Direct managed devices are network devices that may be associated directly with a Dashboard and managed without a probe being present in the network. Only certain devices support direct management. Refer the Cisco Business Dashboard - Device Support List for a list of devices and software versions that support direct management.

In a directly managed network, you only need to connect the first supported device to the Cisco Business Dashboard.This initial device sends information such as CDP, LLDP, and mDNS (Bonjour) to the Dashboard. The Dashboard uses this information to identify additional devices within the network, then automatically connects and manages them. This discovery process repeats itself until all devices are found and managed. After connecting the first device, you can optionally configure the Dashboard to explicitly search specified IP address ranges—using the first device as a proxy—to discover other network devices, including those located in different VLANs or subnets.

The process for connecting a direct managed device to the dashboard requires explicit configuration on both the Dashboard and the device prior to connecting. This process can be automated using a zero-touch deployment method such as Network Plug and Play. You can also perform the setup manually: after creating a network(type is Direct Managed) in Cisco Business Dashboard, click the Onboard Devices button on the What's Next page. This opens the Onboarding tab of the network detail page, where a step-by-step wizard will guide you through the configuration process. Supported devices include:

• Cisco Catalyst 1200/1300 Series Switch

• Cisco Business 250/350 Series Switch

• Cisco Business 220 Series Switch

• Cisco Business 100/200 Series Access Point

The connection wizard provides specific instructions for each device type. Select your device, then follow the steps for either the device GUI or CLI, as appropriate.

General steps include:

• Verify that the device system time is correct.

• If your device uses a static IP address, ensure the default gateway setting of the device is set correctly.

• If the Dashboard server address is specified as a domain name, verify if the DNS server setting of the Device is correct.

If using device CLI:

• Check and copy the device Product ID (PID) and Serial Number (SN) to create a new device record on the Dashboard UI.

• The Dashboard will generate CLI commands to configure the device. Copy and run these commands in the device CLI console.

If using device GUI:

• Specify the address or domain name of the Dashboard and select the connection setup method as "Online with Web Browser".

• Click the Apply or Save.

• Your browser will be redirected to the Dashboard login screen. Log in using your administrator credentials.

• Choose Associate Network and select the current network from the drop-down provided, click Next.

• Click Finish to be redirected back to the device GUI.

After completing the setup, remember to save the running configuration to the startup configuration to ensure that your changes persist across device reboots. See the device documentation for more details on the location and use of the CBD agent configuration page.

Note

The steps below describe how to manually set up a device using the "Offline with Access Key" method. This method is not recommended except for cases where your device is running older firmware or belongs to a legacy device series that does not support the "Online with Web Browser" option. Whenever possible, you should use "Online with Web Browser" when connecting your device to Cisco Business Dashboard. This method will automatically download and configure the access key and install the CBD certificate, ensuring the most secure and streamlined setup.

To manually set up a direct managed device, follow the steps below:

1. Optionally create a new network record for the network the device will be installed in using the steps described in Performing Initial Setup for the Dashboard.

2. On the Dashboard UI, go to the Inventory and click the plus (+) icon to create a new device record. Fill in the form with appropriate details for the device that will host the probe, making certain to specify the correct product ID and serial number. This will allow the dashboard to associate the probe with the correct network.

3. On the Dashboard UI, go to the My Profile page by clicking on your username at the bottom of the navigation panel. Use this page to create a new Access Key using the Generate Access Key button. You can also use an existing access key if you prefer.

   Note

   The access key used for associating a direct managed device with the dashboard does not need to be a long lived key. This key only needs to be valid at the time the initial association takes place. Once the device and dashboard are associated, the connection is authenticated using limited access, short-lived credentials that are unique to the device and regenerated periodically.

4. Obtain the root CA certificate from your CBD. On the Dashboard UI, go to System > Certificate and copy the root certificate to your clipboard. Then, on the device UI, go to the CA certificate settings page - typically found under Security > Certificate Settings > CA Certificate Settings on small business switches. Add the certificate by entering a name (no spaces) and pasting the certificate content into the provided field..

5. Using the device UI, navigate to the Dashboard configuration page - typically found under Administration > Cisco Business Dashboard Settings on small business switches or Advanced > CBD Settings on small business APs. Select the connection setup method as "Offline with Access Key". At the minimum, you will need to supply configuration for the dashboard address and port, and access key ID and secret.

6. Submit the changes. The device will connect to the dashboard and be associated with the network created in step 1.

When establishing a connection to the dashboard, the device checks to ensure the certificate presented by the dashboard is valid and can be trusted. For the certificate to be acceptable and the connection to proceed, the certificate must meet the following conditions:

• The certificate must be signed by a trusted Certificate Authority (CA), or the certificate itself must be added to the device configuration as a trusted certificate. Refer the device administration guide for details on adding a trusted certificate.

• If the dashboard is configured as an IP address, then either the Common Name field or the Subject-Alt-Name field of the certificate must contain that IP address.

• If the dashboard is configured as a hostname, then either the Common Name field or the Subject-Alt-Name field of the certificate must contain that hostname.