cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
183
Views
5
Helpful
2
Replies

ISE, DNA Center, SGT and Posture - Concept questions

davidfield
Participant
Participant

Hello All,

Starting to get into ISE and DNA and a couple of queries if someone can point me in the right direction.  There is a lot of content on both subjects and I cant quite piece together where DNA Center is necessary when it comes to SDA.  For example do I need DNA Center to implement Trustsec, SGT's and Posture?  From what I can determine ISE covers this and DNA Center is more monitoring along with some Admin integration or am I miss-understanding.

Also, from a licensing perspective if I were to use Cisco 9200's in my lab for my edge switches to achieve SGT and Posture I just need the Network Essential's or is it necessary to have Network Advantage licensing?  I appreciate I'll need the DNA Advantage term license but not be needed if DNA Center not used.

Has anyone a link that explains in more detail or a brief summary?

Thanks in advance


Dave

1 Accepted Solution

Accepted Solutions

jedolphi
Cisco Employee
Cisco Employee

Hi Dave. Manually (by hand on the CLI, without DNA Center) deployed wired and wireless Cisco infra with ISE will give you capability to implement Group-Based Policy (aka TrustSec), SGT and posture.

Network Advantage and DNA Advantage is required for GBP in C9K switches.

If you choose to proceed with DNA Center and SD-Access you will get automation of the fabric (no manual deployment) which natively support GBP and Network Virtualisaiton, Assurance, Endpoint Analytics, Trust Analytics and Group-Based Policy Analytics. If you're not sure what those things are then searching some of the most recent presentations on ciscolive.com would be a good way to learn.

In short: deployment and visibility of campus networks, GBP and SGT is easier with DNA Center.

View solution in original post

2 Replies 2

jedolphi
Cisco Employee
Cisco Employee

Hi Dave. Manually (by hand on the CLI, without DNA Center) deployed wired and wireless Cisco infra with ISE will give you capability to implement Group-Based Policy (aka TrustSec), SGT and posture.

Network Advantage and DNA Advantage is required for GBP in C9K switches.

If you choose to proceed with DNA Center and SD-Access you will get automation of the fabric (no manual deployment) which natively support GBP and Network Virtualisaiton, Assurance, Endpoint Analytics, Trust Analytics and Group-Based Policy Analytics. If you're not sure what those things are then searching some of the most recent presentations on ciscolive.com would be a good way to learn.

In short: deployment and visibility of campus networks, GBP and SGT is easier with DNA Center.

Thanks jedolphi

I appreciate you providing some clarity which is very helpful.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers