The move to virtualize enterprise networks began several years ago. Because the work is complex, Cisco, the industry’s leading network equipment supplier, delivered a variety of solutions. Two key elements are Cisco Application Centric Infrastructure (ACI), the centerpiece in its Software-Defined Network (SDN) story, and Cisco Digital Network Architecture (Cisco DNA) Center, the cornerstone of its intent-based network solutions. Confusion sometimes arises about the role of each, so let’s clarify what each one does.

Businesses want to lower their network management costs. They have been moving away from traditional network devices, like routers, because their intelligence is tightly connected to the underlying hardware. They are embracing software-defined network solutions, which feature a virtualization layer that simplifies maintenance and supports greater automation. These two solutions are part of that transition.

What is Cisco ACI?

What is Cisco ACI?

Cisco ACI, which has been available since 2014, is a SDN designed to increase network automation, performance, and security. The system was built to leverage the capabilities in the firm’s industry-leading hardware. Intelligence is incorporated into these devices rather than being housed in an independent software application.

ACI includes the Cisco Application Policy Infrastructure Controller (APIC).  APIC provides administrators with central network management functionality. They create, customize, and duplicate network policies that the infrastructure follows. The admins adjust policies, view network health, and implement advanced capabilities, like QoS (Quality of Service) and multi-tenant security. In effect, Cisco ACI allows your technicians to create new virtual networks, adjust network application policies, and gain greater visibility into network activities.

What is Cisco DNA Center?

What is Cisco DNA Center?

Cisco DNA Center, which was unveiled in 2017, builds upon Cisco ACI capabilities and takes its features a few steps further and is designed to support Intent-Based Networking (IBN). While SDNs focus on automating the set-up of single devices, IBN concentrates on policies used by every device, application, user, and network connection. With Cisco DNA Center, an administrator defines a business intent and the network figures out and completes the work. The product is powered by a new enterprise-scale version of the APIC called the APIC-EM. Its user interface lets administrators automate the process of deploying policy-based application profiles.

Cisco DNA Center includes other features. It also automates IWAN deployment and management. In addition, it provides business insight about your Cisco wireless infrastructure with CMX Cloud.

Cisco Software-Defined Access (SD-Access) is another powerful network automation function that is a central part of the DNA Center.  SD-Access includes an Identity Services Engine, which allows you to automate creation of access and security policies across wired, wireless, and VPN connections. Finally, SD-Access also includes an analytic platform for network monitoring and metrics. The data analytics reports provide network administrators with real-time information on network performance and security threats. Administrators take that information and determine steps to remediation whenever they are needed.

Putting the Pieces Together

Putting the Pieces Together

Rather than competing against one another, ACI and DNA technologies work best when implemented in combination with each other. Together, these solutions simplify network configuration, management, and compliance. Administrators provide groups of devices with approach credentials. They implement company policies via a centralized management console in an automated way but set security policies at a granular level.

An SDN works with an IBN solution to make and deploy changes automatically and in real time For example, if a business wants to secure all traffic from its accounting system, that command is issued and the systems take care of all the technical details. Also if a worker moves, all the policies and network settings follow him or her. Such changes dramatically decrease network administrator’s workload. No more manually configuring connections or changing policies when an individual’s work status changes.

What are the Potential Benefits?

What are the Potential Benefits?

The changes significantly improve network administration. Data center teams spend much less time on network design, testing, and troubleshooting.  Security is tightened. Consistent security policies keep sensitive data safe, and microsegmentation ensures that any potential threats are contained.

Compliance improves. Manual configurations are prone to human error. SDNs and IBN automatically apply policies, reducing human error and potential compliance lapses. Built-in integrity verification ensures that policies do not contradict each other.

Companies reduce downtime because the network is smart enough to understand the impact of changes made to the network. These sophisticated systems alert network operators to potential issues as they arise and even take steps that address issues proactively

What Next?

Network maintenance has been an exceedingly complex area, one that many businesses struggle to keep pace with. Cisco ACI and Cisco DNA Center have tremendous potential to simplify the process. How can your company take advantage of these features?

For help, you need to turn to an expert. Acadia Technology Group is an IT solution provider that understands the challenges in deploying and running business networks. We have worked with many enterprises to implement cost-effective and robust network solutions. You can be next.

Acadia - CTA - Cisco DNA Center Guide