Cisco has added features to is flagship network control platform, DNA Center, that introduce new analytics and problem-solving capabilities for enterprise network customers.
DNA Center is the heart of Cisco’s Intent Based Networking initiative and is the core-networking control platform that features myriad services from analytics, network management and automation capabilities to assurance setting, fabric provisioning and policy-based segmentation for enterprise networks.
The company extended DNA Center’s AI Endpoint Analytics application by adding the ability to analyse the data gathered from Cisco packages such as its Identity Services Engine, Software Defined Application Visibility and Control, wireless LAN controllers or third part third-party components.
The application then uses AI/ ML-based procedures in combination with Cisco’s own dataset to identify common characteristics between endpoints that can form the basis for group classification, segmentation and policy setting, according to Prashanth Shenoy, vice president of marketing at Cisco.
AI endpoint analytics lets customers identify even the most obscure types of devices anywhere, determine their attributes such as their make, model, location, OS and whether they have the latest security patches. “Once we know these details, we can accurately make an inventory, and take steps to see they are properly secured,” Shenoy said.
The vendor also added Group-Based Policy Analytics that analyses traffic from devices and presents the results graphically so customers can visualise the flows and use them to set up rules for segmentation. This application accelerates the delivery of segmentation policy by enabling users to discover activities between endpoints, groups, and applications on the network.
The idea is that customers can use that information to define network policies that will allow only the flows it wants and to deny others, Shenoy said.
The new applications work with DNA Center’s User Defined Networks feature which lets customers bring devices online – such as guest network devices – and have them automatically segmented.
“The idea behind IBN is to provide automation and simplify IT operations and these new features extend the ability to add policies and segmentation to provide more intelligence to the DNA Center software stack,” Shenoy said.
The DNA Center enhancements were announced at Cisco’s virtual user event, Cisco Live US 2020 and included other new capabilities the vendor talked about previously. For example, the vendor reiterated its commitment to developing Secure Access Service Edge products and services.
“Moving to a SASE model will be a gradual process as enterprise IT rethinks how to connect a remote workforce to the distributed information resources they need," said Jeff Reed, senior vice president of product, Cisco’s Security Business Group in a recent blog post. "Flexibility will be fundamental as IT chooses among multiple security and networking capabilities that best fit their operations, regulatory requirements, and types of applications.
"Security services can be predominately delivered from the cloud to provide consistent access policies across all types of endpoints. However, globally-distributed organisations may need to apply security and routing services differently according to regional requirements."
Reed stated an increasingly distributed workforce requires secure access to applications with optimal performance.
One of the SASE product directions Cisco pointed to was its integration of its SD-WAN package with its Umbrella service to secure SaaS and IaaS apps for branch and remote users. Cisco Umbrella unifies secure web gateway, DNS-layer security, firewall, and cloud access security broker features in a single integrated cloud-native platform.
In addition to the SASE news, Cisco said it is adding applications to its DNA Spaces mobile location services platform that uses WiFi analytics to let customers see how spaces are being used in real-time.
The idea Cisco says is to let customers measure and use real-time density, to close off buildings when they reach capacity and send real-time notifications to devices based on their locations. And by being able to look at trends over time, facility managers can make smarter decisions on how to arrange offices or appropriate cleaning schedules, Cisco says.
DNA Spaces is comprised of Cisco’s Connected Mobile Experience (CMX) wireless suite and enterprise geolocation technology purchased from July Systems in 2018.
Cisco CMX is a software engine that uses location and other intelligence gleaned from Cisco wireless infrastructure to generate analytics data and help deliver services to customers on their mobile devices.
July technology included an enterprise-grade location platform which includes instant customer activation, data-driven behavioural insights, a contextual rules engine and APIs. The package supports any Catalyst, Aironet, or Meraki wireless access points.
DNA Spaces also provides businesses with deep and accurate analytics about who and what are in their physical locations along with the ability to act on those insights in real-time, Cisco said.
Cisco has also added an indoor IoT Sensor-as-a-Service that lets customers manage Bluetooth enabled IoT devices such as asset trackers for identifying, inventorying, onboarding, grouping, and applying policy-based configurations to those devices.
Cisco said customers can also now use the DNA Spaces Impact Analysis app to determine how buildings and campuses are being used – not just how much they are being used. The applications gathers data and generates reports on time spent in the office, building utilisation, and other metrics that could inform how workplaces could be reconfigured.