The IT network is currently a strategic resource for most companies, the core business being directly dependent on its availability, performance, and security. Networks are constantly evolving to adapt to the business requirements, the adoption of new technologies, and the evolution of the security threats. To get the benefits from implementing Artificial Intelligence / Machine Learning (AI / ML) technologies in the IT operations of these networks, Datanet Systems recommends adopting the integrated Cisco Digital Network Architecture (DNA) model.

Traditional network management systems fail to effectively address the challenges posed by:

• managing an increasing number of resources and locations (determined, among other things, by the widespread adoption of cloud services and remote work);
• an increasing level of infrastructure heterogeneity;
• ensuring, from the IT infrastructure’s perspective, the specific requirements of the applications (latency, processing power, etc.);
• the compliance with the security requirements and the applicable regulations.

The Cisco DNA network architecture model provides solutions to these challenges. Cisco DNA simplifies and automates network installation, configuration, and administration processes, optimizes troubleshooting processes and facilitates compliance with security requirements. The solution includes three key components – DNA Center, DNA Assurance, and Software-Defined Access (SD-Access) – that act complementary.

 

Simplification and automation with DNA Center

DNA Center is the centrepiece of the Cisco network architecture model and works as a multifunctional network controller, delivered as a physical appliance. In the near future, the solution will be also available as a virtual appliance in VMware ESXi and AWS environments.

DNA Center provides companies with a central management console that allows the simplification and automation of routine processes for each network equipment – installation, configuration, activation/modification of services, software updates, etc. The solution also performs the inventory of network equipment and automatically identifies newly introduced devices, which it enrols and provisions with the proper configurations (previously established and validated). In addition, DNA Center continuously monitors the versions of operating systems running on network equipment, signalling the need for updates, thus ensuring the conformity with the compliance requirements.

Using DNA Center, companies benefit from:

• Transposing the business process requirements into easy-to-manage configurations and access policies;
• The automation of manual processes, reducing the risk of human error and saving time, as well as the simplification of the installation and configuration of new equipment, through functionalities such as Plug-and-Play (PnP) and Software Image Management (SWIM);
• Validated configurations, which can be easily replicated, to optimize the performance and security of the entire network;
• Detection and inventory of all network equipment and extended visibility on them from a single management interface;
• Automatic monitoring of software updates.

DNA Assurance optimizes network performance through AI / Ops technologies

Cisco DNA Assurance – a solution available via DNA Center equipment – uses artificial intelligence technologies and Machine Learning algorithms to ensure network performance, eliminate manual troubleshooting, and reduce troubleshooting time. To do this, the Cisco solution transforms network equipment (switches, routers, wireless controllers) into sensors, collecting telemetry data and contextual information from it. The data is analysed by comparison with a model of optimal operation of that network, generated by the Cisco AI Network Analytics technology. Depending on the context and existing network policies, when it detects a problem, DNA Assurance issues an alert and recommends a guided series of remedial action.

DNA Assurance provides companies with:

• Improved visibility – detailed information about the health and performance of network equipment, available through a single interface;
• Simplified investigations, as the result of reducing the number of false-positive alerts and the “noise” generated by insignificant events in the network;
• Streamlined operations by identifying correctly, automatically, and quickly the problems that have the highest impact on the network performance and the appropriate remediation measures.

Learn more about Cisco DNA Assurance here.

 

Cisco SD Access extends security to the entire network

Cisco SD Access, solution available from DNA Center, extends the visibility and the level of protection of the network by implementing end-to-end segmentation, which separates users, terminal equipment, and application traffic, without the need for a redesign of the physical network.

The solution uses AI / ML technologies for identifying terminal equipment and grouping them, as well as for analyzing the traffic between groups and defining access policies. Based on the collected data, SD Access automates the unified application of the rules at group, user and equipment levels, both in LAN and WLAN networks, by creating a Network Fabric (a matrix of virtual connections built dynamically and automatically, and updated when new network elements are added).

SD Access provides companies with the following benefits:

• Improved visibility of end-users and equipment, by identifying them and classifying similar devices into logical groups.
• A simplified process of defining access policies, by analysing the traffic between equipment groups, and applying the policies through an intuitive graphical interface.
• Improved protection of the entire network by constantly monitoring the behaviour of terminal equipment and verifying their security level. By applying multi-level segmentation and recurring verification of the identity and security posture, Cisco SD Access is an important element in adopting a “Zero Trust” cyber security architecture.
• Prevention and limitation of the effects of security breaches, reduction of the attack surface by network segmentation, provided by Cisco SD Access, isolation – manual or automatic – of compromised or non-compliant terminals, and, as a result, the compliance with the security and legal requirements.

Detailed information about the functionality of this solution and its use cases can be found in the following webinar „Simplifying Network Management with the Software-Defined Access“.

To achieve these benefits, Cisco recommends integrating SD Access with the Identity Services Engine (ISE) platform, which introduces end-user identity and equipment information into access management, such as information about the compliance with the security requirements. Thus, ISE allows SD Access to enforce security and segmentation rules based on group identity and terminal equipment status, instead of IP addresses.

More information on how to take advantage of Cisco ISE features is available here.

 

What are the benefits of using Cisco DNA?

According to an IDC analysis (*), companies that adopted Cisco Digital Network Architecture reported the following directly measurable achievements:

• Amortization of the investment in 9 months.
• Increasing the efficiency of network administrators by 49% and the efficiency of security teams by 35%.
• Decreased operating costs by 45% and those with network infrastructure by 15%.
• 45% reduction in the risk of degrading the quality of applications due to network incidents.
• Reducing the risk of unplanned downtime by 86%.

To achieve such results, however, companies need experience in network architectures, Cisco technology skills, and system integration skills. These are requirements that you can meet by using the services of Datanet Systems, the Cisco Gold partner with the largest team of certified specialists in Romania. We completed successfully several critical network infrastructure projects, and we are one of the few local system integrators with multi-vendor skills that can guarantee the availability and performance of the implemented architectures. For ensuring this, our range of services covers assessments, consulting, design, implementation, integration, optimization, maintenance, technical support, and training.

For more technical or commercial information on Cisco DNA Center, DNA Assurance, and Software-Defined Access and on the services provided by Datanet Systems, please contact us at sales@datanets.ro.

______________________

* IDC: Cisco DNA Assurance and SD-Access Solutions Provide Optimization for Enterprise Networks and Applications