Cisco DNA Center Wireless Assurance TDM

Cisco DNA Center
Wireless Assurance TDM

Cisco DNA Center 2.3.3
Prem Chandran and Harsharan Dhaliwal

TME
July 2022 Americas EN Sales
Cisco DNA Center TDM Learning Map
You are Here!
9800
Template Automation
Editor
Day 0/PnP SWIM Wireless SD-AVC App

Automation Policy
DNA Center DNA DNA DNA Center License

TDM Automation Assurance Platform Manager
TDM
Wireless Application
AI/ML/MRE
Assurance Assurance
Intelligent Rogue
Capture & Management
Sensors
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Cisco DNA Assurance Overview
 New Innovations: 2.3.3
 Streaming Telemetry for Wireless Analytics
 WI-FI 6 Dashboard
 AI / ML for Wireless Assurance
Agenda
 Wireless Issues
 Wireless Network Health
 Client Health SLA
 Intelligent Capture
 Enterprise Ready Sensor
 Application Visibility
 Apple and Samsung Analytics

© 2020
© 2020 Cisco
Cisco and/or
and/or its affiliates.
its affiliates. All rights
All rights reserved.
reserved. CiscoCisco Public
Public
Cisco DNA Assurance Overview
Network Assurance is a Complex, End-to-End Problem
Affects Join/Roam
Affects Quality/Throughput
Client firmware Affects Both*

WAN Uplink usage End-User services
Client density AP coverage Configuration
WLC Capacity WAN QoS, Routing, ... Authentication

RF Noise/Interf.
Addressing
CUCM
ISE
What
WAN is the problem?
There are 100+
DHCP
points of failure Office site Where is the problem?
Network services DC
betweenMobile
user clients
APs Cisco Prime™
Local WLCs
and app
How can I fix the problem* Both
fast?
= Join/roam and quality/throughput
5
Cisco DNA Analytics & Assurance
From network data to business insights
Network Telemetry & Big Data Health Scores Proactive

Contextual Data Processing and Insights Troubleshooting
Traceroute
CEP
Syslog NetFlow Engine Clients Baseline
AAA DHCP
Router
Sensors Metadata
Telnet CLI extraction
DNS
OID IPSLA Ping
MIB Stream Processing
SNMP IPAM Application Network
Apple iOS AppD
CMX
Cisco DNA Assurance Architecture
Customer Datacenter Cloud Based
ML Engine)
Cisco DNA Center Assurance UI
Insights &
Feedback Trend
Cisco DNA
Automation Cisco DNA Data
Cisco AI
Assurance Network
Network Analytics
Control Network Data Platform Cloud
Platform
ssh/NETCONF
Protocols & APIs (WSA, gRPC, SNMP, NetFlow, Syslog, Location, NETCONF, CLI, ...)
CMX
DHC
P
WAN
Network Control Points

Office Site Network Services DC Metrics, Events, Config, ...
Customer Network Control, Notifications, ...
Network Telemetry &
Contextual Data
Next Generation Wireless requires New Era of Analytics

Legacy Telemetry in Traditional Streaming Telemetry in Cisco’s DNA
Network Monitoring Tools Wireless Assurance
• Visibility into Client, App and Network traffic

• Network centric view with limited client context Right
• 240+ Client Onboarding issues defined as Events
• No events leading to false alarms Context
fit
ene
ss B
• Pull based model • Push based model
Right Time
i ne
• No real-time notifications (~ few mins) • Real-time notifications (~as low as 5 sec)
Bus
• CPU intensive raw data • Optimized export with programmability

• Multiple data sources needed for end Right Data • Unified telemetry for heterogeneous data
to end coverage sources
Right data at the right time with the right context

C will generate actionable business insights
DNA Assurance is part of DNA Center
DNA Center consists of Automation and Assurance
Automation Analytics
Design Provision Policy Assurance
Planning, installation and migration
Proactive and predictive network, client and application assurance
What is DNA Assurance?
Right Place Right Time Right Action
360◦ view across clients, Network Time Travel -30 100+ correlated insights
network and applications days of contextual history with guided remediation
Event driven telemetry from Proactively test drive the Intelligent Capture with
the wireless infrastructure network using Aironet 1800s auto packet captures and
Sensor real-time state of the network
Apple iOS analytics that Predictive trends before Future: Close loop or
provides client perspective they become problems automated remediation
Cisco DNA Center AI Analytics – Solution overview
AI/ML based issue and Network trends and Peer and site
anomaly detection insights comparisons
Onboarding experience (time, Time evolving long term trends Compare among sites, AP’s,
failures, DHCP, AAA) for radios and buildings networks, and aggregate
benchmarks on several KPIs
Application experience (Media, Throughput, client count, 25 KPIs. E.g. Radio resets,
cloud, and social throughput) interference, RSSI, traffic, channel change count, client
channel change count count, among others
Cisco DNA Center AI Analytics – Solution overview
Network AI driven
AI/ML based
Trends and Peer, Network Baselines for
Issue Detection
Insights Comparison Key KPI’s
Onboarding experience
(time, failures, DHCP, Time evolving long term Compare to Peer Networks. View Baselines for
AAA) trends for radios and Compare between buildings, Onboarding for past 2
buildings AP’s and endpoint types weeks
Machine Reasoning Engine
End to End
3. Knowledge Package
2. Knowledge Base 4. MRE runs on DNAC
Automated Troubleshooting
1. Subject Matter Experts
• STP Loop Detection
• Power Supply Failure

- Cisco
- Security Researchers • Interface Down
- Partners
• High CPU Physical and virtual infrastructure
Automated Troubleshooting and Root Cause Analysis
1 STP Loop
Insight generation based on externally
captured knowledge and aligned with 2 Power Supply Failure
best practices and validated designs
3 Interface Down
4 High CPU
Add OTHER Use cases here
Intelligent Capture ~ Key Use-Cases
VIP Assurance
RF Scanner
Automated PCAP & RF Stats
On-Demand PCAP (of Onboarding Frames)
Made for DNA On Demand AP/Client Monitor
Spectrum Analysis
Automated AP Radio Anomalies

End-to-End Visibility and Insights
End user Client on-boarding Network health Application visibility

and connectivity and status and performance
CUCM
WAN
DHCP
Mobile Clients SFCDC

Office Site Network Services DC NMS SNOW
APs
BOX
Local WLCs
Cloud Apps
DNA Wireless Assurance powered by Cisco Catalyst
Wireless R1
Active Sensor Wi-Fi iOS Streaming Network Time

Testing Analytics Telemetry Travel
Intelligent Capture Intelligent Capture Actionable Guided

Auto PCAPs Forensics Insights Remediation
Aironet 2800, 3800, 4800 AP or

Aironet Active Sensor Catalyst 9100 Series AP
with dynamic testing
Cisco DNA Center 2.3.3 (Guardian)
Features
2.3.3 (Guardian) New Features
• Intel Analytics
• Global Event Viewer
• Client Tracking
• Wireless Event Viewer
• IPCAP multi WLC selection
• Wi-Fi 6E in Wi-Fi 6 dashboard and Wi-Fi 6E Spectrum Analyzer
• Profile customization
• Troubleshooting Unmonitored WLC – MRE workflow
• Device Maintenance Mode
• Insights Email
• AI Enhanced RRM (Refer to the AIOps TDM)
• AI AP Performance Advisories (Refer to the AIOps TDM )
• ThousandEyes Integration (Refer to the Wireless Assurance TDM)
Intel Analytics Overview
Background:
• Intel Wi-Fi chipsets make up 90% of enterprise laptops.
• Intel Analytics enables these clients to provide
enhanced visibility for faster troubleshooting.
Key Benefits:
Provides Intel client model, driver version, coverage

hole reporting, roaming, power type, etc.
No need for client-side agent to provide data.
1. Identifying Bad Drivers 2. Validating New Drivers

3. Identifying Bad Hardware 4. Troubleshooting Roaming
5. Identifying Poor Connectivity
6. Identify misbehaving APs
Supported Software and Hardware Matrix
Cisco and Intel Chipset Devices
Cisco Access Point Hardware Intel Chipset
All Wave 2 and Catalyst 11ax APs AC8561, AC9560, AX200, AX201, AX210, AX1650, AX1675
Cisco IOS XE WLC Intel Driver Software

Cisco AireOS WLC Software
Software
17.6.1 N/A 22.50.1
Cisco IOS XE WLC Hardware

Embedded Wireless Controller on the AP and Switch
C9800-CL
C9800-L
C9800-40
C9800-80
Global Event Viewer
• Syslog's,
Traps and
TDL Events
• View all
events in one
location
• Earlier had to
view in each
360
Client Tracking
Track VIP clients and subscribe notifications about the tracked clients•Add Clients to tracked list
• Subscribe to client notifications
• Monitor tracked clients
Client Tracking
• Add Client
• Setting
Notification Frequency
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Client Tracking
WLC Event Viewer
• Based on multiple
customer requests
• Syslog and TDL
events for 9800.
• Syslog and SNMP
traps for AireOS
• Helps
troubleshoot
wireless issues
faster
WLC Event Viewer in WLC 360
View syslog's and TDL events

Helps troubleshoot WLC issues
IPCAP multi WLC selection
• Select WLC’s to setup Intelligent Packet Capture

• Feature available for schedule capture, data capture
and live capture
Wi-Fi 6E Visibility
WIFI 6E Spectrum Analysis
Troubleshooting unmonitored WLC - MRE
Channel Utilization Breakdown for AP (9800 Only)
• Channel Utilization broken down by Tx, Rx and Interference

WLC Temperature Sensor Details
• Select different temp sensors to view
trend in graph.
• Can select multiple.
WLC 360 - New Interfaces Tab
• View physical and virtual interface details
Interface Traffic and Packet Summary
• Select interfaces to view traffic details
Profile Based Threshold Customization
• There was no way to
customize thresholds
at device and site
level and as a result
all devices had same
priority and threshold
for triggering issues
• Now you can create
custom thresholds for
devices in a Site.
• New Network Profile
option called
Assurance.
Create custom profile in Issue Settings
Custom Profile Tab – Add Profile
Custom Profile Name
New Custom Profile Created
• New profile will include all issues
• Customize Thresholds for specific issues
• Assign Sites to the Profile
• Devices in site will now use new threshold
• Issues on these devices will be based on custom
threshold
Assign site to custom profile
Modify threshold for issues as needed
Issue Setting marked as Custom
• Issues whose threshold are modified
are shown as Custom.
Device Maintenance Mode
Suppress issues and health score when device is under maintenance
 False alarms: issues/alerts

being received when a
device undergo a
scheduled network service
 False health score reported
during device
maintenance mode
 Device 360’s status of the
device shows the device in
maintenance mode
 No false alarms during
device maintenance
window
Insight Email
• Deliver key network KPI’s and new product feature announcements via email
Insight Email – Assurance KPI’s
S No KPI Team
1 Percentage of Healthy devices Assurance
2 Change in healthy devices per week Assurance
3 Healthy devices trend Assurance
4 Site with highest and with lowest health Assurance
5 Percentage of healthy Wireless clients Assurance
6 Change in healthy Wireless Clients per week Assurance
7 Healthy Wireless Clients trend Assurance
8 Site with highest and with lowest health for wireless clients Assurance
9 Percentage of healthy Wired clients Assurance
10 Change in healthy Wired Clients per week Assurance
11 Healthy Wired Clients trend Assurance
12 Site with highest and with lowest health for Wired clients Assurance
13 Assurance Issue Summary Assurance
Cisco DNA Center 2.2.3 (Shockwave) Features
2.2.3 Features
• Network Services Analytics

• Webex Integration
• TrueTrace ( Find details in wired assurance TDM)
• PoE enhancements (Find details in wired assurance
TDM)
Network Services Analytics
The Network Services Analytics (NSA) feature provides powerful insights
and troubleshooting tools to improve the client onboarding experience across
AAA and DHCP.
NSA provides client, server, and network-side analytics, as well as root cause
analysis and individual client troubleshooting for AAA and DHCP issues that
impact clients’ onboarding ability.
Accessing Network Services Analytics
Access the “Network Services”
menu from the Assurance >
Health page
Network Services Analytics - AAA
Quickly view AAA insights and troubleshoot data within the AAA tab for a
selected period of time, and track:
• AAA Servers
• AAA Server Latency
• AAA Server Transactions
• AAA Transaction Failures %
• Top Sites by Transaction Failures
• Top Sites by Highest Latency
• AAA Servers by WLC
AAA failed/successful transactions graphed for specified

period of time. A specific time quantum can be selected to
further filter the data.
For selected time period, a summary of AAA servers, latency, and
transactions is provided.
Dashlets indicate: Top Sites by Highest Latency, Top Sites by

Transaction Failures, AAA Server Latency, and AAA Server
Transactions
The Client Table

provides additional
details about the
clients onboarded via
AAA, including
latency and total
number of
transactions.
See which AAA server is mapped to each WLC, with information about transactions
and latency for MAC auth and EAP
View additional
details about any
particular AAA
server, including:
• Top Sites
• Top SSIDs
• Top APs
• Top OS
Network Services Analytics - DHCP
Quickly view DHCP insights and troubleshoot data within the DHCP tab for a
selected period of time, and track:
• DHCP Servers
• DHCP Server Latency
• DHCP Server Transactions
• DHCP Transaction Failures %
• Top Sites by Transaction Failures
• Top Sites by Highest Latency
DHCP failed/successful transactions graphed for specified

period of time. A specific time quantum can be selected to
further filter the data.
For selected time period, a summary of DHCP servers, latency, and
transactions is provided.
Dashlets indicate: Top Sites by Highest Latency, Top Sites by

Transaction Failures, DHCP Server Latency, and DHCP Server
Transactions
The Client Table

provides additional
details about the
clients connected via
DHCP, including
latency and total
number of
transactions.
View additional
details about any
particular DHCP
server, including:
• Top Sites
• Top SSIDs
• Top APs
• Top OS
Webex Integration
Webex App 360 enhancement
Understand call quality from application perspective for better user experience
Customer Pain Points

 Webex is a mission critical, yet customers can not measure end
user experience
 Customers can not proactively identify problematic Webex
clients to troubleshoot
Product Capability
 Meeting Analytics – Good/Fair/Poor meeting minutes at a site
 View health of audio, video and sharing at site
Customer Benefit
 Customers can measure Webex experience at a site.
 Ability to proactively identify and troubleshoot problematic
Webex clients from application perspective
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Webex Integration for Clients
• Cisco DNA Center can now integrate with Webex Control Hub
• Visualize the client Webex meeting details from Control Hub
side by side with the NetFlow data for webex application
• Visualize audio, video and file share quality metrics from
Control Hub
• Visualize other Webex application metrics
New Webex Troubleshooting button in Client 360
Click on Webex Troubleshooting. Then Authenticate to

Webex. The authentication is a one-time process.
Login first time using
Control Hub admin
credentials
This is a one-time
process
© 2020
© 2020 Cisco
Cisco and/or
Public
Search for Webex meetings for client
User the username used by the client to join the webex meeting to search.
Then click Search Meetings.
View Client Webex Call Details
Select a meeting to view

details
Webex Call Quality – Audio, Video, Share
Audio Quality Details
Displays application audio

quality from Webex and
network audio quality from
NetFlow if available.
More meeting details – Jitter and Bitrate
Application data is from Webex and Network is from NetFlow

Video Quality Details

More Video quality details

Share Quality Details
More Share quality details
Other Webex Application Quality
Other Webex Application Quality
• AI ML Network Comparison
• AI ML Heatmap enhancements
• Machine Reasoning Engine – New Use cases
New Innovations: • AP Radio Comparison
2.2.x Software New Wireless Issues

•
• Location Based Poor RF & Radio Outage
Release •
• Root Cause Analysis for AAA failure
IPV6 support
• Wireless Sensor enhancements
• Application Experience
© 2020
© 2020 Cisco
Cisco and/or
Public
Network Comparison – AP Family & Endpoint Comparison
• Site Comparison Menu renamed to Network Comparison
• Compare between Sites, Endpoints or AP models

• Unable to compare KPI performance across different AP models
• Unable to evaluate the onboarding performance of different type of
endpoints
Product Capability
 View and compare dynamic performance clusters for a selected KPI
and AP families for days of a week.
 View and compare onboarding KPIs for specific device types for days
of a week.
Customer Benefit
 Identify optimization opportunities in network .
 Compare and benchmark different network entities.
Network Heatmaps – Hourly View and AP Search

Customers are unable to infer hourly AP performance as heatmap
granularity was limited to daily average.
Product Capability
 Select and view AP performance for every hour of the day
 Search for specific AP’s in heatmaps
Customer Benefit
 View and infer AP performance for every hour of the day
 Identify peak and shallow hours in network
 Find an AP easily
Baselines Dashboard

Network engineers don’t have visibility into client onboarding
experience across different locations in the network and history of
deviations from baselines.
Product Capability
 Dashboard view of onboarding KPIs with issue overlays going back
up to 2 weeks
 Identify SSIDs and buildings that need extra attention based on
aggregated deviation details for the selected time period.
 Search for specific AP’s in heatmapsBenefit

Customer
 Single pane of glass to view the predicted onboarding performance
KPIs (baselines) across every building and SSID combination.
MRE – New Workflows

 Issue root causing takes long and relies on the the subject matter
expertise and CLI knowledge of the network user.
Product Capability
 Enables automated root-causing of network issues through a set of
predefined workflows curated by Cisco subject matter experts
Customer Benefit
 Accelerated root causing for following network issues
 POE Power Overdrawn
 Wired Client Authorization Failure
 Wired Client DHCP Failure
AP Radio Site Comparison
• Identify if RF issues are due to an AP or a more general problem
• No easy way to compare KPI’s between AP radios on a floor
Product Capability
 View and compare 15 different KPI’s for up to 5 radios at a time
 Select the KPIs you wish to compare
 Channel, Interference, Noise, Channel Utilization, etc
Customer Benefit
 Isolate if issue is due to specific AP or a more general problem
 Compare AP’s where client is having issues versus AP where client is
not having issues
Troubleshoot RF issue in Floor
Troubleshooting
Issue Select KPI’s to
compare
Radio Outage Issue
AAA Failure Root Cause Analysis
• Hard to troubleshoot AAA failure issues.

• Have to login to AAA server to find details
Product Capability
• Enables automated root-causing of AAA failure issues with MRE
• Uses Syslog's from AAA server to analyze and root cause the issue
Customer Benefit
 Accelerated root causing for following network issues
 AAA Failure issues
 Does not have to go to AAA server for initial troubleshooting
Message Code: 14567

Description: Supplicant failed to validate EAP payload
Flex and Fabric support for Application Visibility for 9800
WLC
Enabling flexibility for wireless deployments

• Customers could only get quantitative and qualitative metrics in
DNAC from the 9800 controllers when the APs are deployed in
local mode. Now they can get quantitative metrics in Flex
and Fabric mode as well.
Product Capability
 Application Usage, Health, Packet Loss, Jitter, Latency
Customer Benefit
• Better understanding of application performance on their
wireless network
• Better flexibility to get application visibility in flex and fabric
mode
Inventory
Assurance – Network and Client Health
Aironet Active Sensor Compatibility Matrix
Upgrade to the Latest for the Best Experience!
Sensor Software Release Cisco DNA Center Release
2.2.2.0 2.2.2 and above

2.2.1.0 2.2.1.0
2.1.2.0 2.1.2.x
1.3.3.0 1.3.3.x
1.3.1.2 1.3.1.x
8.8.263.0 1.3.0.3 or earlier
New Backhaul Security Methods
An Enhanced Day 0 Experience
Wired Backhaul Wireless Backhaul
Backhaul Networks Ability to identify

• EAP-TTLS- •
MSCHAPv2 TKIP enabled

• EAP-TTLS-PAP WLANS.
• EAP-TTLS-CHAP
• EAP-FAST-GTC
• EAP-PEAP-GTC Wired Wireless
Enhanced Performance Test Scheduling
Safeguards to Prevent Network Overload
NDT
Update:
• Shortest configurable time is 1 hour.
iPerf3
Update:
• Single sensor is auto-chosen to run each iPerf3 server
configured.
IPSLA
Update:
• Device IPSLA config is tracked and enabled when off.
Sensor Supports WPA3 Networks
Assess the Most Advanced WLAN Security
Enable WPA3 for an SSID Sensors can Associate to that Network!
Network Proxy Support
Supported for Web and NDT Tests
Add an optional proxy for each SSID under
1 2 Bypass proxy for specific IPs/URLs when needed.
test.
Bypass
Configured
Proxy
Proxy
Configuration
Leverage
Configured
Proxy
Subscribe to Sensor Issues
Supported for Web and NDT Tests
Subscription Types: REST API, Email, Syslog, Pager

1 Sensor Issues now available for subscription! 2
Duty
 Wi-Fi 6 Dashboard
 Application Visibility Enhancements
 Long-Term Operational Reports
New Innovations:  Customization of Health Score and Issues
2.1.x Software Release  Issue Lifecycle Management: Bi-directional

Integration with ServiceNow
 AI Network Analytics: C9800 support
 Intelligent Capture for C9130APs
 Optimized APM on the eWLC/9800 ,
Routers and Telemetry Appliance
 30-day dashboard data retention
© 2020
© 2020 Cisco
Cisco and/or
Public
Cisco DNAC Assurance – Wi-Fi 6 Dashboard
Key Use Cases:
1. Understanding the Wi-Fi 6 Readiness of Clients & Network Infrastructure.
2. Visualizing the benefits of an existing Wi-Fi 6 Network.
Application Telemetry
Application telemetry allows you to configure global network Basically, it deploys NetFlow configurations on the devices
settings on devices for monitoring and assessing their health. which start exporting their traffic to Cisco DNA Center
which in turn uses this traffic for populating Assurance
views.
Day 0: Simplified Application Telemetry Setup
Tagging no longer required!
• We will still honor “tags” on device interfaces and SSIDs

• Additional “auto-select” capability to be offered where DNAC will do all the heavy
lifting for you
• You pick on which device category (Router, Switch, WLC) you want App
Telemetry
• Routers: All LAN-side interfaces will be enabled
• Controllers: All non-guest SSIDs will be enabled
• Switches: All physical access-ports will be enabled
• Time-to-Value delivered
Take Control of Application Classification
1 Use Provision->Application Visibility to

change the attributes of your Apps
1
2 Define new Custom Apps that don’t exist in
2 NBAR libraries
3
Control the Class of Service associated with
any particular App
4
Assure your most important Apps with the
Business Relevance Tag
3
All changes made here will be reflected in
4
Assurance workflows
Long-Term Report Management on DNA Center
• Key Reports - Client Detail and Trend, Client Session, Access Point and Radio Detail, and Executive
Summary Report
• Extension of data retention for these reports for up to a period of 90 days
• Embedded Reports viewer within DNAC
• Reports delivery as Email attachment
• Bulk export of Reports available for external consumption
New Assurance and Analytics Reports
Reports Use Cases Format Retention Period
Find Memory & CPU Utilization, State, Client counts, Uptime, Health
Access point detail CSV, JSON, Tableau 90
Score, Location, OS version of the access points
Find Avg TX/RX rates, Utilization, Client Count, Radio Statistics,

Access point radio detail CSV, JSON, Tableau 90
Frequency, Channels, Uptime for radios of access point
Client Detail Find insights and statistics on clients seen in a network CSV, JSON, Tableau 90
Client Session Find client sessions, start and end time , associated metrics CSV, JSON, Tableau 30
Client Trend (Count & Traffic) View trend of client count and traffic over a period of time PDF 90
Executive summary of the network and compare (daily, weekly, monthly)

Executive Summary performance of client health, network health, and issue trend against a PDF 90
previous period
View top locations by client count, poor client health. Group by sit,
Top N Summary PDF 90
building, floor
Find Memory & CPU Utilization, State, Client counts, Uptime, Health
Access point detail CSV, JSON, Tableau 90
Score, Location, OS version of the access points
Find Avg TX/RX rates, Utilization, Client Count, Radio Statistics,

Access point radio detail CSV, JSON, Tableau 90
Frequency, Channels, Uptime for radios of access point
Client Detail Find insights and statistics on clients seen in a network CSV, JSON, Tableau 90
New Assurance and Analytics Reports
Reports Use Cases Format Retention Period
Busiest Clients Find the busiest clients in your network CSV, JSON, Tableau 90
Network Device Availability -

Summary view with % network device availability PDF, CSV, JSON, Tableau 90
Summary
Trend and reason for Tx power changes on access points over a period of
Wireless Tx Power Changes PDF, CSV, JSON, Tableau 30
time
Wireless channel count changes

Trend of channel changes count on access points over a period of time PDF, CSV, JSON, Tableau 30
for
PoE Power and Budget and Power budget allocated and used by access switches, # of available and used
PDF, CSV, JSON, Tableau 30
Summary PoE ports, PoE status of the connected devices
Customization of Client Health Score and Issues
Customize Wireless and Wired

Client Health Score Settings
• Include or Exclude KPIs
• Change Threshold value of each KPI
Issue Lifecycle Management: ServiceNow Integration
Status Change from ServiceNow • Bi-directional integration to fetch ticket

number and owner information from
ServiceNow and show it as part of
Assurance Issue
• Resolving issue at one end automatically

syncs the status at the other end
AI Network Analytics | New Device Support for Catalyst
9800 WLC’s – Phase 1
Baselining driven AI-issues for

onboarding KPI’s on Catalyst 9800
<Placeholder for Screenshots>

• Onboarding Time/Failures
• DHCP Time/Failures
• AAA Time/Failures
• Association Time/Failures
• Notification support for AI driven
issues
AI Network Analytics | Enterprise Readiness
Enhancements
Internationalization/Localization
support for AI-NA feature set in 3
languages support by DNA Center
• Japanese
• Chinese
• Korean
Intelligent Capture on Catalyst 9130APs
Start and Stop Full
Packet
Capture on C9130APs
Network Time Travel

Time Navigation
button
Travel
36
Real-time Client location

Client
10.10.1.25
Map with trail of movement

0
Event
Viewer All or
Failed Onboard Packet
Onboard stage identifier Download
Auto Event Onboard Packet
Packet
Analyzer Onboardin
De-authentication
Packet
g
Session Interpacket Gap (ms)
RSSI Chart per Packet bar chart
Dashboard – Go back to 30 days
Network, Client and Application dashboards
Streaming Telemetry
for Wireless Analytics
Streaming Telemetry
Export enriched, consistent and concise data with context from network
devices for a better user and operator experience
Periodic or On- Structured Scalable Reduced CPU

Change Data Load
SNMP Polling vs. Streaming Telemetry
Traditional Telemetry Streaming Telemetry

Intent-based
Wireless Infrastructure
SNMP / Legacy data
pull methods
Streaming Telemetry
Pull based data import Push based data export
CPU overhead with data crawlers Low CPU overhead
Data intensive without optimizations Optimized for Data export (KPI, Events)
No real time notification and false alarms Notification sent seconds after change
Min polling has too many black holes Reduced delay in management data
*Available with 16.10.1s
and Cisco DNA Center 1.2.8 or later
Purpose-Built for Cisco DNA Assurance
Wireless Streaming Telemetry Architecture
Cisco DNA Center
gRPC/Protobuf https/JWT TLS/TDL AP WSA/JWT
AP2/3/4800K ME, WLC3504/5520/8540 Catalyst 9800 Series Active Sensor AP1800S
• HTTP 2.0/gRPC based • Supported from AireOS 8.5 • KPI Parity with AireOS • HTTPS for Automation and
• Anomaly Event, RF Stat, • Real-Time client event • Immediate Event Update reporting
PCAP, Spectrum • 256 types of Client Onboard • Embedded Wireless in Cat9300 • PnP-based Provisioning
• Scheduled and Automated Events • Fully Managed by Cisco DNA
Center
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Recommended software release: AireOS 8.10MR3 and IOS XE 17.3.1
Cisco DNA Center automatically turns on streaming telemetry
when Catalyst 9800 is added to inventory
Cisco DNA Center pushes automated scripts to enable telemetry
1. Prerequisite – Enable Netconf-yang from Cat9800 CLI
2. Install Cisco DNA Center Certificate for https setup with Cisco Cisco DNA Center
3. Configure and Enable streaming telemetry (TDL) using NETCONF to Cisco DNA
Center
2 Download
NA Cert 4
Streaming Telemetry
Automation (NETCONF)
3 data (TDL) using TLS
Script to enable WSA
Step1. (config)#aaa authorization exec default local

1 Step2. (config)#netconf-yang // Enable Netconf from WLC CLI
Wireless Assurance provide feature Parity between
AireOS and IOS-XE based Controller
Cisco DNA Center

• Design, Provision, Automate
• Health, Issue, Sensor
Policy Automation Assurance • Intelligent Capture
• Apple iOS WiFi Analytics
AireOS 8.5 or 8.8+ Catalyst 16.10.1 or later

Use JWT – JSON Web Token Use TDL - Binary encoded, model-based JSON
Recommended software release: AireOS 8.10MR3 and IOS XE 17.3.1
Wi-Fi 6 Dashboard
Client Distribution by Capability
Purpose:
• To depict the wireless capability of the clients in the Network:
• Inner circle - wireless capability of clients joined to the network.
• Outer segment - if a Wi-Fi 6 capable clients is joined to a Wi-Fi 6 network.
Use Case:
• To allow users to understand if the Wi-Fi 6 clients in their network are being used to their
full potential
Legend:
• Wi-Fi 6: 802.11ax capable client(s)
• 11ac: 802.11ac capable clients(s)
• 11n: 802.11n capable clients(s)
• 11abg: 802.11a/b/g capable clients(s)
Wi-Fi 6 Network Readiness
Purpose:
• To depicts the wireless protocol details of the APs in the network:
• Inner circle - APs that are Wi-Fi 6 (11ax) and non-Wi-Fi 6
(11ac/n/a/b/g) capable.
• Outer segment - Wi-Fi 6 APs with 11ax enabled.
Use Case:
• To show the user whether the AP infra on their network is serving clients at
its highest potential.
Legend:
• Wi-Fi 6 APs: APs w/ capability to broadcast an 11ax network.
• Non-Wi-Fi 6 APs: APs w/o capability to broadcast an 11ax network.
AP Distribution by Protocol
Purpose:
• To depicts the wireless protocol capabilities of the APs in the network:
• Depicts the number of APs that have the hardware capability to support
each of the following wireless protocols: 802.11ax/ac/n/a/b/g.
Use Case:
• To show the user whether the AP infra on their network is serving clients at its
highest potential.
Legend:
• Wi-Fi 6: 802.11ax capable AP(s)
• 11ac: 802.11ac capable AP(s)
• 11n: 802.11n capable AP(s)
• 11abg: 802.11a/b/g capable AP(s)
Wireless Airtime Efficiency: Wi-Fi 6 Benefits
Purpose:
• To provide a comparison of the average airtime efficiency between Wi-Fi 6, and
non-Wi-fi 6 traffic for each of the access categories (voice, video, best effort,
background).
Use Case:
• To prove to users via data that Wi-Fi 6 is superior in regard to efficiency.
Legend:
• Wi-Fi 6 Traffic:
• Traffic sent from Wi-Fi 6 APs to clients associated as Wi-Fi 6.
• Non-Wi-Fi 6 Traffic:
• Traffic sent from Wi-Fi 6 APs to non-Wi-Fi 6 capable clients.
• Traffic sent from non-Wi-Fi 6 APs to non-Wi-Fi 6 capable clients.
• Traffic sent from non-Wi-Fi 6 APs to Wi-Fi 6 capable clients.
Note:
• This data is the average of all traffic in the network.
• A per AP View can be seen on “AP 360” page under connectivity
Wireless Latency – Wi-Fi 6 Benefits
Purpose:
• To provide a comparison of the average wireless latency between Wi-Fi 6, and non-
Wi-fi 6 traffic for each of the access categories (voice, video, best effort, background).
Use Case:
• To prove to users via data that Wi-Fi 6 is superior in regard to wireless latency.
Legend:
• Wi-Fi 6 Traffic:
• Traffic sent from Wi-Fi 6 APs to clients associated as Wi-Fi 6.
• Non-Wi-Fi 6 Traffic:
• Traffic sent from Wi-Fi 6 APs to non-Wi-Fi 6 capable clients.
• Traffic sent from non-Wi-Fi 6 APs to non-Wi-Fi 6 capable clients.
• Traffic sent from non-Wi-Fi 6 APs to Wi-Fi 6 capable clients.
Note:
• This data is an average of all traffic in your network.
• A per AP View can be seen on AP 360 page under connectivity
Traffic Distribution
Traffic PerPer
Distribution APAP
– Wi-Fi
– Wi-Fi66Benefits
Benefits
Purpose:
• To provide a per AP drilled-down
view of the Wireless Airtime
Efficiency and Wireless Latency
data.
Navigation:
1. AP 360 page
2. Scroll down to connectivity
3. Click on the Radio you would like to
view.
4. Choose the specific access category
from the drop-down menu.
Dual DFS
Purpose:
• To provide users a per radio view in regard to the % of DFS event that are detected by the AP and suppressed.
Use Case:
• To visualize to the user the effectiveness of it’s DFS suppression capabilities.
Navigation:
1. AP 360
2. Scroll down to connectivity
3. Click on the Radio you would like to view.
Software and Hardware Dependencies
Wireless 11ac Wave 2
11ac Wave 2 11ac Wave 2 11ax (911x) 11ax (912x) 11ax (913x)
Assurance DNAC Version WLC 18XX/1540
2K/3K/1560 Series AP 4800 91153 Series 9120 Series 9130 Series
Feature Series
8.5MR7 8.5MR7
8.8MR3 8.8MR3
AireOS 8.8MR3 8.8MR3 8.10MR3 8.10MR3
8.10MR3 8.10MR3
8.10MR3 8.10MR3
Wi-Fi 6
Assurance 2.1.1
(Phase1) 16.12.3 16.12.3 16.12.3 16.12.3 16.12.3 16.12.3
17.1.1 17.1.1 17.1.1 17.1.1 17.1.1 17.1.1
IOS-XE
17.2.1 17.2.1 17.2.1 17.2.1 17.2.1 17.2.1
17.3.1 17.3.1 17.3.1 17.3.1 17.3.1 17.3.1
Supported WLC Models
5505, 7510, 8510

AireOS
3504, 5520, 8540 Notes:
• Only AireOS 8.10MR3 and IOS XE 17.3.1 support Traffic Distribution Features (Wireless Airtime
Embedded Wireless Controller (EWC) Efficiency & Wireless Latency).
C9800-CL (veWLC)
IOS-XE C9800-L (Katar) • Both local and flex modes are supported.
C9800-40 (Gladius)
C9800-80 (DAO) • Wave 1 APs (1600, 1700, 2600, 2700 Series) APs are supported in 8.5MR7
AI / ML for
Wireless Assurance AI
Use Case 1: Improve Incident Alert Fidelity v
Personalized Baselining
Before: Custom thresholds = Alert overload AI-driven: Dynamic baselines = relevant anomalies
Environment 1 Environment 1
Max
Min
Max
Min
Max
Min
Use Case 2: Proactive & Predictive Insights
Intelligent Analysis
Proactive Exploration
System Generated Insights
Peer-to-peer &
Site-to-site Comparison
Find Issues
Before Users Do
AI-Driven Wireless Use Cases
Wireless Onboarding Application Experience
Wireless User Failed to Connect Wireless User’s Application throughput is

Wireless User took too long to Connect declining
Excessive Excessive DHCP

Excessive Time
Failures Time Media Application
Total Radio
Excessive DHCP Excessive AAA Excessive AAA Throughput
Failures Time Failures Social Application
Cloud Application
Excessive Assoc. Excessive Assoc. Throughput
Time Failures
Closed-loop Cloud-based AI/ML model
• Send Network Telemetry in
anonymized, encrypted,
compressed way
Anonymized
Customer
Customer Network Telemetry
ABC
ABC
Customer Customer
ABC
CustomerABC
ABC
Customer
ABC Model Training
Anomalies Cisco AI Network Analytics Cloud

OnPrem
And Insight
Cisco DNA Center
• Use Millions KPIs Stats to train
Prediction model
• Get re-trained every week
Starting from Cisco DNA Center 1.3.1
Cisco AI Network Analytics
Anomalies and Insights

Cisco DNA Center
WLC
Controller
Strong Anonymization
Cloud Anonymized
Agent Data
WSACollector
WSA Collector
Cisco AI Cloud
Cisco DNA Center
Appliance
• Wireless Analytics Today

• Opt-In Cloud Analytics
• Long term analytics
Network Infrastructure
Root Cause Analysis –Identify Six Ws
Who / What / When / Where / Why / HoW
3 When 1 Who
4 Where
2 What
“Clients are facing
6 How timeouts and failures
during authentication and
addressing”
5 Why
Discovery of Anomaly via
Long-term trending / Behavior change
Insight – Found AP that exposed by HUGE noise for last 2 weeks

Network Heatmap
Top N AP View with customizable KPIs
 Network Heatmap for Top N
AP over a month
using custom selectable,
interested KPI
 Top N AP View displays a
clear visual representation of
interest across the network
and daily trend up to last 30
days
 Identification of top &bottom
performers, systemic issues
across the network at a given
time
Peer Comparison - Compare with Peers
Compare with other

devices in the same
network, time and …
comparable networks
Network Comparison
• Site Comparison Menu renamed to Network Comparison

• Compare between Sites, Endpoint Types and AP Models
Network Comparison
• Choose buildings , AP models or Endpoint types to compare

• Compare buildings to see if one building with newer devices or software is performing better
• Compare AP Models to see if one AP Model provides better client performance
• Compare Endpoint types like Android phones to IP Phones to check onboarding times
Building Comparison
• Compare 2 Buildings
• Radio throughput
• Average onboarding time
• Cloud Apps Throughput
• Media Apps Throughput
• Average Client RSSI
• Interference
• Social Apps Throughput
• Average AAA time
• Channel Utilization
• Average DHCP Time
• Average Client SNR
Endpoint Comparison
New Baselines Feature
Baselines View
KPI’S
• Onboarding Time
• Onboarding Failures
• DHCP Time
• Authentication Time
• Authentication Failures
• Each bubble is a building

• Bubble size = num of clients
• X axis shows KPI values
View Baselines for Multiple onboarding KPI’s
• View baselines for 2 weeks

• Select multiple SSIDs to
compare baselines
• View baselines for KPI’s
even if there are no AI issues
KPI’s
• Onboarding Time
• Onboarding Failures
• DHCP Time
• Authentication Time
• Authentication Failures
Data Privacy in AI Network Cloud
• All of PII (Personally Identifiable Information) and Network that we are forwarding to AI
Network Cloud is encrypted, anonymized and unidentified
• End user identity (user name, device MAC address, etc.)
• Device location (hostname, AP location string, etc.)
• Network addresses (IPv4 / IPv6), including routing table information
Cisco DNA Center US East

https://api.use1.prd.kairos.ciscolabs.com
Campus
EU Central
https://api.euc1.prd.kairos.ciscolabs.com
https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/nb-06-ai-nw-analytics-wp-cte-en.html
AI/ML Resources
• Please refer to the AI/ML TDM for more details

• https://salesconnect.cisco.com/#/content-detail/2477f7bf-141b-4ef2-89ec-af
7c7f0c9383
Wireless Issues
DNA-C Wireless Assurance
From Network Data to Business Insights
Unified Network Telemetry Correlation Issues Guided Remediation
Auto Fix It - Future
Contextual Data Complex Event Processing Insights - Now
INSI GHTS
 140 Wireless Actionable Insights

Client Client RF App Experience Network Device
- - CPU, Mem utilization
Onboarding Experience Throughput analysis
- App Performance – - Crash, AP Join Failure,
- Association failures - Sticky client, Ping pong
Packet Loss, Latency Flapping AP
- Authentication failures - Coverage Hole and Jitter - Power supply failure
- IP address failures - Client Capacity - DNS Issues -
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Radio Utilization
Individual Issues can be escalated to global issue if impact
is significant
Issue Network Clients Application Sensor

Category
Per-entity Device 360 AP Issue Per-Client Per-App n/a
Issue Client 360 Device level
App 360
Global Overview WLC Issue Multiple (+5%) Not More than 2
Issue Health Routing Issue Clients having Available sensors
Issue Page Infrastructure same issue failed for
Link Down from same floor same reason
Wireless Client Issues Notification
DNA to generate
Client Issue
Onboarding Issue
- Slow, Onboarding/Roaming Failure
Connected Issue – Coverage, Sticky WSA Events
iOS Client Issues – based on

iOS Disconnect Reason
Sensor Issue – Multiple Sensor Test Failures
• Cisco DNA Center to correlated, aggregate Client Events from AP& WLC and generate issue
• Issue can be reported to ServiceNow using Native Integration
Wireless Device (WLC & AP) – Issues
DNA to generate
Edge Analytics
AP/WLC Issue
AP Anom
alies
PCAP
Notification
API
AP, WLC Events
• Smart Edge Analytics can trigger AP Anomaly Event (Beacon Miss, Beacon Recovered) w/ PCAP
• Cisco DNA Center to correlated, aggregate Device Events from AP& WLC and generate issue
• Suggested Action with possible CLI auto-run for further verification
Issue Customization
Customize Issue On/Off, Priority, Trigger condition
New Issue Dashboard
• Top 5 Most Impacted Site with
Zoom-in View
• Issue Heatmap Trend combined
with Network Time Travel
• Priority / Issue Type Filter
• AI issues tab
• Export Issues as CSV file
Issue Workflow Enhancement
Auto Resolve Issue Bulk Resolve/Ignore Issue

Device Reachability and Link Availability issues
Closed-loop Issue Life Cycle management with Service
Now
Issue Customization Status Change from ServiceNow
Cisco DNA Center 1.3.1 Post Cisco DNA Center 1.3.3
Priority, Issue On/Off, and Threshold Changed Ticket status from ServiceNow
is reflected into Cisco DNA Center Issue
Poor RF issue on Floor
Troubleshoot RF issue in Floor
Troubleshooting
Issue
• Select KPI’s to compare
• Isolate issue to single
radio
• See if it is a more general
problem on the floor
Radio Outage Issue
• Detect Radio Outage issues

not detected by WLC
• Checks 6 conditions to
detect the issue:
• AP radio state is up
• AP Mode is
local/Flex-Connect
• AP radio has WLAN
configured
• Client count on radio = 0
• Rx data/mgmt frame
count not increasing
• AP radio channel
utilization 0
• AP is not an isolated AP
AAA Failure Root Cause Analysis
• Integrate ISE to Cisco DNA Center

• Enable syslog's from ISE To Cisco DNA Center
• The MRE workflow for the AAA failure issue
allows you to root cause the issue by analyzing the
syslog's
Message Code: 14567

Description: Supplicant failed to validate EAP payload
Wireless Network Health
Zoom Into most problematic location from global view
Geomap View
Location List view
• Site by Site Navigation
• Top-N based on Network Health

Latest or Trend view per Network device type
• Router, Switch (Core, Distribution, Access), Wireless Controller, Access Point
• Network health = % of all good (healthy) devices from total devices
• Health Score assignment is Based on the Cisco Best Practice KPI threshold value
Actionable Dashboard - Drill-down by KPIs
• Breakdown of Device Health per type, with latest or trend view
Network Device Health

based on KPIs Intuitive Drill-down workflow
Network Health Score Details
• Health Score = Single KPI that indicate network device and link condition
• Calculated per every 5 min, with 15 min window.
Device KPI Data Plane KPI

• • Uplink Status (Switch)
CPU
• Link Error (Switch, AP, WLC)
• Memory
• Noise, Air Quality,
• Free MBuf
Interference, Radio Utilization
• Free Timer
(AP)
• Packet Pools, WQE Pools
(WLC)
• Network health = % of all good (healthy) devices from total devices
• Device score is chosen from lowest Device KPI type
• Health Score assignment is Based on the Cisco Best Practice KPI threshold value
Wireless Device Health KPI Threshold
– Access Point and WLC
AP Control Plane Wired RF
Type CPU Memory Link Interference Utilization Noise Air Quality
Error
KPI >90% >90% > 1% 2.4GHz > 50% 2.4GHz > 70% 2.4GHz > -81 dBm 2.4GHz < 60
5GHz >20% 5GHz >70% 5GHz > -83 dBm 5GHz < 75
WLC Control Memory Data Plane

Type Memory FreeTimer FreeMbuf WQE Pool Packet Pool Link Error
KPI >90% >90% > 1% 2.4GHz > 50% 2.4GHz > 70% 2.4GHz > -81 dBm
5GHz >20% 5GHz >70% 5GHz > -83 dBm
• If KPI goes below threshold, Health Score will change from 10 to1
• In case of AP RF, each radios will have own 1 or 10 health score and
average value will be used
Network Health Customization
• Customize Network Health Score

calculation formula
• Customize what KPI will be
included in the network health
score calculation
• Customize Threshold value of
each KPI
Fixed Formula
• Pick “Lowest” KPI among others
Network Device Table – Health Drill Down view
• Table-based workflow filter, Export, search, sort

• Device Model, Device Reachability, OS Version, Address,
Device Connection Status
• Reachable or Unreachable – Cisco DNA Center runs SNMP Polling to network devices every
60sec. Runs against Router, Switch, WLC. In case of Sensor, sensor uses HTTPS heartbeat.
• Managed or Unmanaged – If Network Device does not update telemetry for 15min. Device
became unmanaged
• Up or Down – AP uses Up or Down. AP doesn’t have direct heartbeat or SNMP Polling so
Cisco DNA Center doesn’t check reachability directly. Instead, Cisco DNA Center rely on
WLC’s AP CAPWAP Up or Down condition to check it’s reachability
Device 360 – Device Event Logs in Network Time Travel
view and Event Viewer
Device 360 – Enhanced Neighbor Topology
• Neighboring Interface number

• Port Type (e.g. Trunk or Access)
Device 360 – Interface Table
• Per Interface detail
• Port Type Filter
• Speed
• Duplex
• VLAN
• Type
• Interface ID
• Admin Status
Radio Specific KPIs
• Radio Specific KPI’s

• For Connectivity and RF
• Channel
• Channel width
• Band
• RF Profile
AP Event Viewer
• View Detailed AP Events via Telemetry

• Channel Change, Power Level Change, etc
AP Radio Comparison – Starting from Version 2.2.2
• Compare AP Radios on a
Floor
• Isolate if RF issues are due

to single AP or a more
general problem
Select Radios to compare from Map View
1. Select an AP to view the radios

2. Select the radio to compare
with the current AP radio
3. You can select up to 5 radios
to compare at a time
4. Select same band radios for
proper comparison of KPI’s
Select Radios to compare from Table View
Click here for

Table view
Compare up to 15 different KPI’s
• Check if radios are on same channel

• Check if all the radios are having
Interference or noise
• Compare air quality
• Comparing different KPIs may help
isolate the cause of the RF issue
IPV6 Support - Inventory
• IPV6 support is currently not supported in dual stack

IPV6 Support – Network and Client Health
Client Health SLA
Client Health Summary Workflow
• All Client or breakdown of the client health site score for
Wired and Wireless clients
• last 5min view is provided across all widgets
• Trendline health summary chart for the 24 hrs. view
• From this page, we can navigate to:

• The individual site specific Client summary page
• Network Time Travel using 24 hours Client Health Trend
• Enhanced Client List View
4 Level Wi-Fi connection quality indicator = Wireless
Health Score
• Based on Client connection status & RF quality
• Calculated per every 5 min, using client RSSI and SNR from WLC
– Connected, (Both RSSI and SNR are above threshold)
7 – Connected, (One of RSSI or SNR is below threshold)
4 – Connected, (Both RSSI and SNR are below threshold)
1 – Connected, Failed to Onboarding
– Inactive or Newly connected Client
Bad < -72 dBm RSSI < Good
Bad < -9 dB SNR < Good

Client Health Analytics Charts
• Available Client Analytics

• Drill-Down Workflow
• Wireless Client Onboard Time
• Drill-down Detail
• Roaming Time
• Mid level, Top N view
• Common LATEST / TREND View on Every Dashlet
• Network Time Travel for trend view
• Connectivity RSSI / SNR chart
Client Health Drill Down – OnBoarding
• Break down view of Assoc. time, AAA

time, DHCP time,
• Per Server View on AAA & DHCP
• Mid-level drill down view
• Select any sub-section will show client

lists in selected category
• Display Applied Filter on top of list
• Show Onboarding performance of each

client
Roaming Times
• Overall Roaming Performance
• Fast Roam: <150msec
• Slow Roam: Above >3sec
• Narrow Down Roaming

Problems into
• Top Area
• Top OS Type
• Top APs
Client Table and Health Hover
• Connection Status and

type icon
• Usage
• Sort
• Health detail view
• Range-based Filter
• Export
0
3.
Event Viewer Enhancements
3.
1.
Wired Client Event Viewer Enhanced AP Event Viewer
• Event Viewer support for wired clients
• Expose Onboard failure reason to title
• Event header to show Event Reason, Changed Status
0
3.
3.
1.
Executive Summary Report

• Single Assurance Report captures Network/Client Health, Inventory and Issue summary
• 7 Days + 7 Days, Emphasize delta from last period
Enhanced Client Health
• 5 Minutes View
for current snapshot
• Total to Onboard
Success/Failed Client
to Connected Health
Score
• 24 Hours view
for Daily Trending
Client Health Analytics Charts – Last 5 min or Trend
• Client Attempts by Onboarding Time

- Distribution of total onboarding time taken by clients • Drill-down view of each widget and
details
• Connectivity RSSI / SNR chart
• E.g. Connectivity RSSI detail shows
- RSSI / SNR distribution received from wireless clients each clients RSSI and Avg. RSSI
Client Health Drill Down – OnBoarding
• Break down view of Assoc. time,
AAA time, DHCP time,
• Per Server View on AAA & DHCP
• Select any sub-section will show

client lists in selected category
• Display Applied Filter on top of
list
• Show Onboarding performance of
each client
Intelligent Capture
Today’s Wireless Troubleshooting Practice
• Failure cases are classified as transitive due to lack of

data
• No Single source of failure log collection
• Lack of Failure Packet Capture
• Lack of information on failed location
• Difficult to execute remote troubleshooting
• Require special tools and Onsite visit
Intelligent Capture ~ Key Use-Cases
Real Time Client Troubleshooting
Real Time Location Tracking
Anomaly-based PCAP
On-Demand PCAP (of Onboarding Frames)
Real Time AP/Client Monitor

Made for DNA
Spectrum Analysis
Automated AP Radio Anomalies

Anomaly triggered PCAPs will allow network operators to overcome
the challenge of replicating Wireless issues
Real Time Wireless Client Troubleshooting Start and Stop Full Packet
Capture for AP4800
Real-Time
Live Mode
Network
Time Travel
Real-Time
Client Event
Viewer 36
10.10.1.25
Real-time Client location Map with

trail of movement
Download
Onboard Packet
Onboard Packet stage

identifier Anomaly Packet
Session Sequence
Duration
Actionable Insights - Intelligent Capture 2. Live Coverage Hole
Analysis
• Client location movement trail

• Color coded by client RF stat.
• Real Time location Update
• Push Update from CMX
• Real-Time or Historical Client location
• Requires CMX 10.5
RF Metric Good (Green) Fair (Orange) Poor (Red)
RSSI > -69 dBm -69 dBm to -71dBm < -71 dBm
SNR > 25 dBm 10dB to 25dB <10dB
Data Rate MCS3,4,5,6,7,11,12,13,14, MCS1,2,9,10,17,18 - MCS0,8,16 - BPSK
15,19,20,21,22,23 QPSK
Throughput > 10 Kbps 2 ~ 10 Kbps < 1Kbps
Packet Retry 1 or less 2 3 or above
2019
From Cisco DNA Center 1.3.3.0
Expanded Intelligent Capture support
• Intelligent Capture is extending it’s support to AP1800

Series APs and Catalyst 9100 802.11ax APs! ~ AireOS
8.10, IOS-XE 16.12.1s
• Anomaly Packet Capture Correlation Enhancement
• Spectrum Analyzer Usability Enhancement

• Progressive Update
• Customizable Threshold
• Full Data Packet Capture monitoring
Best In Class
AP4800 with Intelligent Capture
– Key Components
Open API Interface

Client Location
Innovative Sniffer HW Decrypted Packets
Software Key Plumbing Real Time Telemetry
Hyperlocation AP4800 Cisco DNA Center

Correlation at Cisco DNA Center
• PCAP stitching for roaming
• Historical view up to 30 days
• App Analytics with vNAM
• Client tracking based on
RSSI, Location
Intelligent Capture
Automated Stitching from Multiple APs Capture
• Multiple APs tracking clients during packet capture
2.4GHz / 6 Ch 01 • Create Single PCAP File from

TE :01
LE :01 Multiple AP roaming scenarios
M
ET
Roam RY • Applicable all types of Intelligent Capture type
01:02:01 o Automated Packet Capture
5 GHz / 36 Ch RULES
o OnDemand Packet Capture
Cisco Cisco DNA Center
Roam
o Scheduled Packet Capture
STREAMING
G
IN
RE :34
TELEMETRY
• Auto Decrypted Data Packet
M
ST 0:12
A
RULES
0
5 GHz / 161 Ch • Capture Across AP, across Floor, across channel and band
• Zero Packet Loss during Client Roam
Real-Time Application Analysis
using AP4800 Full Packet Capture
Data Center • vNAM can be deployed as

Out-of-Band Deployment
gRPC Packet Capture
• vNAM is consumer of Cisco DNA-C
gRPC
vNAM DNA-C • Packet capture from AP4800
WLC • On-Demand Packet Analysis
• Deployment Agnostics – works on
Central, FlexConnect or Fabric mode
• Use-Cases
• RTP (VoIP) analysis
• TCP Analysis
Cisco DNA Analytics, • Real Client Traffic Analysis
AP4800 AP4800 AP4800 • Raw Packet Analysis
Monitoring and Location Radio
•Advantages
WAN • Single Node deployment
FlexConnect
• Remote node Analysis
• Zero User Throughput Impact
AP4800
Intelligent Capture Deployment
Americas EN Sales
Intelligent Capture will help proactively troubleshoot issues on
the DNA Assurance
Automated and Direct access to

Tomorrow ~ 240+ events @ In-service Packet any AP in the
2 seconds Captures network ~2-3 seconds ~2-3 seconds
Live Client Anomaly based On-Demand Real-time On-Demand

Onboarding State ICAPs RF Scanning Client Location Wi-Fi App Analytics
~ 240+ events @ Not available Not available ~8-10 seconds Not available
Today 30 seconds
Users assume the wireless

Hours
72 hours Average amount of time to resolve
63% C
network is the problem Minutes
to minutes user issue with Intelligent Capture
Intelligent Capture Architecture
UDP (Location Data)
Real-Time Location Update
UDP (Location Data)

Automation Channel for AP/WLC
CAPWAP TLV Automation
WSA – Client Event per 2 sec
WLC Cisco DNA Center

AP4800
openAPI TCP 32656 (Packet Capture, Anomaly Events, Real Time RF Stats per 5 sec. interval
• AP - telemetry directly to Cisco DNA Center using openAPI channel

• Full Packet Capture (AP4800 Sniffer Hardware)
• Onboarding & Anomaly-based packet capture, Anomaly Events, Spectrum Data
• Real time Client RF stats and AP stats
Intelligent Capture Workflow - Step 0
Device Preparation
Cisco Cisco DNA Center 1.3.3/2.1.1 – Intelligent Capture
New* Push-based
gRPC/gNMI HTTPS/WSA Location Update
AP2/3/4800K ME, WLC3504/5520/8540 CMX
• HTTPS for Automation and

• Upgrade to 8.8.125.0 • AireOS 8.8.125.0 reporting
• AP shall be reachable to Cisco • IOS-XE 16.12.1s • PnP-based Provisioning
DNA Center via https (port:32626) • Fully Managed by Cisco DNA
Center
Recommended software release: AireOS 8.10MR3 and IOS XE 17.3.1

Intelligent Capture operation using Cisco DNA
Automation
Complicated, error-prone
Device-level Config Intent-based, DNA Automation
AP Intelligent Capture
AP/Client RF Stats.
Settings Page for RF Stats Enable for AP and Clients Result under AP360/Intelligent Capture
AP / Client RF Stat. can be enabled up to 1,000 APs

AP Intelligent Capture
Anomaly Packet Capture
Settings Page
Result under Clent360/Intelligent Capture
Anomaly Packet Capture can be enabled per specific APs or all

Scheduled On-Boarding Packet Capture
On-boarding capture can be configured
for Up to 16 clients per Cisco DNA
Center
Cisco DNA
Center
AP2800/3800/4800/911
5/9120 AP sends packets only for the following On-Boarding and
roaming protocols:
802.11 AUTH, ASSOC, EAP, DHCP, DNS, ARP, ICMP,
802.11k, 11v, Action Frames
DNA-C correlates the Events to Packets and

lets you download the PCAPS for the specific
events
Scheduling Onboard Packet Capture – Step2
1 Note Device Identify of 2 Schedule specific Onboard Packet Capture for specific clients
troubleshooting target device
1. Select Location
2. Run now or
scheduled
3. Up to 8 hours
4. Enter UserID(802.1x Login ID) or hostname or MAC Address,

in FULL text and enter
4. Click [Save] to initiate command
Intelligent Capture Workflow - Step 3
Enabling Intelligent Capture per Site, per AP
• Toggle AP RF Stat
• Provides real-time RF stats from AP
3
Select Configure Intelligent
Location 4 Capture per AP
Drill-down Onboard Failure debugging session
1 Confirm current/past Onboard Packet Capture session 2 Select Troubleshooting client
3 Select [Intelligent Capture] under Client 360
Intelligent Capture
Three Configuration Step
Recommended Version Day-1 Config
• Cisco DNA Center 1.3.3.x 1. Add WLC to Cisco DNA Center
• AireOS 8.8 MR2
(Discovery or Inventory)
• IOS-XE 16.12.1s 2. (Optional) Hyperlocation
• AP2800/3800/4800 3. (Optional) Add CMX and vNAM

to Cisco DNA Center
Cisco Cisco DNA Center automate all of necessary configs in WLC

and AP
Real Time Client RF monitoring
Live On/Off Button
ECG-like Client RF Chart

w/ 5 sec frequency
Type of Real Time Client RF Chart - RSSI/SNR, Rx/Tx Data Rate, Tx/Rx Pkt Count, Tx Pkt Retry
Client RF stat is different feature from Onboarding PCAP but scheduled parallelly with same duration
Monitoring AP RF Insight
• Accessible from AP360 page after AP Radio /
WLAN Statistics is turned on
• Advanced AP RF Analysis w/ High Density
telemetry (30 sec. interval).
o Channel Utilization per traffic type
o Channel Utilization per SSID
o Frame Count per type (Management, Data Frame)
o Total Frame Re-transmission per Channel
o Tx Power and SNR
o Multicast/Broadcast Chart
Real Time Spectrum Analyzers
• Persistent FFT
• Swept Spectrogram
• Interferers with
impacted BW
• Duty Cycle per Channel
• Available on:
 AP2800/3800/4800
 Aironet 1562
 Catalyst 9120/9130
• Support Local/FlexConnect and
Monitor mode AP
Intelligent Packet Capture Resources
• Refer to the Intelligent Packet Capture TDM in sales connect for more
detailed information.
• https://salesconnect.cisco.com/#/content-detail/5c630a52-d68f-4e5e-93a4-2f
891a54d378
Cisco DNA Center 1.3.3.x (Minimum Software)
Wireless Assurance AP Feature Matrix
11ac Wave 2 11ac Wave 2 11ac Wave 2 11ax (911x) 11ax (912x) 11ax (913x)
Wireless Assurance Feature WLC
18XX/1540 Series 2K/3K/1560 Series AP 4800 91153 Series 9120 Series 9130 Series
iCap - Anomaly PCAP, AireOS 8.10 8.10 8.8 MR2 8.10 8.10 N/A
Scheduled PCAP, AP/Client
Statistics IOS-XE 16.12.1.s 16.12.1s 16.12.1s 16.12.1s 16.12.1s N/A
AireOS N/A N/A 8.8 MR2 N/A N/A N/A

iCap – Full Packet Capture
IOS-XE N/A N/A 16.12.1s N/A N/A N/A
AireOS N/A 8.8 MR2 8.8 MR2 N/A 8.10 MR2 N/A
iCap - Spectrum Analysis
IOS-XE N/A 16.12.1s 16.12.1s N/A 17.2.1 N/A
AireOS 8.5 8.5 8.8 MR2 8.10 8.10 8.10 MR1

Apple iOS Analytics
IOS-XE 16.12.1s 16.12.1s 16.12.1s N/A N/A 17.1.1
AireOS N/A N/A N/A N/A N/A 8.10 MR1

Samsung Analytics
IOS-XE 17.1.1 17.1.1 17.1.1 17.1.1 17.1.1 17.1.1
Note:
• This matrix depicts the minimum support required for each of the features.
• Recommendation would be to move to 8.10MR2 for AireOS or 17.2.1 for IOS XE.
Cisco DNA Center 2.1.1 (Minimum Software)
11ac Wave 2 11ac Wave 2 11ac Wave 2 11ax (911x) 11ax (912x) 11ax (913x)
Wireless Assurance Feature WLC
18XX/1540 Series 2K/3K/1560 Series AP 4800 9115 Series 9120 Series 9130 Series
AireOS 8.10 MR3 8.10 MR3 8.10 MR3 8.10 MR3 8.10 MR3 8.10 MR3
Wi-Fi 6 Analytics (Phase1)
IOS-XE 17.3.1 17.3.1 17.3.1 17.3.1 17.3.1 17.3.1
iCap - Anomaly PCAP, AireOS 8.10 8.8 MR2 8.8 MR2 8.10 8.10 8.10 MR3
Scheduled PCAP, AP/Client
Stats IOS-XE 16.12.1.s 16.12.1s 16.12.1s 16.12.1s 16.12.1s 17.3.1
AireOS N/A N/A 8.8 MR2 N/A N/A 8.10 MR3

iCap – Full Packet Capture
IOS-XE N/A N/A 16.12.1s N/A N/A 17.3.1
AireOS N/A 8.8 MR2 8.8 MR2 N/A 8.10 MR2 8.10 MR3
iCap - Spectrum Analysis
IOS-XE N/A 16.12.1s 16.12.1s N/A 17.2.1 17.3.1
AireOS 8.5 8.5 8.8 MR2 8.10 8.10 8.10 MR1

Apple iOS Analytics
IOS-XE 16.12.1s 16.12.1s 16.12.1s N/A N/A 17.1.1
AireOS N/A N/A N/A N/A N/A 8.10 MR1

Samsung Analytics
IOS-XE 17.1.1x 17.1.1x 17.1.1x 17.1.1x 17.1.1x 17.1.1
Note:
• This matrix depicts the minimum support required for each of the features.
• Recommendation would be to move to 8.10MR3 for AireOS or 17.3.1 for IOS XE.
CMX Integration
Cisco DNA Center 1.3.3.0 – CMX integration
• Cisco DNA Center 1.3.3.0 • CMX 10.6.2 and above
• Add CMX On-Prem instance • Add WLC to CMX

• [DESIGN][Network Settings][Wireless] • [SYSTEM][Settings][Controller and Maps
CMX Settings Setup][Advanced]
• Type GUI (admin) and CLI (cmxadmin) login • Add WLC through snmp RW
credential
CMX integration
CMX
Notify
NMSP Subscribe
Fast Path
WLC DNA-C
AP
• Client updates sent via existing methods using NMSP or Fast Path
• Cisco DNA Center to subscribe/register for location updates for one or list of clients
• Push-based Client location update from CMX to Cisco DNA Center
• Enable Hyperlocation support for NTP enforcement
Client Location from DNA
• Multiple Client Location Tracking • Single Client Location Tracking

[DESIGN][Network Hierarchy] [Assurance][Client360][Intelligent Capture]
Under Client360 > Intelligent Capture

Under [Design], Select Floor
DNA-CMX Integration Feature
Client Location
Playback
Client Location, Client

Density heatmap
Display Connected Client Client Detail

Health Score
• Display All of connected Clients locations

• Any Changes in Floor Map will be automatically sync’ed with CMX Map, vice versa
• Single floor map can support up to 200 APs starting in 1.2.8
2. Live Coverage Hole
Real-Time Client location Tracking Analysis
36
10.10.1.25
• Live Coverage Hole analysis that provides real-time client movement over-
layered with Client onboarding events and Client RF metrics
• Historical Client Location Playback feature on any given moment for past 7 days
Intelligent Capture Operation and Scale
Operation Data Type Concurrent Session
Anomaly Packet Capture All APs in the Cisco DNA Center inventory
Global or per AP
Client RF stats (30 sec) All Clients connected up to 1000 APs
AP RF Stats Up to 1000 APs

Real Time Client RF stats (5sec)
On-demand (Live mode) Real Time Client Onboarding Events from

WLC (2sec. Interval) Up to 16 Clients
or Scheduled
OnBoard PCAP (Mgmt., DHCP/ICMP, EAP,
etc.)
Full Packet Capture One Client Device

On-Demand
Spectrogram View Up to 20 APs
Available Packet Type per Capture mode
PCAP Type How to trigger Media Type Captured Protocol Features Supported AP
and capture
method
Onboard On-demand or • Wireless 802.11 mgmt. • Auto Packet Analyzer AP2800/3800/4

PCAP Scheduled or PCAP (Auth, Assoc) • Downloadable from anywhere 800 –
automated Data – (802.1x/EAP, using Web browser Inline-based
DHCP, DNS, ARP, • Automated Onboard Failure PCAP Packet capture
ICMP), up to 100 packet per session
Roaming – 802.11k, • Data Packet auto decryption
802.11v
Block Ack
Full PCAP On-demand • Wireless • 802.11 with Radio • Application Analyzer, AP4800 – 3rd
PCAP Header • Wireless Delay, Wireless Packet Radio w/ Self-
• Wired PCAP (Mgmt, Control, Loss Chart Sniffing feature
Data Frame) • Jitter chart using RTP (Wired &
• 802.3 with Ethernet Wireless)
Header • Data Packet auto decryption
Cisco Aironet Active Sensor
Product Background
Cisco Aironet Active Sensor & Cisco DNA Assurance
Sensor & Cisco DNA Assurance Overview
Cisco Aironet Active Sensor
• State-of-the-art wireless device that functions like
WLAN client
• Continuously collects metrics that determines the health
of the wireless network
• Analyzes data for issues and sends data to Cisco DNA
Assurance
Cisco DNA Assurance

• Intent-based networking software application
• Allows users to configure, monitor, troubleshoot health
of their wireless network
• Together with the Aironet Active Sensor creates the
Proactive Health Assessment feature
Sensor Test Categories
Pre-Test Template Configuration Knowledge
Onboarding, RF Assessment, Network Service Tests
1. Wireless Onboard Test: Cisco DNA Assurance connects to an SSID with
credentials and gets the IP address through DHCP. It then verifies the
gateway and DNS server received through DHCP.
2. RF Assessment Test: Cisco DNA Assurance collects various RF

performance measurements, such as transmit and receive data rates and
SNR (Signal-To-Noise Ratio) during the Cisco Aironet Active Sensor
testing and assesses the quality of the RF environment.
3. DNS Test: Cisco DNA Assurance resolves IP addresses from the domain
name.
4. Host Reachability Test: Cisco DNA Assurance verifies reachability using

the Internet Control Message Protocol (ICMP) echo request.
5. RADIUS Test: The sensor acts as a RADIUS authenticator and

authenticates through a wireless device. The sensor can test the RADIUS
server using the Password Authentication Protocol (PAP) or Challenge-
Handshake Authentication Protocol (CHAP).
Performance Tests Categories
• Speed Test: Cisco DNA Assurance performs tests against the Network
Diagnostic Tool (NDT) servers in the internet to obtain to the
downlink and uplink throughput and latency. Here is test sequence:
1. The sensor sends an HTTP query to the M-Lab server to get the
nearest M-Lab server information.
2. The sensor uses the returned NDT server cluster information.
3. The sensor accesses the NDT server using TCP port 3001.
4. Speed tests can be performed with a private server with iPerf3
(More details in following slide)
• IP SLA Test: The sensor sends a UDP probe to the AP that functions
as a responder to determine the jitter, latency, packet loss and round-
trip time of the last hop.
• For IP SLA, the sensor connected to the AP which has the IP SLA responder
feature.
• Note: Does not work with 3rd party SSID.
Application Test Categories
• Email Tests:
• Internet Message Access Protocol (IMAP) Test: Cisco DNA
Assurance connects to an IMAP server TCP port (143).
• Post Office Protocol3 (POP3) Test: Cisco DNA Assurance

connects to a POP3 server TCP port (110).
• Outlook Web Server (OWA) Test: Cisco DNA Assurance

logs into the Outlook Web Service and verifies access.
• File Transfer Test: Cisco DNA Assurance tests for upload or

download file operation using FTP protocol.
• Web (http, https) Test : Cisco DNA Assurance tests for access to
the provided URL and verifies the response data.
Sensor Dashboard
• All Test Results

• Per site test results in heatmap
• Color coded based in number
of tests succeeded vs failed
Sensor 360 View
• View Sensor Details

• Compare this sensor
test result to Top and
Worst Sensor by
test
Wireless Sensor Resources
• Refer to the Wireless Sensor TDM for more details

• https://salesconnect.cisco.com/#/content-detail/c24c1689-f56d-4e1d-affd-bb
5bdcd882d4
Application Visibility
3 Ways to enable Application Visibility for Wireless Network
Requirement
• Use CT3504, 5520, 8540 and AireOS 8.8.111 or above
Application Visibility Troubleshooting
Check1. Software Version – Must be

AireOS 8.8.111 or above
Check2. Application Visibility option
in WLAN
Check3. Telemetry Channel

“Client-app-stat-events” should be
subscribed
Application Visibility/Experience Enablement on
Router / Switch / WLC (Pre 2.1.2)
performance monitor context tesseract profile application-performance
exporter destination 10.13.1.100 source GigabitEthernet0/0/2 transport udp port
6007 Step2.
traffic-monitor application-client-server-stats
traffic-monitor application-response-time
traffic-monitor media
Automation
Through Telemetry
Step1
interface GigabitEthernet0/0/1
Gi0/0/1 NetFlow
description lan // AppStat Target Interface
LAN ip address 10.13.0.2 255.255.255.0z PerfMon
Router
interface GigabitEtherne1/0/1 Gi1/0/1
LAN description lan ### MY INTERFACE ##
Switchport mode access NetFlow
Switch
WSA
LAN Client-AppStat
WLAN / SSID
>config wlan profile 1 lan
AireOS 8.8
1. Add keyward “lan”, (LAN in lowercase) as appendix of current interface description
2. Re-Sync config with DNAC and change telemetry profile to maximal
Application Visibility from 2.1.2.x onwards
• Supported on both AireOS or Catalyst 9800 IOS-XE
• Does not require tagging of WLAN Profile name with “LAN” keyword
• Application telemetry can be applied from Inventory Page on the WLC
• Caveat: The SSID(s) needs to be provisioned from Cisco DNA Center for the
application telemetry to work from Inventory page
• If SSID already configured on WLC then the application visibility can be enabled
using CLI commands on a per SSID basis
• Refer to below blog for detailed steps for greenfield and brownfield on 9800
https://community.cisco.com/t5/networking-blogs/visualize-application-experience-from-catalyst-9800-wlc-in-cisco/ba-p/4305884
Prerequisite – Set Cisco DNA Center as NetFlow
Collector under Network Settings->Telemetry
Differences between 2.1.1 and 2.1.2
Difference area Wolverine Cyclops
Enhanced the existing support and added new
Supported devices Routers, CAT9k switches and AireOS WLC devices like eWLC and Telemetry Appliance
“Entourage”
Application Performance Profile A new optimized application performance profile
The original application performance profile
“the profile used for NetFlow” on “APM” is introduced for routers, Entourage and
“EzPM”
routers eWLC
Telemetry-applicable
Interfaces/WLANs selection Tagging-based algorithm Tagging-based algorithm and Automatic algorithm
algorithm
Tagging-based vs automatic algorithms
• Tagging-based algorithm: The user needs to manually tag the
interfaces/WLANs where he wants telemetry to be attached
• Automatic algorithm: The user can now rely on Cisco DNA Center to
automatically enable Telemetry on all the applicable interfaces/WLANs
without manually tagging them
• For Automatic tagging to work the 9800 WLC needs to be provisioned from
Cisco DNA Center.
Telemetry-capable devices validation
Platforms Device Family PID Min. IOS Version
Routers Routers -- 16
Starts with C92 16.11.1
CAT9k switches Switches and Hubs
Starts with C93 or C94 16.6
Telemetry Appliance Network Management DN-APL-TTA-M 17.3

“Entourage”
AIR-CT3504, AIR-CT5520 or AIR-
8.8.120
CT8540
AireOS WLC Wireless Controller
AIR-CT3504-K9, AIR-CT5520-K9 or
8.5.120, 8.8.120 or 8.10.105
AIR-CT8540-K9
eWLC Wireless Controller Contains C9800 16.12.1s
AireOS WLC
• AireOS WLC will be supported for AIR-CT5520, AIR-CT8540 and AIR-CT3504 for
the IOS versions “8.5.120.x”, “8.8.120.x” and “8.10.105.x”
• Disabling/enabling telemetry causes some of the associated APs to reconnect.
• Thus, if the user wants to apply some updates on telemetry configurations, they need
to disable telemetry and then enable it again.
• Also, if they want to move from the automatic to the tagging-based algorithm, he
needs to disable telemetry before provisioning the tagged SSIDs to the AireOS WLC.
AireOS WLC: WLANs selection algorithm
Tagging-based algorithm Automatic algorithm
• Not a Guest SSID:

o The type of the SSID is not Guest
• Has the word “LAN” inside the WLAN o The name of the SSID does not
profile name contain the word "Guest"
• SSID is in Local mode “not Fabric or
Flex”
The above checks are done against Wlan and BaseWlanConfig DB tables
AireOS WLC: Configurations
config wlan disable 20
config wlan avc 20 visibility enable
config wlan enable 20
config flow create exporter dnacexporter 10.56.216.246 port 6007
config flow create monitor dnacmonitor
config flow add monitor dnacmonitor exporter dnacexporter
config flow add monitor dnacmonitor record ipv4_client_src_dst_flow_record
config wlan disable 20
config wlan flow 20 monitor dnacmonitor enable
config wlan enable 20
eWLC
• eWLC includes two device series: Cisco Catalyst 9800 Series Wireless Controllers & Cisco
Catalyst 9800 Wireless Controllers for Cloud.
• eWLC will be supported with the new optimized APM profile and starting from IOS version
“16.12.1”.
• The user needs to provision the eWLC and then provision the APs attached to it before enabling
telemetry. This is because telemetry configurations will be applied to the wireless profile policies
that are provisioned through DNAC.
• Disabling/enabling telemetry causes some of the associated APs to reconnect. Thus, if the user
wants to apply some updates on telemetry configurations, he needs to disable telemetry and then
enable it again. Also, if he wants to move from the automatic to the tagging-based algorithm, he
needs to disable telemetry before provisioning the tagged SSIDs to the eWLC.
eWLC: WLANs selection algorithm
Tagging-based algorithm Automatic algorithm
• Not a Guest SSID:

• Has the word “LAN” inside the WLAN profile name o The type of the SSID is not Guest
• SSID is in Local mode “not Fabric or Flex” o The name of the SSID does not contain the word "Guest"
• SSID is in Local mode “not Fabric or Flex”
The above checks are done against Wlan and WlanPolicyProfile

DB tables
9800 Application Telemetry Caveats
• If you tag certain SSIDs during provisioning from Cisco DNA Center the
automated algorithm will work only for the tagged SSID’s.
• If no SSIDs are tagged when provisioning the automated algorithm will work
for all the SSIDs provisioned from Cisco DNA Center.
• For Automated algorithm, the 9800 needs to be provisioned with a wireless
profile created in Cisco DNA Center which includes the SSIDs. This creates
the Policy Profile and WLAN Profile.
• You also need to Provision the AP from the Cisco DNA Center which creates
the Policy Tag and attaches the above Policy Profile and WLAN Profile to it.
High Level steps to provision 9800 from Cisco DNA
Center
1. Create SSID and Wireless Interfaces in Cisco DNA Center and attach it to
a wireless profile.
2. Assign Wireless Profile to sites where the AP’s are located.
3. Provision the 9800. This creates the policy profile and WLAN profile in
the 9800.
4. Provision the AP’s. In this step you will assign the floor for the AP. The
wireless profile associated with this floor that you assigned in step 2 will
be used to configure the AP’s.
WLAN Profile created by Cisco DNA Center
Sample Profile Created by Cisco DNA Center when
provisioning the 9800 WLC
Policy Tag Created by AP Provisioning from Cisco DNA
Center
Enable Application Telemetry from Cisco DNA Center
AVC Attached to Policy Profile
NetFlow enabled on 9800 WLC after Telemetry push
Application Visibility Configured for Profile in 9800
WLC after telemetry push
9800 Tagging Algorithm for Application Telemetry
• To use the Tagging method for Application Telemetry you need to add the
keyword LAN (case insensitive) to the WLAN Profile name when
provisioning the SSID
• Now you can use the Provision screen in Cisco DNA Center and apply the
Application telemetry
• Tagging can be used to enable Application Visibility on specific SSID(s)
provisioned and not on all SSID(s) provisioned
eWLC: Configurations
Below are the configurations pushed to the 9800 when application telemetry is applied from Cisco DNA
Center. If you have SSIDs not provisioned from Cisco DNAC you can use these CLI commands to enable the
application visibiliity for those SSIDs.
flow exporter avc_exporter
destination 10.56.216.246
source GigabitEthernet1
transport udp 6007
export-protocol ipfix
option vrf-table timeout 300
option ssid-table timeout 300
option application-table timeout 300
option application-attributes timeout 300
flow exporter avc_local_exporter
destination local wlc
eWLC: Configurations – cont.
flow monitor avc_ipv4_assurance

exporter avc_exporter
exporter avc_local_exporter
cache timeout active 60
default cache entries
record wireless avc ipv4 assurance
flow monitor avc_ipv4_assurance_rtp
record wireless avc ipv4 assurance-rtp
eWLC: Configurations – cont.
• wireless profile policy WORK_FLOOR_Global_NF_8258fbfb

shutdown
ipv4 flow monitor avc_ipv4_assurance input
ipv4 flow monitor avc_ipv4_assurance output
ipv4 flow monitor avc_ipv4_assurance_rtp input
ipv4 flow monitor avc_ipv4_assurance_rtp output
no shutdown
Application Visibility for Flex and Fabric Mode SSID
9800 WLC
(Starting from Cisco DNA Center 2.2.1)
Application Telemetry configuration for Flex/Fabric
SSID
• If the SSIDs are mixed, that is Local mode, Flex mode, and Fabric mode, the Cisco
Application Visibility and Control (AVC) basic record is configured.
• If all the SSIDs are in Local mode, the Optimized APM record is configured.
• The record wireless avc basic command is same as record wireless avc
ipv4 basic command. However, record wireless avc ipv4 basic command is
not supported in Flex or Fabric modes. In such scenarios the record wireless
avc basic command is used.
• You can use DNAC UI to push application telemetry from inventory page or use CLI to
configure the application visibility for SSID’s in a 9800 WLC.
CLI Configuration for Flex and Fabric Mode SSID for
Application Visibility
flow monitor avc_basic_monitor
record wireless avc basic
wireless profile policy <policy profile name>

shutdown
ipv4 flow monitor avc_basic_monitor input
ipv4 flow monitor avc_basic_monitor output
no shutdown
CLI Configuration for Flex and Fabric Mode SSID for
Application Visibility – Continued
destination <<exporter ip>>
source <<source interface>>
transport udp 6007

Prerequisites for Application Telemetry from DNAC UI
• For Application telemetry the 9800 needs to be provisioned with a

wireless profile created in Cisco DNA Center which includes the SSIDs.
• This creates the Policy Profile and WLAN Profile.
• Provision the AP from the Cisco DNA Center which creates the Policy Tag and
attaches the above Policy Profile and WLAN Profile to it.
High Level steps to provision 9800 from Cisco DNA
Center
1. Create SSID and Wireless Interfaces in Cisco DNA Center and attach it to
a wireless profile.
2. Assign Wireless Profile to sites where the APs are located.
3. Provision the 9800. This creates the policy profile and WLAN profile in
the 9800.
4. Provision the AP’s. In this step you will assign the floor for the AP. The
wireless profile associated with this floor that you assigned in step 2 will
be used to configure the AP’s.
Application Telemetry Configuration from DNAC UI
Example Configuration when SSIDs are in mixed mode
• Application telemetry is supported for Flex/Fabric SSIDs for both

automatic selection and the Tagging-based algorithms.
• If having mixed SSIDs on the eWLC, the basic AVC profile will be
configured on Flex/Fabric SSIDs, and the optimized APM profile will be
configured on the local SSIDs. as illustrated in the below sample
configs below.
• One local SSID that is configured with an optimized APM profile, and 2
Flex/Fabric SSIDs, which are configured by the basic AVC profile.
destination <<exporter ip>>
source <<source interface>>
transport udp 6007
Flow Monitor Section for Optimized APM Config
flow monitor avc_ipv4_assurance
record wireless avc ipv4 assurance
flow monitor avc_ipv4_assurance_rtp
record wireless avc ipv4 assurance-rtp
Flow monitor for AVC Basic Configuration
flow monitor avc_basic_monitor

record wireless avc basic
AVC Basic Configuration applied to Flex or Fabric
SSID’s
wireless profile policy
WORK_FLOOR_Global_NF_0cd02814
shutdown
no shutdown
wireless profile policy WORK_FLOOR_Global_F_da1adeec
shutdown
no shutdown
Optimized APM config applied to Local mode SSID
wireless profile policy local_ssid_Global_NF_fcad63e8

shutdown
ipv4 flow monitor avc_ipv4_assurance input
ipv4 flow monitor avc_ipv4_assurance output
ipv4 flow monitor avc_ipv4_assurance_rtp input
ipv4 flow monitor avc_ipv4_assurance_rtp output
no shutdown
Reference
Catalyst 9800 AVC Config Guide
Cisco DNA Center Application Health User Guide
Cisco DNA Assurance
Troubleshooting
How to verify if Cisco DNA Center-WLC streaming
telemetry is properly configured
• CLI - “show network assurance • GUI* –[Monitor][Cloud Services]
summary” [Telemetry][Network Assurance]
• Last Success Timestamp is newer than Last Error
• New JWT Token updated every an hour
(Cisco Controller) >show network assurance summary
Server url............................. https://192.168.139.162

Wsa Service............................ Enabled
wsa Onchange Mode...................... Enabled
wsa Sync Interval...................... Fixed
NAC Data Publish Status:
Last Error.......................... Fri Feb 16 06:57:12 2018
Last Success........................ Fri Feb 16 07:38:18 2018
JWT Token Config.................... JWT Auth Configured
JWT Last Success.................... Fri Feb 16 06:57:12 2018
JWT Last Failure.................... None
AireOS WLC Provisioning troubleshooting
• Streaming Telemetry Failure -WLC shows “partial collection failure” in Last
Sync Status
• Check following items,
1. Check if WLC has right SNMP Read Only community name
2. Check if Cisco Cisco DNA Center has right WLC Credential
3. Check if WLC Network Assurance is properly “Externalizing Data”
4. Check if WLC has right time(NTP or manual)
5. Check if WLC properly subscribed necessary channels from WLC GUI,
[MANAGEMENT] [Cloud Services] [Telemetry] [Network Assurance] [Server]
[Advanced Configuration]
Catalyst 9800 Provisioning troubleshooting
• Streaming Telemetry Failure -WLC shows “partial collection failure” in Last
Sync Status
• Check following items,
1. (config) #netconf-yang // Enable netconfig
2. (config) #crypto pki trustpoint Cisco DNA Center-CA. // Check Cisco DNA Center-
CA trust config
3. (config) #aaa new-model
4. (config)#aaa authorization exec default local
5. Check if WLC properly subscribed necessary channels from WLC GUI,
[MANAGEMENT] [Cloud Services] [Telemetry] [Network Assurance] [Server]
[Advanced Configuration]
Reports
Reports
Report Templates
• 20+ reports
• Multiple export formats
• 90 days retention
• Easy workflow
• Multiple Filter options
Busiest Client Report – Step 1
Busiest Client Report - Step 2
Location
Device Type
SSID
Band
Sort by Usage, Rx, Tx
Busiest Client Report – Scope Example
Busiest Client Report – Step 3
• Choose Fields for

report
• Default is all Fields
Busiest Client Report – Range and Schedule
Busiest Client Report – Delivery Options
This is optional
Busiest Client Report - Summary
Busiest Client Report – Report Generation
Click Here to View Report
Generated Reports Screen
Busiest Client Report – View or Download
Feature Matrix
Cisco DNA Center
Minimum Minimum AP1800/
C9120/
Recommended Recommended Mode Wave-1 APs C9115/ AP2800 / 3800 AP4800
C9130
AireOS Cat9800 C9105
16.12.1s
AI Network Analytics 8.8.125.0 (onboarding Local/Flex ● ● ● ● ●
issues only)
Health, Issue 8.8.125.0 16.12.1s Local/Flex ● ● ● ● ●
Application Experience
(DNAC Version 2.1.2.4 NA 16.12.1s Local ● ● ● ● ●
and above)
Local
Application Visibility 8.8.125.0 16.12.1s (Flex for ● ● ● ● ●
9800 **)
Intelligent Capture* 8.8.125.0 16.12.1s Local/Flex X 8.10.130 8.10.130 ● ●
8.10.130/
Spectrum Analyzer 8.8.125.0 16.12.1s Local/Flex X X ● ●
17.2.1
8.10.130 8.10.130 8.10.130 8.10.130

Wi-Fi 6 Analytics 8.10.130.0 17.3.1 Local/Flex X
17.3.1 17.3.1 17.3.1 17.3.1
*AP-based RF & Client Stat, Anomaly PCAP, Scheduled PCAP). Full data capture is supported only on the 4800 and 9130 APs. ** Starting from DNAC 2.2.x (AKA Magneto)
Intelligent Capture Features
Software and hardware matrix (minimum support)
11ac Wave 2
Wireless 11ac Wave 2 11ac Wave 2 11ax 11ax 11ax 11ax
WLC 2800, 3800,1560
Assurance feature 1800, 1540 Series 4800 Series 9105AX Series 9115AX Series 9120AX Series 9130AX Series
Series
AireOS 8.10 8.8 MR2 8.8 MR2 8.10 MR3 8.10 8.10 8.10 MR3
Anomaly PCAP
Scheduled PCAP
AP & Client Statistics
IOS XE 16.12.1.s 16.12.1s 16.12.1s 17.3.1 16.12.1s 16.12.1s 17.3.1
AireOS N/A N/A 8.8 MR2 N/A N/A N/A 8.10 MR3
Data PCAP
IOS XE N/A N/A 16.12.1s N/A N/A N/A 17.3.1
AireOS N/A 8.8 MR2 8.8 MR2 N/A N/A 8.10 MR2 8.10 MR3
Spectrum Analysis
IOS XE N/A 16.12.1s 16.12.1s N/A N/A 17.2.1 17.3.1
Note
• This matrix depicts the minimum support required for each of the features. • AireOS 8.9 is a deferred software branch and does not support ICAP.
• Recommendation is to move to 8.10 MR4 for AireOS, or 17.3.2 for Cisco IOS® XE. • Catalyst® 9117AX Series APs do not and will not support ICAP.
300
Wi-Fi 6 Dashboard
Software and hardware matrix (minimum support)
Wireless 11ac Wave 2

11ac Wave 2 11ac Wave 2 11ax (911x) 11ax (912x) 11ax (913x)
Assurance DNAC Version WLC 18XX/1540
2K/3K/1560 Series AP 4800 91153 Series 9120 Series 9130 Series
Feature Series
8.5MR7 8.5MR7
8.8MR3
AireOS 8.8MR3 8.8MR3 8.10 MR3 8.10 MR3 8.10 MR3
8.10 MR3
8.10 MR3 8.10 MR3
Wi-Fi 6 2.1.1 (EFT)
Assurance
(Phase1) 2.1.2 (Main) 16.12.3 16.12.3 16.12.3 16.12.3 16.12.3 16.12.3
17.1.1 17.1.1 17.1.1 17.1.1 17.1.1 17.1.1
IOS-XE
17.2.1 17.2.1 17.2.1 17.2.1 17.2.1 17.2.1
17.3.1 17.3.1 17.3.1 17.3.1 17.3.1 17.3.1
Notes:
• Only 8.10MR3 and 17.3.1 Support Traffic Distribution Features (Wireless Airtime Efficiency & Wireless Latency).
• Both local and flex modes are supported.
• Wave 1 APs (1600, 1700, 2600, 2700 Series) APs are supported in 8.5MR7
Client Insights using
Apple analytics
Cisco-Apple Partnership Benefits
Optimized Wi-Fi Connectivity Prioritized Business applications
Intelligent, and efficient roaming is automatically Business data gets priority and speed even if
configured network is congested
Reduces complexity - IT can focus on the business– the network does the heavy lifting
iOS and Cisco devices recognize each other and enable special capabilities
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 303
Cisco Apple Wireless Features Journey
AireOS 8.3, 8.3 MR1 Phase 1
iOS 10.0+
QoS
MacOS
Analytics
Roaming
Optimizations
Optimizations
Optimizations
Optimizations
• 11k neighbor map: iOS
• Adaptive
• • Fastlane:802.11r: FastOS
11 clientbusiness-
Fastlane on Mac
sends a list of
Transition
relevant
10.13 isand
enabled
applications
later. Upstream
neighbor APs upon joining
automatically
prioritized
QoS for iOS 10
the prioritization
cell available
clients
• onDisconnection
iOS and Mac OS reason:
iOS 11 client tells us why it
• Auto 802.11k/v: 11k/v are
disconnects
enabled by default and
• Identity: the iOS client
optimized to provide ‘best
tells us who it is (model,
next AP’
iOS version)
AireOS 8.3 Phase 2 AireOS 8.5+

Mac OS 10.13 iOS 11.0+
Advanced Client Insights– Apple iOS Analytics
Detailed Client device profile
information – device model,
OS details
Insights into the clients view

of the network –
Neighboring Access Points
Provide clarity into the

reliability of connectivity –
client disassociation details
Capability unique to
Cisco Wireless
Networks only !!
iOS Device Support for Cisco Apple Analytics
Device Type iPhone iPad
Device Hardware iPhone 7 iPad (9.7-inch) 6th Gen or later

Internal Name: iPhone9,1 and iPhone9,3 Internal Name: iPad7,5and iPad7,6
iPhone 7 Plus iPad (9.7-inch) 5th Gen

Internal Name: iPhone9,2 and iPhone9,4 Internal Name: iPad6,11 and iPad6,12
iPad Pro (12.9-inch, 2nd gen)

Or Newer Internal Name: iPad7,1and iPad7,2
iPad Pro (10.5-inch)

Internal Name: iPad7,3 and iPad7,4
Apple iOS Software 11.0 and higher 11.0 and higher
Cisco AireOS Software 8.5+ 8.5+
Access Point Support 802.11n/ac APs 802.11n/ac APs
1st Gen, iPad Pro 2015/2016 model ( iPad6,3/6,4/6,7/6.8)is not supported
Samsung Analytics
Advanced Client Insights– Samsung Analytics
Detailed Client device

profile information – device
model, OS details
Provide clarity into the

reliability of connectivity –
client disassociation
details
Conclusion
Cisco DNA Wireless Assurance
Streaming Intelligent Capture Active Sensor

Telemetry Auto PCAPs Testing Wi-Fi iOS
Analytics
AI
AI Anomaly AI Network Machine Conversational

Baselining Insight Reasoning Interface
Aironet Active Sensor

Cisco AP with
with proactive wireless
Intelligent Capture
network test

Cisco DNA Center Wireless Assurance TDM

Uploaded by

Copyright:

Available Formats

You might also like

Cisco DNA Center Wireless Assurance TDM

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cisco DNA Center Wireless Assurance TDM

Uploaded by

Copyright:

Available Formats

Cisco DNA Center

Wireless Assurance TDM

Prem Chandran and Harsharan Dhaliwal

Day 0/PnP SWIM Wireless SD-AVC App

DNA Center DNA DNA DNA Center License

 New Innovations: 2.3.3

 Streaming Telemetry for Wireless Analytics

 AI / ML for Wireless Assurance

 Wireless Network Health

 Client Health SLA

 Enterprise Ready Sensor

 Apple and Samsung Analytics

Client firmware Affects Both*

Client density AP coverage Configuration

WLC Capacity WAN QoS, Routing, ... Authentication

Network Telemetry & Big Data Health Scores Proactive

Network Control Points

Next Generation Wireless requires New Era of Analytics

• Visibility into Client, App and Network traffic

• CPU intensive raw data • Optimized export with programmability

Right data at the right time with the right context

Design Provision Policy Assurance

Planning, installation and migration

Proactive and predictive network, client and application assurance

Right Place Right Time Right Action

2. Knowledge Base 4. MRE runs on DNAC

• Power Supply Failure

Automated PCAP & RF Stats

On-Demand PCAP (of Onboarding Frames)

Made for DNA On Demand AP/Client Monitor

Automated AP Radio Anomalies

End user Client on-boarding Network health Application visibility

Mobile Clients SFCDC

Active Sensor Wi-Fi iOS Streaming Network Time

Intelligent Capture Intelligent Capture Actionable Guided

Aironet 2800, 3800, 4800 AP or

Provides Intel client model, driver version, coverage

No need for client-side agent to provide data.

1. Identifying Bad Drivers 2. Validating New Drivers

Cisco IOS XE WLC Intel Driver Software

17.6.1 N/A 22.50.1

Cisco IOS XE WLC Hardware

View syslog's and TDL events

• Select WLC’s to setup Intelligent Packet Capture

• Channel Utilization broken down by Tx, Rx and Interference

• View physical and virtual interface details

 False alarms: issues/alerts

1 Percentage of Healthy devices Assurance

2 Change in healthy devices per week Assurance

3 Healthy devices trend Assurance

4 Site with highest and with lowest health Assurance

5 Percentage of healthy Wireless clients Assurance

6 Change in healthy Wireless Clients per week Assurance

7 Healthy Wireless Clients trend Assurance

9 Percentage of healthy Wired clients Assurance

10 Change in healthy Wired Clients per week Assurance

11 Healthy Wired Clients trend Assurance

13 Assurance Issue Summary Assurance

• Network Services Analytics