IBN and Cisco DNA Center CCNA
IBN and Cisco DNA Center CCNA

IBN and Cisco DNA Center

IBN and Cisco DNA Center
5

Summary

This topic explain how Cisco DNA center enables intent-based networking. Start learning CCNA 200-301 for free right now!!

Note: Welcome: This topic is part of Module 14 of the Cisco CCNA 3 course, for a better follow up of the course you can go to the CCNA 3 section to guide you through an order.

Video – Intent-Based Networking

You have learned of the many tools and software that can help you automate your network. Intent-Based Networking (IBN) and Cisco Digital Network Architecture (DNA) Center can help you bring it all together to create an automated network.

Click Play in the figure to view a video by Cisco’s John Apostolopoulos and Anand Oswal explaining how artificial intelligence and intent-based networking (IBN) can improve networks.

Intent-Based Networking Overview

IBN is the emerging industry model for the next generation of networking. IBN builds on Software-Defined Networking (SDN), transforming a hardware-centric and manual approach to designing and operating networks to one that is software-centric and fully automated.

Business objectives for the network are expressed as intent. IBN captures business intent and uses analytics, machine learning, and automation to align the network continuously and dynamically as business needs change.

IBN captures and translates business intent into network policies that can be automated and applied consistently across the network.

Cisco views IBN as having three essential functions: translation, activation, and assurance. These functions interact with the underlying physical and virtual infrastructure, as shown in the figure.

Intent-Based Networking Overview
Intent-Based Networking Overview
  • Translation – The translation function enables the network administrator to express the expected networking behavior that will best support the business intent.
  • Activation – The captured intent then needs to be interpreted into policies that can be applied across the network. The activation function installs these policies into the physical and virtual network infrastructure using networkwide automation.
  • Assurance – In order to continuously check that the expressed intent is honored by the network at any point in time, the assurance function maintains a continuous validation-and-verification loop.

Network Infrastructure as Fabric

From the perspective of IBN, the physical and virtual network infrastructure is a fabric. Fabric is a term used to describe an overlay that represents the logical topology used to virtually connect to devices, as shown in the figure. The overlay limits the number of devices the network administrator must program. It also provides services and alternative forwarding methods not controlled by the underlying physical devices. For example, the overlay is where encapsulation protocols like IP security (IPsec) and Control and Provisioning of Wireless Access Points (CAPWAP) occur. Using an IBN solution, the network administrator can specify through policies exactly what happens in the overlay control plane. Notice that how the switches are physically connected is not a concern of the overlay.

Example Overlay Network

Example Overlay Network
Example Overlay Network

The underlay network is the physical topology that includes all hardware required to meet business objectives. The underlay reveals additional devices and specifies how these devices are connected, as shown in the figure. End points, such as the servers in the figure, access the network through the Layer 2 devices. The underlay control plane is responsible for simple forwarding tasks.

Example Underlay Network

Example Underlay Network
Example Underlay Network

Cisco Digital Network Architecture (DNA)

Cisco implements the IBN fabric using Cisco DNA. As displayed in the figure, the business intent is securely deployed into the network infrastructure (the fabric). Cisco DNA then continuously gathers data from a multitude of sources (devices and applications) to provide a rich context of information. This information can then be analyzed to make sure the network is performing securely at its optimal level and in accordance with business intent and network policies.

Cisco DNA Continuous Implementation of Business Intent

Cisco DNA Continuous Implementation
Cisco DNA Continuous Implementation

Cisco DNA is a system that is constantly learning, adapting to support the business needs. The table lists some Cisco DNA products and solutions.

Cisco DNA Solution Description Benefits
SD-Access
  • First intent-based enterprise networking solution built using Cisco DNA.
  • It uses a single network fabric across LAN and WLAN to create a consistent, highly secure user experience.
  • It segments user, device, and application traffic and automates user-access policies to establish the right policy for any user or device, with any application, across a network.
Enables network access in minutes for any user or device to any application without compromising security.
SD-WAN
  • It uses a secure cloud-delivered architecture to centrally manage WAN connections.
  • It simplifies and accelerates delivery of secure, flexible and rich WAN services to connect data centers, branches, campuses, and colocation facilities.
  • Delivers better user experiences for applications residing on-premise or in the cloud.
  • Achieve greater agility and cost savings through easier deployments and transport independence.
Cisco DNA Assurance
  • Used to troubleshoot and increase IT productivity.
  • It applies advanced analytics and machine learning to improve performance and issue resolution, and predict to assure network performance.
  • It provides real-time notification for network conditions that require attention.
  • Allows you to identify root causes and provides suggested remediation for faster troubleshooting.
  • The Cisco DNA Center provides an easy-to-use single dashboard with insights and drill-down capabilities.
  • Machine learning continually improves network intelligence to predict problems before they occur.
Cisco DNA Security
  • Used to provide visibility by using the network as a sensor for real-time analysis and intelligence.
  • It provides increased granular control to enforce policy and contain threats across the network.
  • Reduce risk and protect your organization against threats – even in encrypted traffic.
  • Gain 360-degree visibility through real-time analytics for deep intelligence across the network.
  • Lower complexity with end-to-end security.

These solutions are not mutually exclusive. For example, all four solutions could be deployed by an organization.

Many of these solutions are implemented using the Cisco DNA Center which provides a software dashboard for managing an enterprise network.

Cisco DNA Center

Cisco DNA Center is the foundational controller and analytics platform at the heart of Cisco DNA. It supports the expression of intent for multiple use cases, including basic automation capabilities, fabric provisioning, and policy-based segmentation in the enterprise network. Cisco DNA Center is a network management and command center for provisioning and configuring network devices. It is a hardware and software platform providing a ‘single-pane-of-glass’ (single interface) that focuses on assurance, analytics, and automation.

The DNA Center interface launch page gives you an overall health summary and network snapshot, as shown in the figure. From here, the network administrator can quickly drill down into areas of interest.

Cisco DNA Center
Cisco DNA Center

At the top, menus provide you access to DNA Center’s five main areas. As shown in the figure, these are

  • Design – Model your entire network, from sites and buildings to devices and links, both physical and virtual, across campus, branch, WAN and cloud.
  • Policy – Use policies to automate and simplify network management, reducing cost and risk while speeding rollout of new and enhanced services.
  • Provision – Provide new services to users with ease, speed, and security across your enterprise network, regardless of network size and complexity.
  • Assurance – Use proactive monitoring and insights from the network, devices, and applications to predict problems faster and ensure that policy and configuration changes achieve the business intent and the user experience you want.
  • Platform – Use APIs to integrate with your preferred IT systems to create end-to-end solutions and add support for multi-vendor devices.

Video – DNA Center Overview and Platform APIs

This is Part One of a four-part series demonstrating the Cisco DNA Center.

Part One is an overview of the Cisco DNA Center GUI. It includes design, policy, provision, and assurance tools used to control multiple sites and multiple devices.

Click Play in the figure to view the video.

Video – DNA Center Design and Provision

This is Part Two of a four-part series demonstrating the Cisco DNA Center.

Part Two is an overview of the Cisco DNA Center design and provision areas.

Click Play in the figure to view the video.

Video – DNA Center Policy and Assurance

This is Part Three of a four-part series demonstrating the Cisco DNA Center.

Part Three explains the Cisco DNA Center policy and assurance areas.

Click Play in the figure to view the video.

Video – DNA Center Troubleshooting User Connectivity

This is Part Four of a four-part series demonstrating the Cisco DNA Center.

Part Four explains how to use Cisco DNA Center to troubleshoot devices.

Click Play in the figure to view the video.

Glossary: If you have doubts about any special term, you can consult this computer network dictionary.

Ready to go! Keep visiting our networking course blog, give Like to our fanpage; and you will find more tools and concepts that will make you a networking professional.