Get Started with Catalyst Center on Azure

Cisco Catalyst Center on Azure overview

Catalyst Center is a powerful management dashboard and network controller that lets you securely access networks and applications. With Catalyst Center, you can simplify network management, secure interaction between endpoints, optimize network operational costs, deploy services and applications to enhance performance, use AI/ML insights to improve user experience, and use remote access for offsite resources.

Catalyst Center offers centralized, intuitive management that makes it fast and easy to design, provision, and apply policies across your network environment. The Catalyst Center user interface provides end-to-end network visibility and uses network insights to optimize network performance and deliver the best user and application experience.

Catalyst Center on Azure provides the full functionality that a Catalyst Center appliance deployment offers. Catalyst Center on Azure runs in your Azure cloud environment and manages your network from the cloud.

Catalyst Center on Azure can connect to your network using Azure ExpressRoute, Cisco SD-WAN, colocation services, or an IPsec tunnel. See this figure to visually understand how Catalyst Center on Azure can connect to your network.

Deployment overview

You can manually deploy the Catalyst Center image on your Azure infrastructure. To do this, you will manually configure Catalyst Center by creating the Azure infrastructure, establishing a VPN tunnel, and deploying your Catalyst Center.

Key deployment factors

Consider these key deployment factors:

  • The Azure ARM file is required to create a Catalyst Center VA on Azure.

  • You will create the Azure infrastructure, such as VNets, resource groups, and tunnels, in your Azure account. Then you will establish a VPN tunnel.

  • You will deploy Catalyst Center.

  • Deployment time is approximately 1 hour.

  • You can only configure an on-premises NFS for backups.

  • You will manually configure monitoring through the Azure portal.

High availability and Catalyst Center on Azure

Single-node VM HA within an Azure availability zone (AZ) is enabled by leveraging Azure's built-in redundancy features.

If a Catalyst Center VM instance crashes, Azure automatically brings up another instance with the same IP address in the same availability zone. This ensures minimal downtime and uninterrupted connectivity, reducing disruptions during critical network operations.

The experience and recovery time objective (RTO) are similar to the power outage scenario in a traditional bare-metal Catalyst Center appliance. Azure offers Zone Redundant VM (ZRS) and Availability Sets to further enhance resilience for the Catalyst Center deployment.

Guidelines for accessing Catalyst Center on Azure

After you create a virtual instance of Catalyst Center, you can access it through the Catalyst Center GUI and CLI.


Important

The Catalyst Center GUI and CLI are accessible only through the enterprise network, not from the public network. You need to ensure that Catalyst Center is not accessible on the public internet for security reasons.

Guidelines for accessing the Catalyst Center GUI

Use these guidelines to access the Catalyst Center GUI:

  • Use a compatible browser.

    For a current list of compatible browsers, see the Cisco Catalyst Center Release Notes.

  • In a browser, enter the IP address of your Catalyst Center instance in this format:

    https://ip-address

    For example:

    https://192.0.2.27

  • Use these credentials for the initial login:

    • Username: admin

    • Password: P@ssword9

  • Follow the prompts to create a new Catalyst Center account, including configuring credentials.


    Note

    The password must:

    • Omit any tab or line breaks.

    • Have at least nine characters.

    • Include characters from at least three of these categories:

      • Lowercase letters (a to z)

      • Uppercase letters (A to Z)

      • Numbers (0 to 9)

      • Special characters (for example, ! or #)

Guidelines for accessing the Catalyst Center CLI

Use these guidelines to access the Catalyst Center CLI:

  • Use the IP address and keys provided by Azure.


    Note

    The key must be a .pem file. If the key file is downloaded as a key.cer file, you must rename the file to key.pem.

  • Manually change the access permissions on the key.pem file to 400 by using the Linux chmod command.

    For example:

    chmod 400 key.pem

  • Use this Linux command to access the Catalyst Center CLI:

    ssh -i key.pem maglev@ip-address -p 2222

    For example:

    ssh -i key.pem maglev@192.0.2.27 -p 2222