Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account
Cisco DNA Software SD-WAN and Routing Matrix
Network Essentials Network Advantage Cisco DNA Essentials Cisco DNA Advantage Cisco DNA Premier
License type Perpetual software with typical routing capabilities, bundled with Cisco DNA Essentials subscription license License type Perpetual software with full routing capabilities, bundled with Cisco DNA Advantage or Premier license 3- or 5-year term subscription Includes Cisco DNA Essentials, 3- or 5-year term subscription Includes Cisco DNA Advantage, 3- or 5-year term subscription
Management options CLI, Web UI CLI, Web UI CLI, Web UI, Cisco DNA Center, vManage CLI, Web UI, Cisco DNA Center, vManage CLI, Web UI, Cisco DNA Center, vManage
Network Essentials
License type Perpetual software with typical routing capabilities, bundled with Cisco DNA Essentials subscription license
Management options CLI, Web UI
Network Advantage
License type Perpetual software with full routing capabilities, bundled with Cisco DNA Advantage or Premier license
Management options CLI, Web UI
Cisco DNA Essentials
License type 3- or 5-year term subscription
Management options CLI, Web UI, Cisco DNA Center, vManage
Cisco DNA Advantage
License type Includes Cisco DNA Essentials, 3- or 5-year term subscription
Management options CLI, Web UI, Cisco DNA Center, vManage
Cisco DNA Premier
License type Includes Cisco DNA Advantage, 3- or 5-year term subscription
Management options CLI, Web UI, Cisco DNA Center, vManage

High availability achieved by routing packets to a specific next-hop IP address based on the destination IP address.

Make it easy for your development and operations teams to continuously deliver applications.

Model-driven programmability lets you automate configuration and control of your network devices, managed by Cisco vManage.

Configure MACsec for authenticating and encrypting packets between MACsec-capable devices, managed by the Cisco DNA Center appliance.

Model-driven telemetry lets you monitor your network by streaming data from network devices, continuously providing near-realtime access to operational statistics.

VRF-lite, NAT, OSPF, EIGRP, DNS, DHCP, BGP, IS-IS.

MACsec-128, VPNs, ZBFW, PKI, ACLs, Cisco Umbrella Connector, Snort IPS.

Basic Quality of service (QoS) (classification, policing, re-marking, scheduling), PBR, AVC, NBAR, IPSLA, DPI visibility (full Flexible NetFlow).

Cisco Unified Border Element (CUBE) Connector.

TACACS+, NETCONF, AAA, RESTCONF, gRPC, YANG.

Support operational continuity, and maintain availability during routine maintenance and disaster recovery (VRRP/HSRP).

Help ensure hardware and software authenticity for supply chain trust and strong mitigation against man-in-the-middle attacks that compromise software and firmware.

Multicast is used between routers so they can track which multicast packets to forward to each other and to their directly connected LANs.

Support operational continuity, and maintain availability during routine maintenance and disaster recovery (VRRP/HSRP).

VRF, Cisco TrustSec (SGT, SGACL).

BGP, HSRP, IS-IS, MPLS, VPLS, GLBP.

MACsec-256, ALG for ZBFW, VASI, URL filtering, AMP and Threat Grid Connector, Cisco Umbrella Cloud application discovery (visibility only), SSL Proxy.

SMU patching, SGTs, ETA, ISSU, mDNS Bonjour, EPC, web caching.

SRST, support for voice modules.

Basic WAN optimization, basic security, and flexible topology (hub and spoke, full mesh/partial mesh), dynamic routing, VNF lifecycle management.

Single, centralized management console deployed in the cloud or on-premises to manage inventory, discovery, topology, site automation, network settings, device credential update, integrity verification, template programming, reports, and Plug and Play (PnP) applications. Supports simplified workflows for physical and virtual branch automation, day-0, day-2, day-N. NFV provisioning on ENCS and Cisco UCS E-Series, Cisco VNF orchestration (ISRv, vEdge, vASA, NGFW, and vWAAS).

Enterprise firewall with application awareness, Snort IPS with signature updates, automated Cisco Umbrella DNS monitoring.

Forward error correction and packet duplication.

This next-generation flow technology optimizes the network infrastructure, reducing operating costs and improving capacity planning and security incident detection.

Software services-enabled license portability lets your software licenses stay current through hardware upgrades and replacements at no additional cost.

Overlay tunneling encapsulates IPv6 packets in IPv4 packets for delivery across an IPv4 infrastructure (a core network or the Internet).

Create and assign network-specific or device-specific policies to applications based on business intent that can be adjusted dynamically to guarantee services (Adaptive QoS).

Automatically manage software upgrades with version control and the ability to deploy configurations across your network.

Facilitates branch virtualization on any hardware device – Cisco or third party. Supports existing branch migration without hardware upgrade.

Dashboards include views into the overall view of the health of every network device or client, the operational status of every network device with suggested remediation for any communication issues, and the overall health of all applications on the network, with dedicated sections for business-relevant application issues and suggested remediation.

Enables network devices to send near-real-time telemetry information. Full Flexible NetFlow, EEM, router monitoring (basic), VNF monitoring (ISRv, vWAAS), ENFV (ENCS, UCSE), topology, defined reports, and custom thresholds.

Cloud onRamp for IaaS and SaaS.

SD-WAN implementations are restricted to fifty (50) devices or fewer, and VLANs are limited to two (2).

SD-WAN implementations unrestricted, VLAN implementations unrestricted.

Provide real-time information for failure correlation, cross-customer benchmarking, and application performance scores. Enable future planning based on intelligent data (application/bandwidth forecasting, branch expansion analysis, policy change what-if scenarios). Provide a quality of experience score for applications running on your network to help quantify performance based on recent changes made on your network.

Cloud onRamp for IaaS and SaaS.

Cloud onRamp for Colocation.

Cisco AMP, URL filtering, Cisco Umbrella application discovery.

Cisco Umbrella Insights and Cisco Threat Grid.

Software support services that also offer license portability and ongoing innovation in the subscription software stack, including 24-hour TAC support.

Smart Net Total Care, 24-hour hardware and network software stack support provided by TAC.

Monitor and re-direct traffic. License is required for both manual/CLI configuration or automation through Cisco DNA Center.

Packet capture for analysis. License is required for both manual/CLI configuration or automation through Cisco DNA Center.

Gain application visibility and control through Next-Generation Network-Based Application Recognition. License is required for both manual/CLI configuration or automation through Cisco DNA Center.

Provides a single integrated solution for comprehensive lifecycle management of the wired or wireless access, campus, and branch networks, and rich visibility into end-user connectivity and application performance assurance issues.

Packet capture for analysis. License is required for both manual/CLI configuration or automation through Cisco DNA Center.

Gain application visibility and control through Next-Generation Network-Based Application Recognition. License is required for both manual/CLI configuration or automation through Cisco DNA Center.

Provides a single integrated solution for comprehensive lifecycle management of the wired or wireless access, campus, and branch networks, and rich visibility into end-user connectivity and application performance assurance issues.

Gain application visibility and control through Next-Generation Network-Based Application Recognition. Does not require Cisco DNA Center. Not supported on Cisco Catalyst 9200 Series switches.

Encrypted Traffic Analytics detects malware within encrypted traffic. Manufacturer user description validates the IoT device, extends trust, and applies policy to the device. Does not require Cisco DNA Center. Not supported on Cisco Catalyst 9200 Series switches.

Gain complete security and threat containment, managed by Cisco DNA Center.

Detect malware within encrypted traffic. License is required for both manual/CLI configuration or automation through Cisco DNA Center.

Enables policy-based automation with secure segmentation, complete visibility, and delivery of new services quickly on SD-Access devices, managed by Cisco DNA Center only.

Enhanced limited lifetime hardware warranty.

Software Support Service that also offers license portability and ongoing innovation in the software stack, including 24-hour TAC support.

Automated provisioning of a new Cisco switch using the Zero Touch Provisioning functionality built into the switch.