Cisco DNA Center Reviews

We primarily use the platform for monitoring, especially within our wireless network. Additionally, we have started registering our 9300 and 9400 switches, although the primary focus remains on monitoring and alarming purposes.

One notable aspect of Cisco DNA Center is the code it injects into switches during enrollment—approximately 1,200 lines for telemetry and other configurations. Compared to other solutions, such as SolarWinds, which requires far less code to gather the necessary information, this seems excessive. They could improve this process by making it lighter and more efficient.

I use Cisco DNA Center mainly for greenfield, which is for bringing up the site, adding the devices, and doing day 0 and day 1. With the tool, the key important part handled is in terms of wireless assurance. The tool's Wireless Assurance version provides me with a good amount of data to help me understand how my wireless network functions within the network. The guided remediation helps with the tool's offerings in terms of AI and machine learning, especially if there are a lot of devices and there will be a lot of notifications. In my company, we can select the golden software image, and we can activate and distribute it in bulk. The SIEM compliance part and the integrations that it has in terms of Cisco ISE will form the segmentation in terms of SDN.

The most valuable feature of the solution stems from the fact that it gives some kind of ease in operations, especially since our company is moving from CLI to GUI-based configuration. You can design your network hierarchy and export the wireless heat maps. You can get the data that our company needs to understand how the network is behaving. You can visualize how your network is performing, look at the health course, and whatever it provides in terms of the user and client or from a network perspective.

Currently, we are working on building a small data center for a client. The goal is to connect all their branches and host various in-house developed services, such as enterprise resource planning (ERP) applications. 

We are utilizing Cisco DNA Center with at least 9000 series switches and a couple of SD-WAN solutions. With Cisco DNA Center's single interface, we can efficiently manage and deploy devices across all branches.

There are many valuable features, but one I would highlight is VXLAN. It's a protocol that has been around for some time, but the practical implementation and operational capability of Cisco DNA Center bring it to life. It enables seamless movement of machines from one location or branch to another with the same settings and parameters. So, there's no need for reconfiguration. This is just one example of the many features available in DNA Center.

Another feature I like is Access Control Lists. There are many other things. Same with DNA Center. You have SD-Access. So, SD-Access is also a powerful feature that Cisco claims to be a replacement for the LAN (Local Area Network) from their perspective.

My company uses the solution frequently for configuration, monitoring, and ZTP, which is Zero-touch provisioning. The solution is for configuration purposes, making it a centralized configuration tool.

The most valuable features of the solution are all of its security features.

I am a partner and I design Center and offer it to many customers. I'm familiar with convincing customers to buy this solution.

The features, like segmentation and network automation control solutions, are quite impressive. You can now segment by user identity. This new approach to segmentation by identity is a standout feature.

Automation is another key highlight. With automation, you can automate everything through a single port. This means you can control, monitor, and configure the solution all from one place, which is incredibly convenient.

Additionally, the solution offers robust capabilities to identify and address weak points in the server, helping you pinpoint potential problems quickly. It also includes data analytics, providing customers with enhanced visibility and enabling them to find solutions to various issues quickly.

In my former company, we used Cisco DNA Center specifically for monitoring. I also used the solution as a troubleshooting tool to investigate issues on the wireless infrastructure.

The most valuable feature of Cisco DNA Center is the AI (Artificial Intelligence) that provides us with valuable information. Otherwise, we would have to spend a lot of time trying to understand what's going on. I really appreciate the reports provided by the solution's AI for the wireless.

For example, we had issues with the Cisco wireless controller and spent a lot of time troubleshooting it. In just a few minutes, Cisco DNA Center provided us with valuable information regarding the memory leaking in the controller. That helped us to fix the issue. For me, the most valuable feature of Cisco DNA Center is the intelligence inside the tool.

It does a lot of things automatically, and that's the big thing with it. They're making the software so that you don't need to be as knowledgeable as me on the switching and routing side to get your work done. If you want, you can have DNA troubleshoot your problem for you and give you solutions or fix it itself, if it was something that's just a configuration issue. That's a plus, but it doesn't help new people learn switching well. If you're depending on all the software to do it, you won't be able to figure it out yourself.

It's a very hard software to learn. It's very deep, and when we first got it, there wasn't a whole lot of documentation on it. There's more now, but you really have to know what you're doing to use it to its full functionality.

It seems to be a little bit more centered toward wireless than wired. You've got more options you can do wirelessly than you can with the wired switches, but it works for what we need it to do. We would like to see a little bit more about the traffic, and we're looking at what's out there to see about that. We are looking at something that might give us a bit more insight into the actual traffic. If they had the full functionality on the wired side, as they do on the wireless side in terms of being able to view traffic and everything, it would be good.

The configuration jobs part could be better. Basically, it's very easy to make mistakes when you're writing the little config file that you need to push in. You've got to do it exactly right. It's not based on CLI commands or whatever. It's got its own little format syntax. It needs to be synced up NTP-wise and time-wise. Otherwise, it doesn't work. I've had other management software where the time could have been off on both of them, and it wouldn't have been a big deal. 

I would like to see them make it like the old CiscoWorks did where when you wanted to run a command, you could just type in the command on your command line on the switch, instead of having to jump through the hoop to get the config pushed out to the new devices. I'd like Cisco to give more control to people who are using it and not keep it for themselves. It's one of those things where you've got to have the right image, and they all have to be on that image, or it doesn't work. NTP has to be synced up. There are a lot of little issues there to get it to work. When we first got it three years ago, there wasn't that much documentation, and we were sometimes just fumbling around in the dark. They've gotten better on the documentation, but they have a tendency to make it a little more complicated because they want you to have them do it, not do it yourself. It looks like that's where they're going with this software over the years. I've been doing this for 22 years, and it looks like they're trying to take the control away from the end-users and take it back for themselves. I've seen the younger generations coming out, and they don't seem to want to learn the switching and routing at the depth they need to in order to become a third-tier engineer. So, personally, I understand why they're doing it, but I'd like to have more control on my end. While I would like to have more control, there are people who work for me who I wouldn't want to have that control.

They don't have a good training plan. We had a guy who walked us through it and other things, but he was searching. We've had it since earlier on, and he was searching for stuff just like I would've been doing. He didn't know that well. So, they need a little bit better training plan or something on the initial buy to get people to realize exactly how everything works, how it's all tied together, and what you can do with it. I've learned a lot of stuff that this guy didn't show us. There are ways to do things, but he never showed those to us. He just showed us how to set it up and not how to monitor a bunch of stuff or push the configs out.

Our primary use case is for building and maintaining networks while adhering to security policies. It offers automation, security enforcement, analytics, and integration with other Cisco technologies, making it a key driver for efficient network operations and compliance with security protocols.

The most valuable features are its life cycle management and the security aspects it provides.