Introduction
Cisco Prime Infrastructure is a network management tool that supports lifecycle management of your entire network infrastructure from one graphical interface. Prime Infrastructure provides network administrators with a single solution for provisioning, monitoring, optimizing, and troubleshooting both wired and wireless devices. Robust graphical interfaces make device deployments and operations simple and cost-effective.
Note |
If your existing Prime Infrastructure is 3.7.x or 3.8.x, and your upgrade path contains 3.4.x or earlier versions, then you cannot in-line upgrade that server to Prime Infrastructure 3.9 due to security vulnerabilities in the underlying Red Hat 6 installation. You will need to take a backup of the Prime Infrastructure 3.7.x or 3.8.x server, deploy a fresh Prime Infrastructure 3.9 server, and restore that backup into the Prime Infrastructure 3.9 server. |
-
For information on server and web client requirements, see the Understand the System Requirements section of the Cisco Prime Infrastructure 3.9 Quick Start Guide.
-
For detailed information on licensing, see the Cisco Prime Infrastructure 3.x Ordering and Licensing Guide.
Submitting Feedback
Your feedback will help us improve the quality of our product. You must configure the email server and then enable data collection to configure the feedback tool. To send your feedback, follow these steps:
Procedure
Step 1 |
If you have configured your mail server, go to Step 4. |
Step 2 |
Choose Administration > > . |
Step 3 |
In the Mail Server Configuration page, enter the mail server details, then click Save to save the configuration settings. |
Step 4 |
Choose Administration > > . |
Step 5 |
In the Help Us Improve Cisco Products page, select Yes, collect data periodically, then click Save. |
Step 6 |
Click the Settings icon, then select . |
Step 7 |
Enter your feedback, then click OK. |
Supported Devices
To see the list of devices supported in this release of Prime Infrastructure:
Procedure
Step 1 |
Log in to Prime Infrastructure. |
Step 2 |
Click the wheel icon at the top right, then click Supported Devices. |
What to do next
For detailed information on the software compatibility for the Cisco wireless devices, see the following URL:
Note |
Prime Infrastructure does not support non-admin virtual device context (VDC) on Nexus devices. |
Supported Wireless LAN Controller Hardware Models
Table 1 lists the Prime Infrastructure supported devices for switches, WLCs, Access Points (APs), ISEs, and MSEs.
Supported Switches |
Supported Controllers |
Supported MSE Devices |
Supported ISE Devices |
Supported Lightweight APs |
Supported Autonomous APs |
---|---|---|---|---|---|
Catalyst 3560 Series Switches [Cisco IOS Release 12.2(50)SE] Catalyst 3650 Series Ethernet Stackable Switch* Catalyst 3750 Switches [Cisco IOS Release 12.2(50)SE] Catalyst 3850 Series Ethernet Stackable Switch* Catalyst 4500 Switches [Cisco IOS Release 12.2(50)SG]* Catalyst 6500 Switches [Cisco IOS Release 12.2(33)SXI] and [Cisco IOS XE 03.07.00.E] Cisco NAM 2304 Appliance Cisco NAM 2320 Appliance Cisco IE 2000 Series Switches. |
Catalyst 9800-40 Wireless Controller Catalyst 9800-80 Wireless Controller Catalyst 9800-CL Wireless Controller for Cloud Catalyst 9800-L-C Wireless Controller Catalyst 9800-L-F Wireless Controller Cisco 3504 Wireless Controller Cisco 8540 Wireless Controller Cisco 8510 Wireless Controller Cisco 5520 Wireless Controller Cisco 5508 Wireless Controller Cisco 4400 Series Wireless Controllers Cisco 2504 Wireless Controller Cisco Flex 7510 Wireless Controllers Cisco Virtual Controller Cisco Wireless Service Module (WiSM) Cisco Wireless Service Module 2 (WiSM2) Cisco Wireless Controller on Cisco Services-Ready Engine (WLCM2 on SRE) Catalyst 3750G Integrated Wireless LAN Controller Cisco 5760 Wireless LAN Controller The following Cisco Mobility Express Controllers are supported:
|
Cisco CMX Cisco 3375 Appliance for CMX Cisco MSE Cisco MSE 3365 (physical) Appliance Cisco MSE Virtual Appliance MSE 8.0.150.0 CMX-10.4.x CMX-10.5.x CMX-10.6.x |
Cisco ISE 2.6 Cisco ISE 2.4 Cisco ISE 2.3 Cisco ISE 2.2 Cisco ISE 2.1 Cisco ISE 2.0 Cisco ISE 1.4 with the required patch1 Cisco ISE 1.3 Cisco ISE 1.2 |
Cisco 6300 Series Embedded Services Access Points (ESW6300) Cisco Catalyst IW6300 DCW Heavy Duty AP Cisco Catalyst IW6300 AC Heavy Duty AP Cisco Catalyst IW6300 DC Heavy Duty AP Cisco Catalyst 9130AXE AP Cisco Catalyst 9130AXI AP Cisco Catalyst 9120AXI AP Cisco Catalyst 9120AXE AP Cisco Catalyst 9120AXP AP Cisco Catalyst 9115AXE AP Cisco Catalyst 9115AXI AP Cisco Catalyst 9117AXI AP Cisco Aironet 4800 AP Cisco Aironet 3800i AP Cisco Aironet 3800e AP Cisco Aironet 3800p AP Cisco Aironet 3700i AP Cisco Aironet 3700e AP Cisco Aironet 3700p AP Cisco Aironet IW 3700 AP Cisco Aironet 3600i AP Cisco Aironet 3600e AP Cisco Aironet 3600p AP Cisco Aironet 3500i AP Cisco Aironet 3500e AP Cisco Aironet 3500p AP Cisco Aironet 2800i AP Cisco Aironet 2800e AP Cisco Aironet 2700i AP Cisco Aironet 2700e AP Cisco Aironet 2700p AP Cisco Aironet 2600i AP Cisco Aironet 2600e AP Cisco Aironet 1850i AP Cisco Aironet 1850e AP Cisco Aironet 1840I AP Cisco Aironet 1830i AP Cisco Aironet 1815i AP Cisco Aironet 1815w AP Cisco Aironet 1815t AP Cisco Aironet 1815m AP Cisco Aironet 1810 OfficeExtend Series AP Cisco Aironet 1810w AP Cisco Aironet 1800i AP Cisco Aironet 1700i AP Cisco Aironet 1700E AP Cisco Aironet 1600i AP Cisco Aironet 1600e AP Cisco Aironet 1572IC AP Cisco Aironet 1572EAC AP Cisco Aironet 1572EC AP Cisco Aironet 1562I AP Cisco Aironet 1562E AP Cisco Aironet 1562D AP Cisco Aironet 1562 PS AP Cisco Aironet 1552C AP Cisco Aironet 1552CU AP Cisco Aironet 1552E AP Cisco Aironet 1552EU AP Cisco Aironet 1552H AP Cisco Aironet 1542I AP Cisco Aironet 1542D AP Cisco Aironet 1532I AP Cisco Aironet 1200 AP Cisco Aironet 1140 AP Cisco Aironet 1130 AG AP Cisco Aironet 1040 AP Cisco Aironet 700 AP Cisco Aironet 702W AP Cisco Aironet 600 Series OfficeExtend AP |
Cisco Aironet 3700 Series APs Cisco Aironet 3600 Series APs Cisco Aironet 3500 Series APs Cisco Aironet 2700 Series AP Cisco Aironet 2600 Series APs Cisco Aironet 1700 Series APs Cisco Aironet 1600 Series APs Cisco Aironet 1550 Series APs Cisco Aironet 1530 Series APs Cisco Aironet 1570 Series APs Cisco Aironet 1260 Series APs Cisco Aironet 1140 Series APs Cisco Aironet 1040 Series APs Cisco Aironet 700W APs Cisco Aironet 702I Series APs Cisco Aironet 800 Series ISR Cisco Aironet 1310 and 1410 Bridges, Cisco IW3700 series APs. |
*Also acts as Cisco Wireless Controller.
Cisco Prime Infrastructure with Cisco Digital Network Architecture (DNA) Center
You can now integrate Cisco Prime Infrastructure with Cisco Digital Network Architecture (DNA) Center and utilize the intent-based networking solution for managing application user experience in the enterprise.
To know more about Cisco Prime Infrastructure to DNAC Migration, visit Cisco Prime Infrastructure to Cisco Digital Network Architecture (DNA) Center Co-existence Guide.
New Features and Enhancements
This section provides a brief description of new features and enhancements in this release. For more information about the features and benefits, as well as hardware and software specifications, see the Cisco Prime Infrastructure 3.9 Data Sheet at: http://www.cisco.com/c/en/us/products/cloud-systems-management/prime-infrastructure/datasheet-listing.html
-
The IP Overlap feature is available in the Flex Profile for Cisco Catalyst 9800 Series Wireless Controllers. Overlapping IP checkbox is included in the Flex Profile page for 17.4 controller version available from Prime Infrastructure 3.9. Enabling the check box allows the user to use the same IP address to be configured for various wireless clients on different sites.
Wired
PI_DNAC Co-existance Enhancements
-
Navigation path for PI_DNAC co-existence tool is changed and can be launched now from the Prime Infrastructure home page in 3.9 version.
- launch Cisco DNA Center from the getting started page.
-
The Enable CMX settings option helps to choose the CMX data to be migrated to Cisco DNA Center. Enabling Enable CMX settings checkbox helps to push CMX data with floor groups and if checkbox is not selected, CMX data will not be pushed to the Cisco DNA Center server.
-
From Prime Infrastructure 3.9, user defined Templates and Composite Templates can be migrated to the integrated DNAC server through co-existence tool.
Select the Migrate User Defined CLI Templates checkbox to migrate the user defined CLI and/or Composite Templates to Cisco DNA Center.
-
During Force Sync a confirmation window DNAC data will be overwritten by PI data by the Force Sync is introduced. Click Yes to proceed or No to stop Force Sync.
Configuration Enhancements
-
Extending DBvariable support for C9300 & 5500 WLC for SR 688131787 - Two new DBvariables are ModelNumber_WLC and SerialNumber_WLC.
Inventory Enhancements
-
You can now view the ICMP Latency History on the device details page in 360 view. A graph will be shown with the latency details for 1hr ,6hrs and 24hrs about device reachability.
-
When SNMPv3 protocol is used and some of devices have duplicated SNMP engineID values, Prime Infrastructure throws the proper warning to the user "The engineId configured to the device is x.x.x.x. Please configure a unique engine id to the device y.y.y.y and re-add it again".
MSE Enhancements
-
Cisco CMX release 10.4 supports new active clients version 3 API under Location REST API. The new Active Clients v3 API allows frequent requests without impacting other services such as location service.
-
In the CMX page, a new addition of Edit API Server credentials is included from Prime Infrastructure 3.9. This updates the API server credentials as Prime Infrastructure will support CMX with API V3.
Administration High Availability Enhancements
-
HM Authentication using username - In order to login to the Health Monitory of primary and secondary, you will be prompted for two input box: Username and Authentication key.
Servicibility Enhancements
-
While creating new alarm policy, you can now select the time duration in hours or minutes under respective fields. For hours, please enter a value between 1 to 60. For minutes, please enter a value between 1 to 59.
Plug and Play Enhancements
-
Prime Infrastructure should authenticate application policy infrastructure controller enterprise module’s external user before syncing from Prime Infrastructure to APIC-EM.
Assurance Enhancements
-
Prime Infrastructure 3.9 has brought uniformity in the data display of the utilization reports. This reduces the customer effort while comparing data between different reports.
-
AVC Readiness Assessment page has an CSV export button which exports all the devices listed or selected in the page.
-
While creating a monitoring policy, when the number of threshold conditions cross 50 for each polling parameter a warning message is displayed. This message mentions clearly the number of threshold conditions which can be added further.
-
The upper limit of interfaces is increased from 100 to 500 interfaces in the Interface Utilization Trend report.
-
In Generic dashlet > Type drop-down list we can choose the dashlet type as table or line chart. The tablet view gives a consolidated view of all devices upto 500 polled entries in the dashlet. The line chart view, provide user to choose specific inputs per device level and displays upto 1000 entries in the dashlet.
DNS Enhancements
-
Prime Infrastructure 3.9 has brought security to DNS traffic by implementing DNS Security Extensions (DNSSEC). This is enabled by default and can be controlled through new Admin CLI option - 'ip dnssec'.
Base Service Enhancements
-
Job Notification Email option is available for each job type - Separate column is provided for adding email id for different user defined jobs link Success, Failure and Partial-success jobs.
-
New time bound traditional licenses in PI 3.9 - Prime Infrastructure allows alert on term license expiration before the defined dates. Both permanent and term based licenses with the license summary display information will be available.
-
Job Notification Email (System Jobs) - when user performs any system job, mail notification is send for system job similar to user job notification.
Reports
-
Third Party Device Details Report, is added. You can create a new Third Party Device Details Report by clicking the New button.
- A new report type, -
Enable CSV as Zip is added , it customizes the report type option to select as zip for Export and email attachment on CSV and PDF format reports.
- A new check box
Wireless
Access Points Enhancements
-
Prime Infrastructure 3.9 introduces support for:
- Support for Overlapping IP Address on Flex Deployment - Overlapping IP checkbox is included in the Flex Profile page for 17.4 controller version, this allows the user to use the same IP address to be configured for various wireless clients on different sites.
- Support for BSS Coloring Support (OBSS-PD) on Axel - OBSS PD Checkbox and Non-SRG OBSS PD Max Threshold (dBm) entry fields are included in the More tab
- Support for detecting AP Antenna Disconnection Failure.
Important Notes
This section contains important notes about Prime Infrastructure.
-
When you upgrade from Prime Infrastructure 3.7 to 3.8.1 Update 01 or 3.9, if you need support for Catalyst 9800 16.12.x, you need to enable backward compatibility. For more information, see Enable Backward Compatibility between Catalyst 9800 WLC Devices and Prime Infrastructure 3.9.
-
Cisco Prime Infrastructure does not support Data Center from Release 3.7. For more information see End-of-Sale and End-of-Life Announcement for the Cisco Prime Infrastructure Data Center.
-
Editing the schedule of an already-scheduled job will change the status of that job to Pending for Approval since each edit requires an approval from the user who created the job.
-
You must disable and enable the syslog forwarding feature and then refresh the page if Prime Infrastructure is not able to forward Syslogs to the remote server. If the issue persists, restart Prime Infrastructure.
-
Cisco Prime Infrastructure does not support monitoring for Cisco Application Control Engine (ACE) module, because ACE has been moved to end-of-life and does not respond to related monitoring MIBs.
-
In Prime Infrastructure after backup and restore, the huge amount of empty partitions from Alarm table fails to drop the old partitions. For more information see Techzone on how to drop partition.
-
Prime Infrastructure can handle 7k interfaces per device. It takes only a few hours for the inventory sync-up to complete for the devices within this range. For devices with more than 7k interfaces, a few days will be required for the sync-up and if the interfaces range exceeds 10k, server downtime is experienced.
-
When you migrate to Catalyst 9800 devices from the Prime Infrastructure-DNA Center co-existence tool, the Catalyst 9800 devices support aided for DNA Center 1.2.8 and above moves the WLC to DNA Center and the devices to the collection failure sync state on Netconf feature failure. This is because the Catalyst 9800 devices support expects you to enter a value for the “Netconf Port” field and the SSH credentials so as to be managed by DNA Center. You can also manage the Catalyst 9800 devices manually by entering a value for the Netconf Port field and the SSH credentials in DNA Center and then re-sync.
-
You must perform the configuration instructions as described in the Basic Configuration of a Catalyst 9800 Running IOS to Support NETCONF/YANG Data Modelling section required for a Catalyst 9800 running IOS software to support NETCONF/YANG Data Modelling.
Note
Replace 3850 with 9800, wherever applicable.
-
Cisco Prime Infrastructure no longer supports the Datacenter feature.
-
Cisco ADE (Application Deployment Engine) OS Release 4.1 is supported till EOL of Prime Infrastructure.
Open Caveats
The following table lists the open caveats in Prime Infrastructure Release 3.9.
Click the identifier to view the impact and workaround for the caveat. This information is displayed in the Bug Search Tool. You can track the status of the open caveats using the Bug Search Tool.
Identifier |
Description |
---|---|
Rogue AP's are missing from Rogue AP report. |
|
Prime Infrastructure may not generate AP Impersonation alarms. |
|
Templates selection in Migrated Templates is limited to 500 after force sync completion. |
|
Prime Infrastructure's Coexistence tool may not migrate all the wireless maps during force synchronisation. |
|
Prime Infrastructure 3.8 - Not possible to apply compliance fix jobs for Catalyst 1000 switches. |
|
Duplicate entry in the PROTOCOLENDPOINT table with the same class name IPPROTOCOLENDPOINT. |
|
Prime Infrastructure 3.7 and 3.8 do not show description in wIPS alarms. |
|
Prime Infrastructure 3.8 can not save the IPv6 default gateway. |
|
Manual time adjustment does not survive a reload. |
|
Prime Infrastructure may not render the background street maps in selected screens hye. |
Resolved Caveats
The following caveats were resolved in this release. You can view additional information about these caveats in the Bug Search Tool.
Identifier |
Description |
---|---|
Prime Infrastructure 3.x- Server backup fails in the WebUI. |
|
SNMPD service crashes in Prime Infrastructure. |
|
CCO EULA & K9 agreement link validation works properly in Software Image Management. |
|
Prime Infrastructure: During Software Image Management activation process, ISSU image upgrade is not working in VSS mode. |
|
Unable to upload .dwg image in Prime Infrastructure New Maps due to OBJECTS section size. |
|
Cannot edit position information for AP in Prime Infrastructure 3.6. |
|
Importing CAD unique block instances failed under certain circumstances. |
|
Prime Infrastructure operations center consuming incorrect license. |
|
Refresh clients and users page with filter "Detected on MSE" may display no data available. |
|
Prime Infrastructure's access point copy and replace functionality does not work as expected. |
|
WLC traps get enabled when synchronized from Prime Infrastructure 3.7. |
|
Prime Infrastructure 3.7 - Unable to see data in Device 360 view in Security > TrustSec > Wired 802_1x. |
|
Export incorrect device lists for selected Virtual-Domain in OpCenter Server. |
|
Credential Profile field does not load profiles into OpsCenter from those already created in Prime Infrastructure. |
|
Duplicate host names in the inventory. |
|
When loading a raster floor image, width/length are not modified according to the image aspect ratio. |
|
eWLC: APs not discovered by Prime Infrastructure when controller version 17.3. |
|
Prime Infrastructure 3.7 gives error on templates based off of 3rd-party MIB Monitoring Policies. |
|
Some doors appear mirrored in imported CAD file. |
|
Interface Availability Report not showing any data for Access point. |
|
Rogue in LRAD state (managed APs) are reported as malicious rogue in Prime Infrastructure. |
|
vPC status dashlet does not return data. |
|
Monitoring wireless dashboard > Attacks Detected - alarm count. |
|
Scheduled configuration archive rollback job may fail for Catalyst 9300 device. |
|
Extra space should be removed in average poor RSSI column on Worst RF AP Report. |
|
eWLC 16.12 with Prime Infrastructure 3.8 - APs and clients are not discovered and shows zero count telemetry is active. |
|
Upgrade struts-core |
|
Prime Infrastructure-browser developer tools inspector option on Mail Server Configuration page shows password in clear text. |
|
Prime Infrastructure 3.8 - Repositories may disappear from the running-configuration upon creating a new FTP repository. |
|
Guest user created in Prime Infrastructure and mapped to SSID not translated into proper commands on 9800 WLC. |
|
Prime Infrastructure 3.7 DBArchiveLogCleanupTask Backup fails. |
|
Jobs related records are not deleted properly from database through pruning jobs. |
|
Prime Infrastructure 3.x - Cannot save changes while positioning APs in Prime Infrastructure Maps. |
|
AP model 9120 auxiliary radio status may not show correct status. |
|
Prime Infrastructure 3.x - SAM daemon aggregation is failing for Netflow data. |
|
Configuration Archive component consides Catalyst 9800 wireless controller as switch device type. |
|
Unable to make changes to the saved report when the report title contains square brackets []. |
|
Prime Infrastructure may generate interface not exist alarm for APs which have auxiliary radios. |
|
Unable to schedule a device maintenance state job. |
|
BGL18 Alpha: Telemetry status shows failure in Prime Infrastructure but Active in controller. |
|
Problem with deleting active guest users in Prime Infrastructure 3.7. |
|
Prime Infrastructure 3.7 error when setting channel/power on some Aps. |
|
User cannot create a notification policy - No data available shown in the UI instead of conditions. |
|
wIPS Forensics not working from Prime Infrastructure's GUI. |
|
APs in AP Groups removed after adding two or more APs at once. |
|
Syslog policy - Duplicate emails are going to the configured email addresses for the syslog message. |
|
/var/spool/clientmqueue may consume excessive disk space resulting in Prime Infrastructure to go down. |
|
Prime Infrastructure performance may be impacted if NETWORKMACTYPEMAP has more than 700K records. |
|
Prime Infrastructure tries to communicate with external IP address (javamelody) over the Internet. |
|
Guest Accounts Synchronise job expires guest user accounts with unlimited lifetime on 9800 WLC. |
|
Prime Infrastructure 3.8- Low SSH Server CBC Mode Ciphers Enabled. |
|
When setting timezone to Chile/Continental or Etc/GMT-4 the time is incorrect. |
|
Guest user accounts discovered by Prime Infrastructure show as created by "root" user. |
|
Prime Infrastructure 3.7 & 3.8: Discrepancy between On-Demand vs Exported SFP Port and Module Details Report. |
|
Using Japanese language option - add guest user, and click Save button. Prime Infrastructure cannot save the guest user. |
|
Configuration Archive for ASA is not getting triggered by syslogs. |
|
Insecure HTTP header policies and browser cache weakness for login. |
|
Prime Infrastructure may show false audit mismatch for a few of 9800 config default values. |
|
Lightweight access point template application shows partial success for 3702 AP. |
|
RegEx checker for rule input in compliance policy does not accept examples given or most regExes. |
|
Prime Infrastructure 3.8: Top N Interface Utilization Dashlet display truncated interface name for ASA device types. |
|
Prime Infrastructure interface gig0 usage note must be corrected in Quick Start Guide. |
|
Unable to redirect from top n client to client conversation. |
|
Prime Infrastructure's graphs are not updated if the GUI is dormant. |
|
Prime Infrastructure's Server Backup edit schedule window may not open. |
|
Page fails after clicking "Applied to Switches/Ports" on Configuration > Templates > Switch Location. |
|
API request for ClientDetails may fail. |
|
Radio Role configuration should be provided on 2.4 GHz Radio for 9130AX Model. |
|
Prime Infrastructure 3.7.1 update 2 shows active guest accounts as expired. |
|
Null IP entries in db cause Lightweight AP job to fail. |
|
After pushing CLI templates SNMP v3 priv type is changed from AES-256 to CBC-DES. |
|
Applied access point filters from the site maps view seem to become permanent. |
|
Evaluation of ncs for Log4j RCE (Log4Shell) Vulnerabilities - CVE-2021-44228, CVE-2021-45046, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832, CVE-2021-4104. |
Related Documentation
You can access additional Cisco Prime Infrastructure documentation at:
http://www.cisco.com/en/US/products/ps12239/tsd_products_support_series_home.html
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html .
Subscribe to What’s New in Cisco Product Documentation , which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.