1

Cisco DNA Center -

AIOps
An AI-driven Approach
to Digital Transformation
Preface 7
Authors 8
Acknowledgments 9
Organization of this Book 10

1. Introduction 13

2. Digital Transformation Acceleration 15

3. How to get started with AIOps 19

AIOps Benefits 21
Cisco DNA AI Analytics Architecture 23
Getting started with Cisco AI Network Analytics 25
Enabling Cisco AI Analytics 26
Ensuring Data Privacy with Cisco AI Network Analytics 29

4. AIOps Basics 31
Health Scores 33
Overall Health Dashboard 36
Dashboard Filters 40

5. AI Network Analytics 43
Cisco AI Network Analytics Architecture 45
Dynamic Baselining 47
AP Performance Advisories 53
AI Enhanced RRM 62
AI Network Comparative Analytics 75
Network Heatmap 78

6. Wireless Monitoring 81
Network Health 83
Network Services 90
Events Viewer 105
3D Maps 109
Wi-Fi 6 Dashboard 118

7. Wireless Device Troubleshooting 121

Wireless LAN Controller — Device 360 123
Access Point - Device 360 134
Intelligent Capture 147

8. Wired Monitoring and Troubleshooting 151

Wired Monitoring 153
Wired Troubleshooting 165
Machine Reasoning 173

9. Client Monitoring and Troubleshooting 179

Client Health 181
Client Troubleshooting 186
Intelligent Capture 198
10. Network Reasoner 201

11. Application Health 219

Configuring Application Visibility and Application Experience 222
Visualizing Application Experience in Cisco DNA Center 227

12. Cisco DNA Center Integrations 237

Cisco DNA Center Integration with Webex 239
Cisco DNA Center Integration with ThousandEyes 246
Integration with Cisco DNA Spaces 255

13. Reports Dashboard 259

Generating Reports 261
Ad-Hoc CSV Reports 272
Weekly Insights Report 274

14. Cisco DNA Center Server Troubleshooting 277

Troubleshooting AI Network Analytics 286
Troubleshooting Wireless and Wired Assurance 290
Troubleshooting Application Assurance 294

Appendix 295
References 296
Additional Resources for Cisco DNA Center 297
Acronyms 298
Preface
8 Preface

Authors

This book represents an intense collaboration between Technical Marketing,

Engineering, and Product Management during a week-long intensive session
at Cisco Headquarters in San Jose, CA.

• Prem Chandran ‒ Technical Marketing

• Sean Sivak ‒ Technical Marketing

• Harsharan Dhaliwal ‒ Technical Marketing
• Suresh Subramanian ‒ Engineering

• Federico Lovison ‒ Engineering

• Shai Silberman ‒ Product Management
 Preface 9

Acknowledgments

A tremendous thank you to Cisco’s Enterprise Networking Technical

Marketing, Product Management, Engineering, Sales, and Customer
Experience teams who recognized the need for this book and supported its
development. A special thanks to Jeff Scheaffer, Jeff McLaughlin, Todd
Untrecht, and Bipin Kapoor for supporting the efforts of the authoring team.
We would also like to thank Shannon Chavez for her incredible resource
organization throughout this process, Sum Nguyen and Satpal Ranu who
helped with the demo servers for the screenshots, and the many amazing
Cisco resources who provided information and clarifications throughout the
process.

We would also like to extend our sincerest appreciation to our Book Sprints
team (www.booksprints.net
www.booksprints.net):
www.booksprints.net

• Karina Piersig ‒ Book Sprint facilitator

• Christine Davis ‒ Copy editor

• Raewyn Whyte ‒ Copy editor

• Henrik van Leeuwen ‒ Illustrator
• Lennart Wolfert ‒ Illustrator
• Agathe Baëz ‒ Book designer

• Barbara Rühling ‒ Project manager

Karina and the team were outstanding in creating an environment that

allowed our thoughts and ideas to collaboratively flourish to produce this
publication.
10 Preface

Organization of this Book

This book is structured as an informative publication for a wide variety of

personas involved in networking and enterprise IT infrastructure. Cisco DNA
Center supports NetOps, AIOps, SecOps and DevOps use cases. NetOps
covers key features like software image management, plug and play,
configuration management and configuration compliance. SecOps covers
key features like rapid threat containment, Endpoint classification and Trust
Analytics. DevOps covers integrations, APIs and notifications to WebHooks.
This book primarily focuses on AIOps. The opening chapters of the book
provide a high-level overview of Cisco’s vision for transforming digital
networks and the benefits of AIOps within the context of Cisco DNA Center.
The next several chapters provide technical deep dives into Cisco DNA
Center’s capabilities for AIOps, with product examples and real-world use
cases. The closing chapters provide some additional resources for
troubleshooting, deployment, and references to the features as well as
terminology discussed in this book.

Intended Audience
This book is intended to cater to a wide variety of audiences from executives
to technical practitioners of all levels. The technical nature of this book,
however, is best suited for technical decision-makers, network managers,
and network engineers. The content of this book is equally beneficial to
users who are already familiar with Cisco DNA Center as well as to those
who are needing to understand the role of Cisco DNA Center AIOps in
increasing IT efficiency and business value.
 Preface 11

Purpose of the Book

As we continue to introduce and promote the concept of AIOps, particularly
within Cisco DNA Center, we set ourselves on a mission to write this book
with the idea that it would serve both highly technical individuals and
business decision-makers. We wanted them to be able to gain a solid
understanding of what AIOps means in the era of digital transformation, as
well as how Cisco DNA Center can help an organization to make that
process as seamless, efficient, and valuable as possible.

Book Writing Methodology

The Book Sprints (www.booksprints.net
www.booksprints.net)
www.booksprints.net methodology was extraordinarily
helpful in allowing us to craft this message. The Book Sprints team helped to
foster a collaborative environment that let each individual utilize their
strengths and rapidly complete this book.

We spent numerous hours writing, reviewing, and editing the content in this
book. We are enormously proud and happy to present the key benefits and
features of Cisco DNA Center AIOps to help organizations evolve the way
they monitor, troubleshoot, and gain insights into their network.
1. Introduction
14 1. Introduction

Cisco's strategy is to help customers connect, secure, and automate agile

networks to accelerate the digital transformation of their environment.
Our Integrated Cisco DNA Platform Suite securely connects people to
people, people to applications, and devices to applications.

This is accomplished with AI-driven visibility, observability, and insights to

ensure the health of users, applications, and infrastructure. AIOps with the
Cisco DNA Center utilizes industry-leading Cisco AI Network Analytics with
Machine Learning, Machine Reasoning, and Visual Analytics to eliminate
excess noise, quickly identify issues, and remediate problems faster. This
new agile approach of integrating AIOps, NetOps, SecOps, and DevOps
personas evolves IT into a competitive advantage.

Cisco DNA Center AIOps enables visibility of the entire network through
multiple lenses, such as geography, hierarchy, and topology, as well as at
the site, building, and floor levels.

Cisco DNA Center AIOps provides observability of device health, client

health, and application health utilizing key performance indicators (KPIs),
which enables AI-driven issue identification and AI-driven root cause
analysis. Cisco DNA Center combined with Machine Reasoning Engine (MRE)
is like having 30-years of Cisco experience at hand.

Cisco DNA Center AIOps delivers insights on trends and changes in the
environment over time and creates system-generated issues to proactively
identify abnormal behavior.

Learn how Cisco DNA Center can digitally transform any network
environment!
2. Digital
Transformation
Acceleration
16 2. Digital Transformation Acceleration

The journey to Digital Transformation starts with Cisco DNA Center. Cisco’s
DNA Center is designed to embrace Cisco’s core mission to help customers
connect, secure, and automate in a cloud-first world.

Cisco DNA Center is part of the Integrated Platform Suite bringing together a
collection of products and software leveraging Cisco’s Unified Analytics
Framework. With this Unified Analytics Framework, Cisco can deliver agile
networks with insights, automation, and security. All this combines to
accelerate our customers' digital transformation journey. No matter whether
users or applications are on the campus, in the cloud, or the hybrid work
environment, this acceleration creates a faster time to value with our product
suites. At the center of this multi-domain network is Cisco DNA Center and
the Integrated Platform Suite.

Cisco DNA Center accelerates Digital Transformation through the use of four
key IT personas. Those personas include:

AIOps — AI-driven visibility, observability, insights, and troubleshooting to

ensure the health of users, applications, and infrastructure.

NetOps — Automation to simplify the creation and maintenance of networks

with the flexibility to move from manual network management to selectively
autonomous network management.

SecOps — AI-driven security to classify endpoints and enforce security

policies for a complete zero trust workplace solution.

DevOps — Mature APIs, SDKs, and closed-loop integrations to simplify and

streamline ecosystem integration.
 2. Digital Transformation Acceleration 17

Figure 2.1: The four Key IT Personas

Secure Agile Networks depend on beautifully coupled digital-ready

infrastructure and software.

The infrastructure works in conjunction with the control software, and

telemetry is designed into the products to drive agility, insights, automation,
and security.

Figure 2.2: Product Suite

18 2. Digital Transformation Acceleration

Cisco DNA Center is well suited for small and medium-sized enterprises up
to the largest corporations on the planet. Designed to handle thousands of
devices and hundreds of thousands of concurrent endpoints, Cisco DNA
Center can handle just about any size organization, providing scale, insights,
agility, automation, and security.

Figure 2.3: Cisco DNA Center Scaling

Please see the Cisco DNA Center Data Sheet for more information on
scaling.
3. How to get started
with AIOps
20 3. How to get started with AIOps

The term AIOps stands for Artificial Intelligence for IT Operations. This term,
originally coined by Gartner in 2017, refers to the way data and information
from an environment or system are enhanced by an IT operations team. This
chapter will cover AIOps basic concepts, benefits, and first steps to get
started with Cisco DNA Center’s AIOps.
 3. How to get started with AIOps 21

AIOps Benefits

AIOps platforms utilize big data, modern machine learning, and industry-
leading analytics to enhance IT operations with a focus on monitoring,
automation, and troubleshooting with proactive AI-driven insights.

There are numerous benefits to using and employing Artificial Intelligence.

When combining AIOps and NetOps IT personas, organizations have yielded
the following benefits:

Increased observability has yielded quantifiable results in decreasing Mean

Time To Resolution (MTTR) for system issues and troubleshooting workflows.
Empowered by the generation of dynamic baselines, using AI has
significantly reduced the alerting fatigue with more impactful and contextual
AI-driven issues contributing to reduced MTTR.

Multitudes of system-generated automated insights, tracking systems, and

user behaviors help customers understand how the network is being utilized
and provide the ability to understand changing demands and usage patterns
in the network. Cisco DNA Center AI Insights can assist customers with
proactive capacity planning and network enhancements based on trends to
keep up with ever-increasing demands.

Justification of hardware refresh is commonly accompanied by data to

demonstrate the need. Cisco DNA Center AI-driven comparative analytics
can demonstrate and compare and contrast service-level KPIs between
sites, access points, and endpoints. Comparative analytics can also help
compare the KPIs of peers in similar industries.

AI-driven predictive monitoring and insights can help prevent failures and
drive proactive workflows and recommendations. With proactive actions,
AIOps enable the organization to be more agile and to use IT as a
competitive advantage, increasing business value to the organization.
22 3. How to get started with AIOps

User experience is king. Monitoring user experience using Cisco DNA Center
AI provides insights, allowing engineers to proactively resolve issues before
users are impacted.

With AIOps visibility, observability, and insights, organizations can commit

fewer senior-level resources to work and troubleshoot issues.

AIOps is an accelerator to improve the Time To Value (TTV) and Return on

Investment (ROI) propositions. A common challenge with traditional network
management systems is the long time it takes to fully implement all the
features to yield high-value benefits. With Cisco DNA Center and AIOps,
once AI is enabled, the organization can begin to yield the benefits almost
immediately.

AIOps Key Customer Benefits with Cisco DNA

Center:
• Dynamic Baselining offers the ability to determine what is normal
in a specific environment.
• Anomaly Detection offers the ability to separate normal from
abnormal behavior.
• Trends and Insights can show patterns over time, enabling predictive
analysis to estimate future outcomes.
• Comparative Analytics compare KPIs internally as well as against
peers to determine not only an organization’s performance but also
how it performs compared to other organizations of similar sizes.
• Predictive Analytics allows for a more proactive approach to
troubleshooting by solving minor problems before they become major
issues. This is based upon system-generated insights gathered from
dynamic baselines, anomaly detection, and KPI comparison.
 3. How to get started with AIOps 23

Cisco DNA AI Analytics

Architecture

Cisco DNA Center gathers and aggregates data from network devices,
clients, and applications. It then obfuscates, encrypts, and sends that data to
the Cisco AI Network Analytics engine in the Cisco AI Analytics Cloud. Once
on Cisco’s servers, Machine Reasoning, Clustering, Machine Learning, and
Visual Analytics are utilized to provide industry-leading AI Analytics.

Figure 3.1: Cisco’s AI Analytics Architecture

24 3. How to get started with AIOps

After the AI Network Analytics Engine completes the processing of data

through the pipeline above, the cloud engine pushes the AI-driven issues
and insights back to Cisco DNA Center. These AI-driven issues are then able
to provide actionable items such as:

• Customized network baselines

• Customized network issues
• Customized insights

• Comparative analytics
• Predictive analytics

These use cases are reviewed in detail in later chapters in this book.
 3. How to get started with AIOps 25

Getting started with Cisco AI

Network Analytics

There are a few requirements before Cisco AI Network Analytics can be

enabled on the Cisco DNA Center appliance:

• Cisco DNA Center version must be 1.3.1 or higher (This book refers
to many features available only in 2.2.3 or later).
• All Assurance and AI Analytics Application packages must be
downloaded and installed from the Cisco DNA Center web GUI.
• The Cisco DNA Center appliance MUST have access to the internet.

After ensuring that the above requirements have been met, the next step is
to configure a Cisco.com CCO ID in the System Settings for Cisco DNA
Center. Click Save to apply the credentials to ensure access to Cisco DNA
Center software and services.

Figure 3.2: Cisco.com Credentials

26 3. How to get started with AIOps

Enabling Cisco AI Analytics

Cisco AI Analytics can be enabled by navigating to the System Settings

and selecting Cisco AI Analytics from the External Services menu.

Figure 3.3: Enabling Cisco AI Analytics from the Cisco DNA Center System Settings

Cisco AI Network Analytics has to be enabled to use all of the available

AIOps features.
 3. How to get started with AIOps 27

The following AIOps features: AI Enhanced RRM, AI Endpoint Analytics, and

AI spoofing detection can also optionally be configured here.

After enabling Cisco AI Network Analytics, select the desired cloud region
and click on Configure; at this point, once the user accepts the Cisco
Universal Cloud Agreement, the local agent will contact the cloud service to
register a new tenant.

The registration usually takes a few seconds. Once it completes, the User
Interface (UI) will automatically download the configuration file to the local
machine. This file contains critical information to access the cloud service,
including the tenant ID (also called Deployment ID or Customer ID), the
anonymization key used to encrypt sensitive data, and the certificate used to
authenticate the agent against the cloud endpoint, therefore the file should
be stored in a secure location.

The AI Network Analytics configuration file can be backed up at any time by

going back to the settings page. The configuration is also part of the global
Cisco DNA Center Appliance Backup, however, it is highly recommended to
keep a copy of the configuration file as well, as this would allow restoring the
Cisco AI cloud connectivity using the same tenant ID, even in scenarios
where a full appliance restore is not desirable.

Note Without the configuration file, all historical AIOps data will be lost in
the event of a fresh install of the Cisco DNA Center.

Moreover, AI Network Analytics requires having only a single Cisco DNA

Center appliance using the configuration for a given tenant ID at any given
point in time. If the same configuration is restored and concurrently used on
multiple appliances, the UI will show an error message.
28 3. How to get started with AIOps

Figure 3.4: Downloading AI Network Analytics Configuration File

 3. How to get started with AIOps 29

Ensuring Data Privacy with

Cisco AI Network Analytics

Cisco DNA Center encrypts all the data that is uploaded to the Cisco AI
cloud with a unique customer ID and encryption key. All data stored in the
Cisco AI cloud is anonymized and encrypted. No hostname, MAC addresses,
IP addresses, device names, access points, or client-identifying information
is distinguishable on the Cisco AI cloud. This data only becomes readable
once it is decrypted. Where noted, personal data is de-identified before
transfer to the AI Network Analytics Cloud.

For more information regarding data privacy with Cisco AI Network Analytics,
please refer to the Cisco DNA Center Privacy Data Sheet in the
References section of the book.

Geographic Data Locality

Due to data privacy and requirements in some regions, Cisco has created
two AI Network Analytics cloud regions. One is located in the United States
and one in the European Union (EU). Please check with local data
governance compliance to see which region is applicable.
4. AIOps Basics
32 4. AIOps Basics

As an advanced intent-based network controller and user experience

platform, Cisco DNA Center provides many features from basic to advanced
visibility dashboards and user experience measurements. This chapter will
cover Cisco DNA Center’s Overall dashboard.
 4. AIOps Basics 33

Health Scores

Cisco DNA Center acquires contextual information from network devices,

clients, and applications. The key KPIs collected are used to calculate a
health score for the network devices, clients, and applications. Based on the
type of network device, the KPIs utilized will be different. A health score is
then assigned to each particular network device, client, or application
matching the lowest score from all included KPIs. Health score KPIs include
items such as:

• Link utilization

• CPU utilization
• Memory utilization

• RSSI and SNR on wireless clients

• Air Quality

• Interference

The figure below illustrates the Cisco DNA Center health score ratings,
severity ratings, and score ranges:
34 4. AIOps Basics

Figure 4.1: Health Score Range

Note Not all KPIs have to be included in the health score calculation. Any
KPI can be manually excluded from health score calculations.

For instance, if a wireless engineer did not want the Air Quality on
2.4GHz KPI to affect AP Health Scores, that KPI could be excluded from the
health score calculation. This customization can be done from the
Assurance > Health Score Settings page.
 4. AIOps Basics 35

Figure 4.2: Health Score Settings

Health scores provide the network engineer with a quick and easy way to
determine the health status of every network device, client, and application
in the environment. If there is an issue, the network engineer would know
exactly where to look to troubleshoot and provide a resolution. Keep in mind
that Cisco DNA Center provides a sequence of steps to troubleshoot and fix
the issue, based on Cisco's many years of experience designing,
implementing, and maintaining networks of all shapes and sizes worldwide.
36 4. AIOps Basics

Overall Health Dashboard

The network engineer can view the Overall Dashboard by selecting

Assurance > Health from the main menu. The Overall Health page shows
the health scores of network devices and clients. This enables the network
engineer to easily prioritize issues requiring attention and improve the MTTR.
In the dashboard, network devices are categorized into:

• Routers

• Switches (categorized into Core, Distribution, and Access layer roles)

• Wireless LAN Controllers

• Wireless Access Points

Clients are separated into wired and wireless client categories. Additional
information related to health scores and KPIs is available by drilling down into
the desired View Network Health and View Client Health links,
followed by selecting the device or client of interest.
 4. AIOps Basics 37

Figure 4.3: Overall Health

Cisco DNA Center provides performance analytics for

Authentication/Authorization and Accounting (AAA) and Dynamic Host
Configuration Protocol (DHCP) Network Services. The figure below displays
both Successful and Failed transactions as well as server latency
measurements. More detailed information is available by drilling down into
the respective network service dashboard which is covered in Chapter 6.

The information presented by these dashboards comes directly from the

Wireless LAN Controller (WLC), there is no need to separately configure AAA
or DHCP within Cisco DNA Center to enable this telemetry.
38 4. AIOps Basics

Figure 4.4: Network Services (AAA and DHCP Servers)

The Top 10 Issue Types dashlet on the figure below displays the 10 highest
priority global issues for this Cisco DNA Center deployment. Clicking on the
View All Open Issues links to the Issues dashboard.
 4. AIOps Basics 39

Figure 4.5: Top 10 Issues

Real-World Scenario
Kyler works as a Network Engineer at a bank. He starts every morning by
logging into Cisco DNA Center and checking the Top 10 Issues to see if
any high-priority issues require immediate attention. If an issue is found,
he drills down into the issue to get the description of the problem,
follows the suggested actions, and resolves the issue. Once the issue is
resolved, he highlights the issue and selects Action > Resolve.
40 4. AIOps Basics

Dashboard Filters

The Overall Health page can be filtered at the Global, Site, and Building
levels in the hierarchy. A Filter, based on time schedules, can also be
applied. Preset times are available, such as 3 hours, 24 hours, 7 days, or
custom periods as far back as 30 days. Filtering helps eliminate excessive
noise and allows for a more time-period focused approach to viewing issues
and information.

Figure 4.6: Time Range Filters

Hierarchical and Building views are also available by clicking the Site
Details link, allowing switching between the Flat view and Geo-Map view
to visualize a Network Summary and Site Health. The figure below shows the
Flat View.
 4. AIOps Basics 41

Figure 4.7: Site Health Hierarchical Site — Building View

The figure below shows the Geo-Map View. This view can be useful for
organizations with multiple geographical locations. This view can be zoomed
in on specific geographic regions.
42 4. AIOps Basics

Figure 4.8: Site Health Geo Map View

AIOps within Cisco DNA Center provides a wide variety of dashboards and
insights into the network infrastructure and clients.
5. AI Network
Analytics
44 5. AI Network Analytics

This chapter dives into Cisco DNA Center’s AI Network Analytics architecture
and features, explaining the outcomes of the AI Network Analytics engine
and demonstrating how and where to find AI-generated issues. The chapter
further demonstrates, in detail, the immense value derived from dynamic
baselining, network heatmaps, AI Enhanced RRM, comparative analytics,
trends and insights. These features not only bring immediate valuable
insights, but also enable the network engineers to rapidly assess issues and
reduce MTTR.
 5. AI Network Analytics 45

Cisco AI Network Analytics

Architecture

Figure 5.1: Cisco AI Network Analytics Architecture

Data collection from network devices takes place on the Cisco DNA Center
appliance. A lightweight agent establishes a secure connection to the Cisco
AI Analytics Cloud and exports network telemetry data, de-identifying
sensitive details such as MAC/IP addresses and Host/User names before the
data is uploaded to the customer’s AI Cloud Analytics instance.

The data processing takes place on the Cisco AI cloud platform, with AI/ML
model training as well as prediction pipelines producing results that are then
made available to the users on the Cisco DNA Center GUI via an Application
Programmable Interface (API) call to the Cisco AI cloud.
46 5. AI Network Analytics

Sensitive data that was de-identified upon export is then restored to the
original clear-text values only by the local Cisco DNA Center appliance
before that data is displayed to the user.
 5. AI Network Analytics 47

Dynamic Baselining

Cisco AI Network Analytics learns and models the network and user
behavior. After sufficient data collection and learning of typically one to four
weeks, Cisco AI Network Analytics builds a model of the expected network
behavior. It builds baselines for the following KPIs:

• Average onboarding time

• Average onboarding failures

• Average DHCP transaction times

• Average authentication time

• Wireless association failures

• Global application throughput

• Media/cloud/social/collaboration application throughput

AI-driven Issues
The dynamic baselines for the above-mentioned KPIs are also used to
generate AI-driven issues that are accessible via the issues dashboard.
Dynamic baselines are generated using machine learning models, trained
using the customer’s own network telemetry, considering multiple KPIs to
include the complete network context. Using such baselines instead of static
thresholds gives the Cisco DNA Center the ability to significantly reduce alert
noise, making the network engineer’s job significantly easier. The algorithms
used to generate AI-driven issues help the network engineer to identify the
probable root cause by displaying network KPIs that are likely to explain the
reported issue. At the same time, the network engineer can add more KPIs
to get a full networking context, therefore reducing the MTTR.
48 5. AI Network Analytics

In the example below, there are several AI-driven issues, indicated by the
special AI icon to the left of the issue type.

Figure 5.2: AI Issues

 5. AI Network Analytics 49

Baseline Dashboard
Dynamic baselines are also used as part of the baseline dashboard. This
allows network engineers to visualize network performance compared to the
predicted baseline.

The figure below illustrates the AI Network Analytics baseline dashboard

showing onboarding times. The dashboard shows a holistic view of
performance for various KPIs, based on the baselines driven by each
individual network location. Each bubble represents a building, while the size
of the bubble represents the number of clients in that building.

This view allows the network engineer to quickly identify buildings worthy of
investigation, either because AI-driven issues were reported for the selected
period (in red), or by identifying outlier buildings where no AI-driven issues
were raised, therefore indicating locations that are likely to be persistently
experiencing poor performance for a given KPI.
50 5. AI Network Analytics

Figure 5.3: AI Network Analytics Onboarding Time Baseline

Selecting one of the red bubbles displays the details related to the
selected building. This example in the figure below shows that the
onboarding time was outside of the baseline from about 5pm to 9:15pm at
this particular location. During that same period, DHCP Time was also
outside of the baseline. This indicates that DHCP Time caused the
onboarding time issue.
 5. AI Network Analytics 51

Figure 5.4: Baselines

Select the View Details under DHCP Time in the figure above to get more
information to narrow down the DHCP issue. In the drill-down view, the
network engineer can view the DHCP Time on the left side of the diagram.
Hovering over the highest DHCP Time highlights the floors and clients that
are affected. In the figure below, only clients on one floor are affected by the
issue. The ability of Cisco DNA Center AI to correlate KPIs enables the
network engineer to quickly troubleshoot onboarding issues.
52 5. AI Network Analytics

Figure 5.5: DHCP Time Flow

 5. AI Network Analytics 53

AP Performance Advisories

The Access Point (AP) Performance Advisories use machine learning to

continually analyze APs with suboptimal client experience. The generated
insights present extensive information about the potential root causes and
provide suggestions for improvements by comparing the problematic radios
with reference radios delivering good performance within the customer's
network.

Upon opening the main page, the user is presented with a set of cards, each
representing the suspected root cause for poor client experience, describing
the identified problem along with the impact, in terms of the number of
affected radios and clients.

The problems detected include RF-related issues such as channel utilization

and Co-Channel Interference, as well as deployment-specific issues, such
as low coverage due to AP density, or capacity issues, for example when
APs are overloaded.

The radios included in these insights are among the most active on the
network. To reduce noise, there is a filtering step as part of the data-
processing pipeline removing APs with low activity.

The network operator can view details about the radios affected by issues
such as Low AP Density and High Co-Channel Interference to proactively
remedy problems before more users are impacted.
54 5. AI Network Analytics

Figure 5.6: AP Performance Advisories

Drilling down into the Low AP Density insight, this view shows there are a
large number of APs with a higher transmission power than the reference
radios. This also shows the number of radios showing bad client experience
which could be caused by Low AP density.

The root cause presented in this view is automatically generated, based on

the output of a machine learning pipeline, providing a weighted list of KPIs
contributing to poor client experience. This allows network engineers to
understand the problem by providing human-readable descriptions and take
action to resolve the issue.
 5. AI Network Analytics 55

Figure 5.7: Low AP Density

At the bottom of the page, the user is presented with the full list of
problematic radios. The list is by default sorted by impact, which is a
function of the client experience KPIs and the affected clients. Once the user
identifies a problematic radio to look at, they can click on the AP name and
reach the radio-specific detailed view.
56 5. AI Network Analytics

Figure 5.8: Radios Impacting Client Experience

Drilling down into one of the radios displays radio-specific trends and
insights related to client experience KPIs, such as Received Signal Strength
Indicator (RSSI) and Signal-to-Noise Ratio (SNR). These KPIs are shown
between this radio and the reference radios for comparison. This radio has
lower RSSI and SNR than the reference radios. This could be caused by low
AP density in that location.
 5. AI Network Analytics 57

Figure 5.9: Client Experience KPIs

Additionally, there is a Radio Specific Root-Cause Context page that shows

this radio’s transmit power compared to the transmit power settings of the
reference radios. If this radio’s power is higher than the reference radios, it
can indicate there is low AP density as well.
58 5. AI Network Analytics

Figure 5.10: Radio Specific Root Cause Context

The network engineer can also dig into the other insights shown on the AP
Advisories page and detect lower-performing APs quickly. This feature
allows the network engineer to do something that is humanly not possible,
but with the help of machine learning and big data, Cisco DNA Center AIOps
brings these insights to the network engineer.

Trend Deviations
The Trend Deviations feature tracks a variety of metrics such as client count
and radio throughput over several weeks. It uses machine learning to detect
deviations in these trends during a 4-week period. A graph illustrates the
deviation for the period selected for further analysis by a network engineer.
The network engineer can select the system-generated insight to view it in a
graphical format.
 5. AI Network Analytics 59

Figure 5.11: Trend Deviations

This figure demonstrates Cisco DNA Center’s ability to detect a change in

behavior where a given AP significantly increases its client count over a 4-
week period. These types of insights are almost impossible without the use
of AI. The figure below displays trends over a 4-week period for a particular
AP for client count.
60 5. AI Network Analytics

Figure 5.12: Trend Deviation — Client Count

The figure below shows another system-generated insight, AP throughput

deviation. The view demonstrates Cisco DNA Center’s ability to detect and
point out a change in system behavior where a given AP significantly
decreases its throughput over four weeks. This could be indicative of a
configuration issue or hardware issue which would normally not be visible in
a traditional network management system without the insights that AI
 5. AI Network Analytics 61

provides. These insights enable the network engineer to quickly investigate

an area or an AP based on a throughput decrease.

Figure 5.13: Trend Deviation — Radio Throughput

62 5. AI Network Analytics

AI Enhanced RRM

AI Enhanced RRM (Radio Resource Management) is the next evolution of

Cisco’s award-winning RRM. RRM was originally introduced with Cisco
AireOS and Aironet in 2005 and manages the complexities of RF from Wi-Fi
1 to Wi-Fi 6 and now Wi-Fi 6E. RRM has fluidly grown to include innovative
algorithms such as Flexible Radio Architecture (FRA) and Dynamic
Bandwidth Selection (DBS) in addition to the traditional algorithms of
Dynamic Channel Assignment (DCA) and Transmit Power Control (TPC).

On a Cisco Catalyst 9800 WLC, RRM runs as a service. Cisco RRM manages
the RF Group (the components making up the RF Network) based on
dynamic measurements between every AP and its neighbors, stored in a
local database for the entire RF Group. At runtime, RRM draws on the last 10
minutes of collected data, and optimizes based on the current network
conditions. Cisco RRM has proven to be extremely effective and trustworthy
over the years, when configured correctly for the type of RF network
coverage desired (Capacity vs Coverage) it can adapt to almost any size or
deployment density. In Wi-Fi, RF Conditions can and do dynamically change
with different network loads and numbers of devices and users in the
environment, and RRM has measured up well to this task.

AI Enhanced RRM integrates the power of AI and ML with the reliable and
trusted Cisco RRM product family of algorithms in the cloud. AI Enhanced
RRM is coordinated through Cisco’s DNA Center as a service. Existing Cisco
Catalyst 9800 WLC RRM sites can be seamlessly transitioned to an
intelligent centralized service. As with other Cisco DNA Center services, AI
Enhanced RRM brings a host of new features. The Cisco DNA Center RRM
Control Center allows administrators to quickly assess the health and
performance of the RF coverage from the enterprise level down to a single
site or building level.
 5. AI Network Analytics 63

Cisco AI Enhanced RRM is different as it brings the ability to analyze

historical dynamic RF data over time. The ability to evaluate complex RF data
often comes down to being able to factor in what’s normal against the
current data. Normal can and does vary from site to site based on the
numbers and types of users, technology, equipment choices, and the
architectural design density. Keep in mind that often normal is in the mind of
the beholder.

After an initial learning period of a few days, the Cisco AI Analytics Cloud will
begin to provide insights into the performance and tuning of the RF network.
Insights provide granular guidance on:

• Performance against SLAs

• The effectiveness of present settings/configurations

• The quality of the coverage

Together, the AI Enhanced RRM algorithms with the power of the Cisco AI
Analytics Cloud and Cisco’s DNA Center take Wi-Fi RF management to an
unprecedented level. AI Enhanced RRM correlates 24x7 observations from
the network and the client devices and applies 20+ years of Cisco RF
excellence to drive exceptional user experiences into the future.

To get started with AI Enhanced RRM in Cisco DNA Center, there are some
prerequisites:

• Cisco DNA Center running version 2.3.2 or higher.

• A Cisco Catalyst 9800 WLC (MUST be provisioned by Cisco DNA
Center), running IOS XE 17.7 or higher.

• A large number (10+ at a minimum, the more the better) of APs

connected to the Catalyst 9800 WLC.

• Cisco AI Analytics and AI Enhanced RRM are enabled under Cisco AI

Analytics in the Cisco DNA Center System Settings.
64 5. AI Network Analytics

After these requirements have been met, an AI RF profile can be created on

Cisco DNA Center by navigating to Design > Network Settings >
Wireless (with global location scope selected) then scrolling down to RF
Profile and selecting Add then selecting the AI RF Profile tab as shown
in the figure below.

Figure 5.14: New AI RF Profile

Configure a name for the profile as well as enable/disable any default RF

settings. Set the Busy Hours and Busy Hours Sensitivity based on the
organization’s needs. Busy Hours refer to the set period during each day that
RRM changes should not be implemented.
 5. AI Network Analytics 65

Figure 5.14: Set RRM Busy Hours

Next, configure any advanced settings, such as which channels to utilize or

Tx power, then save the new AI RF Profile.
66 5. AI Network Analytics

Figure 5.15: RRM Advanced Profile Settings

Now that the AI RF Profile has been created, it can be deployed to a site. To
do this, navigate to the Workflows tab in the Cisco DNA Center main menu,
and select the Configure AI RF Profile ;workflow. Give the workflow a
name then select the site(s) to where the AI RF Profile will be deployed.
 5. AI Network Analytics 67

Figure 5.16: Assign AI RF Profile to Site

On this page, different AI RF Profiles can be assigned to multiple sites in one

workflow.
68 5. AI Network Analytics

Figure 5.17: Select AI RF Profile

The RF profile can either be deployed immediately or scheduled for a later

time. Choose an option then click Deploy. A success message will indicate
that the AI RF profile was deployed.
 5. AI Network Analytics 69

Figure 5.18: Schedule AI RF Profile Deployment

Figure 5.19: AI RF Profile Assigned

Once the profile has been deployed, it will take a few hours before data
starts to populate on the Enhanced RRM page. The Enhanced RRM page
can be found in Assurance > Enhanced RRM under the Cisco DNA Center
70 5. AI Network Analytics

main menu. Select a site from the menu on the left. At the top of the page is
the RF Performance Summary which displays the overall RRM health
percentage and number of RRM changes for the period selected. There is
also an RF Coverage Summary which provides the current AP Density and
connectivity Signal-To-Noise Ratio (SNR).

Below the summaries, AI Enhanced RRM truly distinguishes itself from

Cisco’s already powerful industry-leading RRM by harnessing Cisco DNA
Center’s AI and ML components along with the ability to store and use
historical telemetry data and establish what is normal for a given observation
over time. RRM on the controller has always been limited to viewing the
current conditions as the data storage requirements are quite high.
 5. AI Network Analytics 71

Figure 5.20: Enhanced RRM Insights

In addition to these insights, the Enhanced RRM page provides a series of

dashlets that can help a network engineer easily visualize RF performance
and coverage:

• RRM Changes: The total number of RRM changes performed

during the selected time interval, broken down by type of change
completed (Tx Power, Channel Change).

• RRM Performance: Measures how the RRM performance channel

changes over time by observing metrics from co-channel
interference, near-channel interference, and duty cycle.
72 5. AI Network Analytics

• Co-Channel Interference: A breakdown of co-channel

interference levels (low/medium/high) for all wireless access points at
this site.

The network engineer can select View Details to view more detailed
information on actionable insights for each category powered by AIOps.

Figure 5.21: AI Enhanced RRM Changes

 5. AI Network Analytics 73

The Enhanced RRM page also provides more detailed dashlets that show
more detailed statistics regarding the metrics measured to determine RRM
changes:

• Utilization per Channel: Shows per-channel utilization. Trend

allows visualization of history for up to two weeks. Selecting a time
on the trend line opens the detail for that point in time, listing the
contributing access points.
• AP and Radar per Channel: Breaks out the channel assignment
spread by access point count. Radar detected is displayed on
impacted channels for context.
• AP Spatial Density: Visualizes Neighboring AP/radio density in the RF
neighborhood as the number of neighbors that can be seen at or
above -70 dBm.
• Power Distribution: Visualizes power distribution across the
networks and provides a corresponding neighbor count to correlate
AP density with power assignments. Trend allows visualization of
history for up to two weeks. Selecting a time on the trend line opens
the detail for that point in time, listing the contributing APs.
74 5. AI Network Analytics

Figure 5.22: Per Channel Metrics

Figure 5.23: AP Spatial Density and Power Distribution Comparative Analytics

 5. AI Network Analytics 75

AI Network Comparative
Analytics

Peer Comparison
Peer comparison provides the ability to compare KPIs such as Cloud Apps
Throughput and various RF KPIs, such as co-channel interference, between
peers in similar vertical market segments. This can provide insightful
information regarding how the network performs against an industry
baseline.

Peer comparison baselines include:

• Radio throughput

• Cloud apps throughput

• Radio reset

• Packet failure rate

• Radio interference
• RSSI (Received Signal Strength Indicator)
76 5. AI Network Analytics

Figure 5.24: Peer Comparison

Network Comparison
Compare buildings, endpoints, and AP models across a variety of key
wireless metrics such as radio throughput, average onboarding time, and
channel utilization across a period of one week.

The Network Comparison view can be used to compare:

• Buildings

• AP models

• Endpoint/Client types
 5. AI Network Analytics 77

The devices are grouped into three categories making use of clustering
techniques to automatically determine lower, medium, and high thresholds
for the relevant KPIs.

This approach provides a full breakdown of the performance in each

category. The categories are across a period of one week as well as in
comparison with another building, endpoint, or AP model. This is particularly
useful in planning new AP deployments and upgrades, as the page can show
the progress of the deployment during the week, in addition to viewing how
these wireless metrics are improved by the upgrades.

Figure 5.25: Network Comparison

78 5. AI Network Analytics

Network Heatmap

The network heatmap provides a list of all wireless APs in the network. They
are ordered by the KPI selected, such as Client Count, Throughput, or
Interference. This allows quick identification of top and bottom performing
APs as well as spotting trends concerning those specific KPIs. The list shows
the daily average (as well as the min/max) for all APs under the selected KPI,
in decreasing order. Hovering over one of the APs for any given day provides
the average value for that day, allowing the network engineer to see changes
in the wireless network over time. The network heatmap allows the network
engineer to visualize data from the current month as well as all previous
months in which data was collected and processed, with available filters by
site or band, to go from a global to a more specific view in the hierarchy. The
network heatmap can also be exported for use offline and outside of Cisco
DNA Center. Clicking on any of the dates will take the network engineer to
an hourly view for that day for this KPI, giving an even more granular view for
more detailed analysis.
 5. AI Network Analytics 79

Figure 5.26: Network Heatmap

This chapter reviewed all the AI Network Analytics features, demonstrating

the value of the insights it brings to the network engineer. This enables quick
troubleshooting and the ability to identify issues and KPIs not possible to
generate without Cisco’s industry-leading AI Network Analytics engine.
6. Wireless
Monitoring
82 6. Wireless Monitoring

This chapter covers how to monitor the most visible aspect of the enterprise
network. As the wireless network is where all the users live, it is important to
learn how Cisco DNA Center can help network engineers monitor the
wireless network to quickly and easily resolve issues reducing the MTTR for
wireless issues and ensuring a superior user experience.
 6. Wireless Monitoring 83

Network Health

The Network Health page provides visibility for all network devices managed
by Cisco DNA Center. With this tool, a network engineer can easily identify
any potential problems that may occur with the network devices across the
entire infrastructure.

Figure 6.1: Network Health

The Network Health page can be filtered by site or building, similar to the
Overall Health page as demonstrated in Chapter 4. The Healthy Network
Devices percentage is the number of devices in Good Health compared to
the number of Total Devices. The Total Devices are further broken down into
Good Health, Fair Health, Poor Health, and No Health data. This page also
provides a chart separating Routers, Core switches, Distribution switches,
Access switches, WLCs, and APs. Each device type’s health percentage is
also shown broken down by color.

Scrolling down the Network Health page will show a collection of dashlets,
as shown below. While the dashlets are customizable, it is important to note
that each dashlet provides two perspectives: LATEST and TREND. The
84 6. Wireless Monitoring

LATEST perspective displays the information for the previous 5 minutes. The
TREND perspective displays information for the time period selected in the
dashboard. For example, if the time period selected is 7 days, the TREND
will show 7 days of data. This allows the network engineer to visualize the
changes in the network to look for problems quickly and easily.

Figure 6.2: Network Health Dashlets

 6. Wireless Monitoring 85

Figure 6.3: List of APs by Highest Client

Count (in latest 5 mins)

This figure shows a dashlet with a list of

APs with the highest Client Count for the
last 5 minutes.
86 6. Wireless Monitoring

Figure 6.4: Trend Dashlet Network Health

This figure shows a list of APs from the

TREND perspective with the highest client
count for the last 24 hours.

Real-World Scenario
Saran is a wireless engineer at a large university. Saran likes to monitor
the wireless network very carefully as it is the heart and soul of the
students' access. As the university operates more than 5,000 wireless
APs, Saran goes to the Network Health page where he can see 3 critical
dashlets showing Total APs Up/Down, Top N APs by High Interference,
and Top N APs by Client Count. Saran can see that all the wireless
access points are up, have no significant issues with interference, and
the client counts are in an acceptable range.
 6. Wireless Monitoring 87

The below figure shows both the LATEST and TREND views for Top N APs
by Client Count.

Figure 6.5: Top APs by Client Count

On top of the LATEST and TREND tabs in this example, the user can reach
the Network Heatmap (discussed in the previous chapter) directly from the
above dashlet, highlighting the Top N APs and allowing a comparison of
such APs with the rest of the network, as well as extending the visualization
over a longer period. This feature can save time in understanding and
planning for demand, and justification for a hardware refresh.

There are more dashlets available, in addition to the defaults. The dashboard
can be customized by clicking the Actions > Edit Dashboard link. This
provides a customizable set of metrics the network engineer is interested in
viewing at a glance. Refer to the Cisco DNA Center user guide for the
complete list of other dashlets available on this dashboard.
88 6. Wireless Monitoring

Scrolling further down the Network Health windows will display the Network
Devices section of this dashboard which shows the device level details and
additional information. This list can also be filtered based on Overall Health
and Device Type.

Figure 6.6: Network Devices

The table above displays a wealth of information regarding the device. The
columns shown can be edited by selecting the gear icon on the top right of
the table. There are more than 20 different columns to choose from based
on preference, making the dashlet highly customizable. The data in the
dashlet can be exported as a CSV file to generate a report on the network
devices with all the details. Some of the columns are listed below. Please
refer to the Cisco DNA Center user guide for a list of all the columns
available.
 6. Wireless Monitoring 89

• Device name

• Manageability status

• Device model

• Device OS version
• Device IP address

• Overall health rating

• Issue type count

• Location of the device in the hierarchy

Click on the Device Name link to navigate to the Device 360 page. The
Device 360 is covered in detail in Chapter 7.
90 6. Wireless Monitoring

Network Services

Use of the Network Services dashboard can help the network engineer
determine if a wireless issue is being caused by authentication issues or
issues obtaining an IP Address. The Network Services menu has two
dashboards, the AAA dashboard, and the DHCP dashboard. The information
presented by these dashboards comes directly from the WLC via streaming
telemetry. There is no need to separately configure AAA or DHCP within
Cisco DNA Center to enable this telemetry.

AAA Dashboard
The AAA dashboard breaks down the performance of the network’s AAA
servers by latency and transactions. The timeline on the dashboard displays
the number of AAA transaction failures and successes over the period
selected. This timeline can be used to go back in time up to 30 days to view
the historical data.

Figure 6.7: AAA Dashboard

The Insights section below the timeline displays the change in AAA server
transactions compared to the same previous time range. For example, if the
time range is 24 hours, then it displays the change in AAA transactions from
the previous 24-hour period.
 6. Wireless Monitoring 91

The next dashlet displays the AAA summary and the AAA transactions at a
high level. The AAA summary shows the number of AAA servers and the
average latency for authentication transactions across all AAA servers. The
dashlet also displays the change in average latency from the previous 24-
hour period. The AAA transactions section shows the Total number of
transactions, number of Successful transactions, and number of Failed
transactions across all AAA servers. The dashlet also displays the change in
the number of successful and failed transactions from the previous 24-hour
period.

If there is a high percentage increase in the number of failed transactions

over the previous 24-hour period, it may indicate an issue that needs to be
diagnosed.

Figure 6.8: AAA Insights

The next section in the AAA dashboard displays four different dashlets:

• Top N Sites by Highest Latency

• Top N Sites by Failed Transactions

• AAA Server Latency

• AAA Server Transactions

92 6. Wireless Monitoring

Figure 6.9: AAA Dashlets

The AAA Latency is calculated as the average AAA round trip time from the
WLC to the AAA server. The Top N sites by Highest Latency can be used to
detect the most problematic sites for AAA issues. Selecting View
Details on this dashlet can be used to drill down into the AAA data in more
detail.
 6. Wireless Monitoring 93

Figure 6.10: Top N Sites by Highest Latency

When selecting one of the sites, the data can be filtered by Top AAA
Servers, Top SSIDs, and Top Access Points contributing to the highest
latency at the site. The dashlet displays the number of clients being affected
by the filters selected. The information helps pinpoint the most problematic
areas to help troubleshoot AAA issues affecting clients, quickly reducing
MTTR.
94 6. Wireless Monitoring

Figure 6.11: View Details for Top N Sites by Highest Latency

The Top N Sites by Transaction Failures dashlet can similarly be used to

pinpoint the most problematic areas to focus on troubleshooting for AAA
issues. The dashlet allows a network engineer to instantly see if AAA issues
are isolated to just one site or multiple sites.
 6. Wireless Monitoring 95

Figure 6.12: Top N Sites by Transaction Failures

The dashlet figure below shows the average AAA server latency for each
AAA server. The dashlet also breaks down the latency for the EAP and MAC
Authentication Bypass (MAB) messages by each AAA server.
96 6. Wireless Monitoring

Figure 6.13: AAA Server Latency

The AAA dashboard also displays the list of AAA servers by WLC. The table
shows a wealth of data such as the AAA server IP address, WLC Name, WLC
Location, and the AAA transaction statistics such as the number of failures,
successes, and latency for each AAA server. The AAA dashboard helps to
isolate the top-used AAA servers and WLCs to monitor authentication
performance.
 6. Wireless Monitoring 97

Figure 6.14: AAA Servers by WLC

Select any of the AAA servers to view the latency and transaction details as
shown in the figure below. Select the graph to view the clients and their
transaction details. The data can be filtered by SSID, Site, and Access
Points. This can be used to find the clients with the highest latency to help
troubleshoot client AAA issues. This AAA detail dashboard can also help
visualize areas with high AAA latency which can help the engineer to quickly
focus on contextual information and high priority areas with authentication
issues.
98 6. Wireless Monitoring

Figure 6.15: AAA Server Details

Cisco AI Network Analytics generates baselines for AAA failures for each
AAA server used to authenticate wireless clients. AI-driven issues are raised
when the AAA failure rate exceeds the predicted baseline for a given AAA
server. Please refer to Chapter 5 for more details.
 6. Wireless Monitoring 99

DHCP Dashboard
The DHCP dashboard breaks down the performance of the DHCP servers by
latency and transactions. The timeline on the dashboard displays the number
of DHCP transaction failures and successes over the time period selected.
The timeline can be used to go back in time up to 30 days to view the
historic data.

The Insights section below the timeline displays the change in DHCP server
transactions compared to the previous time range. For example, if the time
range is a 24-hour period, then it displays the change in DHCP transactions
from the previous 24-hour period.

The next DHCP dashlet displays the DHCP summary and the DHCP
transactions at a high level. The DHCP summary shows the number of DHCP
servers and the average latency for transactions across all the DHCP servers.
It also displays the change in average latency from the previous time period.
The DHCP transactions section shows the total number of transactions,
number of successful, and number of failed transactions across all the DHCP
servers. The dashlet additionally displays the change in the number of
successful and failed transactions from the previous time period. If there is a
high percentage increase in the number of failed transactions over the
previous time period, it may indicate a client-impacting DHCP issue that
needs further investigation.

Figure 6.16: DHCP Summary

100 6. Wireless Monitoring

The next section in the DHCP dashboard displays 4 different dashlets:

• Top N Sites by Highest Latency

• Top N Sites by Failed Transactions

• DHCP Server Latency

• DHCP Server Transactions

Figure 6.17: DHCP Dashlets

 6. Wireless Monitoring 101

Figure 6.18: DHCP Top

Sites by Highest Latency

The DHCP latency is

calculated as the average
DHCP packet round trip
time from the WLC to the
DHCP server. The Top N
Sites by Highest Latency
graph can be used to
detect the most
problematic sites for DHCP issues. Selecting View Details on this dashlet
can be used to drill down into the site DHCP data in more detail.

Once a site is selected, the data can be filtered by Top DHCP Servers,
Top SSIDs, or Top APs contributing to the highest DHCP latency on the
site. The dashlet additionally displays the number of clients being affected
by the filters selected. The data helps in pinpointing the most problematic
DHCP areas to help quickly and easily troubleshoot DHCP issues affecting
clients.
102 6. Wireless Monitoring

Figure 6.19: DHCP Top Sites by Highest Latency

The DHCP dashboard also displays the list of DHCP servers with their
respective WLCs. The table shows a wealth of data such as the DHCP server
IP address, WLC, WLC Location, and the DHCP transaction details such as
the number of failures, and latency for each DHCP server. This helps the
network engineer to quickly identify the top-used DHCP servers and how the
servers are performing.
 6. Wireless Monitoring 103

Figure 6.20: DHCP Servers by WLC

Select a DHCP server from the list to view the latency and transaction
details. Select the graph to view the clients and their transaction details. This
data can be filtered by SSID, Site, and APs. The network engineer can use
this to find the clients with the highest latency or transactions to help quickly
troubleshoot client DHCP issues.
104 6. Wireless Monitoring

Figure 6.21: DHCP Server Details

Cisco AI Network Analytics generates baselines for DHCP failures, for each
DHCP server used to serve wireless clients. AI-driven issues are raised when
the DHCP failure rate exceeds the predicted baseline for a given server.
 6. Wireless Monitoring 105

Events Viewer

The new Event Viewer provides the network engineer the ability to view all
syslogs, traps, and telemetry events from all network devices on one
centralized page. The new Event Viewer can be accessed from the
Assurance > Issues and Events menu. The search function on this
page helps to instantly search for an event among the thousands of events
that may exist in the network. The events can be filtered and sorted for
events related to routers, switches, and/or wireless devices.

Figure 6.22: Event Viewer

Selecting an Event displays the event details as shown below. The Event
Type field indicates if the event is a syslog, trap, or device event. If it is a
trap or syslog the severity of the event can also be viewed.
106 6. Wireless Monitoring

Figure 6.23: Event Viewer Details

The endpoints events are available in the Event Viewer. Filters to view wired
or wireless endpoints events are available as well. All events via streaming
telemetry for wireless endpoints can also be viewed from this centralized
page.
 6. Wireless Monitoring 107

Figure 6.24: Endpoint Events on Event Viewer

Drilling down into an event displays the event details. A wealth of information
is provided in the event details as shown below. This helps the network
engineer to troubleshoot endpoint issues as it allows quick viewing of
connectivity details and any reasons for the failure, decreasing the MTTR.
108 6. Wireless Monitoring

Figure 6.25: Endpoint Event Details

 6. Wireless Monitoring 109

3D Maps

An exciting addition to the existing 2D Maps feature within Cisco DNA

Center is the new capability to use 3D Maps for visualizing AP coverage in a
defined 3D space such as an office building. Both operational as well as
planned APs can be visualized in 3D Maps, making the 3D maps feature
incredibly powerful and accurate for planning new AP deployments.

To view a 3D wireless map, a floor plan has to be created for the 3D wireless
map. There are three ways to create the floor plan for the 3D wireless map:

• Import a CAD file: Use a CAD file (DXF or DWG file type) to import
the floor plan, Cisco DNA Center imports the CAD layers and allows
specification of which layers will appear as floor elements in the 3D
wireless map.

• Import a 2D image file: Use the file types JPG, GIF, PNG, or PDF to
import the floor plan. However, the user will need to manually create
the floor elements, such as the walls and doors, for them to be
represented in the 3D wireless map.
• Import an Ekahau Pro Project plan: The data from the Ekahau
project, such as the obstacles, APs, and more, are imported into the
3D wireless map.

Note If you are using Cisco Prime Infrastructure, you can import floor maps
and AP placement from Cisco Prime Infrastructure into Cisco DNA Center,
however, the Cisco Prime Infrastructure maps will be 2D maps. The network
engineer then can add the walls and other objects to create the 3D map.
110 6. Wireless Monitoring

Figure 6.26: Edit Floor

Click Update to upload the floor plan and

update the floor settings. The 2D map will
be displayed.
 6. Wireless Monitoring 111

Figure 6.27: Floor 1 2D Map

If the map imported was a 2D image, it can automatically be viewed as a 3D

map. However, to get the most benefit, obstacles such as walls and doors
that affect attenuation should be added to the floor map. By selecting
Add/Edit above the map, these obstacles can be manually drawn in their
respective locations, using one of the various wall types provided in the map
editor, or using a custom wall type that can be manually defined. Additional
items can be added and placed on the map such as shelving units and GPS
markers and custom coverage areas and location regions can be defined as
well.
112 6. Wireless Monitoring

Figure 6.28: Add walls to the floor map

After drawing the walls for the selected floor, APs will need to be placed on
the map to show RF coverage within the physical space. This can be done
by selecting the APs tab while editing the floor, selecting one or more AP
models, and placing each AP in the respective physical location on the floor
where the AP is located (or will be located). The proper antenna type for the
new AP will need to be selected to provide an accurate RF model. Click
Save to update the floor map.
 6. Wireless Monitoring 113

Figure 6.29: Add an Access Point to the floor map

Now that the floor map is prepared, click the 3D toggle to switch from 2D
maps to 3D. The 3D map shows the RF coverage of the placed access
points with the RSSI, Interference, and SNR ratio wireless KPIs. Above the
map, there are toggles to switch between 2.4Ghz to 5Ghz bands. Click View
Options to expand/collapse the side menu. By expanding the KPIs menu
on the side menu the previously configured 3D RF Model and Floor
Geometry can also be modified if needed.
114 6. Wireless Monitoring

Figure 6.30: Floor 1 3D Map

The controls at the bottom of the page can be used to move and pan around
the map and provide additional tools for visualizing the 3D map, such as
cutting a slice from the floor to analyze only that segment or viewing the 3D
map from the point of view of someone on the floor. The available heatmap
types are:

• Point Cloud: A collection of individual points captured in the

physical 3D space to show coverage quality across the floor.
• Isosurface (RSSI only): A smoothed, 3D shaping of the RF coverage
for each access point that shows how coverage is affected by walls
and distance.
• Scanner: A 2D visualization of the RF coverage for all KPIs across the
floor.

Lastly, insights can be custom configured by clicking the gear icon above
the map and clicking Insight Configurations.
 6. Wireless Monitoring 115

Figure 6.31: Point Cloud with SNR

Based on what is configured in the Insight Configurations, clicking the

Insights button on the map will provide a series of insights into the AP
coverage for each of the KPIs. Each insight provides detailed information
about which metrics are not meeting the service level agreements (SLAs)
configured on the map and can show the coverage gaps directly on the map.
116 6. Wireless Monitoring

Figure 6.32: Insights for 3D Maps

 6. Wireless Monitoring 117

Selecting View All Insights will display all the insights as shown below.

Figure 6.33: All Insights View in 3D Maps

The Cisco DNA Center 3D maps provide the wireless network engineer
teleportation powers to be able to visualize the space in 3D and be able to
see RF coverage, RSSI, and interference, giving a never before possible
perspective of the RF landscape. This feature is a huge time saver and also
enables the wireless engineer to perform many planning and troubleshooting
tasks from their desks. This feature is a great example of how Cisco DNA
Center can help accelerate the time to value.
118 6. Wireless Monitoring

Wi-Fi 6 Dashboard

Cisco DNA Center provides a centralized dashboard that allows network

engineers to visualize and quickly understand the network’s Wi-Fi 6
readiness as well as the Wi-Fi 6 performance for existing deployments. To
navigate to the Wi-Fi 6 dashboard from the Cisco DNA Center main menu,
select Assurance > Wi-Fi 6. The Wi-Fi 6 dashboard provides an
overview of the general readiness for Wi-Fi 6 in the network by providing a
percentage of network devices and clients that are capable of and utilizing
Wi-Fi 6. It also provides insights into the status of the network’s Wi-Fi 6
deployment, such as suggestions to upgrade wireless controllers to the
correct version to utilize Wi-Fi 6 analytics and the right APs required for Wi-
Fi 6 deployment.

The Wi-Fi 6 dashboard also provides a series of dashlets that can give even
further insight into the state of Wi-Fi 6 readiness, including:

• Client Distribution by Capability (802.11abg/802.11ac/Wi-Fi 6, Wi-FI

6E)
• Network Readiness (Wi-Fi 6/Wi-Fi 6E, Non-Wi-Fi 6 Access Points)

• AP Distribution by Protocol
 6. Wireless Monitoring 119

Figure 6.34: Wi-Fi 6 Dashboard

In addition to these dashlets, there are an additional two new dashlets that
provide insight into Wi-Fi 6/Wi-Fi 6E performance for existing deployments:
Wireless Airtime Efficiency and Wireless Latency by Client Count.
Wireless Airtime Efficiency is measured by calculating the percentage of
peak usage minutes achieved at various speeds. The default tab for each
dashlet, LATEST, shows the latest data from the past 5 minutes, and
selecting TREND displays the data from the previous 24-hour period.
120 6. Wireless Monitoring

Figure 6.35: Airtime Efficiency and Client Count

Figure 6.36: Wireless Trends

All dashboards and dashlets items on the Wi-Fi 6 Dashboard now support
the new Wi-Fi 6E protocol.

The Wi-FI 6 dashboard gives unparalleled visibility into the Wi-Fi 6/Wi-Fi 6E
deployment in the network. This helps to plan how well the modernizing of
wireless network is progressing and make the case for adding more Wi-Fi
6/Wi-Fi 6E APs to enhance the user experience.
7. Wireless Device
Troubleshooting
122 7. Wireless Device Troubleshooting

Wireless troubleshooting is arguably one of the toughest jobs for network

engineers. Wireless issues can be related to the WLC, the AP, the client, the
network, and/or various other reasons. This chapter presents a suite of new
and innovative wireless device troubleshooting tools and features within
Cisco DNA Center.

In the past, engineers have typically needed specialized tools to effectively

troubleshoot wireless issues, such as spectrum analyzers and protocol
analyzers. Spectrum analyzers allow the engineer to view the raw RF energy
in the environment. Protocol analyzers allow the engineer to capture frames
over the air for later analysis. Even with these specialized tools, it can be
difficult or sometimes not even cost-effective to physically bring those
specialized tools out to the end users’ location to capture the issue while the
user attempts to recreate the problem. If the wireless engineer was lucky
enough to have captured the data while the user recreated the problem, it
can still be incredibly difficult to ascertain the actual issue based upon radio
frequency (RF) signatures viewed from a spectrum analyzer or pouring
through possibly tens of thousands of frames that can be captured in just a
few seconds with a protocol analyzer. Even then, the issue may not even be
in the PCAP file, but what is not in the PCAP file. Advanced protocol
knowledge is needed to not only see what is there but recognize what is not
there. Then, after all that, the issue may not even be a wireless issue at all.
For instance, there could be a wired issue or an issue with AAA, DHCP,
and/or DNS that is preventing a user from successfully joining the wireless
network or causing poor performance.

No matter what the reason, if a user is unable to use the wireless network, it
is a wireless problem. This is where Cisco DNA Center really shines. Cisco
DNA Center gives the network engineer the troubleshooting tools, contextual
information, and insights needed to identify and eliminate problems that are
negatively impacting wireless client network performance.
 7. Wireless Device Troubleshooting 123

Wireless LAN Controller —

Device 360

The Wireless LAN Controller Device 360 page allows the engineer to view
the current Health Score of the WLC. It also allows the engineer to travel
back in time to not only see what the Health Score was at a particular point
in time, but also what KPIs were affecting the health score at that point in
time. This can help reduce troubleshooting WLC issues from hours to just
minutes.

Figure 7.1: Device 360

124 7. Wireless Device Troubleshooting

Figure 7.2: Wireless LAN Controller KPIs

Issues
The Issues dashlet displays the issues that have affected the wireless
controller within the specified time frame. These issues are sorted by
priority.
 7. Wireless Device Troubleshooting 125

Figure 7.3: WLC 360 Issues

Clicking on an issue provides the network engineer with a description of the

problem as well as a list of Suggested Actions that should be taken to solve
that problem. The network engineer will also have the option to run
commands specified in the Suggested Actions, directly from Cisco DNA
Center. This saves the network engineer time because it eliminates the need
to log into the device and type in the commands manually. The engineer also
has the option to Resolve or Ignore the Issue. When ignoring the issue, it can
be ignored for 1 hour up to 30 days.
126 7. Wireless Device Troubleshooting

Figure 7.4: WLC Issue Details

Real-World Scenario
Joshitha is a Help Desk Technician at a software development company.
She receives a ticket that says, “Wi-Fi is broken”, but the ticket does not
include any additional information other than the user’s username and
phone number. She searches Cisco DNA Center for that username and
pulls up the User 360 page. From that page, Joshitha can see that the
user’s laptop is disconnected from the network. She scrolls down to the
Issues dashlet and notices an issue with failed authentication due to a
bad password. She calls the user to explain that they are unable to
connect due to a bad password. The user then realizes they had Caps
Lock on, disables it, and can log in successfully.
 7. Wireless Device Troubleshooting 127

Physical Neighbor Topology

The Physical Neighbor Topology shows the number of APs connected to the
WLC, the number of connected clients, the uplink switch and link status
information, and the health scores of all connected devices. This allows the
engineer to quickly visualize not only the Health Score of the WLC, but also
the health scores of devices connected to that WLC.

Figure 7.5: Physical Neighbor Topology

Event Viewer
The event viewer displays telemetry events, syslogs, and traps from the
WLC. This helps a network engineer quickly troubleshoot any WLC issues by
checking for any problem events and viewing the details directly in Cisco
DNA Center. This feature also has a search that can be used to quickly find
events that are of interest among the hundreds or thousands of events.
There is also a link to launch the Global Event Viewer to view the events from
all devices in one single location.
128 7. Wireless Device Troubleshooting

Figure 7.6: WLC Event Viewer

Path Trace
Path Trace allows the network engineer to pinpoint issues in the network.
When running a Path Trace, the network engineer will specify the Source and
Destination nodes, optionally a source and destination port, optionally TCP or
UDP protocol.

When executing the Path Trace, Cisco DNA Center will display all the
network devices between the Source and Destination as well as the Health
Scores, link status, and ACLs along the path. This allows the network
engineer to visualize where the problem is in the entire network path for the
traffic flow. This helps resolve application experience issues quickly and
easily.

After executing the Path Trace between the wireless controller and
destination, Path Trace identifies any ACLs within the path, as well as
receiving device, device interface, and QoS statistics.

In addition to Path Trace, there is also the option to perform a live packet
capture with real data which is known as True Trace. To execute a True
Trace with live packet capture, all intermediary devices in the path will need
to be managed by Cisco DNA Center and running IOS XE 17.x or higher.
 7. Wireless Device Troubleshooting 129

Figure 7.7: WLC 360 Path Trace

Application Experience
Visualize application visibility data such as Usage and Average Throughput.
This allows the network engineer to see which applications are taking the
most bandwidth and also which clients are using those applications. The
application data comes directly from the WLC via NetFlow. Please refer to
the Application Health section for more details on the application
experience.
130 7. Wireless Device Troubleshooting

Figure 7.8: WLC 360 Application Experience

Detail Information
This section has 2 tabs. One for the device and the other for the interfaces.
The Device tab section shows helpful information related to the device such
as Uptime, HA Redundancy Status, CPU and Memory Utilization, power
supply and temperature status, AP and client counts, as well as licenses
used. The CPU and temperature graphs can be customized to view particular
CPU or temperature sensor information.
 7. Wireless Device Troubleshooting 131

Figure 7.9: WLC 360 Detail Information

132 7. Wireless Device Troubleshooting

Figure 7.10: Detail Information Wireless Lan Controller

The Interface tab section displays detailed information on the ethernet

and virtual interfaces on the Wireless LAN Controller. It shows the admin and
operational status, speed, type, and description of each interface.

Figure 7.11: Interfaces Tab in Detail Information

The network engineer can select the interfaces from the table to visualize the
availability, traffic, and packet summary for those interfaces.
 7. Wireless Device Troubleshooting 133

Figure 7.12: Interface Availability and Traffic Summary

The Interfaces tab has filters to select all interfaces, ethernet, or virtual
interfaces. This allows the network engineer to focus on the interfaces they
wish to monitor. Selecting the interfaces shows the Tx, Rx, Errors, and
Discards graphs for those interfaces over time.

Figure 7.13: Interface Tx, Rx, Errors, and Discards

134 7. Wireless Device Troubleshooting

Access Point - Device 360

The Access Point Device 360 page allows the network engineer to view the
current Health Score of access points. When hovering over a point in time, it
also shows System Resources such as CPU and memory utilization, link
errors, noise, air quality, interference, and radio utilization for both the
2.4Ghz, 5Ghz and 6Ghz bands, as well as any events such as channel
changes that have occurred in the period selected. Similar to the WLC
Device 360 page, it also allows the network engineer to travel back in time to
not only see what the Health Score was at a particular point in time but also
why it was assigned a particular health score based on the lowest KPI which
was not being met. In addition, the network engineer can also visualize the
events that have occurred at that point in time. This helps reduce the time to
troubleshoot intermittent issues which can take hours to just a few minutes,
as all the hard work is already done by Cisco DNA Center.

Figure 7.14: AP 360

 7. Wireless Device Troubleshooting 135

Issues
The Issues dashlet displays the issues that have affected the AP within the
specified time frame. These issues are sorted by priority.

Figure 7.15: AP 360 Issues

Clicking on an issue provides the engineer with a description of the problem

as well as a list of suggested actions that should be taken to solve that
problem. The engineer will also have the option to run commands specified
in the Suggested Actions, directly from Cisco DNA Center. This saves the
engineer time because it eliminates the need to log into the device and type
in the commands manually. The engineer also has the option to Resolve or
Ignore the Issue. When ignoring the issue, it can be ignored for 1 hour up to
30 days.
136 7. Wireless Device Troubleshooting

Figure 7.16: AP 360 Issue Details

AI-driven Issues: Radio Throughput

Cisco AI Network Analytics enables monitoring of client experience by
generating application throughput baselines for each AP and radio on the
network. The available baselines include total radio throughput as well as
throughput by similar applications, such as Cloud, Media, Social, and
Collaboration applications. Such baselines are generated using Machine
Learning models taking multiple network KPIs as inputs, predicting the
expected throughput range considering the full network context.

This is a good example of a use case where the traditional, static threshold-
based, approach to alerting doesn’t work, as throughput can vary a lot
depending on the network conditions.
 7. Wireless Device Troubleshooting 137

The issue details include a view of the normal throughput, represented as a

green band, along with the actual throughput, displayed as a blue line. The
issue is raised when the throughput drops below the baseline and is
highlighted in red.

From the issue details, the user can understand what clients were likely to be
affected by this issue, and continue the investigation via the Client 360 view,
as well as identify the specific applications observed at the time the issue
was raised.

Figure 7.17: AI-driven Application Throughput Issue Details

Under the Root Cause Analysis tab, the user is presented with a list of KPIs
automatically selected using ML techniques, representing the probable
network cause.
138 7. Wireless Device Troubleshooting

The KPIs used to explain issues range from link quality and coverage metrics
such as client RSSI/SNR and data rates, RF-related KPIs such as channel
utilization and co-channel interference, and load-related KPIs including client
count and traffic, up to radio interface metrics such as retransmissions and
packet drops. The combination of the root cause KPIs can therefore describe
a wide range of issues.

On top of the automatically selected KPIs for root cause analysis, the
network engineer can also add more KPIs to the detailed issue view to get
full network context, better understand the problem, and reduce the time to
resolution.

Note Application Telemetry has to be provisioned to the WLCs for the

throughput KPIs and baselines to be generated.

Physical Neighbor Topology

The Physical Neighbor Topology shows the AP’s connection to the uplink
switch, the WLC to which it is joined, link status, the number of clients on
both the 2.4GHz and 5GHz bands, as well as health scores of those
neighboring devices. The health scores are also overlaid on top of the
devices. This helps the network engineer to quickly visualize if an AP has an
issue and the clients which may be affected by it. It also helps the network
engineer troubleshoot faster, as all the connectivity information is right at
their fingertips.
 7. Wireless Device Troubleshooting 139

Figure 7.18: AP 360 Physical Neighbor Topology

Event Viewer
The Event Viewer shows a list of all the events that have occurred during the
specified time. Clicking on an event displays more information about the
event. For instance, Channel Change Events show the Radio Number, the
Frequency, the old channel, the new channel, the reason for the change, as
well as Interference, Noise, and Channel Utilization.
140 7. Wireless Device Troubleshooting

Figure 7.19: AP 360 Event Viewer

Path Trace
As mentioned earlier in the chapter when discussing Wireless LAN
Controllers, Path Trace is also available within the AP 360 page for running a
trace from an access point to a destination. The steps and requirements for
executing a Path Trace remain the same as mentioned previously.
 7. Wireless Device Troubleshooting 141

Figure 7.20: Path Trace

Detail Information
This section has 4 tabs that display a wealth of information about the access
point and its performance. The 4 tabs are: Device, RF, Ethernet, and
PoE.

The Device tab shows helpful information related to the access point such
as AP Name, IP Address, Software Version, Power Status, Uptime, Join
Status, Last Reset Reason, and AP Mode. It also shows CPU and Memory
Utilization and a WLC Connectivity Chart.
142 7. Wireless Device Troubleshooting

Figure 7.21: AP 360 Detail Information Device Tab

The RF tab shows radio-specific KPIs for both the 2.4GHz and 5GHz bands.
There are tabs for each radio. It also displays crucial troubleshooting
information such as Channel Utilization, Traffic Utilization, Noise, Air Quality,
Tx Power, Interference, Client Count, Throughput, Retries, Channel Change
information over time, Wireless latency, Wireless Airtime Efficiency, and AP
Radio Operational State. All this data is shown for the period selected in the
AP 360 dashboard filter. For example, if 24 hours was the time selected,
then the above data is shown for that period. This helps network engineers
know exactly what is happening on each radio of the AP to troubleshoot
client issues rapidly.
 7. Wireless Device Troubleshooting 143

Figure 7.22: AP 360 Device Details RF Tab

144 7. Wireless Device Troubleshooting

For each radio, the Neighbors and Rogues are also shown in great detail,
with the Rogue identifier, RSSI, Channel, Client Count, and Tx Power for
each Rogue. Neighbor Rogue APs are also shown with the specific channel
they are broadcasting on as well as the RSSI. This helps visualize any
security threats quickly and easily for a particular access point.

Figure 7.23: Neighbors and Rogues

Figure 7.24: Tx Power

The Ethernet Tab displays the detailed information for each ethernet
interface on the access point. It shows the connected switch name, IP
 7. Wireless Device Troubleshooting 145

address, and port number, which makes it easy to locate access points when
a network engineer needs to troubleshoot the physical connection. It also
has comprehensive information on Tx and Rx utilization and errors in addition
to the duplex mode, speed, usage, and operational status.

Figure 7.25: AP 360 Detail Information

146 7. Wireless Device Troubleshooting

Figure 7.26: AP 360 Device Detail Ethernet Tab

The PoE tab displays detailed information on the PoE port to which the
access point is connected. The network engineer can view the switch name,
interface name, admin and operational status, power consumption details,
and the type of power used by the access point. This helps network
engineers troubleshoot any PoE issues concerning the access point which
can affect all the clients connected to it. The information here helps the
network engineer to instantly view any PoE issues and fix them to minimize
the downtime for the clients.
 7. Wireless Device Troubleshooting 147

Intelligent Capture

Clicking on the Intelligent Capture button in the upper right corner of the
Access Point Device 360 Page brings you to the RF Statistics Page. This
page displays even more troubleshooting information related to Clients:

• Clients with Transmit Failed Packets per SSID

• Channel Utilization
• Channel Utilization by This Radio

• Management and Data Frame Type Counts

• Transmit and Receive Frame Errors

• Transmit Power and Noise Floor

• Broadcast/Multicast Counters

This data is almost real time as it updates every 60 to 90 seconds. It gives

the network engineer a real-world view of the RF environment which helps
troubleshoot RF issues.

Intelligent Capture provides support for a direct communication link between

Cisco DNA Center and access points (APs), so each of the APs can
communicate with Cisco DNA Center directly. Using this channel, Cisco DNA
Center can receive packet capture (PCAP) data, AP and client statistics, and
spectrum data. With the direct link from the AP to Cisco DNA Center via
gRPC, Intelligent Capture allows access to data from APs that is not available
from wireless controllers, allowing network engineers to resolve even the
most difficult wireless issues.
148 7. Wireless Device Troubleshooting

Figure 7.27: AP Intelligent Capture

 7. Wireless Device Troubleshooting 149

A Spectrum Analyzer view is also available to show the raw RF energy as

received by this AP. This allows the engineer to visualize Co-Channel
Interference, Adjacent-Channel Interference, Narrowband Interference, and
other sources of interference in the RF environment. This is available in both
the 2.4GHz and 5GHz bands. Various views are available consisting of the
Fast-Fourier Transform (FFT) view of the RF energy at a single point in time
or continuously in real time. There is also a waterfall view that displays the
RF energy over time, as well as interference and duty-cycle view, which
shows the percentage of the amount of time an Interferer is broadcasting.
This provides insight into what’s going on in the RF environment surrounding
an AP to better understand why wireless issues may be occurring for clients.

Figure 7.28: AP Intelligent Packet Capture Spectrum Analyzer

150 7. Wireless Device Troubleshooting

Real-World Scenario
Adam is a wireless engineer at a law firm. All users in one corner of the
building have been complaining about poor performance on wireless. He
logs into Cisco DNA Center and sees that one AP located near that
corner had a poor Health Score due to interference. He navigates to the
Intelligent Capture on the Access Point 360 page. He then navigates to
the Spectrum Analysis tab and notices from both the Waterfall and
Interference and Duty Cycle views that something is interfering with the
entire UNII-3 band with over a 90% Duty Cycle. He can either find and
remove the device or devices causing the interference or move the APs
off of the channels affected by the interference.
8. Wired Monitoring
and Troubleshooting
152 8. Wired Monitoring and Troubleshooting

Cisco DNA Center offers a variety of tools that are useful for monitoring and
troubleshooting wired devices in the network. This chapter covers
innovations in PoE, Machine Reasoning, and path tracing providing insights
for wired devices managed by Cisco DNA Center.
 8. Wired Monitoring and Troubleshooting 153

Wired Monitoring

Power Over Ethernet (PoE)

With the recent, rapid innovations in Power over Ethernet, many prominent
industries including networking, heavy industry, healthcare, and education
are continuing to increase their adoption of PoE-capable and IoT devices.
The new features presented in Cisco DNA Center surrounding PoE provide
insight into individual devices as well as a holistic view of PoE performance
across the entire network.

PoE Dashboard
The PoE Dashboard provides a full view of PoE availability and distribution
across the network. A series of insights and dashlets provides a variety of
PoE Information including:

• PoE Operational State Distribution

• PoE Powered Device Distribution
• PoE Insights

• Power Allocation Load Distribution

• PoE Power Allocation

• PoE Port Availability

• PoE AP Power Mode Distribution
154 8. Wired Monitoring and Troubleshooting

Figure 8.1: PoE Dashboard

These dashlets are especially valuable in planning PoE and IoT deployments,
as well as monitoring the overall power budget and consumption across the
network.

Figure 8.2: PoE Operational State

Distribution

The PoE Operational State Distribution

dashlet provides information about how
many powered devices are currently in
the network, as well as their current
operational state. Expanding the details
for the dashlet provides a complete list of
powered devices and their respective PoE
information.
 8. Wired Monitoring and Troubleshooting 155

Figure 8.3: PoE Powered Device

Distribution

The PoE Powered Device Distribution

dashlet shows the power allocation as it
is distributed amongst the entire network.
This allows a network engineer to quickly
identify how much of the network consists
of high-powered vs low-powered
devices. This is useful for PoE budget
planning and power distribution
management across devices. The dashlet
also shows respective locations for both
types of devices by expanding View Details. In addition to distribution by
allocated power, the distributions by Powered Device Class and Powered
Device Type can also be selected.

Figure 8.4: PoE Insights

The PoE Insights dashlet provides a

breakdown of devices by device type,
sorted in order from the greatest number
of devices to the fewest. The dashlet is
useful for indicating how many of each
device type are enabled for:

• IEEE Compliance

• Perpetual PoE
• Fast PoE

• UPoE+
156 8. Wired Monitoring and Troubleshooting

Figure 8.5: Power Allocation Load

Distribution

The Power Allocation Load Distribution

dashlets provide an aggregated overview
of all PoE-enabled switches in the
network and the breakdown of their
current power loads as a percentage.
More information about each of the
individual switches and their total power
load can be seen under View
Details. This dashlet is a critical part of
PoE budget management and ensures
that adding devices does not lead to power denied errors, especially in
environments where PoE-based devices are not in a fixed location.

Figure 8.6: PoE Power Allocation

The dashlet for PoE Power Allocation

displays the entire overall power budget
across all PoE-capable switches in the
network and divides it into the percentage
of the power budget used and the
percentage of the power budget still
available. Click View Details and select
Allocated Power from the graph to
see the list of PoE-capable switches with
their power load percentage.
 8. Wired Monitoring and Troubleshooting 157

Figure 8.7: Power Allocation View Details

Real-World Scenario
Royee works for a publisher as a Wireless Engineer. He is working on a
project to refresh the wireless network with new Catalyst 9130 access
points. He notices that in Building 24 on the 3rd floor, a handful of
access points are not powering up. He logs into Cisco DNA Center and
drills down to the 3rd floor in Building 24 and selects the switch stack
where the APs were refreshed. By clicking on the PoE tab, he can see
that one of the switches in the stack has no remaining power available.
He then distributes the APs to other switches in the stack to provide the
necessary power to run all of the new APs.
158 8. Wired Monitoring and Troubleshooting

Figure 8.8: PoE Port Availability

PoE Port Availability provides the

distribution of PoE ports, sorted by the
amount of power allocated to the ports,
and provides the breakdown of free vs
allocated ports for each power level.

Figure 8.9: PoE Port Availability

Lastly, the PoE AP Power Mode

Distribution dashlet shows how many
PoE-capable access points in the network
are fully powered versus partially
powered. This perspective is important
when it comes to running devices such as
wireless access points where the inability
to get full power results in possibly
disabling some radios or reducing radio
power capabilities. As increasingly, smart
building functions rely on PoE power, this dashlet can be a critical
troubleshooting dashboard.
 8. Wired Monitoring and Troubleshooting 159

PoE StackWise on Device 360

In addition to providing a high-level overview of PoE capability across the
entire network, as seen in the previous section, Cisco DNA Center also
provides an individual switch view of that particular switch’s PoE capability
and capacity. From the Device 360 page, all of the respective power budget
and allocation details are provided, with information about PoE devices that
are connected and receiving power from the switch. In addition, this feature
supports PoE StackWise Switching and provides the respective power
module information for the entire switch stack.

To navigate to Device 360, start by heading to Assurance > Overall from

the Cisco DNA Center main menu, as demonstrated in Chapter 4, then
select the Network menu from the top. At the bottom of the Network
Dashboard page, select a PoE-capable switch from the list of all networking
devices by clicking its hostname. If a switch’s hostname is already known,
the search bar may also be used to access its Device 360 page directly.

At the top of the page, select one of the three new menu options to go to its
section in the Device 360 view:

• StackWise (for StackWise configured switches)

• PoE
• Power Supply

The StackWise section shows detailed information about the StackWise

configuration for this switch, including device information, switch stack
number, and stack member’s role/state information.
160 8. Wired Monitoring and Troubleshooting

Figure 8.10: StackWise Switch

The PoE section provides details about the overall power budget, how much
power is allocated, and what the current load distribution is. The power
module details are also shown here, and all power modules for StackWise
switches will be listed with details.
 8. Wired Monitoring and Troubleshooting 161

Figure 8.11: PoE Power Details

Below the Power Module Details, the PoE interfaces for the switch are
displayed, showing all powered devices that are connected to each
switchport. For each device, the respective PoE information includes device
type, IEEE compliance, allocated power, and consumed power. The PoE
interface provides various filters to allow quick pre-defined filter selections
for PoE config modes, admin status, and PoE operational status of ports.
162 8. Wired Monitoring and Troubleshooting

Figure 8.12: PoE Interfaces

Command Runner
Although Cisco DNA Center restricts direct command-line interface (CLI)
access to a device that is managed by Cisco DNA Center, the capability to
run show commands on a network device from within Cisco DNA Center
itself is incredibly useful for ensuring that configurations have been
appropriately applied to the device and performing troubleshooting.

The Command Runner feature is used to run these show commands on

various network devices. The Command Runner is accessible from a network
device’s Device 360 page.

From the Device 360 page, click Run Commands on the right side of the
page, above the timeline.
 8. Wired Monitoring and Troubleshooting 163

Figure 8.13: Device 360 Run Commands

In the following example, the switch that has been selected has a hosted
application whose container needs to be verified if it is currently running or
not. By entering the command: show app-hosting detail, the command is run
on the device and the results are returned and presented. This ensures that a
network engineer can easily monitor networking devices and verify
configurations, even via CLI, directly through Cisco DNA Center.
164 8. Wired Monitoring and Troubleshooting

Figure 8.14: Command Runner

 8. Wired Monitoring and Troubleshooting 165

Wired Troubleshooting

In addition to the wide host of monitoring tools available for wired devices in
the Cisco DNA Center, there are many features available that can assist a
network engineer to quickly identify the root cause of a problem and also
help to remedy it and reduce the MTTR for issues.

Device 360
The Device 360 view is one of the many lenses that Cisco DNA Center offers
to provide rich and meaningful insights into the details of network devices,
including their event history, historical health information, and connected
interface information.

At first glance, the Device 360 page provides details about the selected
device including:

• Model

• Management IP
• Location
• Software version

• Role
• High Availability status

• Uptime
• Reachability

The Device 360 view shows the same timeline that is displayed on many
Cisco DNA Center pages shown previously. This allows a network engineer
to hover over a specific point on the timeline and view the respective health
166 8. Wired Monitoring and Troubleshooting

score metric for the device at that point in time, as well as any events that
occurred. Additionally, the time interval selector that was shown in previous
sections can be utilized here to go back in time up to 30 days and see
historical health score metrics and event information for the device.

An Issues table is also presented below, showing issues that affected this
device within the period selected. Clicking on a particular issue directly
provides detailed issue information as well as suggested steps for
remediation, without having to leave the Device 360 page. All of these
features combine to allow for much faster and more streamlined device
troubleshooting and issue resolution.

Figure 8.15: Device 360 Overview

 8. Wired Monitoring and Troubleshooting 167

Figure 8.16: Device 360 Issue

The Physical Neighbor Topology shows the device’s connection to other

devices, as well as any connected clients. The topology also provides
device-specific health scores and link status for each device. This is
particularly useful in identifying link issues between devices, clients, and
upstream devices.
168 8. Wired Monitoring and Troubleshooting

Figure 8.17: Device 360 Physical Neighbor Topology

The Event Viewer displays any events from the switch that occurred in the
time interval selected. When an event generates an error, there is detailed
information provided about the root cause of the error.

Figure 8.18: Device 360 Event Viewer

 8. Wired Monitoring and Troubleshooting 169

Path Trace
As mentioned in Chapter 7 regarding wireless troubleshooting, Path Trace is
also available within the Device 360 view for switches. Path Trace allows the
network engineer to pinpoint issues in the network. When running a Path
Trace, the network engineer will specify the Source and Destination nodes,
optionally a source and destination port, optionally TCP or UDP protocol.

When executing the Path Trace, Cisco DNA Center will display all the
network devices between the Source and Destination as well as the Health
Scores, link status, and ACLs along the path. This allows the network
engineer to visualize where the problem is in the entire network path for the
traffic flow. This helps resolve application experience issues quickly and
easily.

After executing the Path Trace between the switch and destination, Path
Trace identifies any ACLs within the path, as well as receiving device, device
interface, and QoS statistics.

In addition to Path Trace, there is also the option to perform a live packet
capture with real data which is known as True Trace. To execute a True
Trace with live packet capture, all intermediary devices in the path will need
to be managed by Cisco DNA Center and running IOS XE 17.x or higher.
170 8. Wired Monitoring and Troubleshooting

Figure 8.19: Path Trace

Visualize application visibility data such as Usage and Average Throughput.

This allows the network engineer to see which applications are taking the
most bandwidth and also which clients are using those applications. The
application data comes directly from the device via NetFlow. Please refer to
the Application Health section for more details about the application
experience.
 8. Wired Monitoring and Troubleshooting 171

Figure 8.20: Device 360 Application Experience

The Detail Information section provides information about the device

hardware, as well as interface and utilization information. CPU and Memory
usage statistics, as well as device temperature statistics are displayed,
which makes the process of diagnosing hardware issues quicker and easier.
All this information can be displayed without the need to go to the CLI to
gather these statistics, diagnose hardware problems, and provide a quick
hardware situational analysis.
172 8. Wired Monitoring and Troubleshooting

Figure 8.21: Detail Information

This section also shows interface statistics, making it easy to view the status
of all device interfaces, as well as interface-specific information such as link
speed, duplex, and VLAN IDs. Similar to the hardware statistics, this gives
the network engineer a singular view of the status of all interfaces for quick
diagnosis and troubleshooting.

Figure 8.22: Device 360 Interfaces

 8. Wired Monitoring and Troubleshooting 173

Machine Reasoning

Machine reasoning can automate complex networking management tasks

and create workflows. This groundbreaking technology in Cisco DNA Center
empowers less experienced engineers and saves time for seasoned IT
professionals.

Machine reasoning is a new category of AI/ML technologies that can enable

a computer to work through complex processes that would normally require
a human. Common applications for machine reasoning are detail-driven
workflows that are extremely time-consuming and tedious, similar to
optimizing your tax returns by selecting the best deductions based on the
many available options. Another example is the execution of workflows that
require immediate attention and precise detail, such as the shut-off
protocols in a refinery following a fire alarm. What both examples have in
common is that executing each process requires a clear understanding of
the relationship between the variables, including order, location, timing, and
rules; in a workflow, each decision can alter subsequent steps.

Machine Reasoning Engine

Cisco DNA Center’s Machine Reasoning Engine (MRE) is comprised of
several key components:

• AI/ML Engine identifies the issue and builds a recommended solution

path with applicable knowledge packs.
• Knowledge packs are groups of troubleshooting workflows based on
commonly experienced issues and Cisco TAC troubleshooting and
solution steps combined with Cisco’s deep network expertise.

• Existing troubleshooting tools native to Cisco DNA Center can

automatically provide corresponding commands out to the AI engine.
174 8. Wired Monitoring and Troubleshooting

Cisco DNA Center delivers some unique machine reasoning workflows with
the addition of a powerful cloud-connected Machine Reasoning Engine
(MRE). Experience the usefulness of MRE via proactive insights. When Cisco
DNA Center flags an issue, it may determine to send this issue to the MRE
for automated troubleshooting. If there is an MRE workflow to resolve this
issue, a run button will be presented to execute that workflow and resolve
the issue.

The list of Issues in Cisco DNA Center can be found in Assurance >
Issues under the Cisco DNA Center main menu, or from the Top 10
Issues table in Assurance > Overall. In the following example, there is
a P1 issue that was automatically raised regarding a Layer 2 Loop issue.

Figure 8.23: Layer 2 Loop Issue

By selecting the issue, more details are presented about the devices and
sites affected by the problem. In this case, host MAC Address flaps were
observed in one VLAN, along with a couple of other events, which is typically
indicative of a spanning tree protocol (STP) issue.
 8. Wired Monitoring and Troubleshooting 175

Figure 8.24: Host Flaps

176 8. Wired Monitoring and Troubleshooting

After viewing the problem details, Root Cause Analysis using the Machine
Reasoning Engine in Cisco DNA Center can provide further insight into the
issue. The Machine Reasoning Engine uses existing knowledge of the initial
issue, as well as runs commands on the affected network device(s). Then, it
combines that with expert knowledge and machine learning from observing
similar issues across multiple networks that are utilizing Cisco DNA Center.
Finally, it analyzes the root cause of the issue and provides a solution to
resolve it. This is incredibly powerful as it removes all of the manual work
that would typically be involved in diagnosing and resolving such a
complicated issue. MRE provides in-depth analysis and a simplified solution.

Figure 8.25: Run Machine Reasoning

 8. Wired Monitoring and Troubleshooting 177

Figure 8.26: Machine Reasoning Engine

178 8. Wired Monitoring and Troubleshooting

Figure 8.27: Root Cause Analysis Conclusion

9. Client Monitoring
and Troubleshooting
180 9. Client Monitoring and Troubleshooting

The main goal of professionally designing, implementing, and maintaining

networks is to provide the best possible client experience. Cisco DNA
Center gives the network engineer the tools needed to ensure and validate
that this objective has been achieved. This chapter will go over some of
these tools that are available within the product today.
 9. Client Monitoring and Troubleshooting 181

Client Health

The Client Health page displays the percentage of healthy clients in the
environment at a global level during the past 24 hours. This view can also be
filtered based on Site Level and SSID. The period can also be adjusted to 3
hours, 24 hours, or 7 days as well as be configured to go back in time up to
30 days.

Clients are broken down into the Wireless and Wired Client categories. There
are two views for each category: LATEST perspective and TREND
perspective.

When viewed through the LATEST perspective, the Wireless Clients category
displays the total number of clients, the number of active/inactive clients,
new clients who have not yet been added to the Health Score calculations,
the number of Onboarded Clients, the percentage of clients with Good
Health, as well as the number of clients that have not been onboarded and
percentages of the reasons why they have failed to onboard during the past
5 minutes.

When viewed through the TREND perspective, the Wireless Clients category
displays the Client Count with their respective health category over a period
specified by the filtered time.

This gives the engineer a quick view into the overall health of wired and
wireless clients in the environment.
182 9. Client Monitoring and Troubleshooting

Figure 9.1: Client Health

Clicking on View Details provides the engineer with additional metrics to

determine the cause of failed onboarding attempts.

For instance, when clicking View Details under the Wireless

Clients category, the engineer can view the number of Failed Onboarding
attempts, the top reason for the failed attempt, the top location where the
client failed to onboard, the top access point where it failed, as well as the
top host device types that failed to onboard. This gives the engineer valuable
insights as to why problems are occurring in the network.

What is the reason that most devices are failing to onboard? Is the problem
related to AAA or DHCP? Is the issue only occurring at one site or multiple
sites? Is it related to one AP or many APs? Is the problem only affecting
certain device types? All of these questions can be answered from this one
page.
 9. Client Monitoring and Troubleshooting 183

Figure 9.2: Wireless Clients

Similar metrics are available when clicking View Details for Wired Clients
instead of Wireless Clients, except Switches are shown instead of Access
Points.

The dashboard is also highly customizable with various dashlets. This allows
the engineer to configure the system to display the information that is the
most beneficial to their troubleshooting style. For instance, dashlets are
available for Client Roaming Times, RSSI, SNR, Onboarding Time, Data
Rates, DNS, and Physical Links, just to name a few.
184 9. Client Monitoring and Troubleshooting

Figure 9.3: Client KPIs

A list of Client Devices is also available. This list can be filtered based on the
LATEST and TREND perspectives as explained previously. It can also be
filtered based on Wireless and Wired types, Overall Health status of Good,
Fair, Poor, etc., as well as being filtered based on various data metrics
against a threshold such as:

• Onboarding Times >= 10s

• Associations >= 5s
• DHCP >= 5s

• Authentication >= 5s
• RSSI <= -72dBm

• SNR <= 9dB

The filtering of the data metrics can be combined. An example would be

filtering on wireless clients that have an RSSI <=-72dBm AND SNR <=9dB.
This is extremely helpful if the engineer wanted to see a subset of client
devices that match an extremely specific set of criteria. Numerous columns
 9. Client Monitoring and Troubleshooting 185

can be added to provide additional information to this page. An example

would be adding the MAC Address column as shown in the screenshot
below. Not only does it show the MAC Address of the client, but it also
indicates if that client is using a Randomized MAC Address. Clicking on any
particular client will then open the respective Client 360 page.

Figure 9.4: Client Devices

186 9. Client Monitoring and Troubleshooting

Client Troubleshooting

Client 360
There are multiple ways to access the Client 360 page. The engineer could
select the client from the list of clients on the Client Health page, from a
Device 360 page where the client is located, or even perform a Search from
the Magnifying Glass icon in the upper right corner. The engineer could
perform the search based on IP Address, MAC Address, and even the
username of the user logged into the client.

Note When searching by username, the User 360 page will be displayed
with a list of all the client devices the user has used to gain access to the
network.

Similar to other Device 360 pages, the Client 360 page allows the network
engineer to view the current Health Score of the client. When hovering over
a point in time of a wireless client, it also shows Onboarding Status,
Connectivity such as RSSI, SNR, Data Rate, Transmit and Receive
bandwidth, and percentage of Retries, Connection Details such as IP
Address, Status, SSID, MAC Address (with an icon indicating if it is a
Randomized MAC), AP, Channel, Band, and Protocol, and a list of Major
Events. It also offers the time travel feature allowing the network engineer to
travel back in time to see Health Score and related metrics at a particular
point in time. Replicating network issues is not an easy job but Cisco DNA
Center makes the impossible possible. The ability of Cisco DNA Center to
provide this information tremendously reduces the amount of time needed to
troubleshoot client issues.
 9. Client Monitoring and Troubleshooting 187

Figure 9.5: Client 360

Issues
The Issues dashlet displays the issues that the client has experienced during
the selected period. These issues are sorted by priority.

Figure 9.6: Issues

188 9. Client Monitoring and Troubleshooting

Clicking on an issue provides the engineer with a Description of the problem

as well as a list of Suggested Actions that should be taken to solve that
problem, without having to leave the Client 360 page.

Onboarding
The Onboarding Dashlet displays the Client Device, SSID, AP, and WLC used
by the client to connect to the network along with the Health Score of each
object. Hovering over an object displays additional information as well. This
provides the engineer with information not only on how and where the client
is connected but also on the health of the wireless infrastructure used to
connect. This helps the network engineer to quickly visualize whether the
network devices are causing any client issues.

Figure 9.7: Onboarding Dashlet

 9. Client Monitoring and Troubleshooting 189

AI-driven Onboarding Baselines

On top of the client-specific view provided by Client 360, AI Network
Analytics generates baselines for the time to connect and the connection
failure rate, for each combination of Building and SSID in the network.

Such baselines are accessible directly through the Baseline dashboard and
are used to generate AI-driven issues when these KPIs exceed the baseline.
To access the baselines dashboard go to the main menu and then
Assurance > Baselines. The AI-driven issues provide details about the
time, location, and SSID a given anomaly was detected, along with the
number of affected clients. The anomaly is visualized by displaying the KPI
values, overlayed on the predicted normal range, represented as a green
band.

The root cause analysis also presents other network KPIs that are likely to
explain the reason for the reported failure, for instance in the example below,
the spike in connection failures happening between 2 PM and 3 PM is likely
to be explained as a problem with DHCP.
190 9. Client Monitoring and Troubleshooting

Figure 9.8: Example of AI-driven Issue for Excessive Connection Failures

The KPIs used for baselines and root cause analysis are aggregated at the
Building and SSID levels. Different SSIDs typically have specific configuration
and security policies that need to be considered to build the baseline, but at
the same time, even the same SSID can have different normal behaviors
depending on the location (e.g., headquarters vs. remote site).

Once an anomaly is detected at the Building and SSID aggregation level, the
issue details allow the user to drill down the impacted clients (allowing to
cross-launch the Client 360 view for each of them) and the most impacted
radios (with cross-launch links to AP 360), with a detail of the distribution of
failures, including the specific error codes.
 9. Client Monitoring and Troubleshooting 191

Figure 9.9: Failure Code Details by AP for AI-Driven Issues Root Cause Analysis

The Failed Percentage and Failed Count views allow investigation of

the onboarding-related KPIs for the most affected radios, thereby further
reducing the scope of the investigation to specific areas in the building.
192 9. Client Monitoring and Troubleshooting

Figure 9.10: Radio-level Details for AI-Driven Onboarding Failure Issues

 9. Client Monitoring and Troubleshooting 193

Event Viewer
The Event Viewer shows a list of all the Events that have occurred during the
specified time. Clicking on an Event displays more information about the
event, for instance, Intra or Inter-Controller Roaming with times and metrics,
Associations, Authentications, DHCP, etc. This information can be extremely
useful in troubleshooting performance problems. All these events come via
streaming telemetry from the WLC which allows Cisco DNA Center to show
critical troubleshooting information not possible using traditional methods.

Figure 9.11: Event Viewer

194 9. Client Monitoring and Troubleshooting

Path Trace
As mentioned in Chapters 7 and 8, the Path Trace/True Trace feature is also
available from the client’s perspective here on the Client 360 page. Please
refer back to the previous two chapters for more information on Path
Trace/True Trace.

Application Experience
Application Experience is available on the Client 360 page. This data comes
directly from the WLC via NetFlow once it is configured. This allows the
network engineer to see what business-critical applications the client is
accessing and how much bandwidth the client is consuming in the network.
This can help network engineers determine which applications to prioritize in
times of congestion.

Please refer to Chapter 10 for more details.

Detail Information
This section has 3 tabs that display a wealth of information about the Client
and its performance. The 3 tabs are Device, Connectivity, and RF.

The Device tab shows helpful information related to the client such as
Device Type, Username, IP Address, MAC Address, and VLAN ID. Wireless
clients also show additional information such as Band, Spatial Streams,
Channel Width, WMM, and U-APSD.
 9. Client Monitoring and Troubleshooting 195

Figure 9.12: Device Information

The Connectivity tab gives detailed information such as Tx and Rx

(Bytes), Data Rate, Retries, and DNS Requests and Responses.
196 9. Client Monitoring and Troubleshooting

Figure 9.13: Connectivity

The RF tab shows RSSI and SNR.

Figure 9.14: RF
 9. Client Monitoring and Troubleshooting 197

iOS Analytics
If the device supports iOS Analytics, the iOS Analytics tab will also be
displayed. Cisco has partnered with Apple, Samsung, and Intel in a
collaborative effort to bring additional functionality to help troubleshoot
devices. Those devices can send information to the wireless infrastructure,
which can then be displayed within Cisco DNA Center. This allows the
engineer to see how those devices view the wireless network from their
perspective. For instance, it can show how many APs the device sees and at
what RSSI. Has Hotspot been enabled on the device? Did it disconnect due
to low signal strength? Cisco DNA Center with iOS, Samsung, and Intel
Analytics answers these questions.

Figure 9.15: iOS Analytics

198 9. Client Monitoring and Troubleshooting

Intelligent Capture

Intelligent Capture allows the engineer to view, manage, and troubleshoot

captured onboarding and data packets to identify client issues. The timeline
is similar to other timelines in Cisco DNA Center but is limited to 1 hour, 3
hours, or 5 hours. Onboarding Events are shown in green, whereas Anomaly
Events are shown in red. Anomaly Events are captured automatically when
onboarding events occur. This allows the engineer to go back in time to see
the packets while the client was failing to onboard. This negates the
necessity for the engineer to start a Live Packet Capture first and then have
the user recreate the problem.

Note Anomaly Capture has to be set up first from the Assurance >
Intelligent Capture Settings page.

Start a Live Capture by clicking the Start Live Capture button. This will
capture onboarding packets for Onboarding Events and RF Statistics. Live
capture sessions will run for 3 hours by default but can be stopped before 3
hours or extended if necessary. This can be used to instantly troubleshoot a
client if required in place of the scheduled capture. The engineer can view
Live Packet Captures from the Assurance > Intelligent Capture
Settings page. Captured packets can be viewed from the Onboarding
Events page with events with a packet capture icon . These packets can
be downloaded, exported, and/or viewed in the Auto Packet Analyzer
section.
 9. Client Monitoring and Troubleshooting 199

Figure 9.16: Intelligent Capture

The Client Location dashlet allows the engineer to view the location of the
client and APs on a Floor Map. It also displays the Heat Map representing
signal strength. Client Location requires the integration of Cisco CMX or
Cisco DNA Spaces with Cisco DNA Center. Please see Chapter 12 for more
information about such integrations.

The RF Statistics dashlet shows RSSI, SNR, Rx Data Rates, Tx and Rx

Packets, as well as Tx Retries. These are refreshed every 30 seconds to give
a real-time view of the client RF environment to help troubleshoot client
connectivity issues.

In addition to the Live Packet Capture, the engineer also has the ability to
Schedule a Client Packet Capture, which can be done from the Assurance
> Intelligent Capture Settings page.

While the Live Capture only captures packets related to Onboarding Events,
clicking Run Data Capture will capture all packets transmitted between
the client and AP.
10. Network
Reasoner
202 10. Network Reasoner

Cisco DNA Center’s Network Reasoner tool provides a host of insights that
can aid in proactively evaluating a network’s health, or reactively diagnosing
complex issues to get to the root cause quickly and seamlessly. Just as the
Machine Reasoning Engine (MRE) mentioned in Chapter 8 provides the
ability to run machine reasoning on issues that have been flagged, the
Network Reasoner tool allows a network engineer to run machine reasoning
to assist in troubleshooting a variety of issues. This chapter will cover all of
the workflows that the Network Reasoner currently supports.

The Network Reasoner currently offers the following workflows:

• Redundant Link Check

• Power Supply Validation

• Ping Device Check

• CPU Utilization Check

• Interface Down
• System Bug Identifier

The Network Reasoner can be accessed via the Cisco DNA Center main
menu, selecting Tools > Network Reasoner.
 10. Network Reasoner 203

Figure 10.1: Network Reasoner

Redundant Link Check

The redundant link check workflow validates whether there are two uplinks
associated with an ACCESS role device. After selecting this workflow, a list
of devices with that role is displayed. Select a device, then click
Troubleshoot.
204 10. Network Reasoner

Figure 10.2: Redundant Link Check

The Network Reasoner runs a root cause analysis for checking redundant
links on the selected network device.

Figure 10.3: Redundant Link Check Root Cause Analysis

After the analysis is complete, the machine reasoner conclusions and

suggested actions are presented. In this example, the switch selected does
not have any redundant uplinks configuration and the reasoner recommends
adding one while providing reasons why. This is particularly useful to a
network engineer as it is a very streamlined process compared to manually
 10. Network Reasoner 205

checking for redundant links in a network which would involve having to

manually log into each access switch and execute multiple commands. This
workflow is an example of the tremendous time savings that can be yielded
by Cisco DNA Center.

Power Supply Validation

The Power Supply workflow determines the root cause for power supply
issues on a network device. After entering this workflow and selecting a
networking device with power supply issues, root cause analysis is
programmatically performed for the issue.

Figure 10.4: Power Supply Troubleshooting

206 10. Network Reasoner

Figure 10.5: Power Supply Root Cause Analysis

After the power supply analysis has been completed, the machine reasoner
conclusions and suggested actions are presented. In this case, the switch
experiencing power problems has a power supply that is not present.
 10. Network Reasoner 207

Figure 10.6: Power Supply Conclusion

Ping Device Check

The Ping Device workflow provides a simple functionality that can ping a
target IP address from a selected source device. After initiating the Ping
Device workflow and selecting a network device to initiate the ping from,
enter a target IP address, then click Run Machine Reasoning.
208 10. Network Reasoner

Figure 10.7 Select Network Device

Figure 10.8: Ping Input Target IP

The ping is initiated and the results are displayed. This switch was able to
ping its target IP with 100% success.
 10. Network Reasoner 209

Figure 10.9: Ping Results

CPU Utilization Check

The CPU Utilization workflow troubleshoots the causes of high CPU
utilization on network devices. Select the CPU Utilization workflow then
select a network device that has been experiencing high CPU utilization from
the list displayed. Click Troubleshoot to begin root cause analysis. Provide
a maximum CPU utilization threshold then click Run Machine Reasoning to
initiate the root cause analysis.
210 10. Network Reasoner

Figure 10.10: CPU Utilization Threshold

Root Cause Analysis is initiated and checks the network device for CPU
utilization above the threshold specified.
 10. Network Reasoner 211

Figure 10.11: CPU Utilization Root Cause Analysis

Once the root cause analysis is complete, the results are displayed. In this
example, the selected switch is not experiencing a high CPU utilization.
212 10. Network Reasoner

Figure 10.12: CPU Utilization Conclusion

Interface Down
The Interface Down workflow troubleshoots potential causes for an interface
on a network device to be in a down state. After selecting the Interface
Down workflow, select a switch that has experienced an interface down
issue recently, then click Troubleshoot. Provide the interface that needs to
be evaluated, then click Run Machine Reasoning Engine.
 10. Network Reasoner 213

Figure 10.13: Select Device Interface

Root Cause Analysis begins to check the interface for issues.

214 10. Network Reasoner

Figure 10.14 Interface Down Root Cause Analysis

Once the analysis is complete, the results are displayed, which indicates the
cause of this device’s interface outage as being a physical cable issue.
 10. Network Reasoner 215

Figure 10.15: Interface Down Conclusion

System Bug Identifier

The System Bug Identifier workflow can scan the Cisco DNA Center system
for known bugs that it may be affected by. This is very helpful in preventing
issues regarding bugs that have already been fixed, but not yet patched on a
particular Cisco DNA Center appliance. After selecting this workflow, click
Scan System to begin the scan for bugs.
216 10. Network Reasoner

Figure 10.16: Bug Identifier Scan System

Choose to begin the scan immediately or schedule it for a later time. Once
the scan is initiated, the page indicates that the scan is in progress. After the
scan is complete, a list of bugs that are affecting the Cisco DNA Center
system are presented, with:

• Link to the bug ID

• Description of the issue

• Severity level
• The first time the issue was identified
• If there is a workaround for the issue
• Which Cisco DNA Center versions are affected by the bug

This allows a network engineer to quickly identify bugs with their Cisco DNA
Center system and quickly perform any applicable workarounds, patching, or
upgrades.

The Network Reasoner powered by Cisco’s industry-leading Machine

Reasoning Engine packs powerfully-automated workflows designed to bring
process consistency, best practices, and help reduce the time tasks take to
 10. Network Reasoner 217

complete by staff. With the power of the Network Reasoner, more tasks can
be assigned to less-experienced technical staff to complete with
confidence. A task that would take hours in some cases is now completed
with the click of a button in mere minutes.
11. Application
Health
220 11. Application Health

This chapter covers application visibility and application experience, which is

critical to validating and troubleshooting user experience.

Cisco DNA Center processes complex application data and telemetry from
network devices. The application data in Cisco DNA Center is displayed in
the Application Health dashboard, Client 360, and Device 360 pages. The
dashboard provides insights into the performance of the applications running
in a network, which is highly valuable information for network engineers and
saves a significant amount of time when troubleshooting application issues,
reducing the MTTR.

Based on the network device from which the application data is collected,
the network engineer can view some or all of the KPIs below:

• Application name
• Throughput
• DSCP markings
• Performance metrics (packet loss, latency, and jitter)

Application Name and Throughput are referred to as quantitative metrics and

fall under Application Visibility, while DSCP markings, packet loss, jitter, and
latency are referred to as qualitative metrics and fall under Application
Experience.

Application Visibility data is available from routers and switches running IOS
XE and for WLCs running both AireOS and IOS XE.

More detailed Application Experience data is available from routers running

IOS XE running the Cisco Performance Monitor (PerfMon) feature and Cisco
Application Response Time metrics, and from the Cisco Catalyst 9800
WLCs.

Optimized Application Performance Monitoring (APM) is a feature that

reduces the overhead in collecting NetFlow data. This feature is supported
on routers running IOS XE and Cisco Catalyst 9800 WLCs.
 11. Application Health 221

Please refer to the Cisco DNA Center Assurance User Guide for a complete
list of devices and minimum OS versions necessary to benefit from this
feature.
222 11. Application Health

Configuring Application Visibility

and Application Experience

The configuration for Application Visibility and Experience on network

devices can be completely automated via the Cisco DNA Center inventory
page by selecting the device and applying application telemetry ;as shown
below. All the necessary commands required to enable Application Visibility
and Experience, which can be quite a few lines to enter manually, are
configured automatically in a few seconds using Cisco DNA Center
Automation. This is invaluable to network engineers as it enables a key
feature quickly and easily, increasing their productivity. The interfaces and
WLANs on which the configurations are pushed are based on certain criteria.
Please refer to the Cisco DNA Center User Guide for more details.

There are some key prerequisites before the application telemetry can be
automatically applied to the network devices from Cisco DNA Center. This
feature is not supported for Guest SSIDs. For the WLCs, the SSIDs need to
be provisioned via the Cisco DNA Center automation features. If the SSIDs
were already configured on the WLCs from the WLC GUI, then the required
configuration can be manually applied on a per-SSID basis via the CLI of the
WLC. Please refer to the section below on Configuring Application
Telemetry on the Catalyst 9800 for the CLI commands required.

For network switches and routers, there are some prerequisites, but
provisioning from Cisco DNA Center is not required for application telemetry
to be pushed.
 11. Application Health 223

Figure 11.1: Enable Application Telemetry

Real-World Scenario
Aditya is a Network Architect working at a chain of retail stores. He
handles the escalations of all the tickets that the other Network
Engineers are unable to resolve. A ticket was escalated that said that
users are not able to access Office 365. Aditya has recently deployed
the ThousandEyes agents on their Catalyst 9000 switches using Cisco
DNA Center. He brought up the Application Health page for Office 365.
He then clicked on the ThousandEyes link and cross-launched the
ThousandEyes interface. Once in the interface, it showed an issue with a
load balancer at the SaaS provider. Aditya was able to notify the
helpdesk that Office 365 is having an issue and was able to provide this
information to Microsoft for quicker issue resolution.
224 11. Application Health

Configuring Application Telemetry on the

Catalyst 9800
If the SSIDs are not provisioned from Cisco DNA Center, then the application
telemetry cannot be applied from Cisco DNA Center. In those cases where
the SSIDs are already configured from the WLC GUI, the required commands
to enable application visibility and experience can be configured on a per-
SSID basis from the CLI. For the Catalyst 9800 WLC, the configuration can
be applied for SSIDs in local, flex, or fabric mode.

Below are the commands to be applied to the Catalyst 9800 WLC CLI to
enable application visibility and experience.
 11. Application Health 225

SSID in Local Mode:

flow exporter avc_exporter

destination <Cisco DNA Center enterprise Virtual IP Addr>
source <Source Interface>
transport udp 6007
export-protocol ipfix
option vrf-table timeout 300
option ssid-table timeout 300
option application-table timeout 300
option application-attributes timeout 300

flow exporter avc_local_exporter

destination local wlc

flow monitor avc_ipv4_assurance

exporter avc_exporter
exporter avc_local_exporter
cache timeout active 60
default cache entries
record wireless avc ipv4 assurance

flow monitor avc_ipv4_assurance_rtp

exporter avc_exporter
cache timeout active 60
default cache entries
record wireless avc ipv4 assurance-rtp

wireless profile policy WORK_FLOOR_Global_NF_8258fbfb

shutdown
ipv4 flow monitor avc_ipv4_assurance input
ipv4 flow monitor avc_ipv4_assurance output
ipv4 flow monitor avc_ipv4_assurance_rtp input
ipv4 flow monitor avc_ipv4_assurance_rtp output
no shutdown
226 11. Application Health

SSID in Flex/Fabric mode:

flow exporter avc_exporter

destination <Cisco DNA Center enterprise Virtual IP Addr>
source <Source Interface>
transport udp 6007
export-protocol ipfix
option vrf-table timeout 300
option ssid-table timeout 300
option application-table timeout 300
option application-attributes timeout 300
flow exporter avc_local_exporter
destination local wlc
flow monitor avc_ipv4_assurance
exporter avc_exporter
exporter avc_local_exporter
cache timeout active 60
default cache entries
record wireless avc ipv4 assurance
flow monitor avc_ipv4_assurance_rtp
exporter avc_exporter
cache timeout active 60
default cache entries
record wireless avc ipv4 assurance-rtp
flow monitor avc_basic_monitor
exporter avc_exporter
exporter avc_local_exporter
cache timeout active 60
default cache entries
record wireless avc basic
wireless profile policy Flex_SSID_Global_NF_0cd02814
shutdown
ipv4 flow monitor avc_basic_monitor input
ipv4 flow monitor avc_basic_monitor output
no shutdown
wireless profile policy Fabric_SSID_Global_NF_0cd02814
shutdown
ipv4 flow monitor avc_basic_monitor input
ipv4 flow monitor avc_basic_monitor output
no shutdown
 11. Application Health 227

Visualizing Application
Experience in Cisco DNA
Center

The network engineer can navigate from the main menu of Cisco DNA
Center to the Assurance > Health menu to access the different
dashboards. From there, network engineers can select the Application tab
to view the Application Health Dashboard. The network engineer can then
use the site filters to select the desired site for which to visualize the
application health.

On top of the dashboard is the timeline which displays the average

throughput of the total traffic on the site, the percentage of healthy
business-relevant applications, and the ThousandEyes agent test results if
ThousandEyes is integrated with Cisco DNA Center. This integration is
covered in Chapter 12.
228 11. Application Health

Figure 11.2: Application Health Dashboard Timeline

Below the timeline, the network engineer can view the Summary data split
into 3 sections. The first section shows the total business-relevant
applications, data usage, and average throughput. The next section displays
the number of NetFlow exporters sending NetFlow data to the Cisco DNA
Center. These could be routers, switches, or WLC that the network engineer
has set up with application telemetry. The last section in the Summary shows
the number of ThousandEyes Agent setup and test results.

Below the Summary section, the Business Relevant Application Health and
Application usage dashlets are shown. The network engineer can access the
data needed to get an idea of the amount of traffic flowing through this site
which could be used for capacity planning. The TREND tab in each dashlet
shows the data for the period selected in the dashboard filter. So, if 24 hours
were selected, the Trend would show 24-hours worth of data. This enables
the network engineers to visualize the load on the network at this site. It is
important to be able to visualize trends over time to look for patterns of
increasing or decreasing loads. This data is key to making data-driven
intelligent decisions on throttling or QoS.
 11. Application Health 229

Figure 11.3: Application Health Dashboard Dashlets

The section after the Summary displays 3 dashlets:

• Top Applications by Throughput

• Top Endpoints by Throughput

• Worst Applications by Health

These dashlets can be used by the network engineer to identify if any non-
business applications are consuming too much bandwidth, to help decide if
they need to throttle those applications. It can also be used to find endpoints
consuming too much bandwidth. The last dashlet helps to find which
applications are performing poorly in the network to help make decisions on
debugging QoS or other network configurations related to traffic flow in the
network.
230 11. Application Health

Figure 11.4: Application Health Dashboard Dashlets

Below the dashlets, the network engineer can see the full list of applications
running on the selected site. Filters can be chosen by All, Business Relevant,
Business Irrelevant, or Default applications. Network engineers can also filter
by the health of the applications. Application Health is only calculated for
TCP-based applications.

Depending on the network device, the application experience data might or

might not show. For example, if NetFlow data is sent only from switches to
Cisco DNA Center, the network engineer will not see any Application
Experience data. If NetFlow data is sent from routers or WLCs, then the data
will appear. Application Visibility data will always show regardless of the
device sending NetFlow to the Cisco DNA Center appliance.

The network engineer can view the usage and application throughput for
application visibility and packet loss, jitter, and latency for application
experience for each application in the below table. This table can be
exported as a CSV report as well. The table can be sorted to view the Top
Applications by throughput or usage, highly useful data for network
engineers to make decisions on managing network bandwidth.
 11. Application Health 231

Figure 11.5: Application Health Dashboard Application Table

Selecting an application name will take the network engineer to the

Application 360 page.

In this example of the ms-office-365 application, the network engineer can

see the timeline showing the health score of the application which is
calculated using the application experience KPIs. For applications that do not
have application experience, the application 360 timeline will be empty.
Below the timeline, the network engineer can view the exporters (network
devices such as switches, WLCs, and routers) sending application data via
NetFlow to the Cisco DNA Center. This enables the network engineer to
quickly visualize from which part of the network the application data is
coming.
232 11. Application Health

Figure 11.6: Application 360

Expanding one of the exporters, as shown below, displays the usage,

throughput, packet loss, and other metrics over time for the ms-office-365
application. This provides the network engineers with visibility to quickly
identify whether there are any issues with this application and the usage of
this application in the network. Network Engineers can also view the clients
using this application, their usage, and the identifier of the client; which
could be the username or the IP Address of the client.
 11. Application Health 233

Figure 11.7: Application 360 Exporter Section

Selecting the Go to Device 360 page link, as shown in the screenshot

above, will take the network engineer to the Device 360 page of this
particular exporter which in this case is a WLC.
234 11. Application Health

On the Device 360 page under the Application Experience section, the
network engineer can view all the applications being sent via NetFlow from a
particular device.

Figure 11.8: Device 360 Application Experience

The network engineer can also view the Application data for a particular
client on the Client 360 page. This allows the engineer to view all the
applications a client is using and troubleshoot client-specific application
issues quickly and easily.
 11. Application Health 235

Figure 11.9: Client 360 Application Experience

Application Visibility and Application Experience give insights into the user
experience in the network. This is critical for network engineers to have the
insight, visibility, and tools to troubleshoot user experience issues. User
experience issues can cause loss of productivity and loss of IT credibility.
The wealth of information provided in Cisco DNA Center for Application
Health from different perspectives enables the network engineer to quickly
troubleshoot and remediate user experience issues increasing the business
productivity of the organization.
12. Cisco DNA
Center Integrations
238 12. Cisco DNA Center Integrations

This chapter will cover some of the key integrations Cisco DNA Center has
with other applications to help organizations leverage the strength of all the
applications. This helps the network engineer to troubleshoot difficult
network issues quickly by leveraging the strength of each application from
one single location. This chapter covers integrations with Webex Control
Hub, ThousandEyes, and DNA Spaces.
 12. Cisco DNA Center Integrations 239

Cisco DNA Center Integration

with Webex

Cisco DNA Center integrates with the Webex Control Hub to pull the meeting
quality details from the control hub and display it for each client. This
enables network engineers to view the Cisco Webex meeting details for a
client in a single location and to troubleshoot Cisco Webex meeting issues.
The network engineer can see whether the meeting had problems with the
voice, video, or the share feature for each meeting. Cisco DNA Center also
overlays the information coming from NetFlow, if available, on the same
screen so the network engineer can visualize whether the meeting issue was
caused by any network anomalies. For Cisco DNA Center to receive NetFlow
data on the Webex meetings, the application telemetry needs to be
configured on a router or WLC in the path of the Webex traffic. Netflow
information and configuration was covered in detail in Chapter 11.

Setting Up Webex Integration

From the main menu of Cisco DNA Center, navigate to the System >
Settings menu. From there the network engineer can find the Webex
Integration settings on the left-hand side. Once there, authenticate to
Webex Control Hub using the admin account for the Control Hub.
Completing this step will set up the integration between Cisco DNA Center
and the Webex Control Hub. The integration is a one-time process unless
the admin password is changed.
240 12. Cisco DNA Center Integrations

Figure 12.1: Webex 360 Integration

Figure 12.2: Webex 360 Integration

 12. Cisco DNA Center Integrations 241

Once the Webex integration is complete, a network engineer can view the
meeting quality details for a user, by searching for the user’s client device in
Cisco DNA Center used to join the Webex meeting. This can be done by
searching for the client using the IP Address or username in the Global
search box found in the top right corner of every page in Cisco DNA Center.
This will pull up the Client 360 page. Now, on the top right corner, the
network engineer will see a Webex 360 button. Selecting that will open up
the Webex 360 page for this client.

Figure 12.3: Client 360 Webex 360 Link

The network engineer has to enter the user's email address used to
attend the Webex meetings to view the meeting quality details for this user
and click Search Meetings.
242 12. Cisco DNA Center Integrations

Figure 12.4: Webex 360 Configuration — User Email

Once that is done, the Webex 360 page opens up displaying all the user’s
Webex meetings, as shown below. This information presented comes from
the Webex Control Hub via the integration.
 12. Cisco DNA Center Integrations 243

Figure 12.5: Webex 360 Application Experience

Selecting a meeting displays the meeting quality details for voice, video,
and the share feature. The network engineer can visualize if there are any
issues with any of the components of the meeting.
244 12. Cisco DNA Center Integrations

Figure 12.6 Webex 360 Application Experience

Expanding the video quality, for example, breaks down the video quality
by latency, packet loss, and jitter. The application part of the graph is the
data coming from the Webex Control Hub. The network data is coming via
NetFlow and will only show if NetFlow is configured as mentioned earlier in
this section.
 12. Cisco DNA Center Integrations 245

Figure 12.7: Webex 360 Detailed View

246 12. Cisco DNA Center Integrations

Cisco DNA Center Integration

with ThousandEyes

This section will cover the exciting new integration of Cisco DNA Center with
ThousandEyes. This provides unparalleled visibility into the application flow
through the internet for modern SaaS applications. This allows the network
engineer to get to mean time to innocence and identify issue domains for
SaaS applications quickly and easily reducing MTTR.

App Hosting on Catalyst 9300 and 9400

Cisco DNA Center makes it easy to deploy the ThousandEyes agent on a
Cisco Catalyst 9300 or Cisco Catalyst 9400 switch. The switch-based
agents register with the ThousandEyes dashboard, after which the network
engineer can configure agent tests from the ThousandEyes dashboard to
test various SaaS applications such as Microsoft 365, Salesforce, and any
enterprise-specific applications running in the cloud or data center. Without
Cisco DNA Center automation, a highly experienced network engineer would
be required to apply CLI commands on the switch to deploy the agent. All
the work now is automated via Cisco DNA Center, saving time for the
network engineer and increasing their efficiency. The network engineer can
navigate from the main menu to Provision > App Hosting for
Switches to start the deployment of the ThousandEyes agent onto a
qualified Catalyst switch. The switch MUST be managed in Cisco DNA
Center before this process can begin.

The network engineer first needs to upload the ThousandEyes agent

downloaded from the ThousandEyes site. Selecting the New App will open
up the upload window where the engineer can upload the agent.
 12. Cisco DNA Center Integrations 247

Figure 12.8: ThousandEyes Agent App Hosting

The network engineer can now select the ThousandEyes card, shown below,
to start the agent installation process on a compatible switch.
248 12. Cisco DNA Center Integrations

Figure 12.9: ThousandEyes Agent App Hosting

 12. Cisco DNA Center Integrations 249

Figure 12.10: ThousandEyes Agent App Hosting

Integrating ThousandEyes with Cisco DNA

Center
Once the ThousandEyes Enterprise Agent has been deployed on a Cisco
Catalyst 9300 or Cisco Catalyst 9400 switch, an OAuth token must be
generated from an active ThousandEyes account. To obtain the OAuth token,
log in to an active ThousandEyes account. Use the menu on the left side to
navigate to Account Settings > Users and Roles. At the bottom of the
page click the option to Create an OAuth Bearer Token and copy the
resulting key.
250 12. Cisco DNA Center Integrations

Figure 12.11: ThousandEyes OAuth Bearer Token

After copying the token, go to Cisco DNA Center, then navigate to System >
Settings > External Services > ThousandEyes Integration.
 12. Cisco DNA Center Integrations 251

Figure 12.12: Cisco DNA Center ThousandEyes Token

Paste here the token copied previously, then click Save. The page will
indicate that ThousandEyes integration is now enabled.
252 12. Cisco DNA Center Integrations

Figure 12.13: ThousandEyes Enabled

Application Visibility With ThousandEyes

Now that the ThousandEyes integration is enabled, any Agent to Server or
HTTP-Server tests created within the ThousandEyes dashboard can be run
on the ThousandEyes enterprise agent and/or scheduled to run at regular
intervals. All test settings are configured on the ThousandEyes dashboard.
To view test results within Cisco DNA Center, navigate to Assurance >
Dashboards > Health from the Cisco DNA Center main menu and then
the Application tab. There is a dashlet for ThousandEyes on the right side of
the page, indicating the number of active Catalyst 9000 servers
ThousandEyes enterprise agents are running, as well as how many tests are
being run (along with the percentage of passed tests), and the number of
active alerts.
 12. Cisco DNA Center Integrations 253

Figure 12.14: ThousandEyes Dashlet

Scrolling down, there is also a table that shows all of the tests being run,
with their respective test statistics, including: jitter, latency, packet loss, and
the number of total tests/failed tests.

Figure 12.15: ThousandEyes Enterprise Agent Tests

By clicking the name of one of the tests in the table, Cisco DNA Center will
cross-launch to the corresponding test within the ThousandEyes dashboard
itself. In the ThousandEyes dashboard, all of the test information is available
254 12. Cisco DNA Center Integrations

in greater detail and provides more historical testing data. The path from the
agent to the target can be visualized to make it quick and efficient to
diagnose the issue domain. The network engineer can now identify whether
a user’s application experience issues are on the client-side, in the
enterprise network, or outside of the enterprise network (such as an ISP or in
the SaaS provider network).

Figure 12.16: ThousandEyes Dashboard

 12. Cisco DNA Center Integrations 255

Integration with Cisco DNA

Spaces

Cisco DNA Spaces is a location platform that provides highly scalable,

reliable, and centralized services for user and device tracking. One
significant advantage of Cisco DNA Spaces is its ability to track the location
of clients in real time and display their locations in a centralized map view.
Previously, a network engineer would need to utilize the dashboards on both
Cisco DNA Spaces and Cisco DNA Center to take advantage of the real-time
location data as well as the powerful network management capabilities of
Cisco DNA Center.

The integration between Cisco DNA Spaces and Cisco DNA Center allows
the network engineer to view real-time user locations directly on the floor
map shown on Cisco DNA Center. This provides a single, centralized
location to view floor maps, assigned networking devices, user locations, as
well as RF coverage for wireless access points.

To enable this integration, an active Cisco DNA Spaces instance with a valid
license is required. Within Cisco DNA Center, the DNA Spaces Enabler
package must be installed, which can be downloaded and installed from
System > Software Management in the Cisco DNA Center main menu. To
confirm that the package has been installed, navigate to System >
Settings > External Services > Cisco DNA Spaces/CMX
servers. If the package has been successfully installed, an
Activate button will be displayed.
256 12. Cisco DNA Center Integrations

Figure 12.17: DNA Spaces Activate

To activate the integration, a Cisco DNA Spaces Smart Connector will need
to be configured, and an integration token must be generated within Cisco
DNA Spaces. For more information on how to configure the Cisco DNA
Spaces Smart Connector and generate the integration token, as well as how
to add Cisco DNA Spaces sites to Cisco DNA Center, please refer to the
Cisco DNA Spaces Configuration Guide.

Once the integration token has been generated, click Activate in the
settings menu above. Paste in the token copied from Cisco DNA Spaces,
then click Connect. The status of the integration will now show as Activated
and will display the customer's name.

To utilize this feature, navigate to Design > Network Hierarchy from the
Cisco DNA Center main menu. Select an individual floor at one of the
network sites that was configured for the integration on Cisco DNA Spaces.
In addition to the network device and floor map information already provided
by Cisco DNA Center, the user locations are also now displayed on the map.
 12. Cisco DNA Center Integrations 257

Figure 12.18: Cisco DNA Spaces Integration

258 12. Cisco DNA Center Integrations

Figure 12.19: Cisco DNA Spaces User Information

The Cisco DNA Center integrations shown in this chapter demonstrate the
flexibility and extendibility of Cisco DNA Center and show how the
Integrations are designed to reduce the time to value with Cisco DNA Center.
Key integrations empower the network engineer with state-of-the-art tools
providing new capabilities and insights into applications and location
services. Issues with SaaS applications often took hours to troubleshoot and
get to the root cause. With Webex and ThousandEyes, network engineers
can significantly reduce the MTTR.
13. Reports
Dashboard
260 13. Reports Dashboard

Reports can be used to generate insights into network operations, asset

management, uptime reporting, and provide executive summary statements
for upper management. Operational reports have historically been used for
multitudes of company-required purposes.
 13. Reports Dashboard 261

Generating Reports

To get to the Reports dashboard from the Cisco DNA Center main menu,
select Reports.

Reports can be run for specified periods and provide views of how the
network is evolving. The scheduling feature of the reports allows the network
engineer to automate the generation of key reports.

The Reports dashboard is comprised of three tabs:

• Generated Reports
• Report Templates

• Usage Insights

The Generated Reports tab displays the basic details of the reports
generated previously such as the type of report, schedule, Last Run, and
report format. From this tab, it is easy to get reports that have already been
generated.
262 13. Reports Dashboard

Figure 13.1: Generated Reports

The Report Templates tab displays all the pre-defined reports that can be
generated in Cisco DNA Center. There are more than 36 reports that can be
generated across different categories and domains. These report templates
make it easy to generate reports as they walk the network engineer through
a workflow to build the report parameters.

To get started, select Generate at the bottom of the desired report dashlet
to start creating a report. The reports can be generated in CSV, PDF, JSON,
or Tableau formats. Some reports are available in all formats, but some
reports are only provided in limited formats. The formats available for each
report template are marked in the Report Templates tab as shown in the
figure below.
 13. Reports Dashboard 263

Figure 13.2: Report Templates

When the Generate report option is selected, the network engineer is

presented with a reporting workflow. The first part of the workflow as shown
below displays the template being used for the report and a preview of a
report sample. The Next button takes the network engineer to the next part
of the workflow.
264 13. Reports Dashboard

Figure 13.3: Report Template Selection

The next step of the workflow is where the network engineer can change the
report name and set up the scope of the report. The report name field is
filled in with a default name which includes the report type, date, and time.
The network engineer can change this to a more meaningful name. For
example, in this AP report, the Location needs to be selected in the scope.
Depending on the report type, the scope options will vary.
 13. Reports Dashboard 265

Figure 13.4: Report Scope Selection

The next step is where the network engineer can select the File Type for the
report such as CSV, PDF, or Tableau and also customize the fields needed to
go into the report. By default, all fields are selected.
266 13. Reports Dashboard

Figure 13.5: File Type Selection

In the next step, the network engineer can select the Time Range and
Schedule for the report which provides multiple options. The Time Range
provides predefined time intervals such as 3 hours, 24 hours, and 7 days.
The custom Time Range option can be used to select a time range up to 6
months back. The schedule options are Run Now, Run Later, or Run
Recurring.
 13. Reports Dashboard 267

Figure 13.6: Report Schedule Time Selection

Next, the network engineer can select the delivery options for the report
such as email and webhook. The reports are also available on the Cisco DNA
Center Generated Reports page so the Delivery and Notification step can
be skipped.
268 13. Reports Dashboard

Figure 13.7: Report Delivery and Notification

Lastly, the network engineer is presented with the summary of the report
options selected. The network engineer can select Next to generate the
report or go Back and change any options if required.
 13. Reports Dashboard 269

Figure 13.8: Report Summary

Selecting View All Reports will take the network engineer to the
Generated Reports tab. Depending on the type of report and the amount of
data in the report, the time taken to generate the report will vary. As some
reports will take a longer time to generate, it is safe to keep using Cisco DNA
Center while the report generates in the background.
270 13. Reports Dashboard

Figure 13.9: Completed Report Generation

The network engineer can select the Report Title to view the report
directly in Cisco DNA Center. They can also download the report using the
download link. If they had chosen a delivery option such as email or
webhook, the report will be delivered to those destinations as well.
 13. Reports Dashboard 271

Figure 13.10: View Generated Reports

272 13. Reports Dashboard

Ad-Hoc CSV Reports

CSV Reports can be generated from the Cisco DNA Center GUI. CSV format
is not available in all dashlets. However, this option can be used to create
reports quickly from GUI list views. The network engineer can customize the
list views. For example, in the network devices table in the Network Health
Dashboard, the table can be customized by adding columns that are relevant
to the network engineer. Columns can be removed as well.

As can be seen in the image below, in the Network Devices table in the
Network Health dashboard there is an export button on the top right
corner which can be used to generate a CSV report on all the network
devices. Anywhere a network engineer sees a similar export button they can
generate the reports for that section.

Figure 13.11: Export Based Reports

 13. Reports Dashboard 273

The network engineer can customize the dynamic reports and add or remove
columns that will be included in the report as seen in the figure below.

Figure 13.12: Add Remove Column To Export-Based Reports

274 13. Reports Dashboard

Weekly Insights Report

Network engineers or managers can now get weekly insight reporting from
Cisco DNA Center. The main page of Cisco DNA Center has the Insights
email feature. This allows network engineers or network managers to set up
a weekly email that they will receive containing key insights on the network
from Cisco DNA Center. The email will have new product announcements,
network insights, and an executive summary. The executive summary part of
the email will contain information about measurable time and cost savings
realized from using Cisco DNA Center to manage the network infrastructure.

Selecting the Insights button will take the network engineer to a setup
page to customize the insights email.

Figure 13.13: Weekly Insights Report

The Notification preferences can be used to select the information the

network engineer wants to see in the weekly insights email.
 13. Reports Dashboard 275

Figure 13.14: Weekly Insights Report Notification Preferences

The communication preferences page allows the network engineer or

administrator to configure and distribute weekly insight reports. The SMTP
server information needs to be configured in the System > Settings page
of Cisco DNA Center for the system to be able to send emails.
276 13. Reports Dashboard

Figure 13.15: Weekly Insights Report Communication Preferences

Reporting is a key part of any administrative system. Cisco DNA Center

reporting was designed to be intuitive and flexible. Using the templated
reports organizations should be able to track assets, review network
compliance, assess the state of the network, and perform capacity planning
activities. New reports and reporting capabilities are added with every new
Cisco DNA Center release.
14. Cisco DNA
Center Server
Troubleshooting
278 14. Cisco DNA Center Server Troubleshooting

This chapter covers troubleshooting certain aspects of Cisco DNA Center.

Before debugging various modules, we need to check whether the devices

are supported in the release and if Cisco DNA software modules are installed
properly.

Supported Device and Version

For the supported IOS XE WLCs, AireOS WLCs, APs, and Switches in the
Cisco DNA Center release, please refer to the compatibility matrix document
mentioned in the References section.

Figure 14.1: Sample Cisco DNA Center Supported Device and Recommended Release
 14. Cisco DNA Center Server Troubleshooting 279

It is suggested to use the Recommended Release for the routers, switches

and WLCs, though the compatible release is accepted as well.

Verify NETCONF on Catalyst 9000 Series

Switches and WLCs
Before adding the Catalyst 9000 switches and WLCs to Cisco DNA Center
verify whether the NETCONF is enabled on the device.

In the command line of Cisco DNA Center, please check if the Cisco DNA
Center is able to receive data using the following command.
280 14. Cisco DNA Center Server Troubleshooting

$ ssh -p 830 username@<deviceIP> -s netconf

The authenticity of host '[<Device IP>]:830 ([<Device
IP>]:830)' can't be established.
RSA key fingerprint is
SHA256:lCg9/hfonDlnzsCnM7uSLJt6QD9jNJSUbDOhxFf08DU.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[<Device IP>]:830' (RSA) to
the list of known hosts.
username@<Device IP>'s password:
<?xml version="1.0" encoding="UTF-8"?>
<hello
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
<capability>urn:ietf:params:netconf:base:1.1</capability>
<capability>urn:ietf:params:netconf:capability:writable-running:
1.0</capability>
<capability>urn:ietf:params:netconf:capability:rollback-on-error:
1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.0
</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.1
</capability>
<capability>urn:ietf:params:netconf:capability:xpath:1.0
</capability>
<capability>urn:ietf:params:netconf:capability:notification:1.0
</capability>
<capability>urn:ietf:params:netconf:capability:interleave:1.0
</capability>
<capability>urn:ietf:params:netconf:capability:with-defaults:1.0?
basic-mode=explicit&amp;also-supported=report-all-tagged,report-
all</capability>
<capability>urn:ietf:params:netconf:capability:yang-library:1.0?
revision=2016-06-21&amp;module-set-id=116d099c87b0de473b7b1ec
5528bfc53</capability>
http://tail-f.com/ns/netconf/actions/1.0</capability>
http://tail-f.com/ns/netconf/actions/1.0
<capability>http://tail-f.com/ns/netconf/actions/1.0
 14. Cisco DNA Center Server Troubleshooting 281

If the data is not seen, it needs to be enabled using the following

configuration on the device.

NETCONF/YANG is supported as of IOS XE 16.3.1 software. For enabling

NETCONF in the device, use the following commands.

Cat9300-2#conf t
Enter configuration commands, one per line. End with
CNTL/Z.
Cat9300-2(config)#netconf-yang
Cat9300-2(config)#username <username> privilege 15 password
0 <password> ---> Username/password used
for NETCONF-SSH access

Cat9300-2(config)#aaa new-model
Cat9300-2(config)#aaa authorization exec default local
------------->
Required for NETCONF-SSH connectivity and edit-config operations

Please change aaa authorization exec default local

- command appropriately if you are using TACACS

Cisco DNA Center Software Packages

Versions
Validate that the Cisco DNA Center deployment has the correct packages for
the release installed. Please refer to the release notes for the version to
verify the package versions.

From the Cisco DNA Center UI, click on the question mark (?) icon on the
top right side of the screen to see the release notes link as shown in the
figure below:
282 14. Cisco DNA Center Server Troubleshooting

Figure 14.2: Release Notes URL

Package versions should be under the section Package Versions in Cisco

DNA Center, Release <release # (x.x.x.)

Then go to System > Software Updates and obtain any necessary

updates. Make sure the System package matches with the System package
of the release note. Similarly for the Application packages, check in the
Installed Apps section specifically for AI Network Analytics.
 14. Cisco DNA Center Server Troubleshooting 283

Figure 14.3: Application Packages Version

If there is a version mismatch, there will be a download/Install button

available. Please click and install the correct version of the packages.

Cisco DNA Center Services Status

In the Cisco DNA Center Service Explorer tab of System > System 360
page, make sure all the services are in RUNNING status, particularly, NDP
and assurance-backend Appstack Services.
284 14. Cisco DNA Center Server Troubleshooting

Figure 14.4: Cisco DNA Center Services Status

Cisco DNA Center Assurance Pipelines Status

Check all the pipelines are in RUNNING status in the pipelines tab of System
> Data Platform page.
 14. Cisco DNA Center Server Troubleshooting 285

Figure 14.5: Pipelines Status

286 14. Cisco DNA Center Server Troubleshooting

Troubleshooting AI Network
Analytics

Troubleshooting Cloud registration

To enable the features offered via the Cisco AI Analytics cloud, the Cisco
DNA Center appliance MUST have internet access, allowing outbound
HTTPS connections on TCP port 443 to the following API endpoints:

• api.use1.prd.kairos.ciscolabs.com — US region

• api.euc1.prd.kairos.ciscolabs.com — EMER/APJC region

The cloud registration will fail if the Cisco DNA Center appliance cannot
reach the cloud servers, or if the connection goes through SSL Inspection,
as this will break the mutual authentication between the local agent and the
cloud server.
 14. Cisco DNA Center Server Troubleshooting 287

Figure 14.6: Example of Failure Upon Cloud Tenant Registration on Cisco AI Analytics

In case of errors upon cloud registration, make sure that the Cisco AI
Analytics cloud API endpoints are reachable:

• If the connection requires an HTTP proxy, make sure that it is

correctly configured on the Cisco DNA Center Appliance, by checking
the Cisco DNA Appliance UI: System > Settings > System
Configuration > Proxy.
288 14. Cisco DNA Center Server Troubleshooting

• If the connection goes through SSL Inspection, verify that a bypass

rule is configured to ensure SSL Inspection does not break traffic to
the Cisco AI Analytics cloud API endpoints.

If the cloud registration still fails after verifying connectivity to the cloud,
please make sure that the clock on the Cisco DNA Center appliance is
properly synchronized with an NTP server, as time drift can cause issues
with the validation steps happening as part of the registration process.

Product Activation
Each feature offered via the Cisco AI Network Analytics cloud has local
requirements to be met before it can be enabled.

For instance, Cisco AI Network Analytics and AI Enhanced RRM require

wireless devices to be managed by the Cisco DNA Center appliance.
Therefore, they will not work if only wired devices are managed in Cisco
DNA Center.

When enabling Cisco AI Network Analytics on a new Cisco DNA Center

deployment managing wireless devices, ensure that the network devices are
discovered and managed on the device inventory. If not, the network
engineer will see no data for the Network Analytics features.

Missing Data
Following a successful cloud registration, the Cisco AI Analytics agent
installed on the Cisco DNA Center appliance immediately starts exporting
telemetry data to the cloud; it then takes approximately one hour for the
cloud data processing pipelines to be activated.

Seeing results on the UI, however, will take more time, depending on the
requirements of each use case. For instance, while Network
Heatmaps usually take one day to start showing data, AI-driven issues
require at least one week of data, and long-term analytics use cases such as
 14. Cisco DNA Center Server Troubleshooting 289

AP Performance Advisories will take approximately four weeks to produce

insights.

When there’s no data displayed on the AI Analytics pages, checking the

output of Network Heatmaps is the easiest way to verify that the data
ingestion and cloud pipelines are working correctly, as the heatmap views
are expected to be always available.

Other use cases, such as AI-driven issues, Trends, and AP Performance

Advisories only show results when the AI/ML algorithms running in the cloud
identify interesting information to be displayed; for this reason, it may take
additional time to start seeing results for such use cases, depending on the
network size and specific activity.

If Network Heatmaps show no data, it is recommended to verify the network

connectivity to the cloud (as described in the cloud registration
troubleshooting section) as well as the Cisco DNA Assurance Health
dashboards, to confirm whether data for the managed WLCs, Access Points,
and clients show up correctly.

Some use cases, such as the Baseline Dashboard and AI-driven issues for
Excessive Onboarding time and failures, perform data aggregation at the
building level, therefore these features only work if the APs are assigned to a
building in the Network Hierarchy.

The computation of throughput-related KPIs (for all applicable use cases,

including AI-driven issues, Network Heatmaps, Network Comparisons,
Trends) makes use of AVC (Application Visibility and Control) data, exported
via telemetry for AireOS WLCs or via NetFlow for IOS XE WLCs; if no
throughput data or issues are seen in the UI, make sure that Application
Telemetry is enabled on the managed WLCs.

If the cloud connectivity is confirmed to be working fine, all the previous

checks have been completed, but data is still missing from the AI Analytics
pages, please verify if data shows up on the Cisco DNA Assurance Health
Dashboard.
290 14. Cisco DNA Center Server Troubleshooting

Troubleshooting Wireless and

Wired Assurance

When a device is added to the Cisco DNA Center using Discovery Tool,
make sure it is assigned to a Site in Provision > Network Devices >
Inventory page.

Figure 14.7: Assign Device to a Site

When the device is added to the site, Cisco DNA Center provisions the WLC
with telemetry settings. It also adds commands to the device for
downloading the certificates from the Cisco DNA Center. The file download
and HTTP access can’t be blocked between the device and Cisco DNA
Center.
 14. Cisco DNA Center Server Troubleshooting 291

Verify the telemetry provisioning status by changing the FOCUS to

Provision. The figure below shows the detailed telemetry provisioning
status.

Figure 14.18: Telemetry Provisioning Status

If the Provisioning Status is Success, Check the Overall tab on the

Assurance > Dashboards > Health page.
292 14. Cisco DNA Center Server Troubleshooting

Figure 14.9: Assurance Device Types Status

Click on the green part of the device type added to see the device with
Assurance data such as that below for WLC.
 14. Cisco DNA Center Server Troubleshooting 293

Figure 14.10: Device Monitoring Status

If the device is not in the table, contact Cisco Technical Support as this
suggests that telemetry is still not coming into Cisco DNA Center.
294 14. Cisco DNA Center Server Troubleshooting

Troubleshooting Application
Assurance

Verify the network device has the Network Advantage license.

Verify the source interface in the flow exporter configuration of the network
device has the applications configured.

Verify the destination IP in the flow exporter configuration is the Cisco DNA
Center enterprise Virtual IP Address (VIP).

Verify all the WLAN configuration has application visibility/experience

configurations as below

wireless profile policy Flex_SSID_Global_NF_0cd02814

shutdown
ipv4 flow monitor avc_basic_monitor input
ipv4 flow monitor avc_basic_monitor output
no shutdown

Verify whether Cisco DNA Center is receiving application data, using the
following command from the Cisco DNA Center command line:

sudo tcpdump -i any -n udp port 6007

If you still don’t see the application data, please contact Cisco Technical
Support

Keep in mind that no matter what issue is encountered with Cisco DNA
Center and related features, Cisco Technical Support is always there to
provide assistance 24/7.
Appendix
296 Appendix

References

Cisco DNA Center End-User Guides

https://www.cisco.com/c/en/us/support/cloud-systems-management/dna-
https://www.cisco.com/c/en/us/support/cloud-systems-management/dna-
center/products-user-guide-list.html
center/products-user-guide-list.html

Cisco DNA Center Compatibility Matrix

https://www.cisco.com/c/dam/en/us/td/docs/Website/enterprise/dnac_com
https://www.cisco.com/c/dam/en/us/td/docs/Website/enterprise/dnac_com
patibility_matrix/index.html
patibility_matrix/index.html

Cisco DNA Center Release Notes

https://www.cisco.com/c/en/us/support/cloud-systems-management/dna-
https://www.cisco.com/c/en/us/support/cloud-systems-management/dna-
center/products-release-notes-list.html
center/products-release-notes-list.html

Application Hosting on Catalyst 9300 and 9400

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/17
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/17
8/b_178_programmability_cg/m_178_prog_app_hosting.html
8/b_178_programmability_cg/m_178_prog_app_hosting.html

Cisco DNA Spaces Configuration Guide

https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Mobility/DNA-
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Mobility/DNA-
Spaces/cisco-dna-spaces-config/dnaspaces-configuration-guide/m_dnac.
Spaces/cisco-dna-spaces-config/dnaspaces-configuration-guide/m_dnac.
html
html
 Appendix 297

Additional Resources for Cisco

DNA Center

Cisco DNA Center Demos

https://www.cisco.com/c/en/us/products/cloud-systems-management/dna
https://www.cisco.com/c/en/us/products/cloud-systems-management/dna
-center/demos.html
-center/demos.html

Cisco DNA Center Automation and Assurance v2.2.3.4 ‒ Instant Demo

https://dcloud2-sjc.cisco.com/content/instantdemo/cisco-dna-center-auto
https://dcloud2-sjc.cisco.com/content/instantdemo/cisco-dna-center-auto
mation-and-assurance-v2-2-3-4-instant-demo-sandbox?returnPathTitleKe
mation-and-assurance-v2-2-3-4-instant-demo-sandbox?returnPathTitleKe
y=content-view
y=content-view

YouTube Channel ‒ Cisco

https://www.youtube.com/channel/UCEWiIE6Htd8mvlOR6YQez1g
https://www.youtube.com/channel/UCEWiIE6Htd8mvlOR6YQez1g
298 Appendix

Acronyms

AAA ‒ Authentication/Authorization DCA ‒ Dynamic Channel

and Accounting Assignment

AI ‒ Artificial Intelligence DevOps ‒ Developer Operations

AI/ML ‒ Artificial DNA ‒ Digital Network Architecture

Intelligence/Machine Learning
DNS ‒ Domain Name System
AIOps ‒ Artificial Intelligence for IT
DSCP ‒ Differentiated Services
Operations
Code Point
AP ‒ Access Point
EAP ‒ Extensible Authentication
API ‒ Application Programmable Protocol
Interface
EU ‒ European Union
APM ‒ Application Performance
FFT ‒ Fast-Fourier Transform
Monitoring
FRA ‒ Flexible Radio Architecture
AVC ‒ Application Visibility and
Control FTV ‒ Faster Time To Value

CLI ‒ Command-Line Interface gRPC ‒ Google Remote Procedure

Call
CPU ‒ Central Processing Unit
GUI ‒ graphical user interface
CSV ‒ Comma Separated Values
HTTPS ‒ Hypertext Transfer
DHCP ‒ Dynamic Host
Protocol Secure
Configuration Protocol
ICMP ‒ Internet Control Message
DBS ‒ Dynamic Bandwidth
Protocol
Selection
IoT ‒ Internet of Things

IP ‒ Internet Protocol
IT ‒ Information Technology
JSON ‒ JavaScript Object Notation
KPI ‒ Key Performance Indicator
MAB ‒ MAC Authentication Bypass
MAC ‒ Media Access Control
ML ‒ Machine Learning
MRE ‒ Machine Reasoning Engine
MTTR ‒ Mean Time To Resolution
NETCONF ‒ Network Configuration
NetOps ‒ Network Operations
OPEX ‒ Operational Expense
OAuth ‒ Open Authentication
PCAP ‒ Packet Capture
PDF ‒ Portable Document Format
PerfMon ‒ Performance Monitor
PoE ‒ Power over Ethernet
RCA ‒ Root Cause Analysis
RF ‒ Radio Frequency
ROI ‒ Return on Investment
Appendix 299
RRM ‒ Radio Resource
Management
RSSI ‒ Received Signal Strength
Indicator
SaaS ‒ Software as a Service
SDK ‒ Software Development Kit
SecOps ‒ Security Operations
SLAs ‒ service level agreements
SNMP ‒ Simple Network
Management Protocol
SNR ‒ Signal-To-Noise Ratio
STP ‒ Spanning Tree Protocol
SSID ‒ Service Set Identifier
TCP ‒ Transmission Control
Protocol
TPC ‒ Transmit Power Control
TTV ‒ Time to Value
UDP ‒ User Datagram Protocol
UI ‒ User Interface
UPoE ‒ Universal Power Over
Ethernet
WLC ‒ Wireless LAN Controller
Prem Chandran
Sean Sivak
Harsharan Dhaliwal
Suresh Subramanian
Federico Lovison
Shai Silberman