global vision. local knowledge. - cisco · global vision. local knowledge. cisco connect 2019...

Global vision.

Local knowledge.Cisco Connect 2019

Serbia, 19th March 2019

Cisco Connect 2019 Enteprise Networking

DNA Center Unlock Your

Infrastructure

Dragan IlićSolution Architect Networking/Cyber Security SEE

CCIE, CISSP

© Ingram Micro Inc. Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.3

Agenda

It’s not a NETWORK problem…

I CAN PROVE IT

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 4

1405002 rev 6.27.14

Traditional Legacy ArchitecturesEXPENSIVE

Hardware-centric

Fixed capacity

POORLY INTEGRATED

Conflicting policiesand configurations

Inflexible and static

Risk from accidental interactions andvulnerabilities

CONNECTIVITY-CENTRIC

Fragmented, incomplete user experience

Not application-centric

DIFFICULT TO SUPPORT

Discrete device-by-device configurations

Complex management silos

Require slow truck

rolls for changes

INFLEXIBLE

Tightly controlled, client server model

Historical vs predictive management

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.5

1405002 rev 6.27.14

New era of Networking - Intuitiveness


1405002 rev 6.27.14

Need for Intent-Based Networking

Cisco Digital Network Architecture


1405002 rev 6.27.14

Journey to Intent-Based Networking


1405002 rev 6.27.14

DNA Center - Central NMS


1405002 rev 6.27.14

Platform Capabilities - APIs, Adapters & SDKIntent APIs

IT and NetworkSystem Process • Assurance • Network Inventory /

•

•

ITSM•

IPAM

Reporting

Path Trace

•Command Runner

•Template Programmer

•

Discovery

Topology

Plug-n-Play

Software Image Management(SWIM)

X-Domain Integration

3rd Party SDKs Networking

Map 3rd Party Network Devices to Data Model

Level 1 Operations support:

Discovery, Inventory, Topology, Availability, Command Runner


1405002 rev 6.27.14

Aligning Network to Business Intent

Before After

IT and Business Applications Modern Applications

How to ensure SAP and Saleforce.com Business Intent: SAP and Salesforce.comhave priority and quarter end? are Business Relevant; SLA confirmed.

Human Scalemiddleware Business Intent

OK, maybe these configs.will work - hope for the best!!

CLI, scripts

Infrastructure Infrastructure

From “human middleware” to “IT-to-business mediator”


1405002 rev 6.27.14

What is IT Assurance?

The guarantee that the infrastructure is doing what you intended it to do

Continuousverification

Configurations, changes,routing, security, services,VMs, compliance, audits

Successful IT rollouts

Insights andvisibility

Visibility, context,historical insights, prediction

Reduced downtime, increaseduser productivity

Correctiveactions

Guided remediation, automatedupdates, system optimization

IT productivity


1405002 rev 6.27.14

From Network Data à Business Insights

Unified Network Telemetry

Contextual Data

Syslog TracerouteRouter

AAA

Correlation

Complex Event Processing

Issues Guided Remediation -Auto Fix It - Future

Insights Now

Clients Baseline

WirelessNetflowDHCP

Switch Telnet DNS CLIINSI GHTS

SNMP

OID

IPSLAMIBPing

Application Network

ü Actionable Insights

App ExperienceNetwork Device

Client Onboarding- Association failures

- Authentication failures

- IP address failures

Client RF Experience- Sticky client, Ping pong

- Coverage Hole

- Client Capacity

- Throughput analysis

- App Performance - PacketLoss, Latency and Jitter

- DNS Issues

- CPU, Mem utilization

- Crash, AP Join Failure,Flapping AP

- Power supply failure

- Radio Utilization


1405002 rev 6.27.14

Context - Key Factor in Complex Networks

Business Applications

Finance

1.1.1.1

George Baker

Src IP: 1.1.1.2

App ID: 18

Dest Port: 3600

Dest IP: 2.2.2.

Forwarding

problem here…RTP

DC

Client density

SJC-9 2nd Floor

Netflow AVC

WAN QoSproblem here...

DDI ISE/Radius

problem here...

Topology CMX, Cisco DeviceDNA Center


1405002 rev 6.27.14

DNA Assurance Architecture

Customer Datacenter Cloud Based

ML Engine)DNA Center Assurance UI

FeedbackDNA

Automation DNA Assurance Data

Network

Control Network Data PlatformPlatform

SSH

Insights

DNA CloudAnalytics

Protocols & APIs (WSA, gRPC, SNMP, NetFlow, Syslog, Location, CLI, ...)

CMXDHCP

WAN

Network Control PointsOffice Site Network Services DC Metrics, Events, Config, ...

Customer Network Control, Notifications, ...


1405002 rev 6.27.14

Automation & Assurance Working Together

Cisco DNA Center

Telemetry, alerts,

violations

Assurance andAutomation

Network inventory,

Analytics

topology, and

configuration

Network and telemetry

configuration

Streaming telemetry

& network data


1405002 rev 6.27.14

Wireless Assurance Architecture

Internet Edge

AssuranceEnabled

ACI Fabric

SharedServices Core

Distribution

Access

Fabric Campus site

WAN Edge

Non Fabric Campus

Internet

WAN

WAN Sites

Large Medium Small

Enable Assurance across all deployments


1405002 rev 6.27.14

Aironet Stream Telemetry Architecture

DNAC 1.2.5

New*

gRPC/gNMI WSA/JWT AP WSA/JWT

AP2/3/4800K ME, WLC3504/5520/8540 Cisco Active Sensor AP1800S

• HTTP 2.0/gRPC based • Supported from AireOS 8.5 • HTTPS for Automation and

• Anomaly Event, RF Stat, PCAP, • Real-Time (2sec.) client event reportingSpectrum • ME 8.8 to support DNAC • PnP-based Provisioning

• Scheduled and Automated • Fully Managed by DNAC


1405002 rev 6.27.14

WiFi Sensor Anywhere Intelligence

Test Your Network Anywhere at Any time at Real-world Client Level

Aironet 1800S Active Sensor

• 2x2 with 2 spatial streams• Multiple powering options

- PoE Power- USB Type “C” power- Direct AC Power Plug

• Integrated BLE• Ultra compact form factor

Onboarding & Configure Tests

AP as a Sensor

(1800/2800/3800/4800)

Purpose-built Hardware for AnalyticsIn-line monitoring to DNA for analytics andinsights while serving clients

Dynamic Sensor TestSLA Dashboard

Services Tests RemotelyGlobal Issue Creation

Trigger


1405002 rev 6.27.14

WSA Architecture Overview

• WSA is a streaming telemetryservice that runs on new WLCwith the AireOS 8.5+

• WSA posts model-driventelemetry data over HTTPS toDNA Center

• The server receives the data forfurther processing, analytics, orvisualization within Assurance

Data remains within the

CAPWAP tunnel from CAPWAP TUNNEL

the AP to the WLC

WLC 8.5 HTTPS POST

Wireless Service Assurance

Yang Certificate

Models Store

Subscription Topics

30+ Models

Cisco DNA Center


1405002 rev 6.27.14

Overall Health Summary View

• Hierarchical Site View

• Per Site

• Per Building

• Geo map with Health Score per Site

• Health Score is percentage of gooddevice/client

• Client Health Score and NetworkHealth Score summary

• Recent Top 10 Global Issues


1405002 rev 6.27.14

Client 360

• Shows Details on specific client

• Timeseries metric chart of the clienthealth score

• Individual Client issues

• Onboarding Event Viewer

• Application Experience

• Using Router - App Health derivedfrom Network Delay, App Delay,Packet Loss

• Path Trace Tool for Troubleshooting

• RF and Usage Details


1405002 rev 6.27.14

Client Health Drill Down - OnBoarding

• Break down view of Assoc. time,AAA time, DHCP time,

• Per Server View on AAA & DHCP

• Select any sub-section will showclient lists in selected category

• Display Applied Filter on top of list

• Show Onboarding performance ofeach client


1405002 rev 6.27.14

DNA-CMX Integration Feature

Client LocationPlayback

Client Location, ClientDensity heatmap

Display Connected Client HealthScore

• Accessible via [DESIGN][Network Hierarchy] <Floor Map>• Display All of connected Clients locations

Client Detail

Any Changes in Floor Map will beautomatically sync'd with CMX Map,vice versa


1405002 rev 6.27.14

Use Case: Poor Wireless Experience Whiteboard Flow

Traditional Network Management

How long does it take to …

+ Perform Analysis?

+ Replicate Issue?

Digital Ready Network Management

<

> min

SuccessMetrics

+

Reduced time to replicate andtroubleshoot wireless issues

Conduct Site Visit?

Time Travel Capability

Network Sensor Capability

Reduced wireless downtime

< min<

<

Reduction in on site visits by solvingremotely


1405002 rev 6.27.14

Use Case: Software Image Management Whiteboard Flow

Traditional Network Management Digital Ready Network Management

How long does it take …

> min

SuccessMetrics

+

+

+

+

Maintain Network and SecurityCompliance

Identify “golden” image <

Deploy New Software Images <

Perform Network Updates <

Ensure Software Consistency <

Reduce the time react to PSIRT andbugs

< min

Reduce network downtime and changewindows times


1405002 rev 6.27.14

Business Critical Applications Assurance

Table with the top N (filterable) applications:

• Name• Heath• User count

• Business class / Traffic class• Usage / Average Throughput• Perf (Loss, Latency, App Delay)

Health of Business Relevant

Apps overtime


1405002 rev 6.27.14

Client Application QoE

Selected client

Application issues

Click on issue for details


1405002 rev 6.27.14

DNAC - Install à Discover à Assure

These tasks run in the backgroundIf sites have beencreated already, you can Run discoveryskip to run discovery and (ping sweep or CDP)add devices to sites

Automatically push device

Set up manageability config1. Install DNAC device credentials Inventory collection from DNAC

in DNAC Assess telemetry

quotient to adjust

Create site hierarchy (area,building, floor, and maps) Assign devices to

site/building/floor

Device ready for

Assurance


1405002 rev 6.27.14

API Catalog


1405002 rev 6.27.14

DNA Center Platform - Login

Step 1: Request service token

§ A Session Token is required for DNA CenterIntent REST API calls

1) Use the POST /auth/token API Call to generate token

2) Copy ticket and add to X-Auth-Token Header

3) Use in subsequent API callsStep 2: API response with token information

§ Intent REST APIs use the JSON format forexchange of data between the controller and the

REST application (API consumer)

§ Typical Developer Sequence is− Explore via DNA Center Platform GUI or DevNet

− Prototype in Chrome/POSTMAN

− Script (Python, Perl, …)

− Integrate

Step 3: Add ticket to the X-Auth-Token header


It’s not a NETWORK

problem…

I CAN PROVE ITDN C Offers

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 33

1405002 rev 6.27.14

FREECisco DNA Center Appliance when

ordering $300K+ (List Price in USD)

TWO

Cisco DNA Accelerators

of Any CiscoDNA subscription

How to Order Guide: cs.co/enpromotions

and TWO

FREEAsk the Expert sessions


1405002 rev 6.27.14

Free DNA-C Tips & Tricks

• Eligible SKUs include only Cisco DNA subscriptions

− Any Tier (Essentials, Advantage and Premier)

− Any Term (3, 5, 7 years)

− Any Technology (switching, wireless and routing - excludes cloud-based (SDWAN) Cisco

DNA subscriptions since physical appliance is not required)

• Eligible SKUs do not include hardware (e.g., C9300-48U-A)

• Eligible SKUs can be anywhere in the quote

− It is not required to select Cisco DNA subscriptions under FREE-DNAC-OFFER

− Cisco DNA subscriptions selected under hardware SKUs will count towards minimum

$300K threshold


1405002 rev 6.27.14

Partner Program - DNA Starter Kit Bundle

Cisco DNA Center Appliance 3504 WLAN Controller

Stacks with SeedIT(www.cisco.com/go/seedIT) for

first-time customers

ISE Virtual Appliance

Two 802.11ac Wave 2 APs / Sensors Two Catalyst 9300s

Optional Advanced Services Quick Start Services

Available Globally. Expires on July 27, 2019.


1405002 rev 6.27.14

Partner Program - Cisco DNA Starter Kit

1. Add “SDA-W-LABKIT” or “SDA-WW-LABKIT” to BoM in CCW

− Add Cisco DNA Center Appliance DN1-HW-APL or DN2-HW-APL (required)

− Add 2 Cat9K Switches (required in SDA-W-LABKIT) with 3Y or more Cisco DNA

Premier subscriptions

− Add 2 AP3802 (required in SDA-WW-LABKIT) with 3Y or more Cisco DNA Premier

subscriptions

− Add WLC3504 (required in SDA-WW-LABKIT)

− Add optional components, as desired (optional)

− Validate in CCW

2. Push estimate to full quote

− Register for SeedIT for first-time customers. SeedIT discount applies to the first unit

only.


By Cisco: Popunite anketu, preuzmite poklon na pultu„Informacije” i učestvujte u izvlačenju nagrada na zatvaranju

konferencije

By Ingram: Predajte kontakt podatke na Ingram Micro štandu, prisustvujtesesiji „Never Stop Learning” u 15h i osvojite FREE DCII trening + ostale

zanimljive nagrade

global vision. local knowledge. - cisco · global vision. local knowledge. cisco connect 2019...

Documents