Intent-based NetworkingPowered by Cisco Digital Network Architecture

Jason Pernell

WW Sales Director

SDA & Assurance

Why Intent Based Networking?

What benefits does it bring?

How do I get started?

3

Intent-based Networking with Cisco

Digital

BusinessNetwork

Business

Goals

Insights

Intent Context

Security

Learning

SecurityMobile IoT

Powered By Intent. Informed by Context.

4

Traditional networks cannot keep up

More users and endpoints

More VLANs and subnets

Difficult to

segment

Complex to

configure

Inconsistent

user

experience

Multiple steps to give

users credentials

Difficult to maintain policy

Separate user policies

for wired and wireless networks

Unable to find users

when troubleshooting

Common user

policy for the

branch,

campus, WAN,

and cloud

5

Cisco’s Intent-based Networking

Intent Context

Security

Learning

DNA Center

Analytics & Assurance

AutomationPolicy

Intent-Based Network Infrastructure

Switching Routers

Wireless

Powered By Intent.

Informed by Context.

6

Intent-based Networking Journey

Context

Analytics and

Assurance

Intent-based

Network

Infrastructure

Readiness

Secure

Foundation

Policy Based

Automation

Intent

Machine

Learning & AI

End-to-end view

of the network

with full context

through data

and insights

Constantly

learning,

adapting,

protecting

Open and

Programmable

Rapid threat

detection

and mitigation

Simplify, scale

network

deployment for

Cloud,

Mobile, IoT

Policy Validation

Predictive

Self-healing

7

Software-Defined AccessIndustry’s first policy-based automation from the edge to the cloud

Secure users, devices, and

applications with identity-based

policy, regardless of location

End-to-End

Segmentation

Simple,

automated

workflows

Intelligent

network fabric

Design, provision, and manage your

wired and wireless networks

Enable a consistent user experience

anywhere with insights and analytics

into user and application behavior

Common user

policy for the

branch,

campus, WAN,

and cloud

8

Cisco’s Intent Based

NetworkingShift IT Time to Business Focus

67% 80%

48% 61%

Network

Provisioning

Time Savings

Improve Issue

Resolution

Reduced Security

Breach Impact

Reduced

Operating

Expense

How do you

defend against

threats?

How deliver a

great user

experience?

SECURITY ASSURANCE

How do you scale

for the mobility &

IoT explosion?

SCALE

MobilityRansomware IoT10

. 1 McKinsey Study of Network Operations for Cisco – 2016

IT Challenge: 43% of IT Time spent in Troubleshooting

4x

Replication

challenge

Slow

resolution

Network operators spend more time

collecting data than analyzing while

troubleshooting

Impossible for IT to troubleshoot if they

cannot replicate the issue or see it real

time

Half of WiFi issues take more than

30min to resolve

11

12

Network Quality is a Complex, End-to-End Problem

* Both = Join/roam and quality/throughput

APs

Local WLCs

Network services DCOffice site

ISE

Mobile clients

CUCM

Client firmware

AP coverage

WAN Uplink usage End-User services

RF Noise/Interf.

Cisco Prime™

Configuration

AuthenticationWLC Capacity

WAN

Client density

Affects Join/Roam

Affects Quality/Throughput

Affects Both*

DHCP

Addressing

WAN QoS, Routing, ...

There are

100+ points of

failure

between user

and app

What is the problem?

Where is the problem?

How can I fix the problem fast?

Too Many Tools

Fragmented visibility

Closed interfaces / Silo’d views

Devices queried multiple times

Different protocols/mechanisms

Reactive Systems

Always playing catch up

Not designed for analytics

Inconsistent API architecture

Specialized knowledge required

Limited Insights

Limited data that is not

actionable

My report vs your report

No view of state changes

Lacking context or feedback

loop

RIGID CLOSED/

PROPRIETARY

LACK OF

INTELLIGENCE

Today’s tools are limited and do not address network needs

13

Right Place Right Time Right Action

Quick Problem

Isolation

Replicate the

Problem in data

Resolve the problem

Decisively

Ideal Solution to Network Assurance

14

Transforming network operations through actionable insights and simplicity

Introducing Cisco DNA Assurance

Right Place Right Time Right Action

Quick Problem

Isolation

Replicate the

Problem in data

Resolve the problem

Decisively

Right Place: Isolation

How Cisco Does It?

360◦ Context Graph – connected view of users, clients, applications and network, end-to-end

Wi-Fi Analytics for iOS

DNA Center Assurance

Event driven telemetry

Everything as a sensor –Granularity

BEFORE

Hours finding

needle in the

haystack

AFTER

Get to root cause

in minutes

16

Of WiFi Issues

take more than 30

minutes to resolve50%

Disassociation

Reason

Dis-associated

from AP

Session

Duration

Time Location – Building

Flr

DHCP Failure AP1 23min 10sec 23:30:15 – Dec-2-2018 SJC24 / 1F

DHCP Failure AP1 5min 10sec 23:30:15 – Dec-2-2018 SJC24 / 1F

Device internal

state reset

AP1 10min 10sec 23:30:15 – Dec-2-2018 SJC24 / 1F

DHCP Failure AP2 1min 10sec 23:30:15 – Dec-2-2018 SJC24 / 1F

Captive Portal

failure

AP2 52sec 23:30:15 – Dec-2-2018 SJC24 / 2F

Captive Portal

failure

AP2 2min 10sec 23:30:15 – Dec-2-2018 SJC24 / 2F

Miscellaneous

Reasons

AP2 30min 10sec 23:30:15 – Dec-2-2018 SJC24 / 1F

Apple Insights

Support per device-

group Policies and

Analytics

Insights into the

clients view of the

network

Provide clarity into

the reliability of

connectivity

1 2 3

Device Profile Wi-Fi Analytics Assurance

Client shares

these details

1. Model e.g. iPhone 7

2. OS Details

e.g. iOS 11

Client shares

these details

1. BSSID

2. RSSI

3. Channel #

Client shares

these details Error code for why did

it previously

disconnected

17

How Cisco Does It?

Full Contextual State – 14 days of history

Right Time:Problem Replication

Predictive trends to resolve issues before they are problems

Proactively test drive the network

BEFORE

Wi-Fi issues come

& go. If you cannot

replicate, you

cannot solve

AFTER

Network Time

Travel with full

context

Aironet Active Sensor

DNA Center Assurance

18

Of organizations have

10% or more of their

users experience a Wi-Fi

issue in a typical week

47%

Right Action: Resolution

BEFORE

Continuous training

AFTER

Leverage 30

years of industry

experience

How Cisco Does It?

Step by step Guided Remediation based on 30 years of Cisco networking expertise and best practices

Extending network context to improve business operations efficiency with Operational Insights

DNA Center Assurance

Operational

Insights

of organizations say a

single hour of downtime

costs over $300K

19

81%

End-to-end visibility – Network/Client Health

• Client Health Summary

• Onboarding, RF and Client Profile info

• Network Health Summary

• Control, Data, Policy Plane and Health info20

End-to-end visibility –360 views of users & devices

• Single location for all user

information and every user device

• History of performance for each

user device

• Proactive identification of any

issues affecting user’s experience

• Single location for all user device

related user information

‒ Connectivity graph with health

score of all device on the path

‒ Application performance

‒ Device KPIs

21

Network Time Travel – Go back in time to understand the network state when issue occurred

• Rewind time to when the issue

occurred

• All the information on the user

or network device 360 changes

to the selected time!

• History shows critical events

• Identifies when issues

occurred!

22

Insights with Guided Remediation Actions

Detailed drill

downs to identify

the impact

quickly

Guided Actions

to help

remediate issues

quickly

23

From Network Data to Business Insights

IPAM

CMX

AppD

IPSLA

SNMP

OID

TelnetDNS

MIB

Ping

CLIDHCP

AAA

SyslogNetflow

TracerouteComplex

correlation

Steam

Processing

Metadata

extraction

Clients Baseline

Application Network

Network Telemetry

Contextual Data

Complex Event

ProcessingCorrelated Insights

Guided

Remediation

Everything as a Sensor

Over 100+ Actionable Insights

Client | Applications | Wireless | Switching | Routing

001110101100110

1010110010

00101101

0110100

1101101

001011

01

1010110

0110

101011

000110

011

Office Site Network

Services DC

WAN

Local WLCs

APsMobile Clients

Turn Data into Insights: End-to-End Assurance

SFCDC

SNOW

BOX

Cloud Apps

On-boarding

& connectivity

Configuration

compliance

Visibility &

performance

Network

health

Machine Learning Predicts Issues Before It Impacts the Business

DHCP

CUCM

NMS

DNA Center ApplianceAutomation Software Module

Assurance Software Module

DNA Solution Components

DNA Center

Policy Design

Provision Assurance

Router Wireless LAN

Controller

Access

Point

Switch

Cisco® Identity

Services Engine

DNA-Ready Hardware

and

Non-DNA-Ready Hardware

26

Challenges

• Eight campuses including Texas Medical Center (13

buildings), seven comunity hospitals and 150 off-site

locations comprised of emgerency, imaging, and

primary care offices

• A small staff: ten full-time employees, but only four

people dedicated to wireless.

• What’s the problem: With up to 50,000 clients on the

network each day, wireless roaming and

authentication issues arise but users may not

necessarily report those issues. Wireless connectivity

plays a critical role in patient care and satisifaction.

Solutions & Outcomes

Cisco’s DNA Center helps Houston Methodist Hospital

achieve:

• Better access to data: with a mostly wireless network,

is able to easily detect devices throughout the network

and solve any issues with the help of analytics.

• Spolier Alerts: DNA Center helps the team to target

small issues before they become big problems.

Customer Case Study

Houston Methodist HospitalInterview with Manuel Ortiz III Senior Wireless Engineer, HMH

I like that DNA Center helps me

find problems proactively, before

users contact me.“ “

Challenges

• A large campus: Over 8,000 acres and 45,000 clients

daily at peak times. More devices during one of the

University’s many on-campus events.

• Lots of people, using lots of apps: With more than 20

different types of wireless client hardware in use on

campus, all need to work on the network. Issues can

arise when supporting students’ personal streaming

devices and smart home applications.

Solutions & Outcomes

Cisco’s DNA Center helps Stanford University to

achieve:

• Information, where you need it: “DNA Center has the

opportunity to be the Holy Grail of wireless

management,” Norris said. “The products is focused

on providing the end-user with all of the information

needed to design, run and troubleshoot a large

network. The client data is presented in a clear and

thoughtful way, providing all of the data you need

within two or three clicks.”

Customer Study

Stanford University

Residential Dept.Drew Norris, Sr. Network Engineer, Stanford University

Cisco DNA Center is a great idea

packed with a lots of potential.

Cisco is moving in the right

direction!

“ “

Challenges

• The same experience at every park: unlike other sports,

MLB is attempting to standardize the wireless network at

all of their parks. This way fans of any team will have the

same customer experience, no matter what park they call

home.

Solutions & Outcomes

• Cisco Consistency: 18 out of 30 MLB parks are equipped

with Cisco products allowing for the standardization and

consistencey that Major League Baseball desires.

• DNA Center starts in KC: Kauffman Stadium in Kansas

City, MO is the first ballpark that is equipped with Cisco

DNA Center. The plan is for all 30 stadiums to follow suit.

• Already a hit: Once DNA Center was installed, an issue

about performance degredation was spotted. Using DNA

Center, the IT Manager was able to drill into the source

and found that a switch interface—specifically an old,

extended cable—was to blame. The cable was replaced

and the Wi-Fi ran better than ever.

Customer Case Study

Major League BaseballInterview with Matt Swartz Advanced Services Principle Engineer Cisco

Without Cisco DNA, solving this

issue] was like looking for a needle

in a haystack!“ “

In Closing…

Start your IBN

Journey

Begin your

Journey with

Assurance

Leverage Base

Automation &

PoV SDA

Cisco Starter Kits Available, work with your

account team and partner

Assurance = Insights & Network Analytics

that you can take action on

Leverage Base Automation for Configuration

SDA PoV in Green/Brownfield Environments

30

1. This is Cisco’s Controller for

Intent Based Networking

• DNAC

2. Cisco can time travel for how

many days to trouble shoot

• 14

3. This is the policy engine that

feeds into DNAC

• ISE