Deep-dive into Cisco DNA Software Subscriptions for SD-WAN and Routing

Blog updated on August 7, 2020

Continuing our Cisco DNA Software Subscriptions blog series — where we highlighted the benefits of Cisco DNA software subscriptions, discussed Cisco’s Enterprise Agreement and its exclusive Cisco DNA benefits, and conducted a deep-dive into Cisco DNA Software for Switching — we continue with a deep dive into Cisco DNA Software for SD-WAN and Routing.

What is the structure?

Cisco DNA Software for SD-WAN and Routing subscriptions are provided in three tiers: Cisco DNA Essentials, Cisco DNA Advantage and Cisco DNA Premier.

The base tier is Cisco DNA Essentials.  It enables a blend of typical routing (NAT, BGP, DNS, etc.) and security (MACsec, ACLs, Snort IPS, etc.) capabilities for routing-only deployments for any organization. This tier is also the stepping stone into the world of SD-WAN as customers can deploy smaller SD-WANs of up to two user VPNs. The network is managed by either Cisco DNA Center or vManage. Each is a single, centralized management console to monitor and manage the entire network, simplify the workflows for physical and virtual branch automation, and handle NFV provisioning and VNF orchestration.

Cisco DNA Advantage is the next tier for SD-WAN and Routing. Larger and more demanding SD-WAN deployments as well as those customers planning a future migration from advanced routing to SD-WAN benefit from the capabilities of this tier. Cisco offers these particular customers the unique ability to migrate network management from Cisco DNA Center to vManage with a simple device image update! In this tier, the routing, security, SD-WAN, and analytics features are enabled with more robust capabilities. Among other capabilities, this tier adds MPLS functionality, Advanced Malware Protection and SSL proxy, lifts VPN limit, and includes vAnalytics, an indispensable tool that generates reports, automates break/fix, provides insights into the health of the network, and integrates AI/ML into your network.

Because of the superior components in it, the Cisco DNA Premier tier is, for all practical purposes, aligned specifically with the needs of enterprise customers demanding the most secure cloud edge in their SD-WAN deployments. In this tier, two additional security packages, Cisco Umbrella SIG Essentials and Cisco Threat Grid, are provided to secure the network from malware attacks. The integration of Cisco Umbrella SIG Essentials enables customers to centrally manage the security posture for all remote and branch locations and implement effective cloud security throughout the Cisco SD-WAN fabric. Cisco Umbrella SIG Essentials includes features such as:

• Security at the DNS-layer to enable customers to block threats earlier, even before a connection to the network or endpoint is ever made;
• Secure web gateway functionality, based on a full web proxy that sees and inspects all web connections, all files, and full URLs to enable more granular inspection and control;
• A firewall, a Cloud Application Security Broker, and integrated threat intelligence.

In addition, Cisco Threat Grid enables the network to sandbox up to 200 unrecognized files per day for analysis by malware experts.

When you attach a Cisco DNA software subscription to your router, you will also get a perpetual license, either Network Essentials or Network Advantage. These perpetual licenses cannot be purchased individually; they are bundled exclusively with a Cisco DNA Subscription for SD-WAN and Routing license. Like the name suggests, Network Essentials is bundled with Cisco DNA Essentials. Network Advantage is bundled with Cisco DNA Advantage and Cisco DNA Premier.

The perpetual licenses define the underlying routing capabilities of the hardware and define what capabilities remain active on the device should the Cisco DNA Subscription lapse. Accordingly, in a Routing only or traditional WAN environment, not much will change. In an SD-WAN deployment, however, allowing the Cisco DNA subscription to lapse will lock out the majority of the SD-WAN functionality from the device. The network infrastructure will revert back to a traditional WAN deployment relying solely and exclusively on the routing capabilities in the Network Essentials or Network Advantage perpetual license.

The bandwidth matrix: a level within a level

A unique aspect of a Cisco DNA for SD-WAN and Routing subscription, absent from both Switching and Wireless subscriptions, is the requirement to select a bandwidth level in conjunction with the subscription tier. So let’s take a quick look at how that bandwidth level is determined. You need to look at both the upstream and the downstream bandwidth utilization for each WAN circuit connected to the device. Add the upstream utilizations together, then add the downstream utilizations together.

As you determine the level of bandwidth required for each subscription, keep in mind that the bandwidth license you purchase entitles you to bi-directional traffic at that speed. So a 100 Mbps license permits 200 Mbps of total transfer in any upload/download ratio. So your 100 Mbps license can be used at 0 Mbps upload / 200 Mbps download, or 200 Mbps upload / 0 Mbps download, or any other ratio in-between. So in our asymmetrical example here, a 100 Mb/s license is perfectly adequate, despite the upload clocking in at 107 Mbps. And if you’re not clairvoyant, fear not! Pure bandwidth upgrades in any of the three subscription tiers will receive a 100% credit of the initial subscription tier’s residual value applied to the upgrade transaction.

Why should I purchase a subscription for my routers?

Subscription matters because it gives you faster access to innovation with access to the latest features, and it gives you enhanced agility and better financial planning with license portability and a linear, predictable budget. Read about the benefits of software subscriptions here.

I purchased Cisco ONE, what about me?

For Cisco ONE customers, we have you covered for an easy transition to Cisco DNA Software subscriptions. When you renew your SWSS (software support service) contract, we will provide entitlement to a Cisco DNA Software subscription at no additional cost. So, for the same term and price that you are paying for SWSS, we will include Cisco DNA Essentials.

Take advantage of these exclusive special offers for a
Cisco DNA Enrollment in an Enterprise Agreement.

What support do I get with my subscription?

With Cisco DNA subscription for SD-WAN and Routing, there is embedded software support that includes 24/7 TAC support, new software downloads, and knowledge base access for the length of the subscription. Please note that this support is for the Cisco DNA Subscription components only.

Depending on the router product family, routers come with a Cisco Limited Hardware Warranty of either ninety days or one year, and hardware replacement within 10 working days.

If you are looking for TAC support on the network stack (Network Essentials/Advantage), you should purchase Solution Support or Smart Net Total Care on the router, which covers both the hardware and the network stack.

Cisco DNA Software for SD-WAN and Routing

Watch the new Cisco DNA subscriptions introductory video:

---

Check out all our blogs in the Cisco DNA software series:

Cisco DNA Software Subscriptions – The Simple Story

Cisco Enterprise Agreement: Benefits and Exclusive Offers

Cisco DNA Software for Switching

Cisco DNA Software for SD-WAN and Routing deep-dive [You are here.]

Cisco DNA Software for Wireless deep-dive

Activating Cisco DNA software with Cisco DNA Center/vManage