Disclaimer: I realize part of this may come off as sales-y. I do not sell products. I build networks. I don't work for any manufacturer, vendor, or VAR. I'm just an engineer that's in this sub.
First up, can we somehow get like a commonly asked questions wiki page for this sub that links to threads with answers to various questions?
Second, if so can we add a thread about the "new" Cisco access layer licensing to it?
Third, and more rant-y: I don't understand the general vitriol the new Cisco licensing. It isn't that complicated, nor earth shattering.
- LAN Base -> 9200 with no special license
- IP Base -> 9xxx with Network Essentials/DNA Essentials
- IP Services -> 9xxx with Network Advantage/DNA Advantage
- Bundled Stealthwatch ETA and ISE SDA analytics with IP Services -> DNA Premier
If you want Network Essentials or Advantage, you buy the appropriately named DNA license level for at least a 3 year term, and your perpetual network E/A license is included as a 0 cost line item. Maybe it's because we're network people, but if you think 3(4) license SKUs are complicated, Microsoft/Oracle have spreadsheets to show you.
If you don't like smart licensing, that's understandable. There are ways to work around it: Local server, offline licensing, or license reservation, but I can understand that's more complicated that it historically has been. If that was the straw that made you leave Cisco, please go and hopefully we can stop the entire tech industry trend. I doubt it will make a difference in the end though, and the recurring revenue beast will consume us all eventually. Maybe that's just me being defeatist.
However, if your big hang up is the "DNA" part of the license, get over yourself. If DNA scares you, don't use it. No one is forcing you to use it. Cisco would like you to use it, which is why they make you buy the 3 year DNA license to get your forever license; but there is no increase in price or reduction of feature set when you compare to the last generation. And hey, if you buy enough stuff at once, they'll give you a fairly loaded server you can throw whatever the hell you want on.
- Note: I think a Prime license being tied to the DNA Advantage license might be a change. I honestly don't know if buying Prime licenses was a thing in the past.
Finally, on a related topic, let's talk about DNA in general. DNA != SDA. DNA Center itself, in its recent releases is fine. Not great, not terrible, but fine. It's essentially Prime with a facelift. If all you want is maps and reporting for wireless, and a templating engine for routing, switching, and wireless DNA Center is perfectly serviceable for that need (with at least a DNA Essentials license depending feature need).
Cisco SDA on the other hand is...also fine...recently..if you fit the use case. If you don't fit that use case, you will hate every minute of your existence working with it. So what is that use case?
- You will generally have more than 2,000 access ports
- You will want to do Stealthwatch ETA on your access edge
- You want to do NBAR based QoS tagging on your access edge
- You want to segment your network in macro and micro segments (Macro would be Marketing and IT as separate groups, Eg: VRF. Micro would be Janet's workstation vs the accounting printer, Eg: VACL/PVLAN)
- You want flexconnect/insert term for local handoff wireless here, with faster roaming
- You have a need to use your IP space as efficiently as possible (Instead of 8 closets in your facility each having a /22 - /24 because of the port count, you provision shared subnets for Macro segments. That would reduce you from a /20 for that facility to maybe a /21 or smaller)
If some combination of these sounds like your needs, you might be a candidate for SDA. Maybe. But for the love of all that is good test it first.
SDA is definitely not for everyone, and currently it fits a very specific use case. If you need it, you kind of already know you need it. If you don't, you will most likely fall into one of two camps:
- The implementation and ongoing maintenance will be more complicated and intensive than doing it manually or with some other automation tool of your choice.
- The current feature set of LISP/VxLAN will break more things in your environment than you are willing to fix for the features you gain.
That's all I have for now. I'll probably incur some wrath for this, but I feel like this needs to be said at this point. I'm not a Cisco fanboy, until my current position I'd never really touched it much because the cost was more than those companies wanted to pay. I am a firm believer that there is a correct tool for every job though. Where I am we feel it fits a need, and we'll continue to use their products/ecosystem until it no longer does. I feel like people are just angry/confused about a product that was never meant for them, and that colors the opinions of people who could actually use it.
Edit: Grammar/Spelling Fixes
No comments:
Post a Comment