Cisco DNA Center Planning and Adoption, Part 1 – What you need to make the jump to light speed: My goal for this series is to help you get started with Cisco DNA Center and get the most out of your investment. I am going to sell you on why you want or need Cisco DNA Center because if you are reading this, it is because you are ready to get started but have some questions or concerns about what the heck Cisco DNA Center does.
I will start by explaining the fundamentals of Device Controllability and the configuration changes made through the Base Automation. After that I’ll explain the relevant settings in the Design menu (Site Hierarchy, Network Settings) and in the Provision menu (Inventory and Plug and Play). Then I will show you what Cisco DNA Center will Add, Change, or Delete from the configuration of your infrastructure be it existing Brownfield devices or brand-new Greenfield devices. Once you understand what will change, then you’ll be able make the decision of when or when not to use the settings that are part the Base Automation. Having that understanding will save you time and will greatly improve the success of your Cisco DNA Center adoption.
Challenges
The first thing you must do is be open to change and let go of the ways that you’ve “always” done things. Cisco DNA Center is a paradigm change in the way that you plan, operate, and optimize your network. You have to get comfortable with doing less in CLI and more with DNA Center. This is a huge shift for most of us who are very deep in the manual mindset.
Not to worry you’ll still use the CLI and IOS commands but hopefully far less and in new and exciting ways… Configuration Templates.
Trust me you will get more work done and have more time for the fun things like projects if you leverage the workflows and automate your operations. If you do not use, I mean really use Cisco DNA Center you will not realize the benefit of the tool.
The three truths of Automation
What is Cisco DNA Center?
Before we begin let’s start with a quick level set of what Cisco DNA Center is not, and what it is intended to do.
Cisco DNA Center is a powerful network controller that lets you optimize your network and lower your IT spending. Cisco DNA Center provides that digital agility to drive network insights, automation, and security.
It is the platform for AIOps, NetOps, SecOps, DevOps, and Internet of Things (IoT) where all of the Telemetry and Assurance data collected is constantly analyzed with AI/ML technology to give you a single dashboard for every function in your network.
Cisco DNA Center is:
A management platform for your Campus Enterprise Network
An Automation platform for device configuration of policy and services
Overseen by a Compliance System to ensure that your network is operating to the standard that you set, which is the “Intent”
An Assurance and Analytics engine to guarantee the best network experience for all your users
Cisco DNA Center is much more than a Network Management System (NMS) and if you mistake it for one you will not realize its capabilities and your expectations will be misaligned for the product.
The workflows in the DNA Center are governed by RABAC and organized by task (Design, Policy, Provision, and Assurance) which are based on the roles and responsibilities of the IT Staff and align to the ITIL Framework; Design, Transition, Operation, and Continual Improvement. So, in short, the tasks in the controller are aligned to how your Architecture, Engineering, Security, and Operations teams work.
How does it work?
In order to do all those great things, we need to discover and control the infrastructure and with DNA Center we do that through the Base Automation settings found in the Design menu and applied to your infrastructure when devices are Discovered, manually or PnP added to the network hierarchy, and when devices are provisioned.
So, when you think of the Base Automation, you must keep in mind that they are there to automate the configuration in the interest of Cisco DNA Center. What I mean by that is that the automations are there for the controller to manage the network. Your custom configurations are not part of that intent so you have to understand exactly what is happening so that you can make an informed decision on how to use the Base Automation and the associated configuration settings to meet your needs. So don’t blindly fill out the Network Settings like a medical form, be aware of their impact! The good news is that you can still realize the value of Base Automation but you need to know when to use them and how you can maintain your site-specific configuration with Configuration Templates.
I will show you what changes, when it changes, and give you the testing and validation tools so that you can validate the automation and configuration changes in your environment. Understanding these configurations and automations will allow you to properly use the Base Automation and Configuration Templates to build a base configuration that will align with your organizations existing configuration policies. And you’ll be able to ensure that configuration intent is applied correctly and consistently in your network.
I’ll start with the Design menu covering Network Settings, Device Credentials, and Telemetry. I will leave the other settings in the Design menu (IP Address Pools, SP Profiles, and Wireless) to another blog because they are beyond the scope of Device Controllability and Base Automation. After I cover the settings, we will move to the workflows that push the configuration and then I’ll introduce pyATS to validate the changes that the controller made to the devices.
