Thursday, 24 June 2021

Cisco Nexus Dashboard: Cloud Operational Platform for Observability

Cisco Prep, Cisco Tutorial and Material, Cisco Career, Cisco Preparation, Cisco Study Materials

One of the things that used to keep me up at night is that troubleshooting a data center network typically involved multiple disparate teams, each having a different view of the network, user interface, and the applications it supports. Historically, it took probing the network manually with complex questions and use the answers derived from custom scripting, spreadsheets, and CLIs for troubleshooting and remediation.

Read More: 300-815: Implementing Cisco Advanced Call Control and Mobility Services (CLACCM)

And with scaling into the multi-cloud in modern data center fabrics, the size and scope of deployments are growing into hundreds or even thousands of devices. This results in operational complexity, and the cost of managing these devices has exponentially grown as it takes longer to troubleshoot issues using multiple tools and methods. These multiple tools result in disparate user experiences that result in a lot of time and manual processing spent on troubleshooting and tracking critical network events across global networks. It often requires time to hone into misbehaving devices or collect and analyze data across multiple devices. That can result in downtime which quickly becomes expensive.

Traditional data center network management tools and approaches assume a velocity and volume of change that is well below what is enabled by the cloud and is unable to meet the demands of cloud native applications and digital business.

Cisco Nexus Dashboard is designed to automate, monitor, and analyze your network infrastructure. Innovative architectural approaches were implemented to provide automation and visibility at scale. Nexus Dashboard Insights simplifies operations for our customers with a modern, stateless microservices architecture that can scale horizontally, leveraging open-source infrastructure code. Insights delivers dynamic correlation, impact analysis, proactive alerts, failure prediction, and remediation, along with operational data visualization. These capabilities help consolidate the number of operational tools needed and reduces application downtime, Mean Time to Identify (MTTI), Mean Time to Resolution (MTTR), and the operating costs. 

Driving automation and visibility at scale 

Here are the key architectural components of the Nexus Dashboard Insights architecture: 

Collectors: Nexus Dashboard Insights incorporates universal telemetry collectors. These collectors support multiple input plugins for collecting software and hardware telemetry data streamed from networking infrastructure devices like routers, switches, firewalls, and load balancers.  

Data lake: Insights pipeline supports data encoded in JSON or GPB, which gets transformed and stored in a data lake for further processing. Telemetry data from legacy devices that do not support streaming telemetry is retrieved using REST API or SSH and then put into the pipeline for transformation.  

Analytics Engine: The analytics engine pipeline uses a serverless compute model. It handles tasks such as data enrichment, anomaly detection, data aggregation, and resource scoring by splitting them into modular tasks with associated task specifications. These tasks are processed independently, and the results are saved in the distributed data lake.  

Cisco Prep, Cisco Tutorial and Material, Cisco Career, Cisco Preparation, Cisco Study Materials
Nexus Dashboard Operations Intelligence Platform

Architecture for deep visibility and operational simplicity 


Today, we are leveraging best-in-class AI/ML technologies to automate a number of these tasks which were being done manually on CLIs or using custom python scripts. This has led to powerful forecasting and anomaly detection use cases to generate an alert based on analytics of the time-series network data, paving the path towards proactive and predictive capabilities. 

Insights proactively streams software and hardware telemetry from across the fabric. It uses AI/ML technology to create a network-specific baseline for different Key Performance Indicators (KPIs). These baselines are continuously updated to reflect dynamic network behavior. An anomaly alert is generated when the network state crosses the thresholds band set around the baseline. These anomalies can further trigger user-specified actions such as generating email notifications or auto-remediation.  

Insights has been built on the principle that beyond identifying a problem in the network, there is a strong need to make the complex monitoring of IT operations simple. We embarked on an automation journey starting with taking additional steps to identify the impact caused by the issue/s and the resulting remediation steps.  

We address the architectural demands placed on the modern networks by: 

1. Hardware and software telemetry: Deep expertise in analyzing hardware and software telemetry:  Increases the completeness and accuracy of data that helps monitor, troubleshoot in real-time.  

2. Future-proof support: Future-proof support for infrastructure devices using capabilities specified in Industrywide supported open standards (both existing and in planning stages) 

3. Lead with AIOps: Building closed and continuous feedback loop automation into remediation by utilizing AIOps capabilities. Monitor and root cause issues and scale support needs by leveraging a DevOps toolchain to enable development to be very agile resulting in real-time automated pattern discovery. 

This allows us to automate and manage legacy data-intensive processes while simultaneously embracing new cloud-driven data frameworks. 

Cisco Prep, Cisco Tutorial and Material, Cisco Career, Cisco Preparation, Cisco Study Materials
Cisco Nexus Dashboard Alerts Summary

Stay tuned to the next set of blogs that will delve into upcoming Nexus Dashboard capabilities and use cases based on this new “built from the ground up” architectural approach. 

◉ One view: With Single Sign-On (SSO) and Role-Based Access Control (RBAC), operate your geographically distributed multi-site environment across multiple Cisco Nexus Dashboard clusters from a single point of control.  

◉ Microburst detection: Insights into network microburst and flows. Expose and locate invisible microbursts, locate congestion hotspots, and protect application performance. 

◉ Anomaly analysis: Solving “Needle in a Timestack” problem for CRC/FCS errors. Compare and contrast time-synced data of multiple parameters to derive a deeper understanding of issues and behaviors.

Source: cisco.com

Tuesday, 22 June 2021

Power of Cloud Application Centric Infrastructure (Cloud ACI) in Service Chaining

It is a reality that most enterprise customers are moving from a private data center model to a hybrid multi-cloud model. They are either moving some of their existing applications or developing newer applications in a cloud native way to deploy in the public clouds. Customers are wary about sticking to just a single public cloud provider for fear of vendor lock-in. Hence, we are seeing a very high percentage of customers adopting a multi cloud strategy. According to Flexera 2021 State of the cloud report, this number stands at 92%. While a multi cloud model gives customers flexibility, better disaster recovery and helps with compliance, it also comes with a number of challenges. Customers have to learn not just one, but all of the different public cloud nuances and implementations.

More Info: 352-001: CCDE Design Written Exam (CCDE)

Cisco Prep, Cisco Learning, Cisco Tutorial and Materials, Cisco Career, Cisco Exam Prep

Navigating the different islands of public cloud


When customers adopt a multi cloud strategy, they often begin with one and then expand to other clouds. Though most public clouds were built with an over-arching goal  of providing access to resources instantly at a lower cost, their individual implementations and corresponding cloud native constructs are different. Hence automation artifacts built for a specific public cloud provider, cannot be re-used for other clouds.  As we see our customers undertake the multi cloud journey, it is increasingly clear that having an automated way to configure the cloud constructs for various clouds is a huge benefit for our customers.

Cisco provides this solution to our customers via Cloud ACI. Cisco Application Centric Infrastructure (ACI) is Cisco’s premier Software Defined Networking (SDN) solution for the data center.  The ACI solution now caters not only to on-premises data center, but the public cloud as well. Thereby, offering a seamless experience to customers to orchestrate and manage consistent policies for their workloads irrespective of where the workload resides. Cloud ACI provides that needed abstraction across multiple public clouds, providing a single policy model for customers to define their intent. Cisco ACI solution takes care of automating the user intent into required cloud native construct of each cloud.

Cloud ACI solution achieves this by deploying the Cisco Cloud Application Infrastructure Policy Controller (Cloud APIC)  in the cloud site, like Amazon AWS or Microsoft Azure. The cloud APIC is registered with the Cisco Nexus Dashboard Orchestrator (formerly Multi-Site Orchestrator) – the master controller for managing different ACI sites. The user defines the policies on the Nexus Dashboard Orchestrator, which pushes it down to the sites where the user policy needs to be applied.The Cloud ACI controller at the site takes care of configuring the right networking and security cloud constructs for that cloud site.

Let us take an example of an enterprise that plans to deploy workloads both in AWS and Azure. Resources in AWS are deployed within a VPC, whereas Azure requires a Resource Group. AWS provides native load balancing services via Elastic Load Balancers, whereas in Azure, you would use an Application Gateway for L7 load balancing and Network Load Balancer for L4 traffic. The native cloud constructs are different and end users have to learn both AWS as well as Azure languages. If the enterprise uses Cloud ACI, configuring a VRF (Virtual Routing context) from the Nexus Dashboard Orchestrator will translate to creating a VPC in a AWS site and a Virtual Network (VNET) in the Azure site. It’s that simple!!!

Load Balancers and More!


Cloud ACI can be particularly powerful when automating your applications behind native load balancing services. Both large web scale applications as well as  smaller enterprise applications are typically deployed behind a load balancer for high availability and elasticity. Hence, all major public cloud players offer load balancing as a native service. Load balancers have a frontend, which is the IP and port to reach the application and a backend with the servers serving that application. Depending on the load, the servers hosting the application can be scaled up/down elastically.

Cloud ACI provides a neat way to automate the creation of the native load balancers as well as configure and manage the lifecycle of the load balancers. The solution provides an innovative way to add the backend servers as targets to the load balancers dynamically. This is done via tagging the servers and creating a service graph in ACI. A service graph represents the flow of data between consumers and providers via one or more service devices. Cloud ACI provides the ability to create load balancers and configures the frontend port based on user configuration. Once a user specifies via a contract the desired provider endpoint group (EPG), the solution takes care of automatically adding the servers that belong to the provider endpoint group as the backend of the load balancer.

This is pretty powerful, with VMs scaling up and down, there is no need to manually add/remove these servers from the load balancer backend. Cloud APIC auto detects the servers and classifies them into the right EPG.  The Cloud APIC then dynamically adds/removes these servers from the backend of the load balancer.

Unleash the power of service chaining


For web applications reachable over the internet, it is paramount that there is additional security built in to protect the application and the backend servers from security attacks. In such cases, it is common for customers to insert a firewall before the traffic hits the load balancer. The firewall could be Cisco’s FTD, or 3rd party firewalls from vendors like Checkpoint, Fortinet, VM-Series Next-Generation Firewall from Palo Alto etc, available in the public cloud marketplace. Cloud ACI provides the perfect automation for this use case by providing users with a way to build a multi node service graph. To provide high availability for the firewall, a load balancer may be placed in front of the firewall like shown in the below picture

Cisco Prep, Cisco Learning, Cisco Tutorial and Materials, Cisco Career, Cisco Exam Prep

Cloud ACI can automate the entire flow by managing the lifecycle of both the front end and the Backend LB. It automates the creation of the load balancers, configuring the frontend port/protocol and adding the right backend targets.  As defined by the service chain, it adds the firewall instances as the targets of the Frontend LB. It adds the application servers as the targets of the backend application load balancer (ALB). Cloud APIC also configures the security groups at each layer with the right set of rules based on the contract. This ensures that no un-intended traffic flows between the user and the backend application servers. Can it get better than this! The only configuration that is required from cloud ACI is

◉ creation of the logical devices for the load balancers and firewall

◉ creation of a service graph specifying the location of the service devices in the chain

◉ configuring a contract between the consumer and the backend application server endpoint group

As you can see, this is extremely simple and saves time and reduces configuration complexity for the user. What more, the network admin can be at peace knowing that any dynamic scaling of the backend servers by the application/server admin, will be handled by cloud APIC.

Source: cisco.com

Monday, 21 June 2021

Top 10 CCNA 200-301 Exam Preparation Tips: Key to Success

When applying for any IT job position in comparison with numerous candidates, it is important to confirm extra qualifications for the role. Achieving a relevant certification is believed to be an amazing way to do so. This would be because recruitment manager view them as evidence of skills so signs for more reliable performance. If you are looking for some useful study methods concerning the CCNA 200-301 Exam, we have mentioned them below, but first, let’s explore the exam outline.

Essential Information of the CCNA 200-301 Exam

A vital step in preparing for any exam is to determine the list of the themes to be included. And the more comprehensive it is, the more consideration you should pay to this chapter. Regarding Cisco 200-301 exam, you can find a complete outline on Cisco’s official website. On the whole, the areas you’ll be evaluated on involve networking basics, IP connectivity and IP services, programmability, network access, and so on. At this step, it’s also essential to know what types of questions you will face, how much time you’ll be given, and how to ace the exam.

Sunday, 20 June 2021

Cisco Secure: Supporting NIST Cybersecurity Framework

Cisco Secure, Cisco Cybersecurity Framework, Cisco Preparation, Cisco Learning, Cisco Exam Prep, Cisco Career, Cisco Study Material

Extending the alignment to include more Cisco products

Why should you care? With so many security frameworks, it can be difficult to know where to start from. While many organizations are challenged with managing and improving their cybersecurity programs against the dynamic threat landscape, it’s not easy to pick one framework over another. So where do they start from – ISACA COBIT 5? ISO27000 series? CIS CSC? NIST CSF? SABSA? Or something else? National Institute of Standards and Technology (NIST) developed the Cybersecurity Framework (CSF) exactly for this reason. It’s a simple, best-practices approach to Cybersecurity leveraging the specific standards that are widely used and already working well today.

Basics First

NIST CSF is a voluntary framework based on existing standards, guidelines and practices for reducing cyber risks. It enables organisations to discuss, address and manage cybersecurity risk.

More Info: 350-901: Developing Applications Using Cisco Core Platforms and APIs (DEVCOR)

◉ It is used to manage cybersecurity risks in a cost-effective way while protecting privacy

◉ It references the globally accepted standards (COBIT, ISO/IEC, ISA, NIST, CCS)

◉ It enables all organizations (large or small) to improve security and resilience

◉ 3 pillars – People, Process, and Technology – Each of these are important

◉ Only half of the CSF Categories are addressed by technology

◉ It emphasizes the importance of two other main pillars of Cybersecurity – People and Process

The Cybersecurity Framework consists of three main components: the Core, Implementation Tiers, and Profiles but for today’s discussion, we will focus only on Core which is a ‘set of activities and outcomes using a language that is easy to understand.

How CSF Core makes lives easier?

The CSF Core consists of four components as shown in the table below. The CSF Core provides a set of activities to achieve specific cybersecurity outcomes. It also gives guidance on how to achieve those outcomes. The table below lists each of these components with a short description and example:

Cisco Secure, Cisco Cybersecurity Framework, Cisco Preparation, Cisco Learning, Cisco Exam Prep, Cisco Career, Cisco Study Material

The CSF Core is comprised of five functions – Identity, Protect, Detect, Respond, and Recover. These functions when considered together, provide the lifecycle of an organization’s cybersecurity risk

How Cisco Security Products align to NIST CSF?


Extending the work already done with the existing whitepaper, below is the updated alignment that includes a few more products (highlighted in Orange box) and how each of these products map to different NIST CSF Categories:

Cisco Secure, Cisco Cybersecurity Framework, Cisco Preparation, Cisco Learning, Cisco Exam Prep, Cisco Career, Cisco Study Material

Source: cisco.com

Saturday, 19 June 2021

Create new possibilities at the IoT Edge with the Cisco Catalyst IR1800 Series

Cisco Preparation, Cisco Learning, Cisco Exam Prep, Cisco Certification, Cisco Career

Get ready for an all-new Cisco industrial router: the Cisco Catalyst IR1800 Rugged Series. With many new interfaces and modules backed by a stronger CPU and more memory, the IR1800 series gives IoT application developers new possibilities for innovating at the IoT Edge, for example to host applications that can extract and transform IoT data right at the edge. The DevNet IoT Dev Center has a new learning lab and sandbox so you can try out these new features on a real IR1835 ruggedized router.

More Info: 300-715: Implementing and Configuring Cisco Identity Services Engine (SISE)

With the 5G/LTE, Wi-Fi 6, industrial SSD and GPS modules, the IR1800 series prepares you for the future, but that’s not all. The IR1800 focuses on supporting mobility , especially in the transportation industry with features like CAN bus, FirstNet, GPS/GNSS + dead reckoning and ignition power management. Furthermore, you can access all these interfaces from your IOx edge applications and use the data to power use-cases like recording video surveillance, streaming multi-media entertainment and advertisement content or providing predictive maintenance for the vehicle itself.

Cisco Preparation, Cisco Learning, Cisco Exam Prep, Cisco Certification, Cisco Career
IR1835: Industrial Routing & Edge Compute Sandbox Overview

IOx Edge Compute


All models of the IR1800 series support the Cisco IOx Edge Compute Framework which allows you to install and deploy your dockerized applications directly on the device. With the updated 1.2GHz quad-core ARM CPU and 8GB memory, you also have a strong compute device at the edge. Furthermore, you can add an industrial SSD which extends your storage to more than 100GB, for example for on-board videos, images, databases, and log files.

Want to try deploying your Docker containers and IOx applications on the IR1835? Check out this iox-webserver sample application on the DevNet Code Exchange which you can download or build to get started.

Cisco Preparation, Cisco Learning, Cisco Exam Prep, Cisco Certification, Cisco Career
On-box IOx Local Manager: Managing your IOx applications on the IR1835.
Here the NGINX server is installed and reachable on Port 8000.

Device APIs NETCONF & RESTCONF


Since this Router runs Cisco’s open and programmable IOS-XE operating system, you can configure the device via device level APIs such as NETCONF/RESTCONF. This means that you can change any device configuration by simply running a Python script from your local machine and apply the changes on as many devices as you want.

The new DevNet learning lab walks you through how you can get operational data directly from the device or even change the device configuration with simple REST calls or Python scripts.

WebUI


Check out the user-friendly on-box Device Manger (WebUI) shown below. Now you can easily navigate through the monitoring data, configuration, and settings of your industrial device from a browser window.

Cisco Preparation, Cisco Learning, Cisco Exam Prep, Cisco Certification, Cisco Career
Graphical User interface on the IR1835

Source: cisco.com

Thursday, 17 June 2021

Secure and Save with Cisco Secure Firewall Threat Defense Virtual

Cisco Secure Firewall Threat, Cisco Preparation, Cisco Career, Cisco Study Materials, Cisco Learning, Cisco Exam Prep

Simultaneously secure and save with new 7.0 features and subscription models

Organizations rely on Cisco Secure Firewall Threat Defense Virtual (formerly FTDv/NGFWv), Cisco’s proven network firewall with IPS, URL filtering, and malware defense that protects virtualized environments in private and public clouds.

In addition to the improved IPS performance with Snort 3 and the new support for Hyperconverged Infrastructure platforms, our 7.0 release brings a wealth of other visibility, management and performance enhancements. This includes two additional improvements for Secure Firewall Threat Defense Virtual: licensing enhancements that lower consumption cost, plus a much larger virtual appliance option, FTDv100, that provides increased performance with a 16-core CPU configuration.

Licensing enhancements

The capabilities of our virtual firewall offerings can be cost-effectively consumed with a new, flexible, tiered licensing model. By making the base software available as a subscription with 1, 3, and 5-Year terms, customers benefit with lower total cost of ownership. These subscriptions include basic online embedded support, further lowering ownership cost when compared to perpetual licenses. Further, subscriptions enable a shift in spending from CapEx to OpEx, and allow portability across on-prem and cloud deployments.

Additionally, we are introducing performance tiers for Secure Firewall Threat Defense Virtual. This includes a low entry price, suitable for organizations of all sizes and requirements. With the performance tier licensing model, customers can now pick and choose the tier that meets their throughput requirements. Throughput starts at 100Mbps and extending to 16Gbps. The performance-tiered licensing also provides different VPN session limit options, depending upon your deployment requirements.

Any of the licenses can be used on any supported configuration, allowing higher tier licenses on lower tier vCPU/memory configurations, for future expansion flexibility.

Table 1: Performance tiered license entitlements

Cisco Secure Firewall Threat, Cisco Preparation, Cisco Career, Cisco Study Materials, Cisco Learning, Cisco Exam Prep

Software upgrade considerations


For current deployments running 6.7 or below, the upgrade to 7.0 will, by default, maintain the variable license tier and uses the non-tiered license entitlements. Customers can also choose the specific performance tier from their Cisco Smart Licensing account using Firewall Management Center or the local Firepower Device Manager.

Customers who have an existing non-tiered license can continue to use all entitlements, including the new FTDv100 tier.

Figure 1: Tier Selection in Secure Firewall Management Center (FMC)

Cisco Secure Firewall Threat, Cisco Preparation, Cisco Career, Cisco Study Materials, Cisco Learning, Cisco Exam Prep

Public Cloud


Performance-tiered licenses can be applied and used on any supported platform,  including public clouds like Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and Oracle Cloud Infrastructure (OCI) using the Bring Your Own License (BYOL) model.

The ability to use any of the performance-tiered licenses, on any supported resource combination, (i.e., vCPU/memory) enables virtual firewall licenses to be used on a wide variety of instance types across AWS, Azure, GCP and OCI platforms.

Support


The Base and TMC subscription include 8X5 online support at no additional cost and also provides software upgrades.

Cisco Solution Support is also available for the Base and TMC subscription that provides 24X7 technical phone support and is the recommended level of support.

Source: cisco.com

Tuesday, 15 June 2021

DNA Center Template Labs – Getting Started Series, Part 1

Prologue

Over the years, as new technology has been introduced, there has always been a barrier to adoption. While automation is powerful, we need to test it fully. Delays in getting started are typically caused by the wait on lab equipment. If it’s not lab equipment, it’s licensing or the time required to set up and cable the equipment. This, together with the development time, resources, and scheduling, makes the whole activity painful. This typically causes a gap between the time technology is launched to the time it is adopted. It also means that there is a learning curve which typically adds even more delay to adoption by organizations. This leaves one to ask exactly how do I get started with DNA Center Templates.

But what if there was a better way!

dCLOUD is a Cisco environment that provides curated content labs. dCLOUD allows the user a new way of experiencing the Cisco portfolio. It allows the user to try out the new technology in a safe environment. It also helps to save time, reduce shipping costs, licensing issues, power, and cooling needs. All this and while still allowing an environment to test various features and functions.

Overview

In this ongoing series, we will explain each of the labs. The labs are set up to help you learn more about templating, Plug and Play, and Day N automation. Together with helpful labs and guided examples that can be downloaded and implemented within dCLOUD or modified for use in your own lab environment.

How?

Within dCLOUD, several sandbox-type labs are available. These self-contained environments are there to allow you to use them as you please within the time scheduled. This allows us a place to start practicing various concepts without fear of impacting production environments.

Therefore, to aid customers in the transition toward automation, we have put together a set of small helpful labs within a Github repository. As a result, we hope to demystify some of the complexities of setting up plug-and-play and help guide customers through the complexities and caveats. In this way, these self-guided labs provide a glimpse into the fundamentals of building velocity templates and provide examples that you can download and expand from. The sample templates and JSON files supplied are for easy import into DNA Centers’ template editor for quicker adoption. Lastly, some scripts are ready-made excerpts of code that allow you to build the environment to test.

First, in a practical lab guide, we step by step delve into the concepts of building templates and methodologies for using both Onboarding and DayN templates. Second, we provide answers and explanations to many of the questions that come up during automation workshops. Our hope is that you find the information both helpful and informative. Thus, we hope to give a well-rounded explanation of automation methods and concepts that we can easily expand upon for production purposes.

The lab content is located within the existing DNAC-TEMPLATES repository to give a one-stop-shop for all the necessary tools, scripts, templates, and code samples. Within it are four labs, which build upon the tutorials allowing you to test the methods in a lab environment.

DNAC Template LABS

These labs aim to guide you through the typical steps required to enable the various automation tasks delivered by DNA Center. This lab will give examples of templates used in DNA Center that we can modify for our use and test on equipment within the LAB environment. Additional information within the lab provides a well-rounded explanation of Automation methods with Templates. Lastly, the lab allows for customers to use DNA Center workflows to practice deploying Onboarding, DayN Templates, and Application Policy automation on both Wired and Wireless Platforms.

The goal of this lab is for it to be a practical guide to aid engineers to rapidly begin using DNA Center automation and help them work towards a template strategy. Additionally, this lab will give customers a permanent place to try out the templates and include configurations for various use cases. This environment will enable engineers to reduce the time and effort needed to instantiate the network.

As a result, you will gain experience in setting up Plug and Play onboarding and templates. Additionally, you will use advanced templating methods and troubleshooting tools. These may help during faultfinding to determine what is failing in a deployment.

Please use this menu to navigate the various sections of this Github repository. Within the multiple folders are examples, explanation readme files for reference.

PnP Preparation – This lab explains the overall Plug and Play set up steps

Onboarding Templates – This lab explains in-depth and how to deploy Day 0 templates

Day N Templates – This lab will dive into Day N template constructs and use cases

Composite Templates – This lab will explore how to build a composite template on DNA Center.

We will share additional, labs and content in an ongoing effort to fulfill all your automation needs with DNA Center.

dCLOUD as a LAB

To help customers succeed with DNA Center Automation, you may utilize the above labs as they have been designed to work within dCLOUD’s Cisco Enterprise Networks Hardware Sandbox v2.1 Lab. This allows you to run these labs and gives an environment to try the various code samples. You may choose to develop and export your own code for use in production environments. Also, this gives you an environment where you can safely POC/POV methods and steps without harming your own production environments. This also negates the need for shipping equipment, lead times, and licensing issues needed to get moving rapidly. Please do adhere to the best practices for the dCLOUD environment when using it.

Cisco Prep, Cisco Preparation, Cisco Learning, Cisco Certification, Cisco Guides, Cisco Career

The dCLOUD environment consists of the following:

Software:

DNA Center 2.1.2.5
Identity Services Engine (ISE) 3.0 (Not Configured)
Stealthwatch 7.1
FlowCollector 7.1
Cisco Prime Infrastructure 3.9
Wireless LAN Controller - C9800 running IOS-XE Amsterdam 17.3.3 code.
Windows 10 Jump Host 
Windows Server 2019 - Can be configured to provide identity, DHCP, DNS, etc.
Windows 10 Clients 

Hardware:

ISR 4451 Router - 17.3.3 IOS-XE Code
Catalyst 9300 Switch - 17.3.3 IOS-XE Code with Embedded Wireless Controller (EWC) and ThousandEyes Enterprise Agent
Catalyst 3850 Switch - 16.12.5 IOS-XE Code
4800 Access Points
Silex Controller (2 NIC's)

Cisco Prep, Cisco Preparation, Cisco Learning, Cisco Certification, Cisco Guides, Cisco Career
The environment allows for use with a web-based browser client for VPN-less connectivity, access as well as AnyConnect VPN client connectivity for those who prefer it. You may choose from labs hosted out of our San Jose and RTP Facilities by either selecting US East or US West. Choose the Cisco Enterprise Network Sandbox v2.1 or 3.1. To access this or any other content, including demonstrations, labs, and training in dCLOUD please work with your Cisco Account team or Cisco Partner Account Team directly. Your Account teams will schedule the session and share it for you to use. Once booked follow the guide within Github to complete the tasks adhering to the best practices of the dCLOUD environment.

Source: cisco.com