ZERO TOUCH PROVISIONING (ZTP) USING CISCO DIGITAL NETWORK ARCHITECTURE CENTRE (DNAC)
by Metsi | February 03, 2021
February 03, 2021
Technology
The Cisco Digital Network Architecture Centre (DNAC) provides a centralized platform and interface for all network related tasks and functions. This enables network operators to configure and provision thousands of network devices at increased speed and scale. Manual operations and associated human errors are reduced via the automation of tasks, resulting in more network deployment consistency and increased uptime.
Challenge
Our customer wanted to leverage Cisco DNAC to simplify the installation and configuration of switch devices at their global sites. Previously, a field engineer was required to be on site to achieve this, but the customer wanted to remove this requirement from the process in order to save operational (opex) costs. The customer needed to automate and control the distribution of their approved IOS software to all newly onboarded switch platforms so performance would be predictable. The customer also required strict control over the initial switch template configuration, while being able to automate the delivery of the configuration to a device.
Solution
By using DNAC as a centralized automation platform, Metsi was able to automate zero touch provisioning (ZTP) of an out-of-the-box switch with a Day-0 configuration, and approved IOS. Firstly, an automated task sequence was created that detected new switches once cabled and powered on. The correct IOS was then copied to the flash of the devices and activated on reboot during a scheduled maintenance window. The configuration was then pushed to the device from DNAC as per an agreed template, so that the switch had full network connectivity without any operational intervention. Secondly, centralizing DNAC configurations meant that individual engineers no longer had to pre- configure devices as this was done by DNAC, and they no longer had to attend installations onsite in person (this was done by the facilities who racked, powered and cabled the devices). Third and finally, the devices then appeared in the DNAC inventory, so they could be allocated a role, provisioned and assigned then to a site ready for use.
Summary
Metsi provides networking consultancy for the design and implementation of the Cisco DNAC platform, for Proof of Concepts (POC) and real-world rollouts, in both greenfield and brownfield deployments. Metsi DNAC engineers can facilitate the realization of all DNAC features for Enterprise customers, including automation, segmentation and assurance. Automation helps to standardize repetitive network operations which reduces human error and saves on time and costs via increased speed of delivery. Segmentation with DNAC and ISE helps to present one unified security policy to both wired and wireless users across a fabric with Software Defined Access (SDA). Assurance provides new insights to ensure that business intent is directly transferred to the network, and that it is delivering on what was intended for business operations.