Release Notes for Cisco DNA Center on ESXi, Release 2.3.7.0 and 2.3.7.3
Cisco DNA Center on ESXi is a new form factor that supports Cisco DNA Center in a virtual environment. The virtual form factor helps customers rapidly deploy and operate Cisco DNA Center. For customers who are running Cisco Prime Infrastructure on a virtual machine (VM), Cisco DNA Center on ESXi provides a migration path to take advantage of Cisco DNA Center features.
Note |
Cisco DNA Center on ESXi is available in a phased rollout. Until the software becomes generally available, contact your Cisco sales representative to request this release. Upon completion of the phased rollout, Cisco DNA Center on ESXi will be made generally available to all customers. |
This document describes the features, limitations, and bugs for Cisco DNA Center on ESXi, Release 2.3.7.0 and 2.3.7.3.
For links to all of the guides in this release, see Related Documentation.
Change History
The following table lists changes to this document since its initial release.
Date |
Change |
Location |
---|---|---|
2023-11-30 |
United States' Federal Information Processing Standard (FIPS) support added. |
New and Changed Features in Cisco DNA Center 2.3.7.3 on ESXi |
2023-11-30 |
The following changes were made:
|
|
2023-11-17 |
Cisco DNA Center on ESXi, Release 2.3.7.3. |
— |
2023-08-21 |
Initial release. |
— |
Overview
Cisco DNA Center offers centralized, intuitive management that makes it fast and easy to design, provision, and apply policies across your network environment. The Cisco DNA Center user interface provides end-to-end network visibility and uses network insights to optimize network performance and deliver the best user and application experience.
Cisco DNA Center on ESXi offers the same centralized and intuitive management as the Cisco DNA Center platform. The main difference is that Cisco DNA Center on ESXi delivers this functionality in a virtual appliance (VA) form-factor.
Package Versions in Cisco DNA Center on ESXi, Release 2.3.7.0 and 2.3.7.3
Package Name |
Release 2.3.7.3 |
Release 2.3.7.0 |
---|---|---|
Release Build Version |
||
Release Version |
2.3.7.3.75176 |
2.3.7.0.75530 |
System Updates | ||
System |
2.3.125 |
2.3.119 |
System Commons |
2.713.65350 |
2.710.65515 |
Package Updates |
||
Access Control Application |
2.713.65350 |
2.710.65515 |
AI Endpoint Analytics |
1.11.524 |
1.11.214 |
AI Network Analytics |
3.1.23 |
3.1.20 |
Application Hosting |
2.3.123072406 |
2.3.123062006 |
Application Visibility and Policy |
2.713.1175027 |
2.710.117277 |
Assurance |
2.370.1152 |
2.370.270 |
Automation - Intelligent Capture |
2.713.65350 |
2.710.65515 |
Cisco DNA Center Global Search |
6.3.8 |
6.3.7 |
Cisco DNA Center Platform |
6.3.118 |
6.3.91 |
Cisco DNA Center UI |
3.1.28 |
3.1.8 |
Cisco Identity Services Engine Bridge |
2.713.90102 |
2.710.80885 |
Cloud Connectivity |
6.1.43 |
6.1.40 |
Cloud Connectivity - Contextual Content |
6.2.12 |
6.2.11 |
Cloud Connectivity - Digestor |
6.2.8 |
6.2.2 |
Core Platform |
0.5.186 |
0.5.162 |
DxHub Cloud Connectivity |
6.3.11 |
6.3.6 |
Identity and Access Management |
4.0.32 |
4.0.30 |
Identity and Access Management - UI |
3.1.11 |
3.1.9 |
Multiple Cisco DNA Center |
2.713.65350 |
2.710.65515 |
Network Controller Platform |
2.713.65350 |
2.710.65515 |
Network Data Platform - Base Analytic |
2.370.10091 |
2.370.312 |
Network Data Platform - Caching Infra |
6.2.7 |
6.2.7 |
Network Data Platform - Core |
6.2.33 |
6.2.27 |
Network Data Platform - Ingestion Infra |
6.2.16 |
6.2.16 |
Network Data Platform - Manager |
6.2.13 |
6.2.13 |
Network Data Platform - Pipeline Infra |
6.2.24 |
6.2.24 |
Network Data Platform - Storage Management |
6.2.53 |
6.2.47 |
RCA-Scripts Package |
0.1.11 |
0.1.11 |
Rogue and aWIPS |
2.9.39 |
2.9.29 |
SD Access |
2.713.65350 |
2.710.65515 |
System Management Operations |
1.1.1101 |
1.1.1090 |
Telemetry |
3.2.14 |
3.2.11 |
Features
New and Changed Features in Cisco DNA Center 2.3.7.3 on ESXi
Feature |
Description |
---|---|
IPv6 |
IPv6 is now supported. |
IP ACL |
IP ACL is now supported. |
Backup and Restore |
You can use the backup and restore functions to create the backup files and to restore to the same or different virtual appliance. For information, see the Cisco DNA Center 2.3.7.3 on ESXi Administrator Guide. |
Custom Role-Based Access Control (RBAC) |
You can create custom roles that permit or restrict user access to certain Cisco DNA Center functions. |
Prime Data Migration Tool (PDMT) |
You can use this tool to migrate Cisco Prime Infrastructure Data to Cisco DNA Center. |
United States' Federal Information Processing Standard (FIPS) |
Added support for FIPS, which is an optional mode that can be enabled when installing the Cisco DNA Center image. By default, FIPS mode is disabled. |
Unsupported Features
Cisco DNA Center on ESXi supports all of the features that the Cisco DNA Center supports, except for the following features:
Unsupported Features
-
Automation: Cisco Wide Area Bonjour application, Cisco vManage for SD-WAN, Cisco DNA Traffic Telemetry Appliance, Cisco Secure Network Analytics.
-
Wireless: Cisco User Defined Network (UDN), Cisco Umbrella.
-
Assurance: Sensor.
-
System Workflows: Backup and Restore using VMware vSphere Client snapshot function, Backup and Restore from Cisco DNA Center hardware appliance to Cisco DNA Center on ESXi virtual appliance.
-
Diagnostics Center: Validation Tool under
. -
Setting Page: Authentication API Encryption.
-
Security Policy Access (SPA): Security Sensor in Endpoint Analytics and Group Based Policy Analytics (GBPA).
-
Telemetry: VM- and host-level telemetry.
VA Requirements
The Cisco DNA Center on ESXi is intended for enterprise environments, such as manufacturing or education, where a large-scale requirement is present within a single physical environment.
See the following tables for the minimum Cisco DNA Center on ESXi virtual machine requirements. For performance tips that cover the most performance-critical areas of VMware vSphere Client 7.0, see Performance Best Practices for VMware vSphere 7.0 (PDF).
Feature | Description |
---|---|
Virtualization platform and hypervisor |
VMware vSphere (which includes ESXi and vCenter Server) 7.0.x, including all patches |
Processors |
Intel 2.1-GHz and above CPU 32 vCPUs with 64-GHz reservation must be dedicated to the VM |
Memory |
256-GB DRAM with 256-GB reservation must be dedicated to the VM |
Storage |
3-TB solid-state drive (SSD) If you plan to create backups of your virtual appliance, also reserve additional datastore space. For information, see "Backup Server Requirements" in the Cisco DNA Center on ESXi Administrator Guide. |
IO Bandwidth |
180 MB/sec |
IOPS |
2000-2500 |
Latency |
Cisco DNA Center on ESXi to network device connectivity: 200 ms |
Limitations and Restrictions
Cisco DNA Center on ESXi has the following limitations and restrictions:
-
Unlike the Cisco DNA Center platform, you cannot connect VMs to create three-node clusters. To achieve high availability, you need to use VMware vSphere. For more information, see the "High Availability" section in the Cisco DNA Center on ESXi Administrator Guide, "Configure System Settings" chapter.
-
Cisco DNA Center on ESXi does not support the following VMware vSphere features:
-
Fault tolerance
-
Suspending and resuming VMs
-
Cloning VMs
-
Snapshot (as backup)
-
-
With Cisco DNA Center on ESXi, application telemetry is not supported for Cisco Catalyst 9500 Series Switches.
-
To configure the Management interface and the Enterprise interface, manually create a virtual machine using the VMware vSphere UI and then configure both interfaces using either the Maglev Configuration wizard or the Install Configuration wizard. For more information, see the "Deploy a Virtual Appliance" section in the Cisco DNA Center on ESXi Deployment Guide.
Multiple Cisco DNA Center—Limited Availability
Multiple Cisco DNA Center allows you to define a single global set of virtual networks for software-defined access across multiple Cisco DNA Center clusters integrated with a single Cisco ISE system. This Multiple Cisco DNA Center functionality is a Limited Availability offering in Cisco DNA Center on ESXi.
To facilitate global administration of Cisco SD-Access across multiple Cisco DNA Center clusters with a consistent set of virtual networks, the Multiple Cisco DNA Center feature leverages the existing secure connection with Cisco ISE to propagate virtual networks, Security Group Tags (SGTs), access contracts, and Group-Based Access Control (GBAC) Policy from one cluster to another cluster, all integrated with the same Cisco ISE deployment. Cisco ISE takes the information learned from one cluster (the Author node) and propagates it to the other clusters (Reader nodes).
Because there are significant caveats for the Multiple Cisco DNA Center functionality, the Cisco SD-Access Design Council reviews the requests and provides guidance for use of the Multiple Cisco DNA Center to participants in the Limited Availability program.
Contact your account team to submit a request to the Cisco SD-Access Design Council to participate in the Limited Availability program.
Customers who are using Cisco ISE Version 3.1 or earlier must request and install the Limited Availability package before enabling Multiple Cisco DNA Center.
Note |
After this functionality is enabled, it can be disabled only by deleting Cisco ISE. In addition, if this functionality is enabled, because pxGrid is a required component of the solution, pxGrid cannot be disabled subsequently. |
Deployment Overview
For information about how to deploy Cisco DNA Center Virtual Appliance in a VMware vSphere environment, see the Cisco DNA Center on ESXi Deployment Guide. The guide also covers configurations we recommend you make before you use the product.
Bugs
Open Bugs
The following table lists the open bugs in Cisco DNA Center on ESXi, Release 2.3.7.0 and 2.3.7.3.
Bug Identifier | Headline |
---|---|
No client data and AP health displayed in the Assurance Custom Dashboard Library. |
|
Under scale conditions, the Cisco DNA Center on ESXi UI is not accessible for several hours while restoring data. |
|
When we restore managed service, restore mongo db in the end. |
|
An RBAC issue occurs when the promotion or demotion of local user roles is not enforced. |
|
During ova installation, Cisco DNA Center on ESXi reports, "A required disk image is missing." |
Resolved Bugs
The following table lists the resolved bugs in Cisco DNA Center on ESXi, Release 2.3.7.3.
Bug Identifier | Headline |
---|---|
UI displays an error while fetching policies under Group Based Access Control. |
|
Unable to discover or provision devices after enabling IP ACL. |
|
Cisco DNA Center doesn't display a child mesh AP (in Root role) that is associated to its RAP in the topology diagram on the 360 page. |
|
Need to save the mongo data into a temporary database before back up. Otherwise, you cannot log in to the UI if the restore fails. |
|
Client location drop-down list on the Intelligent Capture window is not showing Packet rate as an option. |
|
Upcoming links in the Access Control Application (ACA) window do not redirect to upcoming Group Based Policy tasks. |
|
L3 VN creation failure (Error NCSP11000) due to missing ACA package installation. |
|
Diff counts are mismatched, and ignored CLI doesn't contain the pattern. |
|
Telemetry connections are down on Polaris switches and wireless controllers after performing a backup and restore on Cisco DNA Center on ESXi. |
|
Network device interface detail information window hangs while loading and doesn't show any data. |
|
The heatmap on the Client iCAP 360 window isn't displayed. However, it displays correctly on the Map Design window. |
|
Under scale conditions, the Cisco DNA Center on ESXi UI is not accessible for several hours while restoring data. |
|
Adding a new port assignment to a switch removes the existing port assignments from the switch. |
Communications, Services, and Additional Information
-
To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.
-
To get the business impact you’re looking for with the technologies that matter, visit Cisco Services.
-
To submit a service request, visit Cisco Support.
-
To discover and browse secure, validated enterprise-class apps, products, solutions, and services, visit Cisco DevNet.
-
To obtain general networking, training, and certification titles, visit Cisco Press.
-
To find warranty information for a specific product or product family, access Cisco Warranty Finder.
Cisco Bug Search Tool
Cisco Bug Search Tool (BST) is a gateway to the Cisco bug-tracking system, which maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. The BST provides you with detailed defect information about your products and software.
Documentation Feedback
To provide feedback about Cisco technical documentation, use the feedback form available in the right pane of every online document.
Related Documentation
We recommend that you read the following documents relating to Cisco DNA Center on ESXi.
For This Type of Information... | See This Document... |
---|---|
Cisco DNA Center on ESXi release information, including new features, limitations, and open and resolved bugs. |
Release Notes for Cisco DNA Center on ESXi, Release 2.3.7.0 and 2.3.7.3 |
Installation and configuration of Cisco DNA Center on ESXi, including postinstallation tasks. |
|
Configuration of system settings, user accounts, licensing and high availability. Procedures for configuring and performing backup and restore. |
|
Use of the Cisco DNA Center GUI and its applications. |
|
Security features, hardening, and best practices to ensure a secure deployment. |
|
Supported devices, such as routers, switches, wireless access points, NFVIS platforms, and software releases. |
|
Hardware and software support for Cisco SD-Access. |
|
Use of the Cisco DNA Assurance GUI. |
|
Use of the Cisco DNA Center platform GUI and its applications. |
|
Use of Rogue Management functionality as a dashboard within Cisco DNA Assurance in the Cisco DNA Center GUI. |
Cisco DNA Center Rogue Management Application Quick Start Guide |
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/c/en/us/about/legal/trademarks.html. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)