Cisco Catalyst Assurance Overview

Assurance overview

Assurance provides a comprehensive solution to assure better and consistent service levels to meet growing business demands. It addresses not just reactive network monitoring and troubleshooting, but also proactive and predictive aspects of running a network and ensuring optimal client, application, and service performance.

Assurance provides these benefits:

  • Provides actionable insights into network, client, and application-related issues. These issues consist of basic and advanced correlation of multiple pieces of information, thus eliminating white noise and false positives.

  • Provides both system-guided as well as self-guided troubleshooting. For a large number of issues, Assurance provides a system-guided approach, where multiple Key Performance Indicators (KPIs) are correlated, and the results from tests and sensors are used to determine the root cause of a problem, after which possible actions are provided to resolve the problem. The focus is on highlighting the issue rather than monitoring data. Quite frequently, Assurance does the work of a Level 3 support engineer.

  • Provides in-depth health scores for a network and its devices, clients, applications, and services. Client experience is assured both for access (onboarding) and connectivity.

Assurance architecture

Companies deal with an abundance of network data. Tackling the volume, variety, speed, and accuracy of network data is crucial for IT organizations. Assurance is designed to handle network data issues, if any.

Assurance is a multipurpose, real-time, network data collection and analytics engine that can significantly increase the business potential of network data.

Assurance simplifies and abstracts the collection and analysis layers and offers a rich set of APIs along with a web interface. By using a single set of network data, Assurance powers a broad set of use cases. These advantages streamline the operational and network management overhead of collecting and analyzing network data, thereby allowing companies to effectively focus on their business goals.

Given its flexible architecture, Assurance addresses many common use cases, including monitoring and troubleshooting, cost management, and policy discovery, while supporting the broader Catalyst Center strategy.

This figure and the information that follows describe the Assurance architecture:

Figure 1. Assurance architecture
Figure 1: Assurance architecture diagram, with data collection and ingestion to data correlation and analysis to data visualization and action.

  • Data Collection and Ingestion: Assurance leverages streaming technologies to collect a variety of network telemetry and contextual data in real time.

  • Data Correlation and Analysis: As and when data is ingested, Assurance correlates and analyzes the data.

  • Data Visualization and Action: Data is stored in databases and exposed through APIs to Assurance as well as other applications for capacity planning. Assurance is an open system that provides:

    • Collector and analytics pipeline SDKs

    • Time-series analysis

    • Graph data models and restful APIs

    • System management portal

IPv6 address support

Catalyst Center, and therefore Cisco Catalyst Assurance, supports IPv6 addresses. A single IPv6 address can be represented in many text formats, but Catalyst Center supports IPv6 address in canonical format only. This canonical format is also called the normalized compressed format: 

2001:db8::1:0:0:1

User profile roles and permissions

Catalyst Center supports role-based access control (RBAC). Your permissions are defined by your user role. Catalyst Center has three main default user roles:

  • SUPER-ADMIN-ROLE

  • NETWORK-ADMIN-ROLE, and

  • OBSERVER-ROLE.

The SUPER-ADMIN-ROLE allows comprehensive access and supports creating and assigning custom roles in the Catalyst Center GUI. The NETWORK-ADMIN-ROLE and the OBSERVER-ROLE provide limited access.

You can create access groups that limits access to certain network sites. Access group is a combination of the role and site. At any point, you can log in to one specific access group.

Catalyst Center supports these default access groups:

  • NW-ADMIN_Global - Access group for global access to the role NW-ADMIN

  • OBSERVER_Global - Access group for global access to the role OBSERVER, and

  • SUPER-ADMIN_Global - Access group for global access to the role SUPER-ADMIN.

The behavior of Catalyst Center features depends on the user role and site specified in the access group. For more information, see Configure site-based, role-based access control in the Cisco Catalyst Center Administrator Guide.

Start with Assurance

To start using Assurance, you must first configure the Catalyst Center settings so that the server can communicate outside the network.

After you configure the Catalyst Center settings, your current environment determines how you start using Assurance:

  • Existing infrastructure: If you have an existing infrastructure (existing deployment), start by running Discovery. After you run Discovery, all your devices are displayed on the Inventory window. For more information, see Basic setup workflow.

  • New or nonexisting infrastructure: If you do not have an existing infrastructure and are starting from scratch (new deployment), design a network hierarchy. For information about designing a network hierarchy, see the Cisco Catalyst Center User Guide.