AP Join Profile Rogue Parameters Support
Cisco DNA Center supports the following rogue parameters:
-
Rogue detection minimum Received Signal Strength Indicator (RSSI)
-
Rogue detection transient interval
-
Rogue detection report interval
-
Protected Management Frame (PMF) denial
See Configure Management Settings for an AP Profile for Cisco IOS XE Devices.
AP Location Configuration for PnP Onboarding
You can configure the site assigned during the PnP claim as the AP location for PnP onboarding.
See Plug and Play Provisioning Prerequisites and Provision a Wireless or Sensor Device.
AP Preimage Download Progress
You can view details about an AP's preimage download task for all the APs associated with the device.
See View Image Update Status.
Application Quality of Service (QoS) Support
Cisco DNA Center allows you to enable Application QoS policy by default on wired devices onboarded through Plug and Play or through site assignment, if you deploy QoS policy on the site to which the device is provisioned.
See Application Policies Overview and Provision a Device with Plug and Play.
Application Visibility and Controller-Based Application Recognition (CBAR) Enablement on Devices
Cisco DNA Center allows you to enable Application Visibility and CBAR by default on wired discovered devices and devices onboarded through Plug and Play or through site assignment.
See Configure Syslog, SNMP Traps, NetFlow Collector Servers, and Wired Client Data Collection Using Telemetry, Add a Device to a Site, and Provision a Device with Plug and Play.
C9800 Day 0 Onboarding Template Support
Cisco DNA Center PnP supports an onboarding template for wireless devices.
See Provision a Wireless or Sensor Device.
Configurable Limit on Importing Walls from CAD Files
When importing a CAD file to use as a floor map, you can set a limit to the number of walls that are imported. Setting this limit helps to minimize the time it takes to generate a 3D heatmap.
See Add a Floor with a CAD Map File.
Deletion of Nodes from REP Ring for Nonfabric Deployments
Cisco DNA Center supports dynamic deletion of nodes from a REP ring for nonfabric deployments.
See Delete a Node from a REP Ring for Nonfabric Deployment.
Detect Conflicts in a CLI Template for Wireless
Cisco DNA Center supports detection of potential design conflicts and run-time conflicts in the CLI templates for wireless.
| Note | Cisco DNA Center doesn't support run-time conflict detection for Cisco Catalyst 9800 Series Wireless Controllers. |
See Detect Conflicts in a CLI Template, Potential Design Conflicts Detection Between CLI Template and Service Provisioning Intent, and Detect CLI Template Run-Time Conflict.
Enhanced 2D Wireless Heatmap Generation
The 3D-computed heatmap generator, which is enabled by default, supports both 2D and 3D heatmap generation. Although you can disable the 3D-computed heatmap generator and use the original heatmap generator, we recommend that you use the 3D-computed heatmap generator. It can generate heatmaps substantially faster than the original heatmap generator, and you can set a limit to the number of walls that are included in a heatmap computation, which also enhances processing speed.
See Heatmap Overview.
Enhanced Experience Enabling CX License Trials for the Security Advisories, Field Notices, and Network Bug Identifier Features
The process for enabling the Security Advisories, Field Notices, and Network Bug Identifier feature trials has been enhanced. To begin any of these feature trials, you must accept the trial terms and conditions. However, you only have to accept them once for any of the trials. Afterward, you can simply start the other feature trials.
See Enable the Security Advisories Trial, Enable the Field Notices Trial, and Enable the Network Bug Identifier Trial.
Enhancement in Handling Cisco Wireless Controller Configurations
During the reprovisioning of a Cisco Wireless Controller, Cisco DNA Center ensures not to overwrite configurations that are not part of the intent.
See Provision a Cisco AireOS Controller and Provision a Cisco Catalyst 9800 Series Wireless Controller.
Enhancements to Access Control Lists for Central Web Authentication SSIDs of Guest Wireless Network
Cisco DNA Center-generated preauthentication Access Control Lists (ACL) are created only for the configured AAA or PSN servers for Central Web Authentication (CWA) SSIDs of guest wireless networks.
See Configure AAA Server for a Guest Wireless Network.
Enhancements to Admin Status of Radio Bands in RF Profiles for Cisco AireOS Wireless Controller
For Cisco AireOS Wireless Controllers, if you disable the Admin status of a band in the RF profile and reprovision the wireless controller or AP, Cisco DNA Center creates the RF profile for the corresponding band and maps it to the AP group (instead of configuring it as None) and disables the Admin status of all radios of the corresponding band on the APs.
See Create a Wireless Radio Frequency Profile.
Enhancements to FlexConnect Settings Modifications for Existing SSIDs
If you modify any nonflex SSIDs that are already provisioned on a wireless controller to flex SSIDs (or conversely), you must reprovision the wireless controller to ensure that the expected intent is configured on the wireless controller.
If you modify the VLAN ID value in the Local to VLAN ID field of an existing SSID and reprovision the AP without reprovisioning the wireless controller, the latest value of the VLAN ID is updated in the flex profile used by the AP.
| Note | If the same flex profile is used by other APs, these APs will also have the updated local VLAN ID. |
See Add SSIDs to a Network Profile.
Enhancements to Associating Templates for Wireless Network Profiles
You can associate onboarding and day-n templates to a network profile for wireless. The onboarding templates are used while onboarding wireless devices using Plug and Play (PnP).
See Add Templates to a Network Profile and Provision a Wireless or Sensor Device.
Enhancements to Channel Width Selection for APs in Dual Radio Mode
In earlier releases, if the dual radio mode was enabled on an AP, its slot 2 couldn't be in the Client-Serving or Monitor radio role with the 160 MHz channel width.
Effective with this release, if the dual radio mode is enabled on an AP, its slot 2 can't be in the Client-Serving radio role with the 160 MHz channel width.
See Configure APs.
Enhancements to RF Profile Updates for Cisco AireOS Wireless Controllers
For Cisco AireOS Wireless Controllers, if you modify the DCA channels or data rates for an RF profile that is already provisioned on a wireless controller, Cisco DNA Center resets the corresponding radio.
See Edit or Delete a Basic Radio Frequency Profile.
Enhancements to SSID Workflow, Preauthentication ACLs, IP-Based Access Contract, and RX SOP Threshold in RF Profiles
Cisco DNA Center supports authentication key management settings, ingress and egress QoS settings, and wireless encryption settings in the SSID creation workflow for enterprise and guest networks. See Create SSIDs for an Enterprise Wireless Network, Create SSIDs for a Guest Wireless Network, Configure Site-Level Overrides for an SSID for Enterprise Networks, and Configure Site-Level Overrides for an SSID for Guest Networks.
| Note | When you upgrade to Release 2.3.7 from an earlier release:
This configuration might change the intended configuration for the Cisco AireOS Wireless Controllers and wireless controllers running Cisco IOS XE Release 17.6 or earlier. You can update the Auth Key Management settings for the SSIDs before reprovisioning the wireless controllers. |
Cisco DNA Center supports additional protocols in the preauthentication access control lists and IP-based access control contracts. See Create Pre-Auth Access Control Lists and Create an IP-Based Access Control Contract.
Cisco DNA Center supports custom Receiver Start of Packet Detection (RX SOP) threshold values for each band for basic and AI RF profiles using the RX-SOP Threshold (dBm) Custom Value field. See Create a Wireless Radio Frequency Profile and Create an AI Radio Frequency Profile.
New Automation for SD-Access
The enhanced Cisco SD-Access user interface provides a succinct view of the fabric elements and their attributes.
See New Automation for SD-Access.
Inventory Resync Insights
You can view the last sync start time and the reason for the last sync in your inventory.
See Display Information About Your Inventory.
Option to Provide a Customized Loopback IP Address During LAN Automation
Under Provision > LAN Automation, when you provision LAN automation, in the HOSTNAME MAPPING section > Discovered Devices Hostname Prefix field, you can upload a CSV file that contains a serial number and hostname for each device. Optionally, it can also have a customized loopback IP address for each device. The ability to upload a customized loopback IP address is new in this release.
See Provision a Network Through LAN Automation.
Software Image Management (SWIM) Extended Support for a Two-Way Compatibility Matrix Comparison
Cisco DNA Center SWIM performs a two-way compatibility matrix file comparison to improve In-Service Software Upgrade (ISSU) compatibility decision-making.
Cisco DNA Center is able to autodownload the compatibility matrix files of ISSU-supported devices' running images and golden tagged images available in cisco.com.
See Import the ISSU Compatibility Matrix.
Support for Additional WLAN Parameters
Cisco DNA Center supports additional WLAN parameters for the advanced SSID model configuration design. The SSID creation workflows for enterprise and guest networks support the selection of an advanced SSID model configuration design.
See Create a Model Config Design for Advanced SSID, Create SSIDs for an Enterprise Wireless Network, and Create SSIDs for a Guest Wireless Network.
Support for AS Path Prepend
You can steer the selection of the ingress border in the SD-Access fabric by modifying the AS Path prepends. You can define the number of AS Path prepends to the BGP AS_PATH list.
See Add Device as a Border Node.
Support for Manual Data Refresh to Track the Replacement Status in the AP Refresh Workflow
In the Access Point Refresh workflow, to view the latest AP replacement status, you can use the Refresh Data option.
| Note | Effective with this release, Cisco DNA Center doesn't refresh the data automatically. |
See AP Refresh Workflow.
Support for Operational and Planned APs in 2D Heatmaps
You can display a coverage heatmap in 2D that shows both operational and planned APs. This option is only available when the 3D-computed heatmap generator is enabled, which is the default configuration. If you disable the 3D-computed heatmap generator, the 2D heatmap reverts to the original heatmap generator and only displays operational APs or planned APs in a heatmap, not both simultaneously.
See 2D Map View Options.
Support for Static IP Address for Wireless Management Interface During Provisioning of Cisco Catalyst 9800 Series Wireless Controller
Effective with this release, you must configure a static IP address for the wireless management interface on the Cisco Catalyst 9800 Series Wireless Controller to prevent provisioning failure.
See Configure a Cisco Catalyst 9800 Series Wireless Controller in Cisco DNA Center.
Tooltip for the Resolved IP Address
You can view the resolved IP address of a device in the IP Address column.
See Display Information About Your Inventory.
User Interface Updated for Design > Network Settings > Network Window
Network Settings > Network window is updated to provide better user experience.
See Add Cisco ISE or Other AAA Servers, Configure Global Network Servers, and Add Image Distribution Servers to Sites
View Cisco DNA Center in Light or Dark Appearance
You can view Cisco DNA Center in light (default) or dark appearance. On the My Profile and Settings > Display Settings window, you can apply light or dark appearance.
See Apply Light or Dark Appearance in Cisco DNA Center.
Visibility and Control for Compliance Remediation
While fixing compliance violations, you can send planned network configurations to IT Service Management (ITSM) for approval before deploying them.
See Fix Compliance Violations.
Visibility and Control of Configurations
With the delivery of the enhanced control, you can send planned network configurations to ITSM for approval before deploying them. Control ensures that only authentic and authorized configurations are provisioned onto your network devices, which further secures your devices.
See Visibility and Control of Configurations Workflow.
Visibility and Control of Wireless Device Configurations
Cisco DNA Center supports enhanced control for wireless device configurations. With enhanced control, you can ensure that only authentic and authorized configurations are provisioned onto your network devices through an IT Service Management (ITSM) check.
By default, Configuration Preview is enabled, and ITSM Approval is disabled. You can update these settings on the System > Settings > Visibility and Control of Configurations window.
| Note | If there is a conflicting operation when you deploy your planned network configurations, the Pending Operations dialog box is displayed. To proceed with the current deployment, you must either wait for the existing, scheduled, or pending-review operations to complete or discard the operations. |
See Visibility and Control of Wireless Device Configurations, Provision a Cisco AireOS Controller, Provision a Cisco AP—Day 1 AP Provisioning, Provision a Cisco Catalyst 9800 Series Wireless Controller, AP Configuration in Cisco DNA Center, Configure Mobility Group, Configure Remote LAN, and Create an IP-Based and URL-Based Access Control Policy.
Visibility and Control of Fabric Configurations
With the Control feature, you can send planned fabric configurations to ITSM for approval before deploying them on the fabric devices.
All fabric workflows and configurations support the Visibility and Control feature.
See Visibility and Control of Fabric Configurations.
Wireless Mesh Access Point in an SD-Access Fabric
Starting with Cisco DNA Center 2.3.7, you can onboard a wireless Mesh AP in an SD-Access fabric. You can provision a mesh AP either as a Mesh Access Point (MAP) or a Root Access Point (RAP), depending on the network requirement.
![Cisco DNA Center User Guide, Release 2.3.7.0 and 2.3.7.3 - New and Changed Information [Cisco Catalyst Center] (2024)](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8/h8AAvMB+NzmkbcAAAAASUVORK5CYII=)