Cisco DNA Software powers the Cisco® Networking solution. Cisco Networking is your team's bridge to an intent-based network. It is an open, extensible, software-driven portfolio that helps accelerate and simplify your enterprise network operations while lowering costs and reducing risk.
Only Cisco provides a single-network fabric that is powered by deep intelligence and integrated security to deliver automation and assurance across your entire network organization at scale. Cisco Networking gives IT time back from time-consuming, repetitive network configuration tasks so you can focus on the innovation your business needs.
The latest innovations in Cisco Networking include new software capabilities that deliver greater intelligence and security through Cisco DNA subscription software and an architectural approach that delivers end-to-end visibility, automation, and insights.
Cisco DNA Advantage
Cisco DNA Advantage is our premium tier that gives you the advantage of the latest innovative features. All the features mentioned in the Cisco DNA Essentials section are included in Advantage. In addition, Cisco DNA Advantage includes LAN automation, which helps simplify network operations, free IT staff from time-consuming and repetitive network configuration tasks, and create a standard error-free underlay network.
The Advantage tier also includes several AI-driven features, such as AI Network Analytics and AI Endpoint Analytics. Find anomalies instantly with complex event processing using cloud-based AI/ML and machine reasoning for root cause analysis. Guided remediation allows for single-click resolution, allowing machine reasoning automation to close the loop. AI Endpoint Analytics identifies and checks the compliance of endpoints by analyzing traffic flow behavior in real time.
It adjusts the endpoint trust score and automatically assigns new policies corresponding to the trust level to mitigate any threat at the source. Cisco Secure Network Analytics with Encrypted Traffic Analytics (ETA) identifies endpoint security threats, like malware and data breaches, that are encrypted. Note that ETA requires Secure Network Analytics (formerly Stealthwatch®) licenses, which can be purchased a la carte or with the Cisco DNA Expansion Pack.
Cisco Spaces for Smart Buildings
One of our latest additions is Cisco Spaces for Smart Buildings. The integration of IoT gateways on the Cisco Catalyst™ 9000 switch family with Cisco Spaces creates a foundation for managing smart buildings by democratizing the IoT ecosystem. Smart building application providers can now interface with hundreds of different types of device vendors and application partners by using Cisco APIs to extract telemetry from the devices through Cisco Spaces.
The IoT gateways running on the Catalyst 9000 family—the most widely deployed network access in the world—interpret and normalize telemetry from all the various endpoints in a smart building ecosystem, feeding the information to Cisco Spaces. This democratized IoT platform relieves smart building application providers from the responsibility of building integrations to thousands of different devices. Cisco Spaces Extend is a powerful end-to-end, indoor location services cloud platform that extends platform capabilities via integrations and partner applications. It includes Cisco Spaces See, which provides business insights such as behavior metrics, location analytics, and more.
Cisco SD-Access
You can enable Cisco SD-Access with the Advantage tier. It provides visibility-based, automated, end-to-end segmentation to separate user, device, and application traffic without the need to redesign the underlying physical network. Cisco SD-Access automates user-access policy so organizations can make sure the right policies are established for any user or device with any application across the network. Cisco Identity Services Engine (ISE) licenses are required for SD-Access; these can be purchased a la carte or with the Cisco DNA Expansion Pack.
Hardware IPsec support
IP Security (IPsec) is the latest addition to Cisco DNA Advantage. Hardware IPsec support has been added for a few of the Catalyst 9000 switches (the Catalyst 9300X and Catalyst 9400X Supervisor Engine-2 and Supervisor Engine-2XL). It supports Internet Key Exchange (IKE) v2 standard-based Layer 3 hardware encryption for secure edge connect (>100 Gbps) and enables high-bandwidth, secure transport between sites or from site to cloud.
Cisco ThousandEyes
For the Catalyst 9300 and 9400 Series switches, Cisco ThousandEyes Network and Application Synthetics and Cisco Spaces are available. Note that ThousandEyes integrations can be added to other Catalyst platforms, such as the 9500 and 9600 Series, that support application hosting. These integrations are not available on the Catalyst 9200 Series. ThousandEyes visibility provides you with immediate insight into the digital experience of campus users connecting to any application, spread across multicloud deployments. ThousandEyes also requires additional licenses. The ThousandEyes product ID with a default value of 1 is included in Cisco DNA Advantage at no additional cost.
Application hosting
Application hosting infrastructure provides the flexibility to host Cisco signed or third-party applications on Catalyst 9000 switches as Docker containers to meet business-relevant use cases such as running administrative or security tools without an additional physical or cloud-based virtual server. Collecting and analyzing data at the edge empowers you to make local decisions, reducing the latency and bandwidth of the network.
As in Cisco DNA Essentials, it's important to note that some of these features are enhanced through Cisco DNA Center, our powerful network controller and management dashboard. Cisco DNA Advantage is the ideal choice for those who want to experience Cisco's full breadth of innovation and latest features.
Cisco DNA Software Comparison
Features
Cisco DNA Essentials
CIsco DNA Advantage
Full Flexible NetFlow
Cisco IOS Embedded Event Manager (EEM)
Software Image Management (SWIM)
Overall health dashboard
Overall health dashboard for Device, Network, Application and Client for 24 hours only
Network Plug and Play (PnP) provisioning application
Cisco DNA Service for Bonjour LAN
Out of box reports
Cloud monitoring for Catalyst
Cisco Spaces Extend
Cisco ThousandEyes Network and Application Synthetics
Controller Orchestrated Fabric Management and Configuration
Fabric, Segmentation, and eWC
Cisco AI Network Analytics
AI Endpoint Analytics
Group-Based Policy Analytics
AI Trust Analytics
LAN automation
Patch/SMU lifecycle management
Compliance
IPsec
Device 360, Client 360, and Network Health Insights
Application policy creation
Application hosting
Third-party API integration
Encrypted Traffic Analytics** (ETA)
(No Stealthwatch License Included)
Cisco DNA Service for Bonjour WAN
ERSPAN**
Wireshark**
AVC (NBAR2)**
Cisco Prime Infrastructure License
* Does not require Cisco DNA Center ** Not supported on all platforms