Q. What is Cisco
® Digital Network Architecture (Cisco DNA)?
A. Cisco Digital Network Architecture (Cisco DNA) is Cisco’s architecture for enterprise networks – across the campus, branch, WAN, and extended enterprise. It provides an open, extensible, and software-driven approach that makes the network simpler to manage and more agile and responsive to business needs. Cisco DNA is an intelligent system that encompasses policy, automation, analytics, and open platform capabilities to deliver on all required aspects of an intent-based network.
Q. Why should IT leaders adopt Cisco DNA?
A. Cisco DNA provides an extensible, strategic platform that allows IT to streamline operations, reduce costs, detect and contain threats, and continuously align the network to business needs. Built upon an open, intent-based networking model, it is constantly learning, adapting, and protecting to make sure applications, users, and devices receive the service they need. As an extensible open platform, it offers integration with other IT and technology domains such as data center and security, support for multivendor networks, and the investment protection expected of a strategic platform.
Q. How does Cisco DNA relate to intent-based networking?
A. Cisco DNA is how Cisco delivers intent-based networking across the campus, branch, WAN, and extended enterprise. Cisco defines intent-based networking as “a network that continuously aligns to business intent.” It does this by capturing and translating the intent your organization has for your network, then activating the intent, enforcing it, and ensuring that your network is operating as intended. Cisco DNA realizes the promise of intent-based networking.
Q. What is the difference between Software-Defined Networking (SDN) and Cisco DNA? How do they relate to each other?
A. Cisco DNA allows IT to move beyond SDN and transcend the automation-focused network technologies that make up SDN. Cisco DNA uses a holistic systems approach to align the network to business intent. This approach
combines automation with translation, policy, and assurance capabilities. Through its intent-based networking principles, Cisco DNA provides a way to make network services effective and agile as well as easy to use in an enterprise architecture journey to digital transformation. It is an architecture that includes ready-to-use applications as well as easily consumable APIs.
Q. Why should organizations build their networks using Cisco DNA-ready solutions?
A. Digitization is fueled by primary technology trends: mobility, the Internet of Things (IoT), cloud, and security. Only the network brings all these elements together to allow organizations to reach their full potential. Organizations looking to digitize their business will need to evolve to a network that operates at digital speed:
● Speed for business data and insights that provide real-time and historical information for better decision making or for building new business models.
● Speed for IT by simplifying the network and automating processes, enabling IT to quickly adapt to new business requirements while meeting service-level agreements.
● Speed for security by quickly identifying threats through real-time networkwide visibility and rapid threat containment, while achieving sustainable compliance.
● Speed for innovation by allowing IT teams to integrate with other IT systems or develop customized code that further boosts their network’s agility to keep pace with business initiatives.
By designing a network using Cisco DNA-ready solutions, customers can leverage the power of the network to streamline operations, reduce costs, detect and contain threats, and continuously align the network to business needs.
Q. What are the primary principles of Cisco DNA?
A. The following are the core principles of the architecture, which is designed to help businesses innovate more quickly, reduce cost and complexity, and lower risk:
● Policy: Cisco DNA enables you to create policies that reflect your organization’s business intent for a particular aspect of the network, such as network access. Cisco DNA Center™ takes the information collected in a policy and translates it into network-specific and device-specific configurations required by the different network device types, makes, models, operating systems, roles, and resource constraints of your network devices.
● Security: Cisco DNA elevates the role of the network in securing the enterprise. It enhances visibility into everything across the network from branch to campus to data center by collecting enhanced telemetry – including encrypted data. You can go from mapping IP addresses to understanding threat vectors based on who, what, where, when, and how users and devices are connected and how they access network resources. Cisco Software-Defined Access allows you to automatically scale segmentation across your network – from the campus/branch to the data center – and define consistent access policies throughout. Cisco Identity Services Engine, upon detecting a threat on an endpoint, can automatically remove the infected endpoint from the network.
● Automation: Using controllers and open APIs, Cisco DNA simplifies network management through abstraction and centralized policy enforcement that allows IT to focus on business intent and consistently apply configurations to improve service and keep operations consistently secure from the core to the edge.
● Analytics: Cisco DNA proactively predicts performance through correlation of user, device, and application data for contextual business and operational insights, identifies issues and provides actionable insight to deliver better, more personalized experiences. By storing network data, Cisco DNA is able to “go back in time” to re-create and analyze events that happened in the past.
● Open platform: Delivered through Cisco DNA Center, Cisco DNA provides open APIs that allow custom applications to build on its native capabilities, enable automation of IT workflows, further integrate with other technology domains (such as data center and security), and interwork with other vendors’ network equipment.
● Cloud: Cisco DNA Center is informed by the cloud. This allows Cisco to provide updates and upgrades continuously, shifting the paradigm from the traditional network upgrade cycle that could extend into months and years.
● Physical and virtual infrastructure: Cisco DNA works seamlessly with both physical and virtualized network resources, allowing the deployment of network services in minutes on any platform – branch, colocation, or public cloud – and connecting users to applications in one logical, coherent network.
Q. What makes the Cisco DNA security approach different from traditional perimeter-based security?
A. In the past, security has typically been predicated upon a perimeter defense composed of technologies such as firewalls, intrusion detection, VPN, and access control. As threats become more prevalent in the increasing number and diversity of attached endpoints, this model becomes more difficult to defend unless you have advanced security on every network port to both see and control every activity on the network. The Cisco DNA approach enhances your ability to see every communication on the network and cloud using the NetFlow data created by network devices. This data is analyzed to detect and identify threats using solutions such as Cisco Stealthwatch
®, Cisco Identity Services Engine (ISE), and Cisco Umbrella
™ cloud-based security.
Cisco DNA also allows IT to take instant action by directing Cisco TrustSec
® to rapidly contain a threat right from the Stealthwatch management console. The result is an integrated solution with visibility and control for virtually every communication, which could be missed with a traditional perimeter security approach.
Q. How does Cisco DNA enable easy adoption of Internet of Things (IoT)?
A. IoT adds new responsibility for network managers who, in addition to keeping people’s computers online and secure, are now also responsible for maintaining a broad set of devices. Cisco DNA helps IT manage the changing extent of networks and expand the benefits of intent-based networking to IoT in three ways:
● Security: Automatically recognize and classify devices as they connect to the network by using Cisco Identity Services Engine (ISE) that recognizes commonly used industrial and building devices.
● Scale: Cisco SD-Access fabric can be extended to Operations Technology (OT), connecting industrial-grade network equipment typically used in outdoor environments and simplifying their deployment at scale.
● Insights: Allows you to locate and track assets and act on notifications sent from sensors.
Q. How does Cisco DNA accelerate digital transformation?
A. Cisco has reimagined the network to become open, extensible, and software driven through programmability, 360-degree service extensibility, and virtualization. This allows IT to quickly adapt to the ever-changing demands of business with innovative services that provide:
● Intent-based policies: Translate business intent into policies that govern access control, application delivery, and various network functions such as creation of virtual networks.
● Insights and actions: Understand user behavior and application performance to make better business decisions and support new experiences.
● Automation and assurance: Dynamically adapt policy across the entire network, monitor service levels, and automatically adjust to the demands of digitization.
● Security and compliance: Gain a strategic vantage point into risk and threats by using the network as a sensor and enforcer to quickly identify and mitigate threats.
● Distributed data and applications: Optimize user experience as they access applications that increasingly reside in public and private clouds with path optimization and application prioritization.
Q. What benefits does Cisco DNA bring to its adopters?
A. The primary benefits of Cisco DNA are:
● IT agility and scale: Through policy-based automation, IT can roll out and manage services across hundreds of devices and sites that meet the business intent, consistently reaching 85 percent faster network service provisioning. Through virtualized services, IT delivers a more dynamic network that can easily provision, expand, and reallocate services quickly across different hardware platforms with no service calls.
● Reduced risk: By embedding security everywhere with industry - leading threat protection, IT can detect and contain threats more quickly, even those hidden in encrypted traffic. In the 2018 Cisco Annual Cybersecurity industry report, Cisco threat researchers observed a more-than-threefold increase in encrypted network communication used by inspected malware samples over a 12-month period.
● Improved user experience: IT can deliver differentiated experiences through contextual insights that empower employees, better engage customers, and improve application experience. Through data analytics and contextual insights, IT and business can better understand network patterns related to users, applications, and things. IT can help the business make decisions about issues such as staffing, effectiveness of promotions, workplace efficiency, customer trends, and more.
● Investment protection: An open, 360-degree extensible platform approach, together with programmable network Application- Specific Integrated Circuits (ASICs), helps ensure that your Cisco DNA network is always ready for the next innovation. Cisco DNA innovations, such as Software-Defined Access (SD-Access), assurance, automation, and Encrypted Traffic Analytics (ETA).
● Software licensing: Cisco DNA can be consumed with the software licensing tiers Cisco DNA Essentials, Cisco DNA Advantage, and Cisco DNA Premier across switching, wireless, SD-WAN, and routing. In addition, subscription-based licensing, with license portability, allows Cisco DNA adopters to start their digital transformation on Cisco’s currently shipping portfolio. View Cisco DNA software licensing tiers.
● Lower costs: Cisco DNA’s extensive automation, quicker fault detection, and guided remediation saves IT time and effort and lowers operating expenses. It frees up IT personnel to engage in higher value-added tasks and not be bogged down in routine activities.
Q. What are the components of Cisco DNA?
A. Cisco DNA comprises:
● Cisco DNA solutions: SD-Access, SD-WAN, Cisco DNA Assurance, Cisco DNA Automation, and Cisco DNA Security.
● Cisco DNA Center: Command-and-control appliance and software for policy, automation, and analytics.
● Cisco DNA-ready physical and virtual infrastructure: Switching, routing, SD-WAN, and wireless.
● Cisco DNA software that can be purchased through three licensing tiers.
Q. What is the role of Cisco DNA Center within Cisco DNA?
A. Cisco DNA Center is the central dashboard for the management, automation, and assurance of your Cisco DNA network. It provides an intuitive and simple overview of network health and clear drill-down menus for quickly identifying and remediating issues. It is also the control point for all automation, orchestration, assurance, and analytics functions provided by Cisco DNA.
Q. Can Cisco DNA Center integrate with other network domains or solutions outside of the Cisco DNA-ready solutions?
A. Cisco DNA Center is an open, extensible platform that Cisco partners can use to integrate with other IT systems and technology domains or create a value-added code that builds on the native capabilities of Cisco DNA Center. Such integrations can simplify IT workflows, integrate with other technologies such as WAN and data center, and even interact with other vendors’ network equipment.
Q. What makes Cisco DNA Center extensible and where can I find resources?
A. The Cisco DNA Center platform offers several types of APIs that can be used by external applications for 360-degree extensibility. These APIs are classified as:
● Intent-based APIs enabling continuous network alignment to changing IT and business needs.
● Integration APIs enabling integration of Cisco and third-party IT and network systems for streamlining IT operations across domains that were previously silos.
● Multivendor Software Development Kits (SDKs) allowing interaction with network equipment from different vendors.
● Resources to help you develop APIs, SDKs, and adapters for your Cisco network include Cisco DevNet education, code examples, sandboxes, labs, and certifications. Find these at the Cisco DevNet Networking website, which includes Cisco DNA Center and SD-WAN support.
Q. How can you access all the capabilities of Cisco DNA?
A. Cisco DNA capabilities are delivered through software subscription tiers Cisco DNA Essentials, Cisco DNA Advantage, and Cisco DNA Premier, which provide simplified, high-value solutions with license portability and purchase flexibility. These software subscriptions are available across the switching, wireless, SD-WAN, and routing portfolio and allow customers to consume all of the Cisco DNA innovations and features. With Cisco DNA software subscriptions, organizations can begin their own Cisco DNA journey today and access updates, upgrades, and new technology automatically through Cisco software support services as part of their subscription.
Q. How do Cisco Meraki
® and Cisco DNA fit together?
A. The Cisco Meraki product portfolio provides a cloud-managed approach to IT. It provides ease of use and deployment that is well suited to organizations that are highly distributed, have lean IT teams, and are looking for the simplicity that Cisco Meraki prioritizes. The new Cisco DNA Center platform capabilities allow visibility into the Meraki dashboard.
Q. Are any Cisco services available to help support and enhance my Cisco DNA solution?
Cisco Services provides a full portfolio of offers to accelerate your intent-based networking journey. Our Cisco Services experts will help you achieve extraordinary business outcomes and anticipate change so you can pivot quickly, securely, and confidently. We offer a full lifecycle of services for Cisco DNA, including advisory, implementation, software integration, optimization, solution support, technical training, and managed services.
View all services
Q. What specific services can help me build a strategic plan to transform my network to an intent-based network leveraging Cisco DNA?
A. Whether you’re migrating to an SD-Access solution or just getting started on your journey to Cisco DNA, our experts develop a cross-domain strategy to help you achieve your business objectives in a rapidly changing digital environment. The Cisco DNA Advisory service, based on the Cisco DNA 8 framework (which identifies eight primary areas to address during network transformation and maps out how each area can improve your success), includes strategy development, an assessment, and a workshop providing recommendations and a roadmap to guide you during your network transformation. With proven experience, best practices, and innovative tools, this service helps you innovate faster, reduce complexity, and accelerate your move to secure, intent-based networking.
Q. What is Cisco DNA Spaces?
A. Cisco DNA Spaces simplifies how location services are consumed by bringing all Cisco location solutions together onto a single cloud platform. Cisco DNA Spaces synthesizes location data across your properties and wireless investments to deliver location-based services at scale.
Q. Is Cisco DNA Spaces integrated into Cisco DNA Center?
A. Cisco DNA Spaces provides insights into the behavior of people and things in physical spaces. The two solutions are not currently integrated. However, when Cisco DNA Spaces identifies a connectivity issue in Business Insights, Cisco DNA Center users can then link to Cisco DNA Center to analyze potential root causes.
Q. What kind of technical support is available to support my solution?
A. Cisco Solution Support is a best-in-class technical service that provides the right kind of support for your Cisco DNA ecosystem. Solution Support includes Cisco product support and is essential for the Cisco DNA Center appliance. Your team of solution experts provides centralized support and addresses the Cisco DNA environment as a whole, resolving solution-level issues on average 43 percent faster than product support alone to help you maintain reliability and increase ROI.
Q. Where can I learn more?