Support for Cisco Meraki

Virtual Network Assurance and CA Spectrum 10.3.2 release supports modeling of Cisco Meraki devices (Cloud Controller and Access Points) and proactive monitoring and managing of wireless networks. The monitoring information is provided by VNA, whereas, Spectrum relies on the inventory data from VNA to monitor and manage Meraki devices. The Access Points are modeled as certified SNMP devices, if they are SNMP- reachable, if not, then they are modeled as Access Point pingable models. To model the Access Points using SNMP, ensure the SNMP community string of the access points is added under the following:  
casp104
Virtual Network Assurance and CA Spectrum 10.3.2 release onwards supports modeling of Cisco Meraki devices (Cloud Controller and Access Points) and proactive monitoring and managing of wireless networks. The monitoring information is provided by VNA, whereas, Spectrum relies on the inventory data from VNA to monitor and manage Meraki devices. The Access Points are modeled as certified SNMP devices, if they are SNMP- reachable, if not, then they are modeled as Access Point pingable models. To model the Access Points using SNMP, ensure the SNMP community string of the access points is added under the following:  
  • VNM→AutoDiscovery
  • Control→Modeling
  • Protocol Options-→SNMP Community Strings
Discovering connections between controller, switches and access points is based on the SNMP data available on the corresponding models, without which Spectrum cannot create any connections, and VNA cannot provide this connectivity information.
Properties of Cloud Controller and Access Points are displayed under the OneClick information tab. The operation status of Cloud Controller and Access Points is monitored based on the VNA inventory updates. Access Point availability is monitored through Spectrum and VNA inventory updates. If Access Point is unreachable from Spectrum (via Poll/Ping) and from VNA (OperationStatus is down), then a device unreachable alarm is asserted on AP model.
Meraki Cloud controller dashboard exposes APIs to monitor its elements (Cloud Controller, Access Points, Service Appliances, Switches, Routers, etc.). VNA uses APIs to get monitoring data of the Controller and Access Points for Spectrum. Spectrum integrated with VNA (with a Meraki plugin), consumes inventory information from VNA, and models Meraki devices in the SDN/VNA manager hierarchy.
 
Following are the entities which are newly supported for Meraki under VNA
  • POLICY
  • POLICY_GROUP
  • SSID
  • WIFI_CONTROLLER
  • WIRELESS_NETWORK
  • ACCESS_POINT
These entities are modeled in Spectrum with special model types. Meraki Cloud Controller is auto-modeled as a Wifi_Controller, which is a virtual entity. 
The Cloud Controller properties are displayed under OneClick view, which contains:
  • General Information, displaying the serial number, MAC, IP address, up time, system name, location, condition/contact status, etc.
  • Wireless Information, displaying the Access Points hardware details.
 The Access Point properties that are displayed under the OneClick view are:
  • General
  • Asset Information
Hierarchy and Icons
Following is the hierarchy and icons that are supported with this release: 
 
Organizations>Wireless Networks>Access Points and SSIDs
 
 Cisco Meraki icon heirarchy.JPG 
 
Organization 
 
A collection of networks that are all part of a single organizational entity.
 
 Organization Meraki.JPG 
 
Access Points
 
Access points provide deep network insight enabling smarter network management.
 Access points meraki.JPG 
 
SSIDs
 
Service Set Identifier (SSID) is a unique identifier that is applied to the Access Point (AP) and the wireless client, allowing them to associate.
 
 SSIDs.JPG 
 
Cloud Controller
 
Cloud Controller is the control framework that allows various Cisco Meraki products to work together seamlessly, including indoor and outdoor wireless access points, switches, security appliances.
 
 Cloud Controller icon Meraki.JPG 
Events and Alarm
Events and alarms are raised on Meraki entities using the data that is provided by VNA. Following is the list of Events and Alarms identified:
 
Event Type
 
 
Event Description
 
 
Alarms
 
events       
802.11 association  
N/A
events    
802.11 disassociation
N/A
events    
WPA authentication 
 N/A
events    
WPA deauthentication   
N/A
events    
WPA failed authentication attempt 
N/A 
events    
802.1x failed authentication attempt
 N/A
events    
802.1x deauthentication
N/A
events    
802.1x authentication    
N/A
events    
splash authentication  
N/A
events    
wireless packet flood detected   
Minor
events    
wireless packet flood end   
Clear packet flood detected alarm
events    
rogue SSID detected    
Major 
Following is the list of Events and Alarms that are not supported with this release: 
 
Event Type
 
 
Event Description
 
 
Alarms
 
urls
HTTP GET requests
Dec 6 08:46:12 192.168.1.1 1 1386337584.254756845 MX84 events Cellular connection down1380653443.857790533 MR18 urls src=192.168.111.253:50215dst=204.154.94.81:443 mac=F8:1E:DF:E2:EF:F1 request: UNKNOWN https://www.evernote.com/...
flows
flow allowed by Layer 3 firewall
1380653443.857790533 MR18 flows allow src=192.168.111.253 dst=192.168.111.5 mac=F8:1E:DF:E2:EF:F1 protocol=tcp sport=54252 dport=80
flows
flow denied by Layer 3 firewall
1380653443.857790533 MR18 flows deny src=10.20.213.144 dst=192.168.111.5 mac=00:F4:B9:78:58:01 protocol=tcp sport=52421 dport=80
There is no overlay topology for Meraki devices. The topology is formed based on the connections that are discovered as part of the regular/legacy SNMP discover connections action in Spectrum.
Refer to the CA Spectrum SNMP Support for Cisco Meraki Solutions for a list of Meraki solutions that are supported in 10.3.1, including wireless appliances and switches.