WEBVTT 0:00:02.960000 --> 0:00:04.920000 Hello and welcome to this video. 0:00:04.920000 --> 0:00:09.180000 This is an introduction to Cisco's DNA Center platform. 0:00:09.180000 --> 0:00:13.700000 In this video I'm going to talk about what the initial problems were that 0:00:13.700000 --> 0:00:17.120000 led to the creation of Cisco DNA Center. 0:00:17.120000 --> 0:00:20.420000 I'm going to introduce you to Cisco DNA Center from a very high level 0:00:20.420000 --> 0:00:23.120000 and tell you what types of things it can do. 0:00:23.120000 --> 0:00:25.200000 I'll give you a very brief demonstration of it. 0:00:25.200000 --> 0:00:29.300000 We'll talk about the DNA Center components. 0:00:29.300000 --> 0:00:34.480000 So let's start out with what problems existed that led to the creation 0:00:34.480000 --> 0:00:36.540000 of Cisco DNA Center. 0:00:36.540000 --> 0:00:42.520000 There were various needs that were in place and as these needs existed 0:00:42.520000 --> 0:00:47.540000 various independent separate Cisco solutions were developed to solve these 0:00:47.540000 --> 0:00:52.440000 needs. For example, applying consistent configurations to newly provisioned 0:00:52.440000 --> 0:00:57.460000 devices. Cisco had the configuration professional or you could use Ansible 0:00:57.460000 --> 0:00:59.420000 or Putty or Chef. 0:00:59.420000 --> 0:01:01.240000 Things were developed for that. 0:01:01.240000 --> 0:01:06.420000 Applying consistent security policies to users and devices. 0:01:06.420000 --> 0:01:10.120000 So Cisco used to have their Cisco secure ACS server. 0:01:10.120000 --> 0:01:13.400000 Then they came out with ICE, the identity services engine. 0:01:13.400000 --> 0:01:16.400000 So they came up with a solution for that. 0:01:16.400000 --> 0:01:19.640000 Segmenting the network as needed dynamically. 0:01:19.640000 --> 0:01:23.820000 Well Cisco came out with a controller called the APIC controller which 0:01:23.820000 --> 0:01:27.460000 was able to do that if you had the appropriate hardware. 0:01:27.460000 --> 0:01:32.740000 Applying QS policies to enhance the quality of experience. 0:01:32.740000 --> 0:01:35.700000 APIC could do that. 0:01:35.700000 --> 0:01:41.260000 And ensuring that all devices were running consistent software images. 0:01:41.260000 --> 0:01:43.980000 And certainly providing useful data analytics. 0:01:43.980000 --> 0:01:49.340000 Well there's a variety of SNMP managers and NetFlow collectors which can 0:01:49.340000 --> 0:01:53.180000 collect a variety of data from networking devices. 0:01:53.180000 --> 0:01:55.180000 But here's the problem. 0:01:55.180000 --> 0:01:57.000000 All these things were separate. 0:01:57.000000 --> 0:01:58.480000 All these things were independent. 0:01:58.480000 --> 0:02:02.480000 You had to log in to separate GUI, separate servers to collect all this 0:02:02.480000 --> 0:02:06.700000 stuff. What was really needed was to provide everything we've seen here 0:02:06.700000 --> 0:02:09.440000 from a single pane of glass. 0:02:09.440000 --> 0:02:15.660000 What that means is log in to one GUI, one device and have visibility over 0:02:15.660000 --> 0:02:20.560000 all of these things and be able to control all of these things from one 0:02:20.560000 --> 0:02:26.240000 central point. And that is what Cisco DNA Center is all about. 0:02:26.240000 --> 0:02:32.360000 So Cisco DNA Center, DNA first of all stands for the digital network architecture. 0:02:32.360000 --> 0:02:35.520000 Simply means that more and more things are getting on the internet every 0:02:35.520000 --> 0:02:38.240000 day. Certainly with the internet of things. 0:02:38.240000 --> 0:02:42.960000 Now having internet based doorbells and electrical outlets, thermostats 0:02:42.960000 --> 0:02:46.860000 and what not. We've got billions of devices being added to the internet 0:02:46.860000 --> 0:02:49.040000 every single year. 0:02:49.040000 --> 0:02:54.240000 And DNA Center is basically a centralized management dashboard for complete 0:02:54.240000 --> 0:02:56.460000 control over a network. 0:02:56.460000 --> 0:03:00.040000 And what was designed to do was to provide a central automation and analytics 0:03:00.040000 --> 0:03:04.720000 platform to facilitate intent based networking. 0:03:04.720000 --> 0:03:07.880000 Now this might be the first time you've ever heard this term intent based 0:03:07.880000 --> 0:03:09.100000 networking. What is that? 0:03:09.100000 --> 0:03:11.740000 Well it's a new approach to networking. 0:03:11.740000 --> 0:03:16.540000 Where special software like the software that resides in DNA Center helps 0:03:16.540000 --> 0:03:21.080000 you to plan, design and automatically implement on the fly changes to 0:03:21.080000 --> 0:03:24.740000 your network and improving its availability and agility. 0:03:24.740000 --> 0:03:30.120000 So with intent based networking the idea here is that before a single 0:03:30.120000 --> 0:03:33.940000 end user or application touches your network. 0:03:33.940000 --> 0:03:38.420000 You have pre-planned how the network should respond to these things when 0:03:38.420000 --> 0:03:39.580000 they do get connected. 0:03:39.580000 --> 0:03:44.900000 So your intent, where resources the user should have access to, what quality 0:03:44.900000 --> 0:03:48.300000 of service policies for different applications should be implemented, 0:03:48.300000 --> 0:03:53.520000 etc. Your intent is given to the controller in the form of maybe drag 0:03:53.520000 --> 0:03:57.560000 and drop policies within the gooey or pull down windows which then in 0:03:57.560000 --> 0:04:02.140000 turn translates that intent into usable configurations that are pushed 0:04:02.140000 --> 0:04:08.000000 down to network devices. 0:04:08.000000 --> 0:04:12.640000 So Cisco DNA Center at the moment of this recording anyway is an appliance 0:04:12.640000 --> 0:04:16.960000 that's pre-built with Cisco DNA Center software. 0:04:16.960000 --> 0:04:19.460000 Now if you remember what is an appliance? 0:04:19.460000 --> 0:04:22.340000 Appliance is basically a fancy way of saying look I'm providing you a 0:04:22.340000 --> 0:04:26.260000 box, a physical chassis that you can touch and feel, you're going to have 0:04:26.260000 --> 0:04:30.280000 to put it in a rack somewhere and this thing is pre-loaded with all the 0:04:30.280000 --> 0:04:34.620000 software you need for it to do, it's a signed task. 0:04:34.620000 --> 0:04:35.880000 That's what an appliance is. 0:04:35.880000 --> 0:04:40.280000 So when you buy DNA Center you're getting this box, this appliance. 0:04:40.280000 --> 0:04:44.480000 It is a controller and analytics platform like I've mentioned which is 0:04:44.480000 --> 0:04:47.140000 a central point of gooey based control. 0:04:47.140000 --> 0:04:50.640000 It allows you to do a lot of things, it allows you to design your network. 0:04:50.640000 --> 0:04:53.340000 So there's a certain section of DNA Center where you can start putting 0:04:53.340000 --> 0:04:57.340000 onto a map different sites, drill down, say how many buildings and floors 0:04:57.340000 --> 0:05:02.080000 are in that site, drag and drop access points, wireless access points 0:05:02.080000 --> 0:05:05.780000 or routers onto a site so you can design what your network is going to 0:05:05.780000 --> 0:05:07.400000 look like in advance. 0:05:07.400000 --> 0:05:10.960000 You can create topology maps and diagrams. 0:05:10.960000 --> 0:05:15.140000 You can identify golden images for software deployments so that Cisco 0:05:15.140000 --> 0:05:16.920000 DNA Center knows in advance. 0:05:16.920000 --> 0:05:21.460000 Okay if I see this particular maker model of router switch, this is the 0:05:21.460000 --> 0:05:22.600000 software it should be running. 0:05:22.600000 --> 0:05:26.120000 And if it's not, I will dynamically upgrade it to that software and I'll 0:05:26.120000 --> 0:05:29.200000 report back to you and let you know that was successful. 0:05:29.200000 --> 0:05:34.360000 You can create wireless profiles and SSID so this can now integrate with 0:05:34.360000 --> 0:05:38.880000 Wi-Fi and serve as your wireless LAN controller. 0:05:38.880000 --> 0:05:43.460000 And you can provide gooey based configuration of network devices and more. 0:05:43.460000 --> 0:05:46.600000 There is so much more this thing can do because remember what it's essentially 0:05:46.600000 --> 0:05:51.660000 doing is tying in as a central point all these disparate systems that 0:05:51.660000 --> 0:05:55.780000 existed previously with some new functionality as well. 0:05:55.780000 --> 0:05:59.280000 There's a lot more artificial intelligence and machine learning that has 0:05:59.280000 --> 0:06:04.200000 been built into Cisco DNA Center that did not exist previous to its creation. 0:06:04.200000 --> 0:06:06.140000 So what are the components of this? 0:06:06.140000 --> 0:06:09.700000 Let's take a look from an architectural perspective what makes a DNA Center 0:06:09.700000 --> 0:06:14.020000 topology. Well number one, you've got your fabric, your campus fabric. 0:06:14.020000 --> 0:06:17.700000 This consists of your switches, your access points, your routers, all 0:06:17.700000 --> 0:06:19.440000 that stuff is there. 0:06:19.440000 --> 0:06:22.380000 Now when you buy a DNA Center appliance you get it, you unpack it from 0:06:22.380000 --> 0:06:26.180000 the box. It's a physical thing, you plug it into your rack and you cable 0:06:26.180000 --> 0:06:29.480000 it up and so that's what this gray box represents here. 0:06:29.480000 --> 0:06:35.860000 Now essentially what this is is a Cisco APIC SDN controller. 0:06:35.860000 --> 0:06:40.880000 Now you could buy an SDN controller, an APIC SDN controller before DNA 0:06:40.880000 --> 0:06:42.460000 Center ever came out. 0:06:42.460000 --> 0:06:46.300000 But that was a standalone controller, it had its own GUI and then you 0:06:46.300000 --> 0:06:50.060000 still had to log off of that and log onto the iServer for your security 0:06:50.060000 --> 0:06:54.840000 policy or log onto your SNMP server for your network collection. 0:06:54.840000 --> 0:07:00.300000 So now your APIC is built into the server and it has a new GUI which controls 0:07:00.300000 --> 0:07:05.700000 it via an API called DNA Center. 0:07:05.700000 --> 0:07:12.580000 Now the Cisco APIC can use a variety of southbound APIs such as NetConf 0:07:12.580000 --> 0:07:19.260000 Yang, it can use SNMP, it can simply send CLI commands over an SSH session 0:07:19.260000 --> 0:07:22.820000 to the devices in your campus fabric. 0:07:22.820000 --> 0:07:26.860000 So it just depends on what the devices support as far as what kind of 0:07:26.860000 --> 0:07:32.300000 protocol you might choose to use to communicate to them. 0:07:32.300000 --> 0:07:37.060000 Now an integral component of this also is Cisco ICE, the Identity Services 0:07:37.060000 --> 0:07:42.300000 Engine. This is the central point of security in your topology. 0:07:42.300000 --> 0:07:46.660000 So this will when something comes onto the network it will verify who 0:07:46.660000 --> 0:07:51.100000 they are, what type of device they're on, what type of operating system 0:07:51.100000 --> 0:07:54.820000 they're on, is that an approved device and approved operating system, 0:07:54.820000 --> 0:07:58.120000 what department are they part of and more. 0:07:58.120000 --> 0:08:00.360000 ICE will do all of that. 0:08:00.360000 --> 0:08:05.880000 And then ICE can communicate that information back to DNA Center via another 0:08:05.880000 --> 0:08:10.920000 API. And in turn DNA Center can configure ICE. 0:08:10.920000 --> 0:08:15.580000 Now at the moment of this recording when you buy Cisco ICE you can't just 0:08:15.580000 --> 0:08:20.140000 plug it in and then go to DNA Center to have DNA Center control everything 0:08:20.140000 --> 0:08:24.980000 of ICE. There's still some configuration you have to do within the GUI 0:08:24.980000 --> 0:08:26.980000 that ICE provides you. 0:08:26.980000 --> 0:08:32.160000 But more and more as time goes on Cisco DNA Center is able to control 0:08:32.160000 --> 0:08:33.720000 more of the ICE functionality. 0:08:33.720000 --> 0:08:37.460000 Probably within the very near time frame it will become a reality where 0:08:37.460000 --> 0:08:41.780000 you don't have to touch the ICE GUI at all and the entire thing can be 0:08:41.780000 --> 0:08:44.000000 programmed directly from DNA Center. 0:08:44.000000 --> 0:08:47.280000 But right now there is an API that talks back and forth between the two 0:08:47.280000 --> 0:08:56.100000 of them. So DNA Center can learn of what devices are on the network via 0:08:56.100000 --> 0:08:58.120000 ICE. What have been authenticated? 0:08:58.120000 --> 0:09:01.180000 It can program Cisco ICE to a certain extent. 0:09:01.180000 --> 0:09:06.680000 And remember the Cisco APIC is actually what controls the network. 0:09:06.680000 --> 0:09:11.600000 So once and you can see here there's an API connecting Cisco ICE to the 0:09:11.600000 --> 0:09:15.060000 APIC controller within DNA Center. 0:09:15.060000 --> 0:09:20.660000 And so because these two are communicating now the APIC controller can 0:09:20.660000 --> 0:09:26.680000 say oh, all right, I see that there's a policy that needs to be implemented. 0:09:26.680000 --> 0:09:30.620000 Two payroll devices have just come on the network and they need to have 0:09:30.620000 --> 0:09:32.380000 a certain path set up for them. 0:09:32.380000 --> 0:09:35.420000 They need to have certain quality of service and access list implemented 0:09:35.420000 --> 0:09:39.940000 for them. That's the job of the APIC to communicate downstream or I would 0:09:39.940000 --> 0:09:44.220000 say southbound to your campus fabric to program all of that stuff. 0:09:44.220000 --> 0:09:48.500000 Once it has learned from ICE that those devices and those roles and functions 0:09:48.500000 --> 0:09:55.600000 exist. And then lastly, we have the Cisco network data platform. 0:09:55.600000 --> 0:09:58.580000 This is your analytics engine. 0:09:58.580000 --> 0:10:03.040000 So this collects information from the campus fabric either via NetFlow, 0:10:03.040000 --> 0:10:08.360000 HTTPS, syslog, or streaming telemetry which uses something else. 0:10:08.360000 --> 0:10:10.200000 It's a TCP based streaming service. 0:10:10.200000 --> 0:10:14.440000 Either way, NDP collects all the information about what's going on in 0:10:14.440000 --> 0:10:19.040000 the network. And it has the artificial intelligence and the machine learning 0:10:19.040000 --> 0:10:25.580000 to gather all that information, spot problems, and then intelligently 0:10:25.580000 --> 0:10:29.720000 talk about those problems and recommend solutions back to the GUI that 0:10:29.720000 --> 0:10:33.380000 you're looking at which is the DNA Center GUI. 0:10:33.380000 --> 0:10:35.800000 And so there's an API there. 0:10:35.800000 --> 0:10:39.100000 So when you buy DNA Center, let's go back to this again. 0:10:39.100000 --> 0:10:40.360000 What are you actually getting? 0:10:40.360000 --> 0:10:43.200000 Well, you're getting this. 0:10:43.200000 --> 0:10:45.980000 So you're getting a physical hardware appliance. 0:10:45.980000 --> 0:10:48.700000 You can see that at the moment of this recording anyway, there are three 0:10:48.700000 --> 0:10:53.380000 options. All three of them are Cisco UCS servers. 0:10:53.380000 --> 0:10:56.920000 And it just depends on how large your network is, how many devices you 0:10:56.920000 --> 0:11:00.860000 plan on controlling, which will determine which one of these servers you 0:11:00.860000 --> 0:11:07.460000 want to get. But that server there will have the APIC functionality within 0:11:07.460000 --> 0:11:11.240000 it. It'll have the network data platform within it. 0:11:11.240000 --> 0:11:14.840000 And it'll have the DNA Center GUI that controls and ties all this stuff 0:11:14.840000 --> 0:11:17.320000 in together in there as well. 0:11:17.320000 --> 0:11:19.080000 So let me just quickly show you. 0:11:19.080000 --> 0:11:25.320000 Once you've got that DNA Center appliance, what does it look like when 0:11:25.320000 --> 0:11:26.260000 you log into it? 0:11:26.260000 --> 0:11:30.140000 And I'm actually going to show you yourself how Cisco has provided us 0:11:30.140000 --> 0:11:33.740000 with a sandbox environment to be able to log into one of these things 0:11:33.740000 --> 0:11:37.280000 and just play around with it in complete safety just to see what it looks 0:11:37.280000 --> 0:11:44.700000 like. All right, so this is what I would recommend that you do. 0:11:44.700000 --> 0:11:50.860000 So start by going to this website, developer .cisco.com forward slash site 0:11:50.860000 --> 0:11:54.280000 forward slash sandbox. 0:11:54.280000 --> 0:11:56.420000 Make that a little bit bigger right there. 0:11:56.420000 --> 0:12:00.320000 So that's the website you'll want to go to, which will take you to the 0:12:00.320000 --> 0:12:04.920000 devnet sandbox. If you haven't already logged in, log in, you can log 0:12:04.920000 --> 0:12:06.520000 in with a free Cisco account. 0:12:06.520000 --> 0:12:09.840000 You don't necessarily have to be a Cisco customer with a contract and 0:12:09.840000 --> 0:12:13.080000 have purchased information or stuff from them. 0:12:13.080000 --> 0:12:18.120000 Once you log in, you'll click on where it says get started with sandbox, 0:12:18.120000 --> 0:12:26.860000 which will take you to all the various different sandboxes. 0:12:26.860000 --> 0:12:31.460000 And what we're concerned with if we scroll down here are these DNA centers. 0:12:31.460000 --> 0:12:35.720000 Now some of these have to be reserved and it takes about five minutes 0:12:35.720000 --> 0:12:36.640000 or so to reserve those. 0:12:36.640000 --> 0:12:39.960000 I'm not going to do that, but there's a couple of them right here, which 0:12:39.960000 --> 0:12:42.320000 are always on and can always get into. 0:12:42.320000 --> 0:12:46.920000 So I've gotten into one of those, which looks like this. 0:12:46.920000 --> 0:12:51.580000 So that this particular sandbox, as you can see, has DNA center connected 0:12:51.580000 --> 0:12:54.540000 via the public internet so we can actually get to it from anywhere. 0:12:54.540000 --> 0:12:57.540000 And that's connected to a variety of devices. 0:12:57.540000 --> 0:13:00.840000 It says right here, look, to get into it's real simple. 0:13:00.840000 --> 0:13:08.020000 All you have to do is go to this URL, tells you the URL, accept the self 0:13:08.020000 --> 0:13:11.520000 -signed certificate, and then it tells you what your credentials are. 0:13:11.520000 --> 0:13:14.700000 Your username is going to be devnet user and your password is going to 0:13:14.700000 --> 0:13:17.860000 be Cisco 123 e-clamation point. 0:13:17.860000 --> 0:13:21.300000 Like I said, anybody can get into this and it is always on. 0:13:21.300000 --> 0:13:25.660000 And once you do get into it, this is DNA center. 0:13:25.660000 --> 0:13:30.880000 So this is what Cisco DNA center looks like from its homepage when you 0:13:30.880000 --> 0:13:32.180000 first get into it. 0:13:32.180000 --> 0:13:35.960000 So you can just play around with this, click on anything that you see. 0:13:35.960000 --> 0:13:39.880000 For example, networking devices, all right, what 15 devices are here? 0:13:39.880000 --> 0:13:42.040000 Let's click on that. 0:13:42.040000 --> 0:13:48.760000 And we can see here a listing of the device names, the IP address, the 0:13:48.760000 --> 0:13:53.840000 reachability state, the device role, where it is within the site. 0:13:53.840000 --> 0:13:57.720000 Let's go back to the main homepage. 0:13:57.720000 --> 0:14:01.600000 You can also see here, here's your various, here's your five or your four 0:14:01.600000 --> 0:14:07.140000 overall sections of DNA center, design, policy, provision, and assurance. 0:14:07.140000 --> 0:14:11.460000 So if we go to design, we can see the network has already been designed 0:14:11.460000 --> 0:14:13.940000 for us. But we could, I'm not sure if we have the ability, but you could 0:14:13.940000 --> 0:14:17.880000 certainly try playing around with this and adding sites and locations 0:14:17.880000 --> 0:14:22.660000 to this. Network settings. 0:14:22.660000 --> 0:14:27.700000 But you can see, there's almost an infinite permutation of things you 0:14:27.700000 --> 0:14:29.280000 can do here within the GUI. 0:14:29.280000 --> 0:14:34.320000 But this is Cisco DNA center, tying all those individual elements back 0:14:34.320000 --> 0:14:39.420000 together and giving us control over our network. 0:14:39.420000 --> 0:14:43.940000 So that concludes this video. 0:14:43.940000 --> 0:14:44.660000 Thank you for watching.