Link to home
Start Free TrialLog in
Avatar of Techrunner
Techrunner

asked on

Cisco DNAC Roll Out

Our network infrastructure is 100% Cisco. We are planning to deploy  DNA Center into our infrastructure without SD-Access for now.
So what value will it add to the existing network? Will it worth to us anything? Need any suggestions and recommendations before presenting solution to the senior ICT management.
ASKER CERTIFIED SOLUTION
Avatar of Craig Beck
Craig Beck
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Techrunner
Techrunner

ASKER

1. We are currenyly running mix of 2960X and 3850 on Access Layer and 6800 and 4500-x as core. So what will be the requirements in order them to manage on DNAC.
2. What assurance features does DNAC provide ?
3. We have multiple site, can we manage all device from central DNAC or there are any limitations ?
4. Can we considered the DNAC solution as Network Operations Center ?

Please advise.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thanks for the help.

1. Does DNAC (without SDA) pushes the configuration to devices ?
2. What will be the needed WAN bandwidth requirements ( main and remote site) considering each remote site with 70 devices ( mainly switches and access points)
Yes you can push config without fabric configuration.

Suggested RTT is no more than 100ms between DNA Center and remote sites. There's no bandwidth specification as such.
We need Smart DNA licensing for each device ( Cisco 2960X & 3850) ?

Thanks
Depends on the version of code on each device. 
If I had a ISE with DNAC, what features and use cases I can have ( without sd-access)?

Thanks
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thanks
We always got the best and straight to the point answers from you unlike Cisco itself

Now talking about the deployment, we have total 5 medical centers and each center having 50-60 switches with 600-700 users.
Servers and services (AD,DNS, DHCP) are decentralized.
Sites are interconnected over IPSec. One of our site is considered as HQ.
Thus, what best deployment strategy we could approach in our case.
Appreciate your support.




SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Hi Sir,

Just for the info our remote site are connected over IPSec VPN, however, within the coming few months we will deploy Meraki SD-WAN with Full Mesh.
I am fan of centralizing the administration though it depends on the given infrastructure. We will be using ISE 802.1x (wired/wireless), BYOD, Posture Assessment, and MDM ( with Meraki Cloud).
In addition , we have a wireless controller on every site.
So keeping the consideration of the above points, what would be the best deployment for ISE?

For DNAC, I got it now to host at the HQ site.
Thanks
 
 
Is there a reason you have a WLC at each site? You could centralise them if all traffic needs to go to HQ first, using Flexconnect.

If you use 802.1x on the wire I'd put an ISE PSN at each (or important) sites as long as latency is within 300ms between PAN and PSN. 
Just to clarify, all the sites route their traffic locally. Each site has Collapsed Core and Access Switches.
We will be using ISE 802.1x (wired/wireless), BYOD, Posture Assessment, and MDM ( with Meraki Cloud).
Remote site connect to central location just to access some servers and AD sync.