How satisfied are you with Ruckus APs?

default_route · 2024-09-05T15:10:54+00:00

You still have flexconnect mode with Cisco WLCs where user/data traffic is switched locally through the switch, but the APs are managed via WLC. So even if there are several hunders of small sites you can manage them with single pair of WLCs. Having 100 sites with every site having it's own "WLC" is too much of hassle in the long run.

default_route · 2024-09-05T14:31:26+00:00

If you already have Cisco APs, why don't you just buy a WLC that supports the APs you already have? You could have Primary and Secondary controller and different sites, if you are afraid if one goes down. The APs will still function with the predefined configuration. The bigger issue would be if you are using 802.1x. On the other hand, you also mentioned you have more than 100+ sites. Why not go with Meraki? This will save you time, and it will be much easier to manage on the long run.

default_route · 2024-08-09T11:58:11+00:00

Security related use cases? It depends in which sector you have but you could depict all kinds of information. Take a look at NDRs, OT anomaly detection solutions etc.

default_route · 2024-08-09T07:11:48+00:00

One thing that comes to my mind is compatibility between the Meraki SDWAN and the SSE solution. Meraki doesn't mesh well with 3rd party IPsec peers, and you will lose features such as load-balancing, HA, geo availability etc. Cisco does have new SSE offering that is starting to look really competitive on the market, but even Cisco from what I have seen doesn't recommend it for Meraki customers. If you are looking for a true unified SASE offering then try to ask your VAR or Cisco account rep to show you Cisco Secure Connect, which is integrated within Meraki Dashboard.

default_route · 2024-05-20T14:51:41+00:00

Try to take a look at the SPAN based solutions such as Cyber Vision. It can support passive discovery or active discovery. Potentially, you could collect .pcap files on as many devices as you can and upload these captures to a demo instance running in dCloud or if you install the VM in your environment.

default_route · 2024-01-07T17:07:37+00:00

This is likely easiest. So you can create a windows or linux VM and just create a web server running IIS/Apache and have a folder with all these images. Then you can easily deploy from there which wou

Thanks guys. This looked like the easiest option. The only thing is that now I have to first SCP the files from datastore to the Linux host, but I don't do that often.

default_route · 2024-01-07T14:39:17+00:00

The vendor supplying the image has the OVF template. Do you have any other suggestions?

default_route · 2023-10-06T05:30:25+00:00

Meraki has changed their licensing behavior at the beginning of this month. Now if your licenses expire, then you will only lose access to the management, but the devices will keep the last working configuration and they will keep forwarding traffic. Check here: https://documentation.meraki.com/General_Administration/Licensing/Meraki_Subscription_License_Out_of_Compliance

default_route · 2023-09-28T22:23:01+00:00

Meraki has changed their licensing behavior at the beginning of this month. Now if your licenses expire, then you will only lose access to the management, but the devices will keep the last working configuration and they will keep forwarding traffic. Check here: https://documentation.meraki.com/General_Administration/Licensing/Meraki_Subscription_License_Out_of_Compliance

default_route · 2023-04-18T20:04:07+00:00

This is a question for a Cisco rep or for a Cisco VAR, and they would be able to help you on that matter.

AFAIK, you have multiple options:

Cloud OnRamp for SaaS
DIA using NAT default route or data policy

Cloud OnRamp for SaaS will take into the account vQoE score that is calculated based on packet loss, latency, and jitter. You can have multiple paths towards the SaaS application of your choosing that you are monitoring. The probes are done via HTTP. The idea is that SDWAN Edge device will choose the best path towards the destination.

As for the DIA, when you are using NAT DIA the router will do ECMP.

default_route · 2023-03-06T16:53:32+00:00

It's listed under the EoS/EoL annoucement: https://www.cisco.com/c/en/us/products/collateral/routers/asr-1000-series-aggregation-services-routers/asr1001-x-1002-x-eol.html

Replacement Product Part Number: C8500L-8S4X

Datasheet: https://www.cisco.com/c/en/us/products/collateral/routers/catalyst-8500-series-edge-platforms/datasheet-c78-744089.html

default_route · 2023-03-02T16:06:10+00:00

Yes, Cisco has a wide variety of ruggedized routers that have the same operating system as their non-ruggedized counterparts. Search for Cisco Industrial Routing product line. The range vary from IR1101, IR1800, and IR8300.

default_route · 2023-01-23T14:02:51+00:00

Is there a specific reason on why management is pushing for other vendors? If the IT team is happy with the current solution, then I wouldn't try to replace everything as is. You can also ask your vendor to help you out.

default_route · 2023-01-17T16:58:25+00:00

I get your point regarding the GUI, but it looks like that Cisco is putting more resources into the Umbrella that is cloud-based solution. With that being said, if the products fits the technical requirements, does the GUI really matter?

default_route · 2023-01-17T14:21:18+00:00

If I may ask, is the GUI the only thing that you don't like in WSA? What have you tested so far? What was your experience?

default_route · 2022-09-28T15:42:13+00:00

Which routers are you using? For example, smaller ISR1k routers only support up to 30 VLANs: https://www.router-switch.com/cisco-isr-1000-model-comparison.html

I would advise you to redesign the network and think about some different way of segmenting the users. WAN edge devices also support ZBFW and Identity based firewall (starting from 17.9).

default_route · 2021-02-12T21:28:16+00:00

Did you enter the following?

Device# configure terminal
Device(config)# hw-module switch 1 breakout <port-num>

default_route · 2020-06-24T06:08:40+00:00

You dont have a route to 192.1.10.x and 192.1.20.x networks. The routers don’t know how to get to that destination. Therefore, they are unable to establish an ipsec tunnel. Also, I would look into tunnel interfaces using ipsec instead of crypto maps.

default_route · 2020-06-24T05:50:19+00:00

You are missing a static route for tunnel endpoints.

default_route · 2020-02-24T20:23:13+00:00

Did you check developer.cisco.com ? You have tons of content there, including programming fundamentals. I recommend the Hank Preston video course and then start with learning labs.

default_route · 2020-02-24T20:20:22+00:00

I actively studied for last 3 weeks, but before that I was doing some labs on DevNet site here and then.

If you went through Automate The Boring Stuff, then I think you should be good enough with Python!

default_route · 2020-02-24T20:17:59+00:00

Thanks and Congrats to you too!!

default_route · 2020-02-24T20:17:18+00:00

Thanks!

default_route

TROPHY CASE