Leading by Example: Managing Our Internal Network with the Same Cisco Tools We Offer Clients

SpotIT - Cisco

SpotIT acts as a trusted advisor in both security and networking for our customers. Our main focus is to provide managed services in a most proactive and efficient manner. A key part of these services consists of network monitoring (next to architectural improvements, service- and project management). We ensure the business continuity of our customers worldwide with our managed services, 24/7 NOC and SOC.
Classic network monitoring tools are depending on syslog, icmp and snmp data in order to trigger alerts. These alerts are then forwarded to ServiceNow, our main ITSM tool to service our customers. 


DNA Assurance

The deployment of DNA Center, on some of our major customers’ networks, provided an opportunity for us to enhance these standard monitoring capabilities. While classic tools always start from a network perspective to generate issues on the network, DNA Center takes a different, more holistic approach.
In addition to classic monitoring, it enables us to view the network from a client and applications’ perspective as well. This is provided by DNA Assurance, which is the key component of DNA Center that allows us to have clear insights into the entire network behavior. 
The client experience is translated into a client health score, which is derived from a set of user-specific KPI’s. In a wireless context for example, this includes onboarding times (e.g. dhcp, aaa), roaming times, etc. All this information is gathered using telemetry data from several sources (such as Catalyst 9800 wireless controllers and Cisco ISE).
Next to this enhanced user-based monitoring, a set of additional AI components can proactively detect issues on the network infrastructure, both on wired and wireless networks. 


Software management

Software life-cycle management is also a key part of our managed services. Keeping IOS(-XE) images consistent throughout an entire network can be a challenging and cumbersome task to perform. Some monitoring tools are able to automate software distribution and upgrades. DNA Center however, is not only able to automate these tasks, but adds an additional layer of pre- and post checks to these upgrades. This significantly reduces operational risks when performing upgrades to network devices.


DNA Center Platform ITSM integration

The ITSM integration options of DNA Center allowed us to leverage these additional capabilities to our managed services. 
DNA Assurance issues are sent to ServiceNow as incidents and can treated by our Network Operations teams in the same manner as our classic monitoring tools. The information provided in the tickets contain more detailed information on basic troubleshooting steps, the network environment of the device or client that causes issues and a direct link to DNA Center 360 view. This enables the engineer to troubleshoot in a more focused way: all the information is at his/her disposal in order to asses the severity of a certain incident and to begin troubleshooting.


ITSM integration testing setup

During an initial testing phase we decided to integrate two DNA Center instances into our ServiceNow environment. This, in order to fully test the integration experience using two different installation workflows. The SD-Access campus network of SpotIT IT has been integrated using the DNA Center App in ServiceNow. This option enables the full potential of the integration, with a minimum of additional configuration on both sides. The second DNA Center was integrated into the same ServiceNow environment without the use of the DNA App. 
Aside from the use of the app, as a managed services provider the integration with multiple DNA Centers in our ServiceNow production environment will be inevitable.
In order to translate ServiceNow information flows to DNA Center, a MID server has been deployed on each DNA Center appliance. 


Bundles

In terms of functionality, the integration allows us to fully synchronize the DNA Centers’ inventory with the ServiceNow CMDB. This can be pushed directly to the CMDB or through a staging table. Since the latest release of  the bundle, you’re able to specify the device inventory data fields that must be synchronized with ServiceNow. 
The Network Issue Monitor and Enrichment for ITSM (ServiceNow) bundle is the core of the ITSM integration. This bundle interacts with DNA Assurance and publishes network and maintenance issues to ServiceNow through REST API. These incidents can be translated into specific ticket flows, based on your preference: incident, problem, event or change. Tweaking of specific issue importance can be done easily using the event settings in DNA Platform. 
The DNA Center App for ServiceNow allows also a closed loop integration with the Software Image Management module of DNA Center Automation through the SWIM bundle. When an image is tagged as being uncompliant with a certain IOS-XE image, a change request is generated to ServiceNow. After scheduling the distribution and installation of the new image, an approval of  the change request needs to be sent from ServiceNow to DNA Center in order to continue the upgrade process. This allows a fully automated approval process from our main ITSM tool.

Webex

Using the Webex integration, we were able to combine the added value of the ITSM integration with our standard collaboration platform. DNA Center incidents are sent to specific Webex groups, which allows us to react even faster to network issues. 

Way ahead

Our ultimate goal would be to use DNA Center as a single source of truth for the campus environment. SpotIT is right on top of this subject, so we expect great things in the future. We will be ready. 

Time to talk?

ICONS

Do you want to know how your security and network are doing?

With an in-depth audit we map out your security challenges and your entire network.