Cisco's Digital Network Architecture (DNA) offers a new holistic approach to meet the requirements of the digitized enterprise. DNA Center provides automation, analytics, identity services and policy-based networking capabilities. The session introduces DNA Center and its ability to automate network operations through the use of templates, profiles and workflows. Examples of automation use cases included deploying standard network settings, custom configurations, wireless deployments, application policies and software lifecycle management.
2. Session Abstract
Cisco's Digital Network Architecture - Introducing the Network Intuitive
More and more organizations are adopting customer-centric applications and “as-a-service” models
to keep up with the pace of digital business and improve the quality and flow of information. As a
result, the network has shifted to become the fundamental platform for digitization, empowering
business efficiency and innovation by simplifying and automating processes while protecting and
securing company data.
Cisco's Digital Network Architecture (DNA) offers a new holistic approach to meet the requirements
of the digitized enterprise. This session introduces the motivation for an architecture evolution of
enterprise networks, and provides details on each of the building blocks, including the new DNA
Center (DNA-C) GUI, Automation and Assurance capabilities it supports.
The concepts of virtualization, controllers, policy-based networking and cloud enablement are
explored as main architecture shifts. The session also provides insight into concrete examples on
how to automate and simplify application visibility and QoS deployments for network operators.
Come to this session to learn how Cisco is revolutionizing the network with DNA! This is the first of
two sessions – an optional deeper-dive “double-click” session focused on Cisco’s advanced
Assurance Capabilities.
3. It’s a Digital World!
Shifting from IP to Identity
Automating your network with DNA
Center
Gaining Deep Insights with Assurance
And Analytics
Summary
Agenda
Cisco DNA – Introducing the Network
Intuitive
10. Digital Business Demands Application Agility
“…While other components of the IT infrastructure have become more
programmable and allow for faster, automated provisioning, installing
network circuits is still a painstakingly manual process...”
— Andrew Lerner, Gartner Research
11. Agility Requires Faster Network Provisioning
Source: Forrester Source: Open Compute Project
Time IT spends on operations80% CEOs are worried about IT strategy
not supporting business growth57%
Network Expenses
Deployment Speed
0 10 100 1000
Computing Networking
Seconds
0
100%
CAPEX OPEX
33%
67%
14. The Need for
a New Network Constantly Learning
Support 100X new devices, apps, users
Constantly Adapting
Respond Instantly to business demands with
limited staff and budget
Constantly Protecting
See and predict issues
and threats and respond fast
The more you use
it, the wiser it gets.
15. Intent-based
Network Infrastructure
DNA Center
AnalyticsPolicy Automation
I N T E N T C O N T E X T
S E C U R I T Y
L E A R N I N G
The Network. Intuitive.
Constantly learning, adapting and protecting.
Informed
by Context
Visibility into traffic
and threat patterns
Who, What, When,
Where, How
Powered
by Intent
Translate Business Intent
to Network Policy
Automate the management
and provisioning millions of
devices instantly
22. Introducing DNA Center
Realizing vision of the intent-powered intuitive network
Decouple Policy from
Network Topology
Industry Best-Practices
Configuration and Policy
Compliance
Proactive Issue
Identification and
Resolution
Policy Automation
Assurance and
Analytics
Translate business intent
into network policy
Reduce manual operations
and cost associated with
human errors
Use context to turn data into
intelligence
23. DNA Solution
Cisco Enterprise Portfolio
Automation AnalyticsIdentity Services Engine
Routers Switches Wireless APs
DNA Center
DNA Center
Simple Workflows
Wireless Controllers
DESIGN PROVISION POLICY ASSURANCE
38. Source: 2016 Cisco Study
Traditional Networking CANNOT Keep Pace with the Demands of Digital Business
OpEx spent on
Network Visibility and
Troubleshooting
75%
Policy Violations
Due to Human Error
70%
Network Changes
Performed Manually
95%
Main Operational Challenges
41. Categorize metrics by degrees of relevance
Architectural Requirement #2: On-Device Analytics
ASSURANCE
42. Upload critical metrics off the device to collector(s)
(optimally via model-based streaming-telemetry)
Architectural Requirement #3: Telemetry
EM
Collector
ASSURANCE
43. Provision long-term storage, retrieval and representation of network metrics and events
Architectural Requirement #4: Scalable Storage
ASSURANCE
45. Correlate all data points and permutations for cognitive and predictive analytics
Architectural Requirement #6: Machine Learning
ASSURANCE
46. Identify root cause of issues by contextually correlating data
Architectural Requirement #7: Guided Troubleshooting
EM
Analytics
Engine
ASSURANCE
47. Present actionable insights to the operator
Solicit input to remediate the root cause
Present a self-remediation option
Architectural Requirement #8: Self-Remediation
EM
DNAC
AssuranceEM
DNAC
Automation
Do you want to take the
recommended action?
Yes No
Do you want to take the
recommended action?
Yes NoAlwaysAlways
ASSURANCE
48. Transforming the Network with Big Data Analytics
Data
Insight
Information
Action
Create value at the right timeExtract meaningful insights from data
Businessbenefit
Volume
Data size
• TB per day
• Streaming telemetry,
NetFlow, Syslog, SNMP, logs
Velocity
Data speed
• Firehose
• Streaming, low-latency
push/pull
Variety
Data forms
• Structured, unstructured
• Switch, router, AP,
IoT sensor, firewall,
load balancer, DHCP, DNS
Veracity
Data trustworthiness
• Quality, validity
• Internal, partner, public
Analytics
49. EM
DNAC
Network
Telemetry
Contextual Data
Data Collection and Ingestion
FW LB WLC Sensor
AAA
DNS DHCP
LDAP TOPOLOGY
INVENTORY
LOCATION
POLICY
ITSM
ITFM
Streaming
TelemetrySNMP NetFlow Syslog
Data Visualization and Action
Network Assurance netWorth
Collector and Analytics Pipeline SDK
...
Data Models and Restful APIs
Time Series Analysis
System Management Portal
DNA Center Assurance
Data Correlation and Analysis
Machine Learning
in the Cloud
CEP (*) Correlation
CEP = Complex Event Processing
DNA Center Assurance (Internal) Architecture
58. What is Machine Learning?
• Machine learning is an application of artificial intelligence (AI) that provides systems the ability to
automatically learn and improve from experience without being explicitly programmed to do so
• The process of learning begins with observations of data, and looking for patterns within the data so as to
make increasingly better correlations, inferences and predictions
• The primary aim is to allow these systems to learn automatically without human intervention or
assistance and adjust actions accordingly
59. Project Kairos
For Wireless, Wired and IOT
Cognitive Analytics
Anomaly detection
Identify and proactively adapt to a failure
before it happens
Machine Learning
Predictive Analytics
60. Machine Learning Algorithms
build their models using
hundreds of inputs
APs
WAN
Local WLCs
Network Services DCOffice Site
ISE
DHCP
Mobile Clients
CUCM
NCP
~
~
~
~
~
~
~
~
~
~
~
~
RF & EDCA
behavioral
metrics,..
Queuing, Dropping, WRED
behavioral metrics…
Device type, OS release,
behavioral metrics, ...
WAN & core
network metrics ..
Application metrics, user
feedback, failure rate, ...
... and more
73. Providing Security While Maintaining Privacy!
Encrypted Traffic
Non-Encrypted
Traffic
Can we Actually Solve This?
How do you Analyze Metadata without decrypting traffic flows?
80%
of organizations are
victims of malicious activity
41%
Of attacks used encrypted
traffic to evade detection
77. Automated Deployment
It’s a Journey!
Self-Driving Automation
Plug and Play,
Day 0 Deployment
Configure once and deploy
everywhere - SD-Access
Exists Today
ISE / AD NAE / PI
DNA Center
Campus
Fabric
SDA
Future
Closed Loop through Network
Analytics and Machine Learning
Network
Analytics
Platform
DNA Center
BB
Campus
Fabric
SDA
Network
Control
Platform
HTTP
Proxy
Internet
Admin
Installer
New
Step 1
Network admin
previsions devices in
Cisco Network Plug
and Play applications
Step 2
Onsite installer with
mobile app installs and
powers on devices,
triggers deployment,
checks status
Step 3
New devices contact
Cisco Network Plug and
Play application to get
provisioned
Network admin can
remotely monitor
install status
Basic Advanced
One Point of Management: All from Cisco DNA Center
Consistent Across Network Fabric