Листовка для Cisco Cisco Aironet 3500e Access Point
Markus Stangl
Technical Coordinator and Deputy Head of
Technical Division
Radio Max
Technical Coordinator and Deputy Head of
Technical Division
Radio Max
Customer Case Study
Working with local service provider Diamond Informatics, Radio Max implemented a
new infrastructure, which includes 14 virtual local area networks (VLANs), providing
separate domains for audio streams, video streams, office and administration,
editors, and guests.
new infrastructure, which includes 14 virtual local area networks (VLANs), providing
separate domains for audio streams, video streams, office and administration,
editors, and guests.
The overarching Cisco Borderless Network design consists of Cisco Catalyst®
4500 and 6500 Series Switches and wireless LANs powered by Cisco Aironet®
3500 Series Wireless Access Points and 5508 Series Wireless Controllers. At the
center of the solution is the Cisco Identity Services Engine (ISE), unifying security
management across all domains: wired, wireless, and remote access.
4500 and 6500 Series Switches and wireless LANs powered by Cisco Aironet®
3500 Series Wireless Access Points and 5508 Series Wireless Controllers. At the
center of the solution is the Cisco Identity Services Engine (ISE), unifying security
management across all domains: wired, wireless, and remote access.
Part of the Cisco TrustSec® architecture, ISE is a core capability within the Cisco
bring-your-own-device (BYOD) Smart Solution. It combines information about
the roles and privileges of users, their device profile and posture, their location
(VPN, trusted or untrusted networks), and the service request. This policy-based
approach then automatically determines who gets what access, from where, and
on what device.
bring-your-own-device (BYOD) Smart Solution. It combines information about
the roles and privileges of users, their device profile and posture, their location
(VPN, trusted or untrusted networks), and the service request. This policy-based
approach then automatically determines who gets what access, from where, and
on what device.
“We use two ISEs for reliability, and their job is to ensure network security and
stability by profiling and managing fallouts,” says Stangl. “For example, if one
of our editors wants to use a mobile device, they have to get in touch with the
administrator, who then connects that device to the network. Members of staff
have permanent connections, but ISE also offers a portal for guests. They identify
themselves via a web interface, but the network connection is only granted for a
specific time.”
stability by profiling and managing fallouts,” says Stangl. “For example, if one
of our editors wants to use a mobile device, they have to get in touch with the
administrator, who then connects that device to the network. Members of staff
have permanent connections, but ISE also offers a portal for guests. They identify
themselves via a web interface, but the network connection is only granted for a
specific time.”
Seven VLANs run on the fixed network, while seven wireless VLANs with audio
systems remain partitioned from the normal office infrastructure. ISE profiles the
end-point devices, and then direct users to the appropriate VLAN.
systems remain partitioned from the normal office infrastructure. ISE profiles the
end-point devices, and then direct users to the appropriate VLAN.
Results
ISE dynamic profiling has cut down administrative effort, easing the IT management
burden. Even though the new network is larger and more complex than its
predecessor, the Radio Max IT team can still manage with the same resources.
In particular, arranging guest access is faster and easier.
burden. Even though the new network is larger and more complex than its
predecessor, the Radio Max IT team can still manage with the same resources.
In particular, arranging guest access is faster and easier.
Radio Max has not implemented any formal policy for BYOD, but uses ISE to support
staff preferring to use their own mobile phone, laptop, or tablet. “ISE profiling
makes it really easy to connect devices,” says Stangl. “To enable a device, you simply
include a media access control (MAC) address, assign a profile, and push it into the
appropriate network.” Moreover, if guests want to use their own devices, it’s not a
security issue because they are directed to the guest VLAN, which is totally separate
from all other internal networks.
staff preferring to use their own mobile phone, laptop, or tablet. “ISE profiling
makes it really easy to connect devices,” says Stangl. “To enable a device, you simply
include a media access control (MAC) address, assign a profile, and push it into the
appropriate network.” Moreover, if guests want to use their own devices, it’s not a
security issue because they are directed to the guest VLAN, which is totally separate
from all other internal networks.
“Although we haven’t quantified it, since implementing ISE we know that network
availability has increased because there has been no downtime,” says Stangl. “Parallel
to this, performance has significantly improved despite the growing number of Radio
Max employees, which increased by 10 percent in the last six months.”
availability has increased because there has been no downtime,” says Stangl. “Parallel
to this, performance has significantly improved despite the growing number of Radio
Max employees, which increased by 10 percent in the last six months.”
In addition, the company’s ISE-enabled borderless network is making a positive
contribution to the business in other ways. “ISE holds everything together,” says
Stangl. “Access time is a lot faster, and there are fewer mistakes in the studios, which
improves the quality of our products. It also means we can be more flexible in our
reaction to customer wishes. If they want multimedia solutions, we can offer them,
while, in future, we plan to extend our business model to include video content.”
contribution to the business in other ways. “ISE holds everything together,” says
Stangl. “Access time is a lot faster, and there are fewer mistakes in the studios, which
improves the quality of our products. It also means we can be more flexible in our
reaction to customer wishes. If they want multimedia solutions, we can offer them,
while, in future, we plan to extend our business model to include video content.”
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
Markus Stangl
Technical Coordinator and Deputy Head of
Technical Division
Radio Max
Technical Coordinator and Deputy Head of
Technical Division
Radio Max