I am new to Digital Network Architecture technology and I have a couple of questions:
Thank you for your reply
DNA on VM: yes, runs on VM but NOT YET supported. Planned for later on.
Between ISE and your fabric devices, cisco trustsec is used
Between ISE and DNA Center, PxGrid is used.
I just want to clarify...
In traditional ISE deployments (non DNA Center) ISE communicates with network device (NADs) using RADIUS. The TrustSec is how polices are applied.
Are Fabric devices not seen as NADs by ISE when DNA Center is used?
Each Edge Node in the fabric is seen as a NAD on ISE.
So is it safe to say that in DNA Center implementations the protocol that interacts between fabric devices and ISE is RADIUS and not Cisco Trustsec or are there other considerations?
Yes you are right,
ISE sends typical radius messages to the edge switches or WLCs,
The NADs will use the loopback interface to send radius messages, and you will see these entries normally in the ISE.
No other considerations.
You need to be familier with trustsec and SGTs to apply policies that are not a must.
You can start with simple authorization profiles without using the tustsec.
Thank you Mohammad.
1-Ans- Trustsec, Pxgrid, NDP, SMNP etc are few protocols which work in DNA center, there are many as well.
2.Ans- As of Now DNA center cannot run as VM for ver 1.1, It might be supported in future versions.