Support for Cisco Meraki
Virtual Network Assurance and CA Spectrum 10.3.2 release supports modeling of Cisco Meraki devices (Cloud Controller and Access Points) and proactive monitoring and managing of wireless networks. The monitoring information is provided by VNA, whereas, Spectrum relies on the inventory data from VNA to monitor and manage Meraki devices. The Access Points are modeled as certified SNMP devices, if they are SNMP- reachable, if not, then they are modeled as Access Point pingable models. To model the Access Points using SNMP, ensure the SNMP community string of the access points is added under the following:
Virtual Network Assurance and CA Spectrum 10.3.2 release onwards supports modeling of Cisco Meraki devices (Cloud Controller and Access Points) and proactive monitoring and managing of wireless networks. The monitoring information is provided by VNA, whereas, Spectrum relies on the inventory data from VNA to monitor and manage Meraki devices. The Access Points are modeled as certified SNMP devices, if they are SNMP- reachable, if not, then they are modeled as Access Point pingable models. To model the Access Points using SNMP, ensure the SNMP community string of the access points is added under the following:
- Protocol Options-→SNMP Community Strings
Discovering connections between controller, switches and access points is based on the SNMP data available on the corresponding models, without which Spectrum cannot create any connections, and VNA cannot provide this connectivity information.
Properties of Cloud Controller and Access Points are displayed under the OneClick information tab. The operation status of Cloud Controller and Access Points is monitored based on the VNA inventory updates. Access Point availability is monitored through Spectrum and VNA inventory updates. If Access Point is unreachable from Spectrum (via Poll/Ping) and from VNA (OperationStatus is down), then a device unreachable alarm is asserted on AP model.
Meraki Cloud controller dashboard exposes APIs to monitor its elements (Cloud Controller, Access Points, Service Appliances, Switches, Routers, etc.). VNA uses APIs to get monitoring data of the Controller and Access Points for Spectrum. Spectrum integrated with VNA (with a Meraki plugin), consumes inventory information from VNA, and models Meraki devices in the SDN/VNA manager hierarchy.
Following are the entities which are newly supported for Meraki under VNA:
These entities are modeled in Spectrum with special model types. Meraki Cloud Controller is auto-modeled as a Wifi_Controller, which is a virtual entity.
The Cloud Controller properties are displayed under OneClick view, which contains:
- General Information, displaying the serial number, MAC, IP address, up time, system name, location, condition/contact status, etc.
- Wireless Information, displaying the Access Points hardware details.
The Access Point properties that are displayed under the OneClick view are:
- Asset Information
Hierarchy and Icons
Following is the hierarchy and icons that are supported with this release:
Organizations>Wireless Networks>Access Points and SSIDs
A collection of networks that are all part of a single organizational entity.
Access points provide deep network insight enabling smarter network management.
Service Set Identifier (SSID) is a unique identifier that is applied to the Access Point (AP) and the wireless client, allowing them to associate.
Cloud Controller is the control framework that allows various Cisco Meraki products to work together seamlessly, including indoor and outdoor wireless access points, switches, security appliances.
Events and Alarm
Events and alarms are raised on Meraki entities using the data that is provided by VNA. Following is the list of Events and Alarms identified:
WPA failed authentication attempt
802.1x failed authentication attempt
wireless packet flood detected
wireless packet flood end
Clear packet flood detected alarm
rogue SSID detected
Following is the list of Events and Alarms that are not supported with this release:
flow allowed by Layer 3 firewall
1380653443.857790533 MR18 flows allow src=192.168.111.253 dst=192.168.111.5 mac=F8:1E:DF:E2:EF:F1 protocol=tcp sport=54252 dport=80
flow denied by Layer 3 firewall
1380653443.857790533 MR18 flows deny src=10.20.213.144 dst=192.168.111.5 mac=00:F4:B9:78:58:01 protocol=tcp sport=52421 dport=80
There is no overlay topology for Meraki devices. The topology is formed based on the connections that are discovered as part of the regular/legacy SNMP discover connections action in Spectrum.
Refer to the CA Spectrum SNMP Support for Cisco Meraki Solutions for a list of Meraki solutions that are supported in 10.3.1, including wireless appliances and switches.