03-26-2020 10:19 AM
I'm a total newbie to DNA & DNAC. Can someoen please tell me in a sentence or two, how health assurance data gets from client endpoints to the DNAC, is it some sort of SNMP get from the endpoints, is DNAC, like an SNMP probe?
How does DNAC get this info ?
Thanks in advance.
Solved! Go to Solution.
03-27-2020 06:17 PM - edited 03-27-2020 06:22 PM
DNAC Assurance used streaming telemetry (network telemetry), which is a publisher subscriber model. IOS-XE switches like 9K act as publisher, publishing live data about the device, this method is a push model, is more effective unlike SNMP which is a pull model for most deployments and do not scale very well in today's network.
DNAC pushes streaming telemetry configuration to the switches as part of automation and act as a subscriber to the published data. DNAC uses AI for correlation and analysis of the data received (which are important part of overall Assurance)
On the switches you can run the command to see what information about subscribers.
show telemetry ieft subscription all
Since its an IEFT standard, IOS-XE switches streaming telemetry data can also consumed by third part tools like Kibana.
All streaming telemetry data between switch and DNAC is encrypted over TLS tunnel.
I will encourage you to read this blog, there also plenty of Cisco live sessions available for free on Assurance.
03-26-2020 01:53 PM
DNA-Center ingests all the information it can get its hands on. SNMP, netflow, show commands, Wireless telemetry, syslogs, ip device tracking and probably more I'm forgetting.
More details here, if you need them:
03-26-2020 11:57 PM - edited 03-26-2020 11:58 PM
Hello and thank you. So, it's taking feeds from syslog & snmp servers, so they would have to grant Read only access to DNAC for this info then and is this acces assumed when you are setting up the design in DNA or do you need to creat firewall rules for DNA for this read only access?
03-31-2020 10:50 AM
Yes, DNA-C still depends on syslog and SNMP. You will setup the SNMP credentials in the Design pages and this is required for DNA-C to manage the devices. If there is a firewall between your appliance and the network devices, please be sure to open all the necessary ports, listed in the install guide:
04-01-2020 12:35 AM
Great. thanks for your help Preston it's greatlu appreciated.
Brian
03-27-2020 06:17 PM - edited 03-27-2020 06:22 PM
DNAC Assurance used streaming telemetry (network telemetry), which is a publisher subscriber model. IOS-XE switches like 9K act as publisher, publishing live data about the device, this method is a push model, is more effective unlike SNMP which is a pull model for most deployments and do not scale very well in today's network.
DNAC pushes streaming telemetry configuration to the switches as part of automation and act as a subscriber to the published data. DNAC uses AI for correlation and analysis of the data received (which are important part of overall Assurance)
On the switches you can run the command to see what information about subscribers.
show telemetry ieft subscription all
Since its an IEFT standard, IOS-XE switches streaming telemetry data can also consumed by third part tools like Kibana.
All streaming telemetry data between switch and DNAC is encrypted over TLS tunnel.
I will encourage you to read this blog, there also plenty of Cisco live sessions available for free on Assurance.
03-28-2020 03:08 AM
Great & thanks for your helpo.
04-01-2020 12:26 PM
How do we view or search the raw syslog data?
04-01-2020 02:22 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide