It’s been almost 4 years since my first article about Cisco’s DNA Center. It can be found here. Everyone should have DNA-C installed and running their networks by this point. No, not quite.
As a refresher, DNA Center is often compared to a wireless controller. Ten years ago, access points were configured one at a moment. Even though the controller function is located on one of the access points, it’s unlikely that we would deploy a small wireless network without one. Consider how many routers or switches are involved in a network that is traditionally configured one at a time. DNA Center can be the “controller”, or single pane for managing and deploying on-premises Cisco networks. This includes routing, switching, Software Defined Wireless Area Networks (SD-WAN), security devices like Firepower and Cisco Identity Services Engine (ISE), and other functions such as switching. Version 1.0 was released in 2017. Today’s version 2.2.3.x has many new features and is more stable. Cisco data shows that DNA Center is being used by most of their customers. Although most Cisco Catalyst customers have bought some form of DNA, such as wireless DNA licenses or DNA appliances for a lab, few have actually benefited from DNA Center’s capabilities.
DNA has many benefits, so what is stopping most license holders from maximizing all of these benefits?
One of these myths could explain why you aren’t taking advantage of Cisco DNA.
My staff and I are too confused about DNALicensing is too complicatedDNA is too expensiveLet us explore each of these in detail below. I want you to get maximum value from your tech investment.
#1 Misconception: Cisco DNA is too complex
*Image provided by Cisco
The slide below breaks down DNA-C’s functionality into three sections: Automation, Assurance and Software Defined Access. Most people don’t realize that not all features are required for DNA Center deployments. Most people who have deployed DNA Center in production have only used Assurance. It’s surprising that Automation is not being used more often. Automation is available to anyone with a lower-tier license.
SDA is the controller-like functionality described above. SDA has the greatest benefits, but it takes more planning and time to implement. SDA is not required by many small- to medium-sized customers. IOS-XE is the best option if your engineering team isn’t excited or comfortable with it.
Here are some benefits of SDA for those who are curious:
Reduce human error though automationReduce time spent on upgrading/patchingSpeed troubleshooting efforts with artificial intelligence and guided remediationSecure the network, particularly for Internet of Things (IoT) and advanced security threatsSimplify compliance with dashboards and reportsHopefully, this breakdown makes the Cisco DNA components a bit more digestible. If Cisco DNA is properly used, it can simplify your security and environment. If you are still having difficulty determining the needs of your environment, please contact us so we can help you.
Misconception #2: Cisco DNA licensing is confusing *Image provided Cisco
There are only two levels of licensing available for DNA, Essentials, and Advantage. The slide below outlines the main benefits of each level. The “Expansion Packs”, which are separate solutions, have been around for a while and can be integrated with Cisco DNA Center. All Catalyst equipment needs a DNA subscription. If you aren’t interested in SDA or Assurance, you can choose Essentials. Advantage may be required to unlock certain user features, such as L3 routing. Contact IE if you have any questions. Our Customer Experience team will walk you through the process and help you manage your licenses. Learn more about IE’s Customer Service team here.
Misconception #3: Cisco DNA can be too expensive
In almost every market, recurring subscriptions are the king of the current market. Cisco is well aware of this. It might be tempting to ask why you should pay for DNA licences if you won’t use them. You are not paying more for them. Cisco has reduced the hardware cost on new Catalyst devices to encourage subscriptions. However, the minimum 3-year DNA subscription is required. This brings the price almost to the same level as the previous generation. A layer 2 (L2) Catalyst 9200L switch costs slightly less (with DNA licensing) compared to an older-generation Cat 2900X switch without DNA.
Unknown is the fact that a Catalyst 9K switch can continue to work even if you cancel your subscription. The hope is that you will find value in the subscription and continue it beyond the initial 3 years.
You will need a subscription to access any of the DNA features shown on the slide. One appliance is required to start, while three are needed for redundancy. The DNA appliances are huge compute boxes that can store 44 to 112 cores and have memory + disk space. These appliances are large enough to store historical data, crunch numbers for Artificial Intelligence calculations (AI), and they require a lot of compute resources.
Pro Budget Tip – Cisco DNA supports more than the Catalyst9K series! However, legacy gear will cost a little more.
The catalyst 9K series hardware has been discounted with DNA in view, as mentioned above. Legacy devices come with the original higher hardware price tag and the DNA license. Cisco’s DNA Center supports a Catalyst 3850 switch, for example.
As of March 2022 (March 2022).
