Cisco DNA – Digital Network Architecture Overview

Software-Defined Networking is a technology for automating network control and management, which is a great help to improve and automate network deployment and services. To implement SDN on an enterprise network, we need a controller to manage dynamic controls on the network devices. Cisco released a powerful controller to centralize the network management and control using a Cisco DNA Center dashboard.


What is Cisco Digital Network Architecture?

Cisco DNA Center (also called Cisco Digital Network Architecture) is a powerful SDN controller and management dashboard that allows you to take control of your network, optimize your network, secure your remote workforce, and lower your IT spending.

It is an appliance that provides a centralized graphical interface to design your network, add and configure devices, monitor your network and devices, and troubleshoot your network. Cisco DNA Center is an upgraded version of APIC-EM (Application Policy Infrastructure Controller – Enterprise Module), which was the older release of the Cisco SDN controller.


How Does Cisco DNA Center Leverage the Use of Intent-Based Networking (IBN)?

IBN is the latest SDN technology that allows all manual and hardware-related tasks and operations to be designed into a fully automated or software-based system. It transforms a traditional manual network into a controller-based network that translates the business needs into policies that can be automated and enforced consistently throughout the network. Cisco DNA center uses the technology of Intent-Based Networking.

With the Cisco DNA center platform, you won’t need to be worried too much about the CLI configuration that we usually use. A network engineer will just create a policy or configuration based on business intent or requirement on the Cisco DNA center, and it will make it happen. Cisco DNA Center will automatically deploy the configuration to all the devices based on how we want the network to operate.


The 3 Main Building Blocks of Cisco DNA

We will explain the below blocks in brief as we will have a separate topic or article that will explain it thoroughly.

1. DNA Center – a Cisco SDN controller which is designed to manage enterprise environments.

2. SD-Access – is a newer method of network access control that solves the limitations of the traditional implementation.

3. SD-WAN – it routes network traffic across multiple WAN connections based on policies you define. For example, applying a policy that will shift all the traffic automatically to a redundant WAN link if the main WAN link is experiencing a poor network performance like unexpected latency, jitter, and high loss.


Cisco Digital Network Architecture Components

Below are the Cisco Digital Network Architecture (DNA) Components:

1. Cisco ISE (Identity Services Engine)

It provides the creation and enforcement of security and access policies for endpoint devices connected to the organization’s router. ISE helps Cisco DNA Center to learn about connected devices and authenticate users.

2. Cisco NDP (Network Datagram Platform)

NDP is an analytical engine that collects information about networks via NETFLOW, HTTPS, and logging. It also supports artificial intelligence and machine learning to identify the problem and troubleshoot it.

3. Physical Appliance

It runs on Cisco UCS server hardware and Linux operating system. It can also be clustered when used for redundancy. Cisco DNA also offered a cloud platform. You can check this link –, and it will redirect you to Cisco DCloud. The below image shows the Cisco DNA homepage.

cisco dna



Traditional Campus Network Management VS Cisco DNA Center

The main difference between the two is that the traditional network is usually hardware-based while DNA Center is software-based. On the traditional network, the control plane is based on each physical device, while DNA Center is put on a centralized controller which provides more flexibility and easy network management and deployment.

In a traditional network, we are managing the network devices like routers and switches using the box-by-box method on CLI or GUI using SNMP, SSH, or telnet. Also, on the new deployment of the network devices, it starts with minimal or no initial configuration.

In Cisco DNA Center, a network engineer can modify and control the traffic from the centralized controller portal without accessing the individual routers and switches on the network. It can also do the dynamic implementation of the initial configuration by using plug-and-play provisioning. The DNA center also automatically updates the changes in configuration based on the pre-defined policies configured on it.


Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.

We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training: