New and Changed Information
The following tables summarize the new and changed features and tell you where they are documented.
Feature | Description | ||
---|---|---|---|
Dynamic Channel Assignment (DCA) Validation |
DCA channel support is based on the regulatory domain of the device. During AP provisioning with an RF profile selected, out of all the DCA channels configured on the RF profile only the supported channels as per the country code are considered and the unsupported channels are ignored. You can view the list of unsupported channels in the AP preprovision summary window. See Create a Wireless Radio Frequency Profile, Create an AI Radio Frequency Profile, and About Wireless Devices and Country Codes. |
||
Enhancements to AP Location Configuration |
During AP provisioning and AP Plug and Play (PnP) onboarding, Cisco DNA Center doesn't configure the assigned site as the AP location. You can configure the AP location using the Configure Access Points workflow. See Provision a Cisco AP—Day 1 AP Provisioning, Provision a Wireless or Sensor Device, and Configure AP Workflow. |
||
Enhancements to Authentication using AAA Server for Wireless Networks |
Effective with this release, you must configure an AAA server for an SSID to push the authentication configuration for the SSID. If an AAA server is not configured for the SSID, Cisco DNA Center pushes the aaa authentication dot1x default local command to the wireless controller and the default method list that points to local authentication is mapped to the SSID. See Configure AAA Server for an Enterprise Wireless Network and Configure AAA Server for a Guest Wireless Network. |
||
Enhancements to Default Configuration of Fast Transition Over Distributed Systems for SSIDs |
Effective with this release, fast transition over a distributed system (Over the DS check box) is disabled by default for SSIDs for guest and enterprise wireless networks. See Create SSIDs for an Enterprise Wireless Network and Create SSIDs for a Guest Wireless Network. |
||
Enhancements to Editing RF Profiles |
Effective with this release, when you update an RF profile that is already provisioned on a wireless controller and AP, you can reprovision either the wireless controller or AP. Wireless controller reprovisioning also pushes the RF profiles updates to the devices and AP reprovisioning is not necessary. If the you don't need the RF profile updates during the wireless controller reprovisioning, you can check the Skip AP Provision check box See Edit or Delete a Basic Radio Frequency Profile and Edit and Delete an AI Radio Frequency Profile. |
||
Enhancements to RF Profiles |
Effective with this release, for Cisco Catalyst 9800 Series Wireless Controllers, disabling a radio band on the RF profile doesn't disable the Admin status of the respective radios on all APs that use the RF profile. Instead, Cisco DNA Center disables the Admin status of the corresponding RF profile.
See Create a Wireless Radio Frequency Profile and Create an AI Radio Frequency Profile. |
||
Enhancements to Site Tags, Policy Tags, and AP Zone Provisioning |
Site tags, policy tags, and AP zone provisioning have the following enhancements:
See Add AP Zones to a Network Profile and Add AP Groups, Flex Groups, Site Tags, and Policy Tags to a Network Profile. |
Feature | Description | ||
---|---|---|---|
2D Wireless Maps Enhancements |
See View a 2D Wireless Floor Map, Add a Floor with a CAD Map File, Add Planned APs to a Map, AP Icon Legend, Add, Edit, and Delete Align Points, and Import an Ekahau Site Survey to Cisco DNA Center. |
||
3D Wireless Maps Enhancements |
See View a 3D Wireless Map, 3D Map View Options, and 3D Wireless Map Toolbar. |
||
Advertise LAN Automation Summary Route to BGP |
LAN automation advertises the summary route to BGP on the primary and peer device. |
||
AP Configuration Workflow Enhancements |
You can configure an AP even if it is not assigned to a site. You can configure the following AP parameters:
You can configure the following radio parameters:
See AP Configuration in Cisco DNA Center and Configure AP Workflow. |
||
Application Hosting Enhancements |
You can validate the HTTPS credentials provided for the device during the device readiness check. |
||
AP Provisioning Change for XOR Radio Role |
With Cisco DNA Center 2.3.3.0 or later, when you provision any AP that has XOR radio (for example, Cisco 2800, 3800, and so on) with an RF profile that has 2.4 GHz disabled, Cisco DNA Center changes the XOR radio role to 5 GHz manual.
|
||
AP Refresh Across Cisco Wireless Controllers |
You can perform an AP refresh when the old AP and new AP are connected to different Cisco Wireless Controllers. You can perform an AP refresh even if the old AP is not provisioned. See AP Refresh Workflow. |
||
AP Zones |
You can add AP zones to a network profile for wireless devices. You can use AP zones to associate different SSIDs and RF profiles for a set of APs on the same site. See Create Network Profiles for Wireless and Provision a Cisco AP—Day 1 AP Provisioning. |
||
Assign Device Roles and Tags to Software Images |
You can assign device roles and tags to a software image to indicate that the software image is marked as golden. When both the device tags and device roles are assigned to a software image, the device tags take precedence. See View Software Images. |
||
Border Preference Option in the Fabric Site |
To navigate traffic through a desired border node, assign priority values for the border nodes in the fabric site. |
||
Central Web Authentication Using Third-Party AAA Server for Guest Wireless Networks |
You can now configure Central Web Authentication (CWA) using a third-party AAA server while creating SSIDs for guest wireless networks. See Create SSIDs for a Guest Wireless Network and Configure AAA Server for a Guest Wireless Network. |
||
Cisco Device Hardware, Software, and Module End of Life (EoX) Status |
Cisco DNA Center shows alerts for the devices that are scanned for EoX alerts. The EoX Status column in the Inventory table shows the number of EoX alerts. |
||
Cisco DNA Center Insights |
You can subscribe to Cisco DNA Center Insights, which contains product announcements, network highlights, information about your network performance, and more. The Cisco DNA Center Insights publication is sent in PDF format to the email address that you specify. |
||
Control Endpoint Spoofing |
The Control Endpoint Spoofing feature provides granular policy control by providing network information other than just the MAC address of an endpoint. |
||
Create Port Group |
You can group device ports based on an attribute or rule. See Create Port Groups. |
||
Credential Status |
The Credential Status column in the Inventory table shows the device credential status for devices that are configured. Click See Details to view details about the credentials. |
||
Custom Policy Tags |
You can configure policy tags for Cisco Catalyst 9800 Series Wireless Controllers using the advanced settings while creating network profiles for wireless devices. See Add AP Groups, Flex Groups, Site Tags, and Policy Tags to a Network Profile. |
||
Custom Template for Day 0 Onboarding Without Site Selection |
If you have not assigned the device to a site, you must choose a template to claim the device. |
||
Design the Network Hierarchy |
You can now search the network hierarchy using the Site Name and Site Type filter criteria. |
||
FIPS 140-2 Support |
Software images are compliant with the Federal Information Processing Standard (FIPS). If FIPS mode is enabled in Cisco DNA Center, you cannot import images from a URL. Import images from your computer or cisco.com. |
||
FIPS mode is supported only in a new installation of Cisco DNA Center. If you are upgrading from an earlier release, FIPS mode is not supported. |
|||
In a FIPS deployment, you cannot enable external authentication. |
|||
FIPS mode is not supported for the Cisco Wide Area Bonjour application. In a FIPS deployment, you cannot install the Cisco Wide Area Bonjour application from the Cisco DNA Center GUI or CLI. |
|||
FIPS mode has the following impact on the export and import of map archives. If FIPS mode is enabled:
If FIPS mode is disabled:
See Use an Existing Cisco Network Hierarchy, Export Your Map Archive from Cisco DNA Center, and Import Your Map Archive to Cisco DNA Center. |
|||
FIPS Support for Endpoint Analytics |
When FIPS mode is enabled in Cisco DNA Center, some of the functions related to Endpoint Analytics are unavailable in the Cisco DNA Center GUI. See FIPS Compliance. |
||
Generate Compliance Audit Report |
You can get a consolidated compliance report that shows the compliance status of the devices in your network. |
||
Integrate Cisco AI Endpoint Analytics with Talos Intelligence |
Talos Intelligence is a comprehensive threat-detection network. Talos detects and correlates threats in real time. By integrating Cisco AI Endpoint Analytics with Talos, you can flag endpoints in your network that are connecting to malicious IP addresses. See Integrate Cisco AI Endpoint Analytics with Talos Intelligence. |
||
Manage System Beacon |
You can highlight switches in the Cisco DNA Center inventory by using a system beacon. System beacon supports the following devices:
See Manage System Beacon. |
||
Manage Your Inventory |
In the Inventory window, if you choose the Default view from the Focus drop-down list, the Inventory table displays only the Device Name, IP Address, Device Family, and MAC Address of listed devices. |
||
NAS ID Configuration |
You can configure network access server identifiers (NAS IDs) for SSIDs for enterprise and guest wireless networks. See Create SSIDs for an Enterprise Wireless Network and Create SSIDs for a Guest Wireless Network. |
||
QoS Settings for Wireless Networks |
You can choose one of the following QoS settings for the primary traffic while creating SSIDs for enterprise and guest wireless networks:
See Create SSIDs for an Enterprise Wireless Network and Create SSIDs for a Guest Wireless Network. |
||
Return Material Authorization (RMA) Support for New Devices |
RMA Workflow support is extended for the following:
|
||
RMA Support |
Zero-touch onboarding of replacement device through PnP is supported for fabric and LAN automation devices. See Replace a Faulty Device and Limitations of the RMA Workflow in Cisco DNA Center. |
||
Schedule Group-Based Access Control Policy Updates |
You can save policy changes immediately or schedule an update at a specific time. You can view the status of the scheduled tasks in .If the Cisco DNA Center Automation Events for ITSM (ServiceNow) bundle is enabled, the Save Now option is disabled, and only the Schedule Later option is enabled for Group-Based Access Control policy changes. Note that the scheduled task must be approved in IT Service Management (ITSM) before the scheduled time. |
||
Schedule Recurring Events for APs |
You can schedule recurring events for AP and radio parameters in the AP configuration workflow. |
||
SD-Access User Interface Enhancements |
See Add a Fabric Site, Configure Devices for a Fabric Site, Configure Ports Within the Fabric Site, Configure a Port Channel, and Virtual Networks. |
||
Sync Updates for Software Images |
You can synchronize the information of software images from cisco.com for all the managed devices in Cisco DNA Center. See View Software Images. |
||
Troubleshoot Unmonitored Devices |
Using the MRE workflow, you can troubleshoot unmonitored devices or the devices that do not show Assurance data. See Troubleshoot Unmonitored Devices Using the MRE Workflow. |
||
Troubleshoot Wireless Client Issues |
Using the MRE workflow, you can troubleshoot wireless client issues. |
||
Upgrade Extended Node to Policy Extended Node |
You can upgrade a Policy Extended Node-capable device that is configured as an extended node by changing its license level. |
||
URL-Based Access Control List |
You can create IP-based and URL-based postauthentication access control lists (ACLs) for your network. See Workflow to Create an IP- and URL-Based Access Control Policy. |
||
View All Discoveries |
The new Discoveries table in Cisco DNA Center shows details of all the discovery jobs and provides options to rediscover and delete discovery jobs. See View All Discoveries. |
||
View Image Update Workflow |
You can view the progress of software image update tasks. Cisco DNA Center shows the status of each task that is associated with the Distribution and Activation operations and the amount of time taken to complete each operation. |
||
View REP Ring Topology Status |
The REP Ring Topology Status option lets you view the current state of all devices in a REP ring. See View REP Ring Status. |