Explore Cisco
How to Buy

Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Cisco DNA Center Solution Overview

Available Languages

Download Options

  • PDF
    (329.3 KB)
    View with Adobe Reader on a variety of devices
Updated:June 14, 2022

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Save up to 25% with a Cisco DNA Starter Kit. Bundle a Cisco DNA Center appliance with eligible access devices.

Available Languages

Download Options

  • PDF
    (329.3 KB)
    View with Adobe Reader on a variety of devices
Updated:June 14, 2022


Cisco DNA Center is a powerful network controller and management dashboard for secure access to networks and applications. It lets you take charge of your network, optimize your Cisco investment, and lower your IT spending.

Your network is more strategic to your business than ever before. You need a network management system that can automate the deployment, connectivity, and lifecycle of your infrastructure and proactively maintain the quality and security of your applications so that your IT staff can focus on networking projects that enhance your core business. You need an intent-based networking controller.

As the foundational controller and analytics platform at the heart of Cisco’s intent-based network, Cisco DNA Center is a set of software solutions that manages your network, automates your virtual devices and services, and, with its assurance capabilities, supports the best network experience for all your users. With Cisco DNA Center, the days of time-consuming network provisioning and tedious troubleshooting tasks are over. Plug-and-Play (PnP) deployment and Software Image Management (SWIM) features reduce device installation and upgrade times from hours to minutes, and new remote offices using off-the-shelf Cisco® devices can be brought online with ease. Through its assurance feature, Cisco DNA Center enables every point on the network to become a sensor, sending continuous, streaming telemetry on application performance and user connectivity in real time. This capability, coupled with automatic path trace visibility and guided remediation, means network issues are resolved in minutes—before they become problems. Integration with Cisco security solutions such as Cisco Secure Network Analytics (formerly Stealthwatch®) and Cisco Umbrella provide DNS protection, detection, and mitigation of threats, even when they are hidden in encrypted traffic. Cisco DNA Center also provides an open, extensible platform with broad support for external applications and systems to exchange data and intelligence, building upon its native functions. And it is the only centralized network controller to bring all of this functionality into a single pane of glass.


     Simplify management. Operate your local and branch networks over a centralized dashboard.

     Increase security. Translate business intent into zero-trust policies and dynamic segmentation of endpoints based on usage behavior.

     Lower costs. Policy-driven provisioning and guided remediation increase network uptime and reduce time spent managing network operations.

     Transform your network. Deploy cloud services and applications that benefit from the intelligent network optimization delivered by Cisco DNA Center.

     Ensure network and application performance: AI/ML network insights reduce time spent managing network operations and improve user experience.

     Facilitate offsite IT teams: Optimized for remote access, a clean, organized dashboard with single-button workflows makes remote management easy.

“Cisco DNA Center is going to help us in a number of ways. Number one is security. For simplicity and ease of administration, we decided to build one network for both our IoT devices and our core enterprise. Following Cisco’s zero-trust security model, we keep our OT network segment at a lower trust level, without having to build out an entirely separate network infrastructure for it.”

Jason Pettway,

AVP IT Operations at Norfolk Southern

What makes Cisco DNA Center different?

Cisco DNA Center is a complete management and control platform that simplifies and streamlines network operations. This single, extensible software platform includes integrated tools for AIOps, NetOps, SecOps, DevOps, and Internet-of-Things (IoT) connectivity with AI/ML technology integrated throughout. Functionality this complete could be achieved before now only through the purchase and operation of multiple third-party software tools. The advantages of having all your core network tools integrated into a single software platform are compelling:

     Multiple tools with multiple interfaces add complexity, which increases the possibility of errors in configuration and management. This can be especially damaging when errors in security settings lead to open vulnerabilities.

     Changing between program interfaces during network operations is time consuming and can make even simple changes or troubleshooting tasks take much longer to complete.

     Third-party platforms will never support the same levels of device management and control as those that are integrated and designed to work together.

     Automatic troubleshooting with guided remediation is extremely complex in today’s virtualized networks. Third-party tools can often tell you if a problem is due to the network or caused by an application, but they cannot offer guided remediation without true integration between the tools that control virtualization, analytics, and automation.

     Provides deep insight into user experience for Apple iOS devices, Samsung smart phones, and devices using Intel® Wi-Fi chipsets.

     Wireless performance optimization is achieved through a number of powerful capabilities: 3D heatmaps that are immersive tools allowing the user to gain insight into current wireless coverage; a “what if” planning tool that models for additional capacity or coverage changes; intelligent packet capture; and a set of industry-leading AI/ML-driven wireless analytics tools.

     Real intent-based networking requires extensive real-time data flow between the operational tools that are at the core of the network. The management of network configuration, security, analytics, and automation comes together to deliver the operation’s true business intent. Core management tools supplied by multiple third-party vendors cannot efficiently share, and react to, the amounts of data and critical information required to deliver a genuine intent-based network experience.

     Cisco DNA Center is an open and extensible platform that allows third-party applications and processes to exchange data and intelligence with your network. This improves IT operations by automating workflow processes based on network intelligence coming from Cisco DNA Center.

     Cisco DNA Center is FIPS 140-2 compliant. Federal government departments and public- and private-sector organizations can be assured of compliance with security mandates for protecting sensitive information.

Cisco DNA Center offers a single dashboard for every core function in your network. With this platform, IT can become more nimble and respond to changes and challenges faster and more intelligently.

Cisco DNA Center is the network management system, foundational controller, and analytics platform at the heart of Cisco’s intent-based network. Beyond device management and configuration, Cisco DNA Center is a set of software solutions that provide:

     A management platform for all of your network

     An intent-based networking controller for automation of your policies, segmentation, and services configurations

     An assurance engine to guarantee the best network experience for all your users

Cisco DNA Center software resides on a dedicated appliance with future capability to support a virtual appliance for VMware ESXi and Amazon Web Services (AWS). The Cisco DNA Center appliance controls all of your Cisco devices—both physical and virtual—and supports fabric and nonfabric deployments. From the main menu, Cisco DNA Center has four general sections aligned to IT workflows:

Design: Design your network for consistent configurations by device and by site. Physical maps and logical topologies help provide quick visual reference. The direct import feature brings in existing maps, images, and topologies directly from Cisco Prime® Infrastructure, making upgrades easy and quick. Device configurations by site can be consolidated in a “golden image” that can be used to automatically provision new network devices. These new devices can either be prestaged by associating the device details and mapping to a site, or they can be claimed upon connection and mapped to the site.

Policy: Translate business intent into network policies and apply those policies, such as access control, traffic routing, and quality of service, consistently over the entire wired and wireless infrastructure. Policy-based access control and network segmentation is a critical function of the Cisco Software-Defined Access (SD-Access) solution built from Cisco DNA Center and Cisco Identity Services Engine (ISE). Cisco AI Endpoint Analytics and Cisco Group-Based Policy Analytics running in the Cisco DNA Center identify endpoints, group similar endpoints, and determine group communication behavior. Cisco DNA Center then facilitates creating policies that determine the form of communication allowed between and within members of each group. ISE then activates the underlying infrastructure and segments the network, creating a virtual overlay to follow these policies consistently. Such segmenting implements zero-trust security in the workplace, reduces risk, contains threats, and helps verify regulatory compliance by giving endpoints just the right level of access they need.

Provision: Once you have created policies in Cisco DNA Center, provisioning is a simple drag-and-drop task. The profiles (called Scalable Group Tags [SGTs]) in the Cisco DNA Center inventory list are assigned a policy, and this policy will always follow the identity. The process is completely automated and zero-touch. New devices added to the network are assigned to an SGT-based on identity—greatly facilitating remote office setups.

Assurance: Cisco DNA Center assurance capabilities, use AI/ML enabling every point on the network to become a sensor, sending continuous streaming telemetry on application performance and user connectivity in real time. The clean and simple dashboard shows detailed network health and flags issues. Then, guided remediation automates resolution to keep your network performing at its optimal level, reducing mundane troubleshooting work. The outcome is a consistent experience and proactive optimization of your network, with less time spent on troubleshooting tasks.

Cisco DNA Center

Figure 1.               

Cisco DNA Center

Table 1.                 Cisco DNA Center features





AI endpoint analytics

Implementation of DPI and other methods to identify endpoint clients upon accessing the network. Then uses AI/ML to place them into logical groups so that policies can be assigned based on the endpoint requirements.

Greatly facilitates onboarding and provisioning IoT endpoints in larger facilities, such as hospitals and manufacturing plants. Provides immediate identification of unauthorized endpoints connecting to the network.

Group-based policies

A simple, visual matrix where IT can create groups of users or endpoints and assign policies for application performance and resource access. Cisco DNA Center will then configure segments and microsegments based on these groups and policies.

Simplifies the creation of policies and segmentation for both fabric and nonfabric networks. Enables clear visualization of policies and segmentation between source and destination groups.

Group-based policy analytics

Discovers activities between endpoints, groups, and applications and uses AI/ML to model groups and policies. Submit candidate groups, contracts, and policies for authoring and enabling on the network.

AI/ML engine models segmentation outcomes in order to facilitate complex network policy assignments. Better equips IT teams to test and model segmentation policies and their effect on network performance.


Meraki® device visibility

Provides visibility of all Meraki devices on the corporate network (both local and remote branches) within the Cisco DNA Center dashboard

Allows centralized visibility of Meraki devices, network-wide

Automation: Software image management (SWIM)

Manages software upgrades and controls the consistency of image versions and configurations across your network

Speeds and simplifies the deployment of new software images and patches. Pre-and post-checks help prevent adverse effects from an upgrade.

Automation: Plug and play (PnP)

Zero-touch provisioning for new device installation. Allows off-the-shelf Cisco devices to be provisioned simply by connecting to the network.

Enables deployment of new devices in minutes and without onsite support visits. Eliminates repetitive tasks and staging.

Machine reasoning workflows

Single-click workflows can automate complex and/or tedious IT tasks as well as automate complex troubleshooting processes so that network issues can be solved quickly, and by first-level IT administrators.

The Machine Reasoning Engine (MRE) saves countless hours of IT time on laborious and tedious networking chores, as well as empowering newer engineers with tools to solve complex problems instead of escalating them.

Enterprise Network Functions Virtualization (ENFV)

Automation support for ENFV facilitates branch virtualization on any hardware device—Cisco or third-party.

Saves time in setting up network virtual services. Supports existing branch migration without hardware upgrades.

Inventory Insight

Uses machine reasoning to compare all inventory device images for consistency and security. Can locate inconsistent image versions and inconsistent switch configurations.

Saves IT teams hours in manual consistency and quality-control processes

StackWise® Virtual support

Allows Cisco DNA Center to cluster switches together virtually for increased availability and performance

Adds reliability and performance to bottleneck areas in any campus network by virtually stacking switch capacity

Provisioning logs

Logs in Cisco DNA Center show all device-provisioning versions and the individuals responsible.

Provides insight into all network changes


Network Health dashboard and client health dashboard

Assurance feature that gives a quick overview of the health of every network device and client on the network, wired or wireless

Offers a general overview of the operational status of every network device provisioned from Cisco DNA Center. Any poorly connected devices will be highlighted with suggested remediation.

Device 360 / Client 360

Assurance feature that displays device or client connectivity from any angle or context. Includes information on topology, throughput, and latency from different times and applications.

Provides a detailed view of the performance of any device or client over time and from any application context. Provides very granular troubleshooting in seconds.

Network time travel

Assurance feature that allows an operator to see device or client performance in a timeline view to understand the network state when an issue occurred

Enables an operator to go back in time and see the cause of a network issue, instead of trying to re-create the issue in a lab

AI-enhanced Radio Resource Management (RRM)

AI-enhanced RRM evaluates past RF experiences, predicts future trends, and recommends configurations, which results in minimum configuration changes and eventually consistent end- user experience. RRM simulator allows administrators to model these recommendations and verify changes to the design.

IT can now manage all sites and locations, eliminating the need for time-consuming RF tuning. This enhances the wireless performance in dynamic environments, resulting in a better client experience for users.

True Trace path trace

Assurance feature that allows the operator to visualize the path of an application or service from the client through all devices, and to the server, in real time

Instantly performs a common, and critical, troubleshooting task that normally requires 6 to 10 minutes. The operator simply clicks on a client or application. No need to refresh or create a new path trace, since True Trace refreshes in real time.

Wireless active sensor

A compact network sensor designed to monitor your wired or wireless network. Location-based sensor heatmaps quickly identify failed tests and potential network issues.

Simulates real-world client experiences in order to validate wireless performance for critical venues and high-value locations such as conference halls and meeting rooms

Wi-Fi 6 readiness dashboard

Verifies your hardware and configuration compatibility for the new Wi-Fi standard, and locates areas most served by an upgrade. After upgrading, advanced wireless analytics will indicate performance and capacity gains as a result of the Wi-Fi 6 deployment.

Improves visibility of wireless network through vital metrics. Gain performance data and the version/generation of all access points in use as well as the number of clients connected, upgrade where and when it makes sense, then document the results.

Wireless 3D Analyzer

Three-dimensional wireless propagation and mapping experience takes you into a virtual representation of your office space to visualize the Wi-Fi signal propagation across multiple floors. Gain insights into client experience through Integration with Cisco DNA Spaces 3D client location maps.

Accurate and fast wireless heatmap that allows simulations for adding or moving access points. Accurate coverage planning reduces over-dimensioning of access points. Three-dimensional client-location and wireless-propagation maps enable faster troubleshooting of wireless issues.

Intel, iOS, and Samsung client-device analytics

Gain insight into devices using Intel Wi-Fi chipsets, Apple iOS devices, and Samsung smart phones. These devices send error codes and other wireless diagnostic information.

Provides deep insights into end-user experience for devices using Intel technology, Apple iOS devices, and Samsung smartphones. Cisco DNA Center provides accurate remediation recommendations when users experience issues with wireless connectivity to the network.

Rogue management

Detects unauthorized access points plugged into local switches or access points with the same SSID that are not connected to the customer’s wired network

Provides increased security and control of wireless networks

User-defined networking

Allows IT to give end users control of their very own wireless network partition on a shared network. End users can then remotely and securely deploy their devices on this network.

Solves the “university dorm room problem” by providing a means for secure onboarding of personal devices such as video-game consoles and TV streaming devices

Machine learning algorithms

As network conditions change, context-aware baselining captures the relationship between metrics and constantly updates an optimal curve (regression) for performance. Precise issues can be identified when they deviate from this ever-changing baseline.

Updates the preferred performance curve in real time, as network conditions change. Issues raised are based on current and real network conditions, rather than a static model. The result is 75% fewer issues to troubleshoot.

Cisco DNA Center allows you to run the network at maximum performance with added reliability, and security. Unlock the power of data by starting your journey with Cisco DNA Center today.

Getting started with Cisco DNA Center

Cisco offers a number of ways to get started with Cisco DNA Center, depending on your networking goals. The automation, assurance, and policy-capabilities are delivered through two software subscription tiers that are purchased with your Cisco Catalyst® switches and access points and renewed after 3-, 5-, or 7-year terms:

     Cisco DNA Advantage, which enables complete policy-based automation, assurance, and analytics

     Cisco DNA Essentials, which offers basic automation such as Plug and Play (PnP), EasyQoS configuration and management, and embedded Cisco Software Support

The more value-rich offer, Cisco DNA Advantage, delivers policy-based automation with SD-Access and Cisco DNA Center.

Customers can enable all Cisco DNA Center use cases with purchase of additional necessary licenses through the Cisco DNA Expansion Pack as an add-on to Cisco DNA Advantage or Cisco DNA Essentials. The Cisco DNA Expansion Pack is a flexible way to purchase additional licenses such as Cisco ISE, Cisco DNA Spaces, Secure Network Analytics (formerly Stealthwatch), Cisco ThousandEyes®, and other licenses, appliances, and services in one convenient bundle. Enhance your Cisco networking solutions such as SD-Access, zero-trust solutions, Encrypted Traffic Analytics (ETA), location analytics, and assurance. You can add the pack to your Cisco DNA software licenses and choose the license count that fits your needs. Get software details.

Introduction to Cisco Smart Licensing

Cisco Smart Licensing is a flexible licensing model that provides you with an easier, faster, and more consistent way to purchase and manage software across the Cisco portfolio and across your organization. And it’s secure – you control what users can access. With Smart Licensing you get:

     Easy activation: Smart Licensing establishes a pool of software licenses that can be used across the entire organization –no more PAKs (product activation keys).

     Unified management: My Cisco Entitlements (MCE) provides a complete view into all of your Cisco products and services in an easy-to-use portal, so you always know what you have and what you are using.

     License flexibility: Your software is not node-locked to your hardware, so you can easily use and transfer licenses as needed.

To use Smart Licensing, you must first set up a Cisco Smart Account at Cisco Software Central (software.cisco.com).

For a more detailed overview on Cisco licensing, go to cisco.com/go/licensingguide.

Cisco Services

With IT environments more complex, rapidly changing technologies, and pressure to do more with less, you need expertise to move faster, insights to take action quickly and scale, and best practices to empower your team to stay ahead for what’s next. For all of this to come together, we’re transforming the way you work with Cisco. We’re working with you to be more proactive and predictive, where expertise and insights are delivered at scale to accelerate your success.

With Cisco Success Track for Campus Network, we stay with you at every step through the entire lifecycle journey to help you remove the barriers between you and your goals and get faster return on your Cisco DNA Center. The Cisco Success Track for Campus Network is a packaged service that connects you to Cisco expertise, insights, learning, and support to help you realize value faster with a new way of engaging with Cisco – through a one-stop, personalized digital experience with Cisco CX Cloud.

With Cisco CX Cloud, you get a contextual view of your IT environment and the guidance to predict better outcomes, faster.

Cisco Capital

Flexible payment solutions are available to help you achieve your objectives.

Cisco Capital® makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services, and complementary third-party equipment in easy, predictable payments. Get payment details.

Customer success stories

Cisco customers in every industry are changing the way they manage their networks with Cisco DNA Center. Take a look at the latest customer case studies to learn how customers are deploying Cisco DNA Center and how it is aligning their network operations with their business goals. Read stories.


Going digital has never been easier. Check out the latest promotions to help you get started on your journey to a digital-ready network. Find deals.

Why Cisco?

You need a network that is constantly learning, constantly adapting, and constantly protecting. This is the future of networking. With our deep understanding of technology and relationships with IT, Cisco can help bring the boardroom and your IT together to work effectively toward better outcomes for IT and your business. With Cisco DNA Center, we can help you create revenue opportunities, lower costs, reduce risks, and ensure regulatory compliance. And we can help you simplify your network operations and accelerate their response to changing IT and business needs. Together with our partners, we help you innovate, manage market transitions, and turn technology into business advantage.

Next steps

For more information:

     Visit the Cisco DNA Center website.

     Review the Cisco DNA Center use case getting started guides.

     Read the Cisco DNA Center deployment guide.

     Take full advantage of the Cisco DNA Center programming capabilities with Cisco DevNet.




Learn more

Join us for a live demo of Cisco DNA Center capabilities and ask questions of Cisco experts. See examples of software image management, network and client health, and proactive troubleshooting.