Reviews (1-25 of 29)
DNA center is part of an SD access solution for a state entity, there are no problems on the commercial side but in reality there are inconveniences with the licensing part of the other components of the solution
Currently, there are 9K Series Catalyst Switches which have a premier license, but the problem is that it is very expensive in some cases to have the possibility of installing a DNA center for the cost of the physical equipment.
It is important that the center has different size options since this will help, depending on the size of the company that has a network implemented with it, to have the ability to choose the size of the appliance and also lower costs.
- gestion de switches // Switch Management
- gestion wireless // Wireless Management
- integracion con ise // Cisco Identity Services Engine (ISE)
- empresas con una red extensamente grande // companies with an extensively large network
- empresas con nuevas series de equipos wireless // companies with new series of wireless equipment
with very large companies that are migrating a network of catalyst 2960x or 3000 series or also that are migrating access points.
Considero una de las mejores soluciones que tienen para nuestra infraestructura, el valor que le aporta es sustancioso. Cada detalle fue considerado para arrojar la informacion mas completa que pueden recibir los administradores de la red. Los reportes gerenciales son formidables, aportan valor a la inversion realizada. Lo recomiendo en Infraestructuras de gran tamano.
- Number of connected users in my network | Cantidad de usuarios conectados en mi red
- Interaction with the active directory is fabulous | Interaccion con el directorio activo es fabuloso
- The management report adds value | La reporteria gerencial agrega valor
- It is very useful in my Data Center | Me es muy util en mi Data Center
- All of our locations are covered | Los campus son cubiertos
- Currently it works perfectly for my organization | Actualmente funciona perfectamente para mi organización
Para Data Center es sumamente importante, A nivel de seguridad aporta toda la informacion necesaria. Los reportes son completamente sustanciosos. La implementacion se facilita. Los diferentes campus estan monitoreados y enlazados. En las oficinas regionales se tiene todo el control de los equipos desde un solo punto de atencion. La capacidad que tiene de equipos es impresionante.
- You can know the health of your network.
- You can watch out for issues in your network and resolve them.
- It needs a feature that provides more visibility about the client.
- It needs a feature that provides more information about the device network, like Cisco Prime.
- The application views and monitoring the health of the entire network through an application point of view
- Batch management
- Monitoring link status, bandwidth in routers and switches
- Status of SMARTnet maintanence contract, requirements
- Wish the dashboard included more detail
It has currently been implemented with a client to optimize their LAN network in Ecuador.
- Gestión de toda la red LAN // Management of your entire LAN network
- Visibilidad de todos los servicios // Visibility of all services
- Facilidad en los procesos de migración // Ease in migration processes
- Costo inicial de la plataforma // Initial platform cost
- No disponibilidad de ambiente virtual // No availability of virtual environment
- Atado a un appliance específico // Attached to a specific appliance
Centralization of LAN network management with integration between your security platforms and data center.
DNA permite utilizar APIs para integrar el reconocimiento de otros equipos que nos ayuda a mejorar la administracion de nuestra infraestructura de red, podemos desplegar en pocos minutos la implementacion de politicas de seguridad, acceso y control de trafico, en un entorno grafico, facil de utilizar y con muchas ventajas frente a un obsoleto sistema de configuracion basado en Linea de Comandos.
Aun mas DNA Center nos ayuda a tener una mejor vision de nuestra red, integrada para proporcionar las funcionalidades que requiere la empresa u organizacion y con ello ser mas productivos con la tecnologia.
I am currently consulting on a solution that allows me to integrate the administration of my company's network equipment, for which we must take into account that they are sometimes equipment of different brands, but with a tendency to use CISCO equipment in our data center, however, I currently have multiple switches, APs, and other non-CISCO devices.
DNA allows us to use APIs to integrate the recognition of other equipment that helps us improve the administration of our network infrastructure, we can deploy in a few minutes the implementation of security policies, access, and traffic control, in a graphical environment, easy to use and with many advantages over an obsolete configuration system based on Command Line.
Even more DNA Center helps us to have a better vision of our network, integrated to provide the functionalities that the company or organization requires and thus be more productive with the technology.
- Despliegue de politicas en los equipos de red // Deployment of policies on network
- Actualizacion y monitoreo del estado de los dispositivos // Updates and device status monitoring
- Manejo de la gestion de seguridad // Security management administration
- En el data Center, integrando los equipos que se encuentra en el corazon de la red y previniendo que esten actualizados // For Data Centers, integrating equipment that is the core of a network, and preventing them from being updated
- En las diferentes areas del campus para poder monitorizar el funcionamiento de los dispositivos // Improving remote monitoring of devices
- En la identificacion de problemas de seguridad de los dispositivos de red // Improving identification of network security issues
En pequenas redes que no tienen planificado crecer, podria implementarse pero no tiene un gran impacto, sobre todo por la inversion inicial y el costo de licenciamiento.
In medium or large network infrastructure where there is more than 20 switches or computers to be managed DNA Center is an appropriate solution because it allows IT staff to be more productive and focus on what is important.
In small networks that do not plan to grow, it could be implemented, but does not have a big impact, especially because of the initial investment and the cost of licensing.
- It has a nice GUI.
- It simplifies management of very complex scenarios we couldn’t set up without it. (Segmentation.)
- The GUI is not very intuitive: if I want to see what IP pools are in use for a specific site, I have to navigate through a lot of sections whose titles don‘t really sound like IP pools can be found behind them.
- In Assurance it is not intuitive for me to filter the Client list for example for "clients whose IP starts with 192.168.111.". I always end up trying different syntax, give up, show the entire list and scroll until I manually find the entry (so far we only have 250 clients enrolled).
- Complete view of the Cisco infrastructure in your organization
- You can automate actions for each device or user
- Detects issues and tells you possible causes and sugestions on how to resolve the issue
- It supports only a specific list of Cisco devices that can be added to DNA. If you have old ones, some of them could not be supported
- For integration with Cisco Meraki solutions, it integrates only at the "inventory" level. You can see the devices but no more information, then DNA redirects you to the Meraki Dashboard
- For automation, you need Cisco ISE, and the level of functionality you have is going to depend on what type of license you purchased
- Navegación de equipo kiosco // // Navigation for kiosk equipment
- Acceso desde cajeros // ATM access
- Proteger areas sensibles para que no sean accedidas // Protect sensitive areas so they are not accessed by unwanted users
- integración con SIEM // integration with SIEM
It is expected to be able to control the access of different network resources from sensitive areas. This applies to the integration of other products like Cisco ISE.
I do not like the fact that I have to do the manual process of doing the key generation and key imports into DNA Center from ISE. This is needed to get full identity information for wired assurance
- A single place for managing the configurations.
- A single place to provision new locations and ensure the configuration is consistent and fast.
- A single place to see my network quality.
- You are unable to tweak all the settings you would like so you might need to do some manual work in the background.
- You still need prime systems to do comprehensive management of the wireless environment.
- If you change some of the settings manually, those can be overwritten next time you provision something.
- It is not always clear what the impact is to production users when you need to change something new on the fly.
- Historical visualized data: This data is comprehensive, and available for viewing without having to ask an end user to repeat this task.
- Path Mapping: Endpoint path data will show the network health between two endpoints
- Network Templating: The ability to set network configurations across multiple devices in a specific role is vital.
- Image management: This allows us to set a single golden image, which can be used across the infrastructure effortlessly.
- Initial setup: This was unnecessarily complex. You can tell that the product had more developer input than it really should have.
- Documentation on initial setup: this could have been written a lot better.
- Mapping: The hierarchical view is great, but I think most people would also like the option of seeing a traditional network diagram.
- Integration with ACI: My customers want to see end-to-end networking across the infrastructure, not just endpoints. If I have ACI ruling my datacenter but it's not visible DNA center, I have to swap between 2 tools to observe visibility. That isn't something I really want to do
- ISE Integration was a hassle: Ended up having to call TAC to make this work
- Licensing costs: Licensing costs for DNA advantage are asinine.
- IPAM support is extremely limited: Only Bluecoat and Infoblox at the time, that's pretty limited. I'd like to see it integrated with windows native IPAM and Solarwinds IPAM
- PnP is absolutely amazing. The idea that the server need only boot up and get a DHCP address (with DNS or Option 43) greatly increases the deployment speeds, especially tying to golden standard images and configuration templates.
- API documentation and integration is better than any other Cisco product I have seen, and in the top 3 of any product I have worked with. The Developer toolkit was able to not only show configuration examples, but also show you the actual feedback from that call to assist in quality testing.
- ISE integration with the auto-provisioning makes a zero-touch deployment seemless across multiple platforms. Having the DNA Center contact the ISE environment greatly assists in speed-to-deployment of new gear.
- The overall UI is very intuitive and walks you through each piece of a new deployment. Whereas in products like ISE, I always talk about working backwards (define the result, the conditions, and then add to policy - but the tabs are listed in reverse order), DNA Center provides the step-by-step boxes to take a new deployment to a fabric-enabled campus to assurance and monitoring.
- The configuration templates, with ability to add variables, allow engineers to create the one golden standard configuration for a particular switch type, and supply the variables to that particular switch. This has been a large limiting factors with many customers, as the templates were not dynamic enough.
- The PnP holding area for switches allows the switches to boot up and contact DNA Center, but will sit in an unprovisioned state until ready.
- Allowing templates to only be available for particular network devices or line of network devices prevents engineers clicking without thinking.
- The DNA Center provides a dot1X configuration to the switch that I have never seen before. It seems overly complex and may be hard to troubleshoot from the CLI.
- Documentation needs to be much more available through the Cisco website. Contacting TAC for every issue and upgrade is quite honestly unacceptable. Calling TAC undermines the trust of a product and I have had customers steer away from DNAC for that exact reason.
- Explaining the DNA Center "magic" to CLI needs to be documented in much greater detail. When I hit the bug in 1.2.6 which evaporated my fabric, I was desperate to get it back up. It was an issue with my LISP underlay, but unfortunately, I didn't know LISP at the time. Again, this is increasing the fear with the customer base (especially the senior engineers), who need to know "what happens when DNAC goes down".
- Cisco continues to push customers to their in-house resources with their seeding programs. This makes it difficult as a partner to sell services with DNA Center to assist. In one instance, we worked with the customer for 3 days on their DNA Center, and when we went to make a service sales attempt, we were cut short by the Cisco SE saying "don't forget you get a free X number of hours with our team". What is our motivation for being so invested if Cisco seeds the device and the services? We are not making any money on the deals.
- I am hopeful about the 1.3 train, but 1.2 was so plagued with bugs that customers were jumping minor releases way too often. The same problem happened with Firepower. I am not sure if these were not unit tested because there wasn't enough resources or time, but jumping from failed minor release to failed minor release is a great way for customers to lose faith in the product.
- The documentation of what the initial set-up *does* needs to be better documented. There are 4 ports, but only 2 are necessary (cluster and enterprise). This needs to be better explained that only one interface can get a default route, so that needs to be taken into account. Also, why the service subnets exist needs to be better explained. I have dealt with way too many customers who fumble past the address space needed for DNA Center because no one puts on the web site "these are tunneled IPs used by Docker." Again - very poor public documentation is available.
- DNA Center needs to be advertised as what it is. It is an absolutely amazing product, which needs ISE for the SDA. For ETA, Stealthwatch can report back to ISE. That has nothing to do with DNA Center. This is only causing confusion. When I finally de-tangle the Cisco products for a customer, they generally are willing to sign off on more of the products than the campaign of DNAC, ISE, Stealthwatch, Threat-Grid, Firepower, and Cat9K -or- nothing.
- Config management, we use it with their template system to ensure configurations meet our universal standards.
- Image deployment, we deploy images to some of our campus switches, and use it to make upgrading/patching systems easier.
- Wireless mapping, we use it with our wireless LAN controllers to help map out our AP's.
- Browser compatibility, it's functionality favors Chrome, Firefox will not work 100% with it, and IE will not work with it at all.
- Retroactive support for image deployment, some devices in our environment with dual supervisors have a hard time using SWIM (Their image management) to deploy/upgrade properly.
- Config language is a bit difficult at first, their template language has a bit of a learning curve and you'll need to focus on the documentation to properly leverage your power user capabilities, but it's powerful despite the learning curve.
Cisco DNA Center Scorecard Summary
About Cisco DNA Center
Cisco has 30 years of experience and an end-to-end portfolio, so we can deliver for today’s needs what our competitors can’t. We help customers successfully manage technology transitions. Embedded security detects threats in mere hours instead of in months. And we’ve studied how networks are consumed and have applied those learnings to the new network.
Cisco DNA Center Downloadables
Cisco DNA Center Competitors
Cisco DNA Center Technical Details