cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
565
Views
20
Helpful
4
Replies

C9800 - Which license for IDS/IPS?

Sindbart
Level 1
Level 1

Good day,

we want to evaluate the IDS and IPS functionalities of the C9800 controller series with C9120 Access Points, right now we use this setup with DNA Essentials licenses in our lab. The controllers are used standalone without DNA center.

I checked the licensing matrix and discovered, that "aWIPS" (Adaptive Wireless Intrustion Protection System) is only supported with DNA Advantage licenses. We are irritated about this since the aWIPS functionality can be configured in our AP join profile and seems to work with our Essentials license.

Link to licensing matrix: https://www.cisco.com/c/m/en_us/products/software/dna-subscription-wireless/en-sw-sub-matrix-wireless.html

I have following questions:

1. Is there a "basic" IDS/IPS functionality that is working with every license type (like AP Rogue detection?)

2. Why am I able to use the aWIPS feature with my DNA Essentials license, if it's part of Advantage only (per license matrix)?

3. Could someone clarify which licenses are needed to use the full feature-set of IDS/IPS without DNA center, would Essentials really be enough or is Advantage needed?

4. Which restrictions do I have if my DNA license expires and is downgraded to Network Essentials / Network Advantage?

It would help a lot to get your support, since we plan to further evaluate these functionalities in a customer environment.

Thanks a lot!

1 Accepted Solution

Accepted Solutions

Arshad Safrulla
VIP Alumni
VIP Alumni

Cisco-DNA-Software-Subscription-Matrix-for-Wireless - Cisco

c95-742696-02-dna-software-wireless-featurematrix (cisco.com)

Please refer the above link for license feature support. Rogue AP detection is part of essentials offer. As per the documentation essentials license covers. 

  • Rogue Management and Detection on controller
  • DNA Center management & visibility for Rogue detection

View solution in original post

4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

You need advantage for the feature you looking - essential is basic features as you rightly mentioned the URL has that information.

The features may sometime work, but it may be not compliance in legal point of view.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Sindbart
Level 1
Level 1

Thank you.

I understand that aWIPS is a DNA Advantage feature and that we require a DNA Advantage license for legal reasons to use that feature.

Are there still some basic IDS/IPS functionalities which are supported by DNA Essentials or Network Essentials (like Rogue AP detection) if we don't use aWIPS?

Which IDS/IPS features am I legally allowed to use with DNA Essentials or Network Essentials licenses, is there some documentation for that or could someone share more insights?

on your URL if you mouse over on Essential License you see the option you looking :

balajibandi_0-1675522724576.png

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Arshad Safrulla
VIP Alumni
VIP Alumni

Cisco-DNA-Software-Subscription-Matrix-for-Wireless - Cisco

c95-742696-02-dna-software-wireless-featurematrix (cisco.com)

Please refer the above link for license feature support. Rogue AP detection is part of essentials offer. As per the documentation essentials license covers. 

  • Rogue Management and Detection on controller
  • DNA Center management & visibility for Rogue detection
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: