Cisco DNA Center (DNAC) Dashboard vs. Meraki Dashboard: Enterprise-level Features vs. Simplicity
Networking | Network Access Control | Mobility & WiFi | Software Defined Networking
What are DNAC and Meraki Dashboard, and how do they differ?
We’ve seen it time after time, customers need to revamp their network architecture, but struggle to choose which Network Management system would give them the control they need to keep things running smoothly.
In this blog we’ll overview both the DNAC Dashboard and the Meraki Dashboard, comparing:
- Network Density and Access Points (APs)
- Network Access Control
- Network Visibility
- Network Updates
- Wireless Use Cases in Healthcare Environments
The goal is to highlight the key benefits of both platforms, how they are different and what that means to you. We’ll also discuss which environment they could be better suited for from an engineer’s perspective. We hope that with this information, you can decide in which dashboard you’d like to invest. Keep in mind that Cisco is actively working on closing the gaps between both platforms, so we may see the best of both worlds down the road. Let’s get started.
Cisco DNA Center (DNAC) and Meraki Dashboard Overview
Meraki Dashboard
Straight from Meraki, “the Meraki dashboard itself is a centralized, web browser-based tool used to monitor and configure Meraki devices and services. [1]” The Meraki dashboard is well known for its simplicity and portability.
DNAC Dashboard
Cisco DNA Center, on the other hand, is a network controller and management dashboard designed for installation on a dedicated on-premises physical appliance. Cisco has hinted that future versions will see more operational flexibility via a virtual appliance that’s compatible with VMware, ESXi, and AWS. [2] Cisco DNA Center is feature rich and a great companion for enterprise-level networking operations due to the level of customization and detail it offers.
Now that we have a basic overview of each platform let’s break them down based on some of their standout capabilities.
Network Density and Access Points (APs)
Before we dive into this section, note that the DNAC and Meraki dashboards themselves are not responsible for higher network density, that falls more on the Access Points they manage. However, as you will likely use a Network Management tool (such as DNAC or the Meraki dashboard), it’s important to understand that they can only manage APs of their own kind. (DNAC can manage Cisco APs, Meraki can manage Meraki APs). Cisco is working hard to close this gap, announcing in June at their Cisco Live that the Meraki dashboard can now manage Cisco 9160 Series Catalyst APs and switches in a limited capacity. You can read more about that here.
What is Network Density and Why Does It Matter?
Network Density refers to the ratio of links to nodes on your network. The more connections to each node, the higher the density.
The higher the network density is in an environment, the more powerful your connections are between nodes [3]. This reinforcement simply makes your network stronger and more capable of taking on more end user connectivity, application activity, and clients.
According to Meraki, locations that require more than 30 clients connecting to 1 AP can be considered a high-density location [4]. This includes locations like large campuses, stadiums, theaters, hospitals, etc. For reference, IE has seen 90-100 per AP work just fine on a Cisco AP paired with a Cisco Controller.
The real question is how much network density do you really need? While higher level Cisco Access Points can provide higher network density when compared to Meraki Access Points, that doesn’t necessarily mean that you need to ‘go big or go home.’
That’s why it’s important to have a full understanding of your environment, how many devices you intend to run at one time, compliance regulations, roaming, HD Video streaming, etc. If you can define that, you can determine if you need the enterprise level of network density capacity that Cisco APs can offer (and DNAC can manage!). If you’re not sure, consider a Wireless Site Survey. Not only will we help you design a seamless wireless infrastructure with your existing devices, but we can also make recommendations to improve your throughput and network density capacity.
Network Access Control (NAC)
What is Network Access Control (NAC) and Why Is It an Important Consideration?
Network Access Control ensures that only authorized people are allowed on the network, VPN, wired or wireless. Additionally, you can define what they are allowed to access, and from what device. This is important for managing who has access to what on your network. For DNAC, Network Access control is enforced through Cisco ISE but centrally configured and managed through Software Defined Access (SD Access).
Cisco ISE for Identifying Users...Not Just Devices
Cisco DNA Center integrates with Cisco Identity Services Engine (ISE) via API to incorporate Network control into policy deployments.
That means, Cisco DNA Center allows you to assign policies and permissions based on end user and role access instead of just by network device.
Through Cisco ISE, DNAC dashboard administrators can determine what users are on the network, what devices they’re using, and where they are accessing the network. By creating a Security Group tag in your DNAC dashboard you can funnel all that information over in real time.
There is a lower level of integration with Meraki APs, but you currently cannot access Cisco ISE for Network Access control through the Meraki dashboard, in order to utilize it, you must enter the ISE dashboard locally.
Software Defined Access (SD Access) for Complex Network Access Policy Fast
Networks with hundreds of switches can present several challenges for IT, such as taking a significant amount of time to deploy, maintaining separate management tools, and configuration inconsistencies that creep in over time. SD Access can automate this process, provide central management, and ensure configuration consistency network wide.
This is another layer of Network Access control you can manage and deploy from DNAC. SD Access allows organizations to “enable policy-based automation from the edge to the cloud. [5]” With SD Access, you can quickly and securely set network access for any user, device, or application.
Network Access Control and policy deployment from your management dashboard allows you to create customized configurations and send them out fast. The Meraki dashboard is unable to utilize SD Access but offers some native capabilities that allow you to send out pre-configured policy. For example, the Meraki dashboard offers templates that can be used for creating the exact same configuration in hundreds of locations which is ideal for retail environments or distributed networks.
Network Visibility
Why is Network Visibility Important for Assurance and Network Troubleshooting?
It’s quite simple when you think about it. How can you fix an issue if you can’t see it, or you don’t know where or what it is? That is the principle behind Network Visibility. It acts as a crucial component to both performance assurance and troubleshooting.
The DNAC and Meraki dashboards both offer native Network visibility functionality. This allows them to troubleshoot network issues. Integrations like DNAC Telemetry and Meraki Insight expand those capabilities.
DNAC Telemetry
The first thing to note about DNAC Network Visibility is that it’s the only solution that does telemetry and network health tracking. This means DNAC is constantly receiving REAL-TIME health data from your network devices like routers, switches, and firewalls.
DNAC Telemetry keeps pulled data on site and allows the user to access a robust network report.
Using your wired and wireless devices, Cisco DNA creates sensors across your networks. These constantly monitor your network and identify downed connections while reporting on network conditions and issues. This enables you to isolate the network issue in a matter of minutes and get your systems back up and running in no time.
Meraki Insight
Meraki uses something called Meraki Insight for network visibility and traffic analytics. This is assigned to individual devices rather than networks. It’s a separate license you can buy and include in your dashboard for more in-depth device updates. It enables Meraki users to “monitor the performance of Web Applications and WAN Links on their network and easily identify if any issues are likely being caused by the network or application. [6]” It’s comparable to Cisco ThousandEyes but within the facility rather than outside of the network.
Meraki’s “Cable Test” Live Tool
A very cool feature to call out that the Meraki dashboard allows you to do that DNAC does not is the Cable Test live tool. You can run the test right from your Meraki dashboard and this will tell you if there is a malfunctioning/down cable that’s interrupting your network. Talk about Network visibility!
Now that we’ve compared Network Density, Network Access Control, and Network Visibility, let’s explore how each dashboard performs Network Updates!
Network Updates
When comparing how the DNAC and Meraki dashboards perform network updates, we can sum it up in a few words. DNAC requires manual updates, and the Meraki Dashboard sticks to simplicity and automates its updates.
DNAC and AURA
A key benefit to Cisco DNAC is that it allows you to configure and provision thousands of network devices across your enterprise and perform complex configuration updates in a matter of minutes vs. hours or days! [1].
Just because you can deploy an update quickly, doesn’t mean it will be successful...and that opens the door to other issues. That’s changed for DNAC with the addition of the AURA command line tool, which took place in late 2021. AURA or Audit & Upgrade Readiness Analyzer, “performs a variety of health, scale & upgrade readiness checks for the Cisco DNA Center and the rest of the Fabric network. [7].” In short, this helpful tool tells you preemptively whether the upgrade will be successful before you roll it out.
Meraki Automatic Updates
Word on the street is that the Meraki dashboard has a reputation for having the best, and least painful firmware updates. You can configure how your device and firmware updates will roll out up front. Once you’ve set the maintenance window and update time, Meraki will roll out your updates, deploy patch updates, and make sure all your network devices are on the latest version.
DNAC dashboard updates may be more suitable for Network Administrators who prefer a hands-on approach or are charged with way more complex policy deployments. The Meraki dashboard offers a hands-off approach that allows users to essentially ‘set it and forget it’ and let it keep all your network devices updated for you. Both sides are beneficial depending on what you prefer and the complexity of the policies you’re pushing out.
Now that we’ve called out and compared some of the key differences between the DNAC and Meraki dashboards, let’s drop them into comparable use cases to showcase our points.
Wireless Use Cases for DNAC vs. Meraki Dashboard
To better highlight what we consider the best use cases for each dashboard we are going to compare their application in two different healthcare settings: large hospitals and healthcare clinics.
The reason we highlighted these two specifically is because though they need the same level of security because of the data they manage, they demand different feature sets. One benefits from simplicity and portability (the clinic setting), which Meraki can provide. While the other needs higher network density, better video resolution and continuity, seamless voice connectivity with advanced roaming capabilities, and in-depth location services for wayfinding. The latter is a better fit for DNAC. Let’s explore why.
Hospital Settings
Earlier we mentioned DNAC’s higher capacity for Network Density due mainly to the depth of features available through the dashboard and Cisco APs and Switches. In a hospital setting, doctors, staff, and patients require seamless connectivity for Telehealth appointments, location services like wayfinding, and HD voice and video operations with seamless and secure connectivity to Wi-Fi. The two major advantages we want to address below are DNAC’s capacity for layer 3 roaming and in-depth location services.
- HD Voice and Video Consultations and Roaming
Cisco DNA Center via the wireless LAN controller (WLC), offers complex roaming capabilities that maintain HIPAA compliance and keep hospital staff connected. Cisco DNAC is an Enterprise Campus Management Platform capable of handling environments that require seamless layer 3 roaming. In fact, one of the core benefits of this is that Cisco DNAC can support roaming AT SCALE. Whatever you need in that department, you can build with Cisco DNAC.
- Location Services and Wayfinding
Really, the level of location services available has more to do with the power of your Access Points and control plane. Our Wireless Guy, Dennis Holmes gave an estimate based on his recent, large-scale wireless project for the Nashville Superspeedway. “With The Meraki APs, I could tell you which AP you’re attached to within a 2000 sq foot area. With a Catalyst AP, if you are between 3 APs, I could tell you where you are within 10 feet if the survey is adequate.”
Another factor to note is Cisco DNA Spaces. This cloud website integrates with Cisco DNA Center, and you can configure it for the Meraki Dashboard too [8]. However, the latter is made possible ONLY when Cisco Catalyst APs are used with the Cisco DNA Spaces Connector. The Cisco DNA Spaces Connector bridges location data from user to AP to WLC to Cisco DNA Spaces Connector to Cisco DNA Spaces.
It consumes information about your location and business use cases. For example, with this implemented, you could identify how many people are in one area, you can set up zones within that area to drill down deeper, and you can identify how much time they spent in that area, where they came from to get to that area, and where they go to after they leave. We went more into detail about Cisco DNA Spaces in our NSS blog, you can read more about it here.
On the other hand, the Meraki dashboard can report on presence analytics. Which allows you to “identify presence, time spent, and repeat visits within range of a Wi-Fi access point.” [9].
Since it’s a cloud-based platform, this limits its capacity for Network Density. It can support layer 3 roaming with 2-3 clients without a concentration box like a Meraki MX, but the capacity needed in general hospital spaces, especially when the network needs complete security and reliability (HIPAA violations are expensive), is more than the cloud can easily support. Additionally, DNAC has technical feature sets in their Access Points that can better accommodate location services and multicast/unicast than Meraki solutions.
If seamless roaming and a higher network capacity is something your business will need, consider DNAC. You should also investigate the latest Wi-Fi standard, W-iFi6 and its new spectrum Wi-Fi6e. Learn more and accommodate your clinical mobility!
Clinic Settings
- Portability and Flexibility
In this area, the Meraki dashboard absolutely leads the charge. Many of our customers have fully embraced this technology for that exact reason. While DNAC may allow more in-depth management of Cisco APs and switches, due to the enterprise-level features, set up is more complicated. A use case that demonstrates this point is the clinic setting. If you’re supporting thousands of clinics and simply need a secure, high speed internet connection (think of those pop-up COVID-19 testing tents), Meraki dashboard is the better option.
It also allows you to send out your pre-configured policies to all your stations in one update, so each location will run predictably. For this setting, the depth of what DNAC provides simply isn’t necessary.
While we’ve covered two healthcare-based use cases (Hospitals and clinics) to showcase areas where one platform may be better suited than the other, both DNAC and Meraki Dashboards are powerful Network Management tools. Just remember, for more enterprise-level features, try DNAC. For simplicity and portability, choose the Meraki dashboard. Of course, your use case will be a big part of your decision.
Which Network Management Tool will Better Serve Your Business?
While both options are powerful network management tools, it really comes down to simplicity or enterprise-level features. We’ve explored some of the standout differences and some comparable use cases to highlight why the right network management platform can make all the difference. If you’re considering one of these solutions or would like more information, please contact our Networking team. We’d be happy to survey your environment and determine the best fit for your business needs.
Sources:
- https://documentation.meraki.com/Getting_Started#:~:text=The%20Meraki%20dashboard%20itself%20is,organizations%2C%20networks%2C%20and%20devices
- https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06-cisco-dna-center-aag-cte-en.html
- https://guides.co/g/the-network-effects-bible/121720
- https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/Best_Practice_Design_-_MR_Wireless/High_Density_Wi-Fi_Deployments
- https://www.cisco.com/c/en/us/solutions/enterprise-networks/software-defined-access/what-is-software-defined-access.html
- https://documentation.meraki.com/MI
- https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/dna-center/215840-cisco-dna-center-aura-audit-and-upgrad.html
- https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Mobility/DNA-Spaces/cisco-dna-spaces-config/dnaspaces-configuration-guide/meraki-config.html
- https://documentation.meraki.com/MR/Monitoring_and_Reporting/Location_Analytics
Additional Sources
- https://meraki.cisco.com/lib/pdf/meraki_datasheet_cloud_management.pdf
- https://documentation.meraki.com/General_Administration/Licensing/Meraki_Per-Device_Licensing_Overview
- https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-2-2/user_guide/b_cisco_dna_center_ug_2_2_2/b_cisco_dna_center_ug_2_2_2_chapter_01010.pdf