12-22-2022 10:13 AM
Hi everybody!
We would like to explore and option to have a separate DNAC environment just for provisioning. The idea is for this to be isolated and only able to run our onboarding scripts.
We don’t need any other DNAC features (Assurance, Analytics, etc). We just need to add devices as part of the inventory and execute the right provisioning script from the template editor.
I know Cisco would love to suggest considering a physical appliance for this. We won’t have the budget.
Here comes the main idea: what about using the “light” version of DNAC that comes as an OVA for ESX? This is typically used as a witness node in a cluster.
Can that be used independently?
Thank you for your feedback
Enrique
12-22-2022 10:43 AM
Your network management environment would be simpler to manage if you keep the number of DNA instances down. Can't you achieve your desired isolation with Role Based Access Control, where only certain users have permission to provision?
12-23-2022 02:01 AM
Hi,
A DNAC "light" version does not exists.
DNAC can now be deployed in AWS (if that works for you for testing purposes) and later next year a VM for ESXi will be released. Still these aren't lightweight, and come with full feature capabilities.
No, the Witness OVA/ISO is not the same as DNAC, its only purpose is to arbitrate between the active and standby sites, allowing only one active site at any given time.
Hope that helps.
Regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide