Getting to Know Cisco Software Defined Access: Vendor Overview

Mohit Tiwari

Group Sales and Training Consultant

mohit.tiwari@alef.com

Over the past few years I’ve spent a lot of time working with and researching some of the top SDN solutions in the market to continue developing ALEF Professional Services and delivering Cisco official training. In this blog series, I’d like to share overview on Software Defined Access.

Back in 2007/2008, SDN showed up with the promise of automating everything and getting rid of the CLI by defining everything in software.

SDN however, is mostly about datacenters. In the data center, everything is about applications. In an enterprise, it’s about (mobile) users and devices. We have users working everywhere using laptops, tablets, and smartphones.

Solution Overview: Cisco SDA

Software Defined Access (SDA) is a fabric based architecture that in based on Cisco Catalyst switching, leveraging the automation of DNA Center (DNA-C) and policy and identity from Integrated Security Engine (ISE). As a part of Intent Based Networking, SDA provides dynamic policy based on user identity and devices, and IoT devices. SDA provides security with segmentation, both macro (groups or virtual networks) as well as micro (specific user or device), applying policy based on defined intent. As a result of the automated functionality of the fabric architecture, policy, applications, and devices and be deployed faster then before with increased confidence and security.

What are the challenges of networks without SD-Access?

Today there are many challenges in managing the network, because of manual configuration and fragmented tool offerings. Manual operations are slow and error-prone. Issues are exacerbated because of a constantly changing environment. The growth of users and different devices types makes it more complex to configure and maintain a consistent user policy across the network.

Network deployment challenges

Setup or deployment of a single network switch can take several hours due to scheduling requirements and the need to work with different infrastructure groups. In some cases, deploying a batch of switches can take several weeks.

Network security challenges

Security is a critical component of managing modern networks. Organizations need to protect resources and make changes efficiently in response to real-time needs. In traditional networks, it can be challenging to track VLANs, access control lists (ACLs), and IP addresses to ensure optimal policy and security compliance.

Wireless and wired network challenges

Disparate networks are common in many organizations, because different systems are managed by different departments. Typically, the main IT network is operated separately from building management systems, security systems, and other production systems. This leads to duplication of network hardware procurement and inconsistency in management practices.

Network operations challenges

IT teams often contend with outdated change management tools, difficulty in maintaining productivity,and slow issue resolution.

How does SD-Access address these challenges?

By enabling policy-based automation from the edge to the cloud, SD-Access provides next-generation capabilities. These include:

  • Automated end-to-end services like segmentation, quality of service, and analytics
  • User and device policy for any application, automated across the wireless and wired network via a single network fabric

A transformational shift allowing IT to build and managing networks faster and more easily, with improved business efficiency

What are the benefits of SD-Access?

  • End-to-end segmentation. Help secure your organization and achieve regulatory compliance with end-to-end segmentation. Keep user, device, and application traffic separate without redesigning the network.
  • Improved workforce experience. Automate user access policy. Apply the right policies for users or devices to any application across the network.
  • Operational effectiveness. Facilitate a consistent user experience anywhere, without compromise, with a single network fabric.
  • Business insights. Bring outdoor, rugged, and industrial IoT endpoints into the IT fold. Expand your business beyond traditional networks.

Final Thoughts

If your organization is considering Cisco SD-Access, it’s a great solution. I’d be especially excited about it if you had one of the following as a key requirement:

  • Cisco shop who is excited for future integrations: If you have solutions like ISE, SDA or ACI then the future integrations can be very intriguing.
  • Advanced routing and segmentation: This solution is extremely robust in the flexibility deployment. If you’re willing to learn how to fully control it, you can tune it to do exactly what you want.

Please, do your due diligence and test that platform before fully buying in and moving into production deployment. Try out with doing labs with cisco Dcloud.

I believe this solution still has some growing to do, but with the solid architecture under the hood and existing enterprise features sorted out, I think Cisco SD-Access has a bright future.

Szeretnél többet megtudni?

Vedd fel velünk a kapcsolatot az alábbi elérhetőségen:

Mohit Tiwari
Group Sales and Training Consultant
+36 20 224 0271
Mohit.Tiwari@alef.com