Cisco upgrades intent-based-networking performance, security, analytics

The new DNA Center software integrates a ThousandEyes agent to improve network-intelligence monitoring, double the number of clients the system supports, and strengthen security.

group of executives collaborate board room board mentor advisory board colleagues networking by alp
AlphaSpirit / Getty Images

Cisco brought new features to its DNA Center network-control platform that promise to improve performance, management analytics and security for its enterprise network customers.

The new software features integration of a ThousandEyes agent that bulks-up the platform’s network-intelligence monitoring, a two-fold increase in the number of clients the system can support, and improved security and operational capabilities.

DNA Center is the heart of Cisco’s intent-based networking strategy and is the vendor’s core-networking control platform supporting myriad services from analytics, network management and automation to assurance setting, fabric provisioning, and policy-based segmentation for wired and wireless enterprise networks. 

Support for ThousandEyes adds additional capabilities to handle the installation, updates, and lifecycle management of Cisco Catalyst switches. In fact DNA Center can update to up to 1,000 Catalyst 9000 network devices per hour, if needed, Cisco stated.

The ThousandEyes software, which Cisco bought in 2020,  analyzes performance of local and wide-area networks and the internet. By utilizing its world-wide system of software and agents, it provides insights into cloud, enterprise and endpoint services that can let network, application, and cloud teams work together to quickly isolate and resolve problems.

Cisco recently added ThousandEyes support to its Catalyst 8200/8300 series edge platforms as well as its Catalyst 9000 family to let customers monitor performance of applications, network components on campus and branch-office networks. ThousandEyes is also integrated in Cisco 4000 series Integrated Service Router software.

The ability to deploy ThousandEyes through DNA Center is going to make the deployment of that software much quicker and easier and the ability to see everything and respond to problems faster is important to us, said Dustin Metteer, lead network engineer for Renown Health.

The information gleaned from ThousandEyes also bolsters platform’s integrated AI/ML support.

“If you have applications that depend on distributed architectures, multi-cloud platforms, a complex web of APIs, and third-party services, you do not have good visibility into each entity’s performance, so would be hard pressed to debug and resolve issues,” wrote Vivek Bhargava, product marketing manager with Cisco Enterprise Networking and Cloud in a blog about the updates. “Cisco ThousandEyes provides monitoring for such environments extending from access to cloud using agents installed and running on Catalyst access switches.”

In addition, AI/ML is used with DNA Center’s new predictive analytics program that can identify Wi-Fi blindspots in buildings and aid in placing wireless access points to resolve them. New comparative analytics lets customers evaluate the performance differences of network devices and clients, set baseline network activity levels, identify poor performing entities and further optimize overall network performance, Bhargava wrote.

“Using AI and ML to understand what’s going on with the network and help us quickly resolve problems is key to our use of DNA Center,” said Shai Silberman, director of  network services at San Jose State University.  “The ability to address issues before they become serious, many times before the end user is even aware, is our goal.”

Also, DNA Center can create Wi-Fi heatmaps that track performance of devices throughout the day to quickly isolate issues and perform root-cause analysis, Bhargava wrote.

Cisco asaid it will work with Wi-Fi design and spectrum-analysis vendor Ekahau to help customers develop optimal wireless enterprises. With this support, customers can export floor plans to Ekahau, design the Wi-Fi deployment, and import it back into Cisco DNA Center, with recommendations on the optimal number of APs to deploy and where they should be placed, Bhargava wrote.

On the security side, DNA Center can help customers who want to utilize the platform’s SD-Access technology to automate user and device policy enforcement as well as control network access and segmentation.  

“DNA Center now allows custom ways users can gradually transition their current network to SD-Access,” Bhargava stated. “Use the new features that do not require you to reconfigure existing VLAN-IDs, avoid disruptive and time-consuming efforts, and jump-start your conversion process.”

DNA Center can now continuously monitor the behavior of endpoints, cross reference endpoint behavior with posture and vulnerability status, and assign a numerical trust score. The score can be used to determine whether endpoints should be allowed to stay on the network, be quarantined, or removed, Bhargava stated.

In addition to the new features DNA Center software now supports up to 500,000 wireless endpoints, up from 250,000, and 200,000 ISE endpoints, up from 100,000.  For disaster-recovery implementations, DNA Center can be configured in a three-node cluster.  In the past such a set-up required seven nodes. 

The new Cisco DNA Center software, version 2.2.2 will be available June 14.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2021 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)