Monday, 21 September 2020

How to Prepare for Cisco CCNP Enterprise 350-401 Certification?


Cisco ENCOR Exam Description:

This exam tests a candidate's knowledge of implementing core enterprise network technologies including dual stack (IPv4 and IPv6) architecture, virtualization, infrastructure, network assurance, security and automation. The course, Implementing Cisco Enterprise Network Core Technologies, helps candidates to prepare for this exam.

Cisco 350-401 Exam Overview:


Related Article:


Sunday, 20 September 2020

Extend secure, automated branch office networking to AWS with Cisco SD-WAN Cloud OnRamp

Extend secure, automated branch office networking to AWS with Cisco SD-WAN Cloud OnRamp

According to a Cisco study, by 2021, there will be 20 zettabytes of traffic between the DC/branch to the clouds, as companies use popular public cloud platforms like Amazon Web Services (AWS). Meanwhile, “IaaS is forecast to grow 24% year over year, which is the highest growth rate across all market segments,” according to Gartner.

However, while a cloud strategy creates more agility, it also presents challenges for IaaS deployments. Below are three primary concerns cloud users face regularly:

Inconsistent connectivity

Large-scale networks may traverse multiple slow public and/or expensive private connections to get to the cloud deployments, while smaller networks may need to battle out a slow, jittery internet to get to the clouds. In either case, customers will need to find the fastest and most reliable link while confirming a secure transport.

Complexity with governance

No real uniformity exists as to how different platforms handle their governance and compliance. This maze of rules and frameworks can create consistency problems with companies trying to utilize more than one cloud platform, especially with (but not exclusive to) IaaS. Finally, each cloud vendor has its own policy, security and segmentation process. These variances from vendor to vendor add another layer of complexity that must be managed.

Visibility problems

Different cloud platforms also use various protocols for analytics, metrics and insights. This variance can effectively reduce visibility for companies, making it more challenging to optimize usage across the network.

Cisco’s SD-WAN Cloud OnRamp automates and optimizes the enterprise SD-WAN to IaaS and SaaS

Cloud OnRamp is a cloud networking solution and a functionality of Cisco SD-WAN through which enterprises can network their branch sites to workloads deployed in cloud environments. Cloud OnRamp provides seamless, secure and automated networking for IaaS as well as an optimized experience for various SaaS applications.

One proven way to overcome the challenges of a cloud strategy is by implementing a consistent fabric across a company’s entire WAN network using Cisco SD-WAN Cloud OnRamp. Cisco SD-WAN provides a secure WAN architecture that can extend consistent policy enforcement, segmentation and security across both on-premises and cloud networks. Cloud OnRamp simplifies the experience further through the power of automation, using vManage as the single pane of glass management platform to create a SD-WAN transit network in the cloud provider’s environment.

Advantages of Cisco SD-WAN Cloud OnRamp

◉ Greater automation — With Cloud OnRamp, users can expect to automate SD-WAN extension to the cloud in minutes with just a few clicks.

◉ Improved security – Cloud OnRamp reduces security risks by leveraging graular segmentation and streamlined policy enforcement that can control and segment the traffic that flows through the network, guarding against external and internal threats to the data.

◉ Ease of management – Cloud OnRamp provides end-to-end data sharing between cloud and branch and establishes inter-regional visibility across transit data and network telemetry.

Cisco SD-WAN Cloud OnRamp Integration with AWS Transit Gateway

Cisco has partnered with AWS to provide end-to-end solutions for joint customers to create the best possible user experience. Customers benefit from fully automated networking to workloads in AWS Cloud and native integration between Cisco SD-WAN and AWS Transit Gateway and Transit Gateway Network Manager.

Extend secure, automated branch office networking to AWS with Cisco SD-WAN Cloud OnRamp

Sneak peek of the new features and benefits:

◉ Fully automated Cisco SD-WAN fabric extension to AWS Cloud: instead of spending hours of time per region and going through error-prone manual processes, now enterprise customers can bridge their branches to AWS workloads through a fully secure Cisco SD-WAN network in just minutes.

◉ Single pane of glass management through Cloud OnRamp: jumping back and forth between different management consoles of Cisco and AWS to orchestrate networking resources can be challenging and ineffective. With this new integration, enterprise customers will be able to manage both the Cisco SD-WAN virtual router and AWS Transit Gateway through Cloud OnRamp.

◉ Extending enterprise segmentation to AWS Cloud: one important aspect of secure networking is to ensure consistent enterprise segmentation across the entire network. By using the GUI-based Intent Management feature in Cloud OnRamp, enterprise customers can easily manage VPN to VPC and VPC to VPC communications through simple clicks.

◉ End-to-end visibility: by populating elements of both the SD-WAN network and AWS cloud network into AWS Network Manager, enterprise customers will have a unified and visualized view of both branch and cloud sites.

Watch AWS, Cisco and joint customer ENGIE discuss the benefits of integrating Cisco SD-WAN with AWS Transit Gateway Network Manager in a recent webinar and learn how to get started.

With more than half of enterprise workloads expected to be deployed in public clouds within the next year, cloud computing is a growing opportunity and challenge for today’s enterprises. By deploying an integrated solution like Cisco’s Cloud OnRamp for IaaS, companies will stay competitive by making their cloud strategy more productive, consistent and secure.

Saturday, 19 September 2020

API-Based Tools Make Cisco Device Management and Monitoring Easier

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Guides

Cisco’s Intent-Based Networking (IBNG) Innovation Team is responsible for providing training labs, bootcamps and demos for customers, partners, internal sales at individual and public events. After each training we have to reset hundreds of devices and multiple controllers like Cisco DNA Center, ISE, DHCP, WLC etc. This manual reset takes the team a lot of time. During some of our events, we are required to reset multiple times a week or daily. To minimize the manual work and be more efficient, we created some API based tools that can complete the whole process in less than 30 minutes.

If you have any requirement for similar use cases, you can try our API-based tools that can save you time and reduce the tedious work!

We have 20-30 pods in each training lab. A pod is an individual testbed that contains different devices, such as edge/access, distribution and core devices.  These devices mimic a small customer Enterprise environment, with Catalyst3k and 9k switches, ASR and ISR routers and wireless controllers. During the lab, the devices are configured per various use cases.  Post each event, the devices need to be brought back to the beginning state. With the help of the APIs and scripts, we automated this reset process.

API-based Tools


For resetting devices such as Cat9ks, Cat3ks, ASRs and ISRs we are using SecureCRT APIs which can reset the device to a default state or configure the device to a base state. Using these scripts if a switch is in configuration mode, enable mode or in any other mode it will do necessary configuration changes and do the reset on the devices. Sometimes after reset we want to provide additional configuration that is not part of the base. For that we will use another script which can simultaneously run on multiple devices.

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Guides

We also created a button bar in secure CRT and pointed the script to this button. This button bar is a quick way to run scripts, send strings and issue protocol commands on multiple sessions simultaneously. Step by step instructions for configuring this button can be referred here. Whenever we want to execute a script on any number of sessions just clicking on the button will execute the script on all the sessions opened. The following is an example for mapping a python script to a button in a button bar. All the links to these scripts is referred in What Next? section.

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Guides

Next step is to reset Cisco DNA Center. For Cisco DNA Center, we are using Cisco DNA Center internal APIs to perform the backup and restore operations. We can also use these APIs to check the status of backups and restoration operations. Currently backup/restore APIs are for internal purposes only, these will be published in future. We also integrated these backup/restore scripts with Webex teams. So, if you execute any backup or restore script it will send a notification to the Webex teams and everyone in that Webex group will be aware of the changes.

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Guides

Next step is to reset other controllers such as ISE/DHCP/DNS/Cat9800. We installed these controllers as VMs on ESXI hosts. To reset these VMs, we are using the snapshots and non-persistent modes for the VMs. Using the PowerCLI cmdlets we are creating new VMs from the snapshots and resetting the VMs for non-persistent mode. The following is an example to reset the controllers and create VMs from snapshots. All the links to these scripts is referred in What Next? section.


Monitoring API-Based Tools


After the reset process has completed, we are also monitoring the devices by using python applications.  If something happens to the device, such as a link or switch goes down, we will be notified in Webex Teams of this issue. We integrated Cisco DNA Center with Webex teams and configured the events on Cisco DNA Center to notify us of these alerts. If any issue happens, we will get a notification in the webex teams as alert. The following is an example for the switch unreachable notification in Webex teams that DNAC has sent via APIs.

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Guides


The following is an example to subscribe to an event in Cisco DNA center and provide receiver details for sending the alerts. You can subscribe to specific events that may occur in your network. After your subscription, if the event does occur you will receive a notification by REST APIs. You can refer here for more details on how to subscribe to events.

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Guides

Friday, 18 September 2020

Cisco 500-440 Sample Questions | Syllabus | UCCED Practice Test


Cisco UCCED Exam Description:

This exam tests a candidate's knowledge of design considerations and guidelines for deploying Cisco Unified Contact Center Enterprise (Cisco Unified CCE) solutions. Cisco Unified CCE is part of Cisco Unified Communications application suite, which delivers intelligent call routing, network-to-desktop computer telephony integration (CTI), and multichannel contact management to contact center agents over an IP network.

Cisco 500-440 Exam Overview:

Streamline NX-OS fabric deployments with Cisco DCNM and Red Hat Ansible

Cisco Prep, Cisco Tutorial and Materials, Cisco Certification, Cisco Learning

Today I will give an overview of our recent integration between Cisco Data Center Network Manager (DCNM) and Red Hat Ansible to streamline NX-OS fabric deployments.

Introduction

Traditionally in data center network management, configuration was often a manual, error prone process, with an operator going device by device to make changes, with every change requiring a deep understanding of both the OS specific CLIs as well as an knowledge of the technology and the implications of each CLI change, to attain a desired outcome.

Cisco DCNM

Cisco DCNM is a turnkey solution for NX-OS network-wide workload orchestration and workflow automation, providing everything from Day 0 auto-provision, through Day N configuration changes. The solution is delivered through an easy to use UI for a single point of management for both network configuration and monitoring.

Additionally, operators have begun to understand and embrace the DevOps model to streamline network management. It is now widely accepted that network automation can be leveraged to accelerate network deployment and optimize network operations in a data center.

With the current global COVID-19 pandemic, network teams are being asked to do more with less, all while working remotely.

The importance of automation was highlighted even further in a recent IDC survey[1].

As part of the responses to the survey,

1. 48% of respondents said they will increase investment in automation solutions to reduce manual management of the network

2. 46% require increased ability to remotely manage network operations

Ansible and Cisco DCNM

Red Hat Ansible is an open-source solution that addresses challenges from network automation and application deployment, to managing a cloud infrastructure, in order to drive a more efficient IT environment with a simplified toolchain.

Ansible has emerged as one of the most popular platforms to automate and simplify network management tasks and boost cost savings and operational efficiency. Ansible works with many different operating systems that run on Cisco Networking platforms including ACI, IOS-XE and IOS-XR.

For several years now, Cisco has offered industry leading Ansible modules for NX-OS, which have been widely adopted and remain extremely popular to automate and streamline network deployments.

However, customers are increasingly looking to move towards a single point of management for their fabrics, rather than making changes at a device by device level.

Ansible, in conjunction with Cisco DCNM, provides a perfect combination for customers to embrace the DevOps model and accelerate NX-OS deployment, monitoring, day-to-day management, and more. Ansible achieves this goal by leveraging the open APIs of DCNM to automate the most common tasks.

Operational efficiencies made possible by Ansible and Cisco DCNM include the following:

◉ Addition or removal of NX-OS switches from a fabric

◉ Management of networks within a VXLAN fabric

◉ Addition or removal of VRFs from a VXLAN fabric

◉ Orchestration of switch interfaces within a DCNM managed fabric

Cisco Prep, Cisco Tutorial and Materials, Cisco Certification, Cisco Learning

Key Benefits of Cisco DCNM/Ansible solution


◉ Enables Admins to align on a unified approach to managing NX-OS fabrics with the same toolchain of their application deployments, enabling a tight coupling of application and network provisioning.

◉ Like all Ansible modules, the DCNM modules are idempotent ensuring that only necessary changes are made to the fabric. If the fabric is already in the desired state, no changes are made.

◉ Easy entry to leveraging Ansible, with all playbooks being written in human readable YAML.

Thursday, 17 September 2020

Cisco Secure Remote Worker Architecture for Azure

Today companies are investing in empowering their workforce to have a secure connection to the resources hosted in the Cloud. Cisco provides a secure remote worker solution that uses the Cisco AnyConnect Secure Mobility Client, Cisco Duo, Cisco Umbrella, and Cisco Advanced Malware Protection (AMP) for Endpoints.

◉ Cisco AnyConnect Secure Mobility Client: Cisco AnyConnect Secure Mobility Client empowers remote workers with frictionless, highly secure access to the enterprise network from any device, at any time, in any location while protecting the organization. It provides a consistent user experience across devices, both on and off-premises, without creating a headache for your IT teams. Simplify management with a single agent.

◉ Cisco Duo: Cisco Duo is a user-friendly, scalable way to keep business ahead of ever-changing security threats by implementing the Zero Trust security model. Multi-factor authentication from Duo protects the network by using a second source of validation, like a phone or token, to verify user identity before granting access. Cisco Duo is engineered to provide a simple, streamlined login experience for every remote user. As a cloud-based solution, it integrates easily with your existing technology and provides administrative, visibility, and monitoring.

◉ Cisco Umbrella Roaming Security Module: Cisco Umbrella Roaming Security module for Cisco AnyConnect provides always-on security on any network, anywhere, any time — both on and off your corporate VPN. The Roaming Security module enforces security at the DNS layer to block malware, phishing, and command and control callbacks over any port. Umbrella provides real-time visibility into all internet activity per hostname both on and off your network or VPN.

◉ Cisco Advanced Malware Protection (AMP) Enabler: Cisco AnyConnect AMP Enabler module is used as a medium for deploying Advanced Malware Protection (AMP) for Endpoints. It pushes the AMP for Endpoints software to a subset of endpoints from a server hosted locally within the enterprise and installs AMP services to its existing user base. This approach provides AnyConnect user base administrators with an additional security agent that detects potential malware threats in the network, removes those threats, and protects the enterprise from compromise. It saves bandwidth and time taken to download, requires no changes on the portal side, and can be done without authentication credentials being sent to the endpoint. AnyConnect AMP Enabler protects the user both on and off the network or VPN.

Cisco Tutorial and Material, Cisco Learning, Cisco Exam Prep, Cisco Study Materials

Figure 1 – Components of the Cisco secure remote worker solution

Cisco Secure Remote Worker Architecture for Azure


Today organizations are consuming services, workloads, and applications hosted in Azure (Public Cloud). Azure provides a wide range of services that offer ease of usability, orchestration, and management. Customers are embracing these services, but this resource consumption model opens another attack surface. Using Cisco Security controls, customers can provide a secure connection to the Azure cloud infrastructure. This remote access VPN architecture protects multi-VNet, multi-AZ (availability zone) by extending the Cisco Secure Remote Worker solution. This Architecture brings together Cisco Security and Azure Infrastructure-as-a-service (IaaS) and extends remote access VPN capabilities with Duo, Umbrella, and AMP Enabler.

Cisco Tutorial and Material, Cisco Learning, Cisco Exam Prep, Cisco Study Materials

Figure 2 – Secure Remote Worker architecture for multi-VNet, multi-AZ

The above network design has the following components and services:

◉ Cisco ASAv or Cisco NGFWv for Remote access VPN termination (TLS or DTLS)
◉ Cisco Secure AnyConnect Mobility Client on the endpoints
◉ Microsoft Windows 2019 Active Directory for LDAP
◉ Cisco Duo for Multi-Factor Authentication
◉ Umbrella Security Roaming Module for DNS Layer Security
◉ AMP Enabler for protection against Malware

This Architecture is designed on the bases of the Hub and Spoke model, the hub-vnet has firewalls for VPN termination. The Hub-VNet is connected to spoke-VNets using VNet peering. VNet peering uses the Azure backbone network and the Azure backbone network provides higher throughput.

◉ Remote Access VPN sessions are load balanced by Azure Traffic Manager
◉ Azure Internal Load Balancer (Standard) is used for non-VPN traffic load balancing (East/West)
◉ Azure External/Public Load Balancer is used for non-VPN traffic load balancing (North/South)

Traffic Flow 


Remote Access VPN: Azure blocks layer-2 visibility required for native HA and VPN load balancing to work. To enable resiliency and VPN load balancing, one must rely on the native cloud services such as Azure Traffic Manager (ATM), DNS, and UDR. In this architecture, VPN users send VPN traffic to the Azure Traffic Manager. ATM tracks all the firewalls using probes, and it load-balances VPN connection endpoints (Cisco Firewalls).

◉ Each Firewall has a separate VPN pool
◉ Azure User Defined Route (UDR) forwards traffic back to the correct firewall
◉ Azure Traffic Manager load balances the RAVPN traffic

Cisco Tutorial and Material, Cisco Learning, Cisco Exam Prep, Cisco Study Materials

Figure 3 – Secure Remote Worker architecture for multi-VNet, multi-AZ (RA VPN Traffic Flow)

Non-VPN (East/West): Firewalls in the HubvNET inspects east-west traffic, each subnet in the spoke VNet has a route-table that has a user-defined route (UDR) pointing to Azure ILB “virtual-IP address”. Traffic lands on ILB and ILB forward it to the firewall. The firewall inspects the traffic; if traffic is allowed, it is sent to the destination VNet using VNet peer. Return traffic is forwarded back to the ILB because of the similar UDR is applied on destination VNet also. ILB maintains the state and sends traffic back to the same firewall that processed the initial packet flow.

Cisco Tutorial and Material, Cisco Learning, Cisco Exam Prep, Cisco Study Materials

Figure 4 – Non-VPN East/West Traffic Flow

Non-VPN (North/South)

◉ Outbound Traffic Flow: Each spoke subnet has a route-table associated with it. UDR controls traffic routing, and it has a default route that points to ILB’s virtual IP (VIP). HubvNET has ILB, and ILB points to firewalls for internet connectivity. Internet traffic is load-balanced on the perimeter firewall, and traffic is SNATed to the outside interface IP address. Outbound traffic does not hit the external load balancer because a public IP mapped to the outside interface of the firewall and UDR on the outside subnet used 10.82.1.1 as a default gateway. Azure ILB used in this architecture is a standard SKU that requires explicit Azure NSG to allow traffic on firewalls (backend devices). There is an azure NSG applied to inside and outside interfaces of firewalls; this NSG has allow-all rule applied, but you can restrict traffic according to your Infosec policy.

Cisco Tutorial and Material, Cisco Learning, Cisco Exam Prep, Cisco Study Materials

Figure 5 – Non-VPN North/South (Outbound Traffic Flow)

◉ Inbound Traffic Flow: External users would access frontend IP on the Azure public load balancer (ELB), ELB has external interfaces in the backend pool. ELB is responsible for load balancing incoming non-VPN traffic, ELB sends traffic to the firewall if allowed traffic is SNATed to inside interface to maintain traffic symmetry.

Cisco Tutorial and Material, Cisco Learning, Cisco Exam Prep, Cisco Study Materials

Figure 6 – Non-VPN North/South (Inbound Traffic Flow)

Wednesday, 16 September 2020

Adapting to the New Work Environment through Automation

Cisco Prep, Cisco Certification, Cisco Learning, Cisco Exam Prep

This blog is one in a series focusing on aspects of Cisco DNA and intent-based networking. #IntentBasedNetworking

It’s such an odd time right now. Standing where we are, we know the world and the workforce is changing. While there’s universal consensus that nothing will be the same, no one is sure exactly what the new workforce environment will look like. Sure, there are hints. According to a recent IDC webinar—COVID 19 and Enterprise Networking—Assessing the Impact, Planning for the Future—the number of remote workers will surge from less than 7% to nearly 30%. And networks will need to change to support business continuity in this geographically dispersed workforce with application and collaboration experiences that mirror those in the office.

But what will that look like? VPN? Cloud?

One sure thing is that network automation will play an increasingly important role going forward. The same IDC report bears this out, indicating that, at 48%, the number one area of increased IT investment will be for network automation. Why? Because regardless of how IT pivots to support distributed workers, the infrastructure required to handle that load will be more complex and more demanding. The management task is simply too heavy a lift to perform manually. It must be handled through automation.

This distributed workforce requirement aligns with the core automation capabilities built into Cisco DNA Center. We have always touted the time and cost savings available using Cisco DNA Center automation capabilities. Those benefits still remain. However, the emphasis moving forward will be on business resilience and continuity.

Cisco DNA Center automation works because it uses business intent to define how a network should run. Then it defines policies and configurations to ensure the network operates as intended. Then—and here’s the real power—Cisco DNA Center automatically pushes those polices and configurations throughout the network. Even a geographically distributed network.

There are several aspects of the new workforce environment that require this higher level of automation: deployments, complexity, consistent experience, configuration changes, security, and software maintenance. Let’s take a closer look at each.

Deployments


As enterprises scramble to support work from home, the number of new device deployments—for remote access, security, and routing—has exploded. The number and overnight turnaround makes managing the deployments manually nearly impossible. An IT department with a dozen techs can’t scale up to instantaneously deploy thousands or tens of thousands of remote deployments over one weekend. And, I’ve heard story after story of that’s exactly what Cisco DNA enabled.

Complexity


Complexity is likely to grow as organizations adapt to a more remote workplace. This is because of two factors—distribution and control. First, as workers work from home, the number of points of connection will become more distributed. And, second, the organization has less control over the technology in those home office environments. Sure, you can send virtual office routers, but you won’t have control over the ISP or wiring in the house. This makes access policy more difficult to implement and enforce – and configurations more difficult to establish and manage.

It’s just not realistic to assume that any IT department would have the manual resources to tackle this complexity. That’s where Cisco DNA automation comes in. You can establish different configurations for remote offices, headquarters, even different ISPs, then use Cisco DNA Center to automatically configure all of the necessary devices to support that remote access.

Consistent Experience


One of the things I keep hearing about the shift to working remotely is that employees don’t see their home office as workplace lite. It’s their new office. To deliver the same level of productivity, employees need to have an experience that’s consistent with the one they had in the campus or branch. That means consistent application access and performance, even while working from their new home office.

Sure, some of this consistent experience is dependent on the network devices used in the remote office. But consistent configurations and access policies are even more important. Again, with the number of home office locations exploding, there is no way for an IT department to manually provision all of these offices for optimal experience. And, if they try, the manual effort is guaranteed to introduce configuration errors that diminish the expected application and access experience and create potential security vulnerabilities.

Configuration Changes


While remote workplaces will be a big part of future collaboration, so will change. Employees may more frequently migrate between remote and campus environments. And enterprises may need to continually change configurations, policies and access permissions to accommodate this new demand for flexibility.

Through the configurations templates and automated deployment already discussed, Cisco DNA Center helps you easily make these changes. More importantly, because of the intent-based templates, those changes, regardless of how quickly they need to be deployed, will maintain the same level of consistency and application support as the initial deployment.

Security


With the expanded threat surface created by more remote work environments, security is a huge concern going forward. Vulnerabilities may be introduced into the network during rollout and management through deployment glitches, missed security patches and non-integrated security applications. The automation capabilities of Cisco DNA Center help with all three.

For deployments, the automated nature of the Cisco DNA deployments uses consistent configurations templates and significantly reduces manual errors, thereby greatly minimizing the introduction of security vulnerabilities through incomplete or inaccurate deployments.

Going further, Cisco DNA Center has security integrated into its automation capabilities. First, all applications are under constant attack and require effective security patch management to quickly address vulnerabilities. Cisco security advisories are made available from within Cisco DNA Center. The highest level threats for devices on your network rise to the top of the list where you can directly download and deploy the new patches to all affected devices.

In addition, Cisco DNA Center integrates several Cisco security solutions right into the solution dashboard. Stealthwatch and Umbrella can be deployed directly from within Cisco DNA Center. And rogue and adaptive wireless intrusion prevention is built right into the solution. As a result, security and network management, both in greater demand in this new environment, can be more effectively managed through the automation capabilities of Cisco DNA Center.

Software Maintenance


In the best of times, maintaining current versions of system software for all of your network devices can be a challenge. But when those devices are distributed across thousands or tens of thousands of remote worksites, the challenge is no longer possible with manual updates.

Again, Cisco DNA Center automation capabilities help you overcome this challenge. Cisco DNA Center can actively discover all the system software versions on your network devices, highlight those that are inconsistent or out of compliance, and even push the correct, up-to-date image to the identified network devices. All automatically from your Cisco DNA Center dashboard and regardless of location. In fact, you can even define different configurations by location and keep those up to date as well.

The bottom line is no one really knows the exact shape of the future workforce environment. But Cisco DNA Center automation capabilities all support the agility, flexibility, and remote access that will help you adapt as we all move forward.