Although there are feature parity between, DNAC and PI, both are very different devices and have different purpose.
when you login to DNAC, you will find 2 major sections.
At top you have applications which includes design, policy, provision, assurance, platform.
At bottom you have tools, which includes discovery, PnP, topology, etc.
In my opinion tools in DNAC can more be related to PI but DNAC is
much more advance there, since you have PnP capability (originally
APIC-EM feature) but the application part is unique for DNAC which you
dont have on prime.
To give few example :
In DNAC you can design your entire network define configurations like
AAA, DHCP, DNS, IP POOL, username and password, SNMP etc and associate
it to a site when the deice is assigned to a site, all this
configuration can be pushed to the site directly.
In DNAC you can integrate with ISE and define the policy on DNAC and
it will be pushed to ISE and eventually to switches, which you can't do
in prime.
You can do LAN automation and have your underlay configured for ISIS routing automatically, which you cant do in prime.
DNAC is centralized control for software define access which is an
overlay technology reducing need to complex routing with VLAN and ACL
based segmentation, you can do macro segmentaion on top on overlay using
VRF and microsegmentation within VRF using SGTs, which prime does not
do.
DNAC have many API available which can be potentially used by other tools to consume data from DNAC
I can go on and on but best would be you refer to Cisco documentations, you can start with DNAC design guide.
Hello community,
I am a Senior Network Administrator at a large financial services firm.
What are the requirements for integrating the Cisco Data Center and Cisco ISE?
Thank you for your help.
Senior Technical Consultant at International Turnkey Systems - ITS
Mar 9, 2023
Hi Anyman
1- first you need to enable pixgrid setting at CIsco ISE at Admin setting.
2- You Need to activate ISE as Radius in DNA Setting tab at the left corner (user name and password is any ISE administrator user ).
3- From Network Hierarchy Tab in DNA Cisco choose ISE as your AAA server.
4- You need to create STG group at policy tab to create the proper user grouping.
4-Then go to provision / fabric / switch interface then apply ISE as your authentication profile.
Most Importantly you need to ensure that your fabric switch has DNA advantage license
Hello community,
I work for a large comms services company. I am currently researching network monitoring tools.
What are the overall differences between Cisco Prime and Cisco DNAC? Cloud base/delivered, premise-based, etc?
Thank you for your help.
We use both Cisco DNAC and Cisco Prime (PI). Actually, you can easily use the migration tool on Cisco PI 3.10 to migrate your data and integrate it with DNAC. DNAC is more dynamic and robust than PI supporting intent-based networking, analytics and assurance, and many automated operations.
Best suited for enterprise environments with many Cisco platforms and multiple managed devices where automated operations are highly required.
If we didn't have PI before, we would have just settled for DNAC because DNAC can do a lot more and better.
Two major differences:
1. The actual models that they manage, the p-dart Cisco migration report will tell you where you stand on this issue. Not all CPI models are supported on DNA.
2. Installation and maintenance automation of connected devices. A modern must-have for device deployment and maintenance.
Having said these two points, DNA is and will be the integration point for a whole suite of products like CPO which will become a DNA module and tighter integration with ICE. Furthermore, the new automation feature is really a prequel to the more interesting self-diagnosis and self-correction of device operations. Hope this answers your question, but install the PDART migration report to really understand the ROI of DNA.
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias.
Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why.
You can read user reviews for the Top 5 Network Management Applications to...
Although there are feature parity between, DNAC and PI, both are very different devices and have different purpose.
when you login to DNAC, you will find 2 major sections.
At top you have applications which includes design, policy, provision, assurance, platform.
At bottom you have tools, which includes discovery, PnP, topology, etc.
In my opinion tools in DNAC can more be related to PI but DNAC is
much more advance there, since you have PnP capability (originally
APIC-EM feature) but the application part is unique for DNAC which you
dont have on prime.
To give few example :
In DNAC you can design your entire network define configurations like
AAA, DHCP, DNS, IP POOL, username and password, SNMP etc and associate
it to a site when the deice is assigned to a site, all this
configuration can be pushed to the site directly.
In DNAC you can integrate with ISE and define the policy on DNAC and
it will be pushed to ISE and eventually to switches, which you can't do
in prime.
You can do LAN automation and have your underlay configured for ISIS routing automatically, which you cant do in prime.
DNAC is centralized control for software define access which is an
overlay technology reducing need to complex routing with VLAN and ACL
based segmentation, you can do macro segmentaion on top on overlay using
VRF and microsegmentation within VRF using SGTs, which prime does not
do.
DNAC have many API available which can be potentially used by other tools to consume data from DNAC
I can go on and on but best would be you refer to Cisco documentations, you can start with DNAC design guide.
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/CVD-Software-Defined-Access-Design-Guide-2018AUG.pdf