Explore Cisco
How to Buy

Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Cisco DNA Center Solution Overview

Available Languages

Download Options

  • PDF
    (407.8 KB)
    View with Adobe Reader on a variety of devices
Updated:October 28, 2021

Save up to 25% with a Cisco DNA Starter Kit bundle. You'll get a Cisco DNA Center appliance plus eligible Catalyst switches and access points.

Available Languages

Download Options

  • PDF
    (407.8 KB)
    View with Adobe Reader on a variety of devices
Updated:October 28, 2021


Cisco DNA Center is a powerful network controller and management dashboard that lets you take charge of your network, optimize your Cisco investment, and lower your IT spending.

Your network is more strategic to your business than ever before. You need a network management system that can automate the deployment, connectivity, and lifecycle of your infrastructure and proactively maintain the quality and security of your applications so that your IT staff can focus on networking projects that enhance your core business. You need an intent-based networking controller.

With Cisco DNA Center, the days of time-consuming network provisioning and tedious troubleshooting tasks are over. Plug-and-Play (PnP) deployment and Software Image Management (SWIM) features reduce device installation and upgrade times from hours to minutes and bring new remote offices online with plug-and-play ease from an off-the-shelf Cisco® device. Cisco DNA Assurance enables every point on the network to become a sensor, sending continuous, streaming telemetry on application performance and user connectivity in real time. This capability, coupled with automatic path trace visibility and guided remediation, means network issues are resolved in minutes—before they become problems. Integration with Cisco security solutions such as Stealthwatch® and Cisco Umbrella provides DNS protection, detection, and mitigation of threats, even when they are hidden in encrypted traffic. Cisco DNA Center also provides an open, extensible platform with broad support for external applications and systems to exchange data and intelligence, building upon its native functions. And it is the only centralized network controller to bring all of this functionality into a single pane of glass.


      Simplify management. Operate your local and branch networks over a centralized dashboard.

      Increase security. Translate business intent into zero-trust policies and dynamic segmentation of endpoints based on usage behavior.

      Lower costs. Policy-driven provisioning and guided remediation increase network uptime and reduce time spent managing network operations.

      Transform your network. Deploy cloud services and applications that benefit from the intelligent network optimization delivered by Cisco DNA Center.

      Ensure network and application performance: AI/ML network insights reduce time spent managing network operations and improve user experience.

      Facilitate offsite IT teams: Optimized for remote access, a clean, organized dashboard with single-button workflows makes remote management easy.

“Cisco DNA Center is the only way we can keep up with the explosion of devices on our network”

Marty Miller

Technology strategist
Children’s Hospital Los Angeles

What makes Cisco DNA Center different?

Cisco DNA Center is a complete management and control platform that simplifies and streamlines network operations. This single, extensible software platform includes integrated tools for NetOps, SecOps, DevOps, and Internet of Things (IoT) connectivity with AI/ML technology integrated throughout. Until now, functionality this complete could be achieved only through the purchase and operation of multiple third-party software tools. The advantages of having all your core network tools integrated into a single software platform are compelling:

      Multiple tools with multiple interfaces add complexity, which increases the possibility of errors in configuration and management. This can be especially damaging when errors in security settings lead to open vulnerabilities.

      Changing between program interfaces during network operations is time consuming and can make even simple changes or troubleshooting tasks take much longer to complete.

      Third-party platforms will never support the same levels of device management and control as those that are integrated and designed to work together.

      Automatic troubleshooting with guided remediation is extremely complex in today’s virtualized networks. Third-party tools can often tell you if a problem is due to the network or caused by an application, but they can’t offer guided remediation without true integration between the tools that control virtualization, analytics, and automation.

      Wireless performance optimization is achieved through a number of powerful capabilities: three types of wireless heatmaps, intelligent packet capture, and a set of AI/ML-driven wireless analytics unlike any you’ve seen before.

      Real intent-based networking requires extensive real-time data flow between the operational tools that are core to the network. The management of network configuration, security, analytics, and automation comes together to deliver the true business intent of the operation. Core management tools supplied by multiple third-party vendors cannot efficiently share, and react to, the amounts of data and critical information required to deliver a genuine intent-based network experience.

      Cisco DNA Center is an open and extensible platform that allows third-party applications and processes to exchange data and intelligence with your network. This improves IT operations by automating workflow processes based on network intelligence coming from Cisco DNA Center.

Cisco DNA Center offers a single dashboard for every core function in your network. With this platform, IT can become more nimble and respond to changes and challenges faster and more intelligently.

Cisco DNA Center is the network management system, foundational controller, and analytics platform at the heart of Cisco’s intent-based network. Beyond device management and configuration, Cisco DNA Center is a set of software solutions that provide:

      A management platform for all of your network.

      An intent-based networking controller for automation of your policies, segmentation, and services configurations.

      An assurance engine to guarantee the best network experience for all your users.

Cisco DNA Center software resides on the Cisco DNA Center appliance and controls all of your Cisco devices—both physical and virtual—and supports fabric and nonfabric deployments. From the main menu, Cisco DNA Center has four general sections aligned to IT workflows:

Design: Design your network for consistent configurations by device and by site. Physical maps and logical topologies help provide quick visual reference. The direct import feature brings in existing maps, images, and topologies directly from Cisco Prime® Infrastructure and the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM), making upgrades easy and quick. Device configurations by site can be consolidated in a “golden image” that can be used to automatically provision new network devices. These new devices can either be pre-staged by associating the device details and mapping to a site. Or they can be claimed upon connection and mapped to the site.

Policy: Translate business intent into network policies and apply those policies, such as access control, traffic routing, and quality of service, consistently over the entire wired and wireless infrastructure. Policy-based access control and network segmentation is a critical function of the Cisco Software-Defined Access
(SD-Access) solution built from Cisco DNA Center and Cisco Identity Services Engine (ISE). Cisco AI Network Analytics and Cisco Group-Based Policy Analytics running in the Cisco DNA Center identify endpoints, group similar endpoints, and determine group communication behavior. Cisco DNA Center then facilitates creating policies that determine the form of communication allowed between and within members of each group. ISE then activates the underlying infrastructure and segments the network creating a virtual overlay to follow these policies consistently. Such segmenting implements zero-trust security in the workplace, reduces risk, contains threats, and helps verify regulatory compliance by giving endpoints just the right level of access they need.

Provision: Once you have created policies in Cisco DNA Center, provisioning is a simple drag-and-drop task. The profiles (called scalable group tags or “SGTs”) in the Cisco DNA Center inventory list are assigned a policy, and this policy will always follow the identity. The process is completely automated and zero-touch. New devices added to the network are assigned to an SGT based on identity—greatly facilitating remote office setups.

Assurance: Cisco DNA Assurance, using AI/ML, enables every point on the network to become a sensor, sending continuous streaming telemetry on application performance and user connectivity in real time. The clean and simple dashboard shows detailed network health and flags issues. Then, guided remediation automates resolution to keep your network performing at its optimal with less mundane troubleshooting work. The outcome is a consistent experience and proactive optimization of your network, with less time spent on troubleshooting tasks.

Cisco DNA Center

Figure 1.            

Cisco DNA Center

Table 1.        Cisco DNA Center features





AI endpoint analytics

Implementation of DPI and other methods to identify endpoint clients upon accessing the network. Then uses AI/ML to place them into logical groups so that policies can be assigned based on the endpoint requirements.

Greatly facilitates onboarding and provisioning IoT endpoints in larger facilities, such as hospitals and manufacturing plants. Provides immediate identification of unauthorized endpoints connecting to the network.

Group-based policies

A simple, visual matrix where IT can create groups of users or endpoints and assign policies for application performance and resource access. Cisco DNA Center will then configure segments and microsegments based on these groups and policies.

Simplifies the creation of policies and segmentation for both fabric and nonfabric networks. Enables clear visualization of policies and segmentation between source and destination groups.

Group-based policy analytics

Discovers activities between endpoints, groups, and applications and uses AI/ML to model groups and policies. Submit candidate groups, contracts, and policies for authoring and enabling on the network.

AI/ML engine models segmentation outcomes in order to facilitate complex network policy assignments. Better equips IT teams to test and model segmentation policies and their effect on network performance.


Meraki® device visibility

Provides visibility of all Meraki devices on the corporate network (both local and remote branches) within the Cisco DNA Center dashboard.

Allows centralized control and visibility of Meraki devices, network-wide.

Meraki AP automation

Provision Meraki access points from within Cisco DNA Center. Plug-in Meraki access points at a branch office and provision them remotely from your corporate headquarters. Then manage them from regional sites, branch sites, or the corporate office via the Meraki dashboard.

Allows corporate headquarters to centralize onboarding of new devices and then provide regional or branch offices access to manage through the Meraki dashboard.

Automation: Software Image Management (SWIM)

Manages software upgrades and controls the consistency of image versions and configurations across your network.

Speeds and simplifies the deployment of new software images and patches. Pre-and post-checks help prevent adverse effects from an upgrade.

Automation: Plug and Play (PnP)

Zero-touch provisioning for new device installation. Allows off-the-shelf Cisco devices to be provisioned simply by connecting to the network.

Enables deployment of new devices in minutes and without onsite support visits. Eliminates repetitive tasks and staging.

Machine reasoning workflows

Single-click workflows can automate complex and/or tedious IT tasks as well as automate complex troubleshooting processes so that network issues can be solved quickly, and by first-level IT administrators.

The Machine Reasoning Engine (MRE) saves countless hours of IT time on laborious and tedious networking chores, as well as empowers newer engineers with tools to solve complex problems instead of escalating them.

Enterprise Network Functions Virtualization (ENFV)

Automation support for ENFV facilitates branch virtualization on any hardware device—Cisco or third-party.

Saves time in setting up network virtual services. Supports existing branch migration without hardware upgrade.

Inventory Insights

Uses machine reasoning to compare all inventory device images for consistency and security. Can locate inconsistent image versions and inconsistent switch configurations.

Save IT teams hours in manual consistency and quality control processes.

Stackwise Virtual Support

Allows Cisco DNA Center to cluster switches together virtually for increased availability and performance.

Adds reliability and performance to bottleneck areas in any campus network by virtually stacking switch capacity.

Provisioning logs

Logs in Cisco DNA Center show all device-provisioning versions and the individual responsible.

Provides insight into all network changes.


Network Health dashboard and client health dashboard

Assurance feature that gives a quick overview of the health of every network device and client on the network, wired or wireless.

Offers a general overview of the operational status of every network device provisioned from Cisco DNA Center. Any poorly connected devices will be highlighted with suggested remediation.

Device 360/Client 360

Assurance feature that displays device or client connectivity from any angle or context. Includes information on topology, throughput, and latency from different times and applications.

Provides a detailed view of the performance of any device or client over time and from any application context. Provides very granular troubleshooting in seconds.

Network time travel

Assurance feature that allows an operator to see device or client performance in a timeline view to understand the network state when an issue occurred.

Enables an operator to go back in time and see the cause of a network issue, instead of trying to re-create the issue in a lab.

True Trace path trace

Assurance feature that allows the operator to visualize the path of an application or service from the client through all devices, and to the server, in real time.

Instantly performs a common, and critical, troubleshooting task that normally requires 6 to 10 minutes. The operator simply clicks on a client or application. No need to refresh or create a new path trace, since True Trace refreshes in real time.

Wireless active sensor

A compact network sensor designed to monitor your wired or wireless network. Location-based sensor heatmaps to quickly identify failed tests and potential network issues.

Simulates real-world client experiences in order to validate wireless performance for critical venues and high-value locations such as conference halls and meeting rooms.

Wi-Fi 6 readiness dashboard

Verifies your hardware and configuration compatibility for the new Wi-Fi standard, and locates areas most served by an upgrade. After upgrading, advanced wireless analytics will indicate performance and capacity gains as a result of the Wi-Fi 6 deployment.

Improves visibility of wireless network. Identify generation/version of access points in use and clients connected. View wireless load, throughput and performance from many angles. Upgrade where and when it makes sense, then document the results.

Wireless 3D Analyzer

A new wireless propagation and mapping experience takes you into a virtual representation of your office space to visualize exactly where the Wi-Fi signal is propagating and where it is not.

More accurate and faster wireless heatmap that allows simulations for adding or moving access points. Accurate coverage planning reduces over dimensioning of access points and enables faster troubleshooting of wireless issues.

iOS and Samsung client device analytics

Provides communication from smartphones running Apple iOS or Samsung android to Cisco DNA Assurance. Smartphone client sends error codes and other wireless diagnostic information.

Allows Cisco DNA Assurance to provide extremely accurate remediation recommendations when an iOS or Samsung mobile client is having issues with wireless connectivity to the network.


Rogue management

Detection of unauthorized access points plugged into local switches or access points with the same SSID that are not connected to the customer’s wired network.

Increased security and control of wireless networks.

User-defined networking

Allows IT to give endusers control of their very own wireless network partition on a shared network. Endusers can then remotely and securely deploy their devices on this network.

Solves the “university dorm room problem” by providing a means for secure onboarding of personal devices such as video-game consoles and TV streaming devices.

Machine learning algorithms

As network conditions change, context-aware baselining captures the relationship between metrics and constantly updates an optimal curve (regression) for performance. Precise issues can be identified when they deviate from this ever-changing baseline.

Updates the preferred performance curve in real time, as network conditions change. Issues raised are based on current and real network conditions, rather than a static model. The result is 75% fewer issues to troubleshoot.


Cisco DNA Center Platform

A broad set of APIs, SDKs, and adapters that extend the capabilities of Cisco DNA Center to external applications, cross-architectural domains, systems and processes, and third-party devices.

Allows Cisco DNA Center to share network data and insights that can provide important intelligence related to business and IT operations. It also allows real-time control of the network in lockstep with business needs.

Cisco DNA Center allows you to run the network with maximum performance, reliability, security, and open interfaces. Unlock the power of data by starting your journey with Cisco DNA Center today.

Getting started with Cisco DNA Center

Cisco offers a number of ways to get started with Cisco DNA Center, depending on your networking goals. Cisco DNA capabilities are delivered through two software subscription tiers:

      Cisco DNA Advantage, which enables complete policy-based automation, assurance, and analytics.

      Cisco DNA Essentials, which offers basic automation such as Plug and Play (PnP), EasyQoS configuration and management, and embedded Cisco Software Support.

The most value-rich offer, Cisco DNA Advantage, delivers policy-based automation with SD-Access and Cisco DNA Assurance.

Customers can enable all Cisco DNA use cases with purchase of additional necessary licenses through the Cisco DNA Expansion Pack as an add-on to Cisco DNA Advantage or Cisco DNA Essentials. The Cisco DNA Expansion Pack is a flexible way to purchase Cisco ISE, Cisco DNA Spaces, Secure Network Analytics (Stealthwatch), ThousandEyes and other licenses, appliances, and services in one convenient bundle. Enhance your Cisco networking solutions such as SD-Access, Zero Trust solutions, Encrypted Traffic Analytics (ETA), location analytics, and assurance. You can add the pack to your Cisco DNA software licenses and choose the license count that fits your needs.

Get software details.

Introduction to Smart Licensing

Cisco Smart Licensing is a flexible licensing model that provides you with an easier, faster, and more consistent way to purchase and manage software across the Cisco portfolio and across your organization. And it’s secure – you control what users can access. With Smart Licensing you get:

      Easy activation: Smart Licensing establishes a pool of software licenses that can be used across the entire organization—no more PAKs (Product Activation Keys).

      Unified management: My Cisco Entitlements (MCE) provides a complete view into all of your Cisco products and services in an easy-to-use portal, so you always know what you have and what you are using.

      License flexibility: Your software is not node-locked to your hardware, so you can easily use and transfer licenses as needed.

To use Smart Licensing, you must first set up a Smart Account at Cisco Software Central (software.cisco.com).

For a more detailed overview on Cisco licensing, go to cisco.com/go/licensingguide.

Cisco Services

Accelerate your intent-based networking journey with Cisco services for enterprise networks. With proven experience, best practices, and innovative tools, our experts help you achieve extraordinary business outcomes and anticipate change so you can pivot quickly, securely, and confidently. Our comprehensive lifecycle of advisory, implementation, optimization, managed, technical, and IT training services helps you move to an open, secure, and automated intent-based network with ease and confidence. We’ll help build your in-house expertise with training for your staff, and will provide centralized Cisco Solution Support with a single point of contact from first call to resolution. Our experts will also help you improve performance, efficiency, and operational excellence while extracting maximum value from your resources.

Cisco DNA Center Advise and Implement services extends the capabilities of the Cisco DNA Center platform to help ensure rapid and secure deployment of Cisco DNA Center for simplified control of wired and wireless environments across campus, branch, and WAN. Our experts help you extend the value of Cisco DNA Center with cross-domain and third-party software integration and customized feature enhancements. Using an architectural approach to policy automation and assurance, this service enables you to manage, scale, and securely integrate Cisco DNA Center with IT and business systems for greater IT efficiency.

Cisco Capital

Flexible payment solutions are available to help you achieve your objectives. Cisco Capital® makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Get payment details.

Customer success stories

Cisco customers in every industry are changing the way they manage their networks with Cisco DNA Center. Take a look at the latest customer case studies to learn how customers are deploying Cisco DNA Center and how it is aligning their network operations with their business goals. Read stories.

Cisco DNA promotions

Going digital has never been easier. Check out the latest promotions to help you get started on your journey to a digital-ready network. Find deals.

Why Cisco?

You need a network that is constantly learning, constantly adapting, and constantly protecting. This is the future of networking. With our deep understanding of technology and relationships with IT, Cisco can help bring the boardroom and your IT together to work effectively toward better outcomes for IT and the business. With Cisco DNA, we can help you create revenue opportunities, lower costs, reduce risks, and ensure regulatory compliance. And we can help you simplify your network operations and accelerate their response to changing IT and business needs. Together with our partners, we help you innovate, manage market transitions, and turn technology into business advantage.

Next steps

For more information:

      Visit the Cisco DNA Center website at https://www.cisco.com/go/ciscodnacenter.

      Review the Cisco DNA Center use case getting started guides.

      Read the Cisco DNA Center deployment guide.

Get started with programming to take full advantage of the Cisco DNA Center platform capabilities. Learn more at Cisco DevNet.




Learn more