Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
183
Views
5
Helpful
2
Replies

ISE, DNA Center, SGT and Posture - Concept questions

Go to solution
davidfield
Participant
Participant

‎11-21-2022 07:38 AM

Hello All,

Starting to get into ISE and DNA and a couple of queries if someone can point me in the right direction.  There is a lot of content on both subjects and I cant quite piece together where DNA Center is necessary when it comes to SDA.  For example do I need DNA Center to implement Trustsec, SGT's and Posture?  From what I can determine ISE covers this and DNA Center is more monitoring along with some Admin integration or am I miss-understanding.

Also, from a licensing perspective if I were to use Cisco 9200's in my lab for my edge switches to achieve SGT and Posture I just need the Network Essential's or is it necessary to have Network Advantage licensing?  I appreciate I'll need the DNA Advantage term license but not be needed if DNA Center not used.

Has anyone a link that explains in more detail or a brief summary?

Thanks in advance


Dave

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jedolphi
Cisco Employee
Cisco Employee

‎11-21-2022 01:44 PM

Hi Dave. Manually (by hand on the CLI, without DNA Center) deployed wired and wireless Cisco infra with ISE will give you capability to implement Group-Based Policy (aka TrustSec), SGT and posture.

Network Advantage and DNA Advantage is required for GBP in C9K switches.

If you choose to proceed with DNA Center and SD-Access you will get automation of the fabric (no manual deployment) which natively support GBP and Network Virtualisaiton, Assurance, Endpoint Analytics, Trust Analytics and Group-Based Policy Analytics. If you're not sure what those things are then searching some of the most recent presentations on ciscolive.com would be a good way to learn.

In short: deployment and visibility of campus networks, GBP and SGT is easier with DNA Center.

View solution in original post

2 Replies 2

Go to solution
jedolphi
Cisco Employee
Cisco Employee

‎11-21-2022 01:44 PM

Hi Dave. Manually (by hand on the CLI, without DNA Center) deployed wired and wireless Cisco infra with ISE will give you capability to implement Group-Based Policy (aka TrustSec), SGT and posture.

Network Advantage and DNA Advantage is required for GBP in C9K switches.

If you choose to proceed with DNA Center and SD-Access you will get automation of the fabric (no manual deployment) which natively support GBP and Network Virtualisaiton, Assurance, Endpoint Analytics, Trust Analytics and Group-Based Policy Analytics. If you're not sure what those things are then searching some of the most recent presentations on ciscolive.com would be a good way to learn.

In short: deployment and visibility of campus networks, GBP and SGT is easier with DNA Center.

Go to solution
davidfield
Participant
Participant
In response to jedolphi

‎11-22-2022 11:18 PM

Thanks jedolphi

I appreciate you providing some clarity which is very helpful.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents