidebar menu.
The Third-Party Elements page appears.
Step 2 Select one or more elements.
Step 3 Click one of the following buttons:
•Delete Event Groups—Deletes the selected event groups.
•Mark as 3rd Party Event Group(s)—Marks the selected event groups as third-party event groups.
Configuring Automatic Database Synchronization and Out-of-Sync Alerts
Manual synchronization of the WCS and mobility services engine databases is immediate. However, future deployment changes (such as changes to maps and access point positions) can yield incorrect location calculations and asset tracking until resynchronization.
To prevent out-of-sync conditions, use WCS to carry out synchronization. This policy ensures that synchronization between WCS and mobility services engine databases is triggered periodically and any related alarms are cleared.
Any change to one or more synchronized components will be automatically synchronized with the mobility services engine. For example, if a floor with access points is synchronized with a particular mobility services engine and then one access point is moved to a new location on the same floor or another floor which is also synchronized with the mobility services engine, then the changed location of the access point will be automatically communicated.
To further ensure that WCS and MSE are in sync, smart synchronization happens in the background. To configure smart synchronization, follow these steps:
Step 1 In WCS, choose Administration > Background Tasks.
Step 2 Select the Mobility Service Synchronization check box.
Step 3 Click the Mobility Service Synchronization link.
The Task > Mobility Service Synchronization page appears.
Step 4 To set the mobility services engine to send out-of-sync alerts, select the Out of Sync Alerts Enabled check box.
Step 5 To enable smart synchronization, select the Smart Synchronization Enabled check box.
Note Smart synchronization does not apply to elements (network designs, controllers, or event groups) that have not yet been assigned to a mobility services engine. However, out-of-sync alarms will still be generated for these unassigned elements. For smart synchronization to apply to these elements, you need to manually assign them to a mobility services engine.
Note When a mobility services engine is added to a WCS, the data in the WCS is always treated as the primary copy that is synchronized with the mobility services engine. All synchronized network designs, controllers, event groups and wired switches that are present in the mobility services engine, and not in the WCS, are removed automatically from the mobility services engine.
Step 6 Enter the time interval in days and the time of day (xx:yy AM or PM) that the automatic synchronization is to be performed.
By default, smart-sync is enabled.
Step 7 Click Submit.
For smart controller assignment and selection scenarios, see Smart Controller Assignment and Selection Scenarios.
Smart Controller Assignment and Selection Scenarios
Scenario 1
If a floor having at least one access point from a controller is chosen to be synchronized with the mobility services engine in the Network Designs section of the Synchronization page, then the controller to which that access point is connected is automatically selected to be assigned to the mobility services engine for CAS service.
Scenario 2
When at least one access point from a controller is placed on a floor that is synchronized with mobility services engine, the controller to which the access point is connected is automatically assigned to the same mobility services engine for CAS service.
Scenario 3
An access point is added to a floor and is assigned to an mobility services engine. If that access point is moved from controller A to controller B, then controller B is automatically synchronized to the mobility services engine.
Scenario 4
If all access points placed on a floor which is synchronized to the MSE are deleted, then that controller is automatically removed from mobility services engine assignment or unsynchronized.
Out-of-Sync Alarms
Out-of-sync alarms are of minor severity (yellow), and are raised in response to the following conditions:
•Elements are modified in WCS (the auto-sync policy pushes these elements)
•Elements other than controllers exist in the mobility services engine database but not in WCS
•Elements are not assigned to any mobility services engine (the auto-sync policy does not apply)
Out-of-sync alarms are cleared when the following occurs:
•The mobility services engine is deleted
Note When you delete a mobility services engine, the out-of-sync alarms for that system are also deleted. In addition, if you delete the last available mobility services engine, the alarms for the elements not assigned to any server will also be deleted.
•Elements are synchronized manually or automatically
•User manually clears the alarms (although the alarms may reappear in the future when the scheduled task is executed).
Viewing Synchronization Information
This section describes how to view synchronization status and history and contains the following topics:
•Viewing Mobility Services Engine Synchronization Status
•Viewing Synchronization History
Viewing Mobility Services Engine Synchronization Status
You can use the Synchronize Services feature in WCS to view the status of network design, controller, switch, and event group synchronization with a mobility services engine.
To view synchronization status, follow these steps:
Step 1 In WCS, choose Services > Synchronize Services.
Step 2 From the left sidebar menu, choose the applicable option (Network Designs, Controllers, Event Groups, or Wired Switches).
For each of the elements, the Sync. Status column shows the synchronization status. A green two-arrow icon indicates that its corresponding element is synchronized with the specified server such as a mobility services engine. A gray two-arrow icon with a red circle indicates that its corresponding item is not synchronized with a given server.
You can also view the synchronization status and assign or unassign from campus view and building view along with floor view.
To access this page, choose Monitor > Maps > System Campus > Building > Floor
where Building is the building within the Campus and Floor is a specific floor in that campus building.
On the left sidebar menu, there is an option MSE Assignment. This option shows which mobility services engine the floor is currently assigned to. You can also change mobility services engine assignment in this page.
Viewing Synchronization History
You can view the synchronization history for the last 30 days for a mobility services engine. This is especially useful when automatic synchronization is enabled as alarms are automatically cleared. Synchronization history provides a summary of those cleared alarms.
To view synchronization history, follow these steps:
Step 1 In Cisco WCS, choose Services > Synchronization History. The Synchronization History page appears (see Figure 3-3).
Figure 3-3 Mobility > Synchronization History
Step 2 Table 3-1 describes the text boxes that appear in the Synchronization History page.
Table 3-1
Synchronization History
Click the column headers to sort the entries.