In collaboration with Dean Sanders
Sometimes Cisco IT makes changes with a huge impact on operations, like deploying Cisco DNA Center. Sometimes we make an already good thing even better. Cisco DNA Center Cloud falls in that category. We’ve been using Cisco DNA Center on premises since 2018 (story here). In late 2020 we started a proof of concept of Cisco DNA Center Cloud, becoming “Customer Zero” so we could give practical feedback to the product team. Here, IT Customer Zero engineers Jamie McGregor and Dean Sanders explain our motivations for moving to Cisco DNA Center Cloud, benefits to date, and next steps.
Before we talk about the cloud, tell us what Cisco DNA Center has done for Cisco IT. Any favorite features?
Dean: For me it’s SWIM, software image management. Upgrading a large number of devices in one go saves a lot of time, and it’s the only way we upgrade our Catalyst 9000s. SWIM also reduces user errors as it deploys images that have been tested and verified. Before we started using Cisco DNA Center, we logged into every switch separately and entered the new configuration on a command line interface. Now, we just go to the Cisco DNA Center console, select the switches we want to upgrade, click a button—and walk away. Upgrades that used to take hours or days take 10 minutes. As I talk to you, I’m doing a SWIM upgrade in the background.
Jamie: I like Cisco DNA Center Assurance, which shows the status of all devices in one place. Recently, we had a wireless issue in our Bellevue office. Before, to troubleshoot we’d have to log into the wireless LAN controller device. With Cisco DNA Center we can see network issues on a timeline that can look back to see the exact environment at a particular period in time, which made it easier to find what was causing the issue during that period. Before, we found it hard to go back as much as seven days to view this information.
Why did you decide to move to Cisco DNA Center Cloud?
Jamie: In general, we prefer cloud services over on-premises deployments. Less onsite hardware means lower space, power, and cooling costs and less management overhead. Cisco DNA Center Cloud also has a feature we really like that’s not available in the on-premises version, which is instant port profile configuration for different types of devices. To connect security cameras, for instance, I just build and select the port profile for cameras and apply it with a click. We’re getting more and more requests for IoT devices like cameras and building management systems, so port profiles will be a big time saver.
What’s the process of adding a site to Cisco DNA Center Cloud?
Jamie: Our first site was a medium-sized office in the United States that was being managed by one of our on-premises, U.S. Cisco DNA Centers. Racking, stacking, patching, and configuring a 3-node Cisco DNA Center cluster takes time to order the appliances and wait for delivery including the time to set it up in a data center which can take up to eight hours for installation and upgrades. In contrast, adding the new site to Cisco DNA Center Cloud took just 30 minutes.
Dean: Most of the time savings came from not having to rack and stack infrastructure—but some came from automated workflows. We were able to build site profiles instead of manually entering switch configurations, we just clicked to apply the site profile we’ve built for medium-sized offices. We can build different site profiles for small, medium, and large sites. Applying a standard profile is easier with Cisco DNA Center Cloud than it is with the on-premises version.
Have you converted any sites already using Cisco DNA Center to the cloud version?
Dean: Yes, one site so far. The process was quite simple. We removed the site from the on-premises Cisco DNA Center controller. We wiped the switch configurations. Then we brought up the switches using the Plug and Play (PnP) feature in Cisco DNA Center Cloud. The whole process took less than 60 minutes, and we were able to use our existing SD-WAN enabled WAN gateway, too.
What’s different about day-to-day operations with Cisco DNA Center Cloud?
Jamie: The biggest adjustment is not having the command-line interface (CLI) access to our devices. With Cisco DNA Center Cloud it’s all templates and predefined configurations. That’s a good thing because templates enforce compliance with changes not being made as ad-hoc. Engineers can’t make changes—say, a workaround to a connectivity issue—that causes problems later.
Dean: With Cisco DNA Center Cloud, we don’t need to maintain long CLI templates either. Ninety percent of the configuration for our switches and wireless is generated by the controller itself using the workflows. That means we don’t have to maintain it, the platform does it for us.
Cisco IT is Customer Zero for Cisco DNA Center Cloud. How did you influence the product?
Jamie: One of our contributions was reporting bugs to the product engineers, who fixed them before other customers started using Cisco DNA Center Cloud.
Dean: We also asked the product engineers to add Cisco ISE “captive portals.” When our guests enter any URL—whether it’s cisco.com or google.com—they’re connected to the guest network portal.
What’s next when offices re-open after pandemic closures?
Jamie: We’ll continue adding sites to Cisco DNA Center Cloud—starting with sites that don’t already have an on-premises Cisco DNA Center appliance. We can use the routers to be managed by SD-WAN and add the LAN pieces to Cisco DNA Center Cloud.