Contact Us

Speed, Security & Scalability: How SD-Access is Revolutionising IT Campus Infrastructure

light bulbs with cogs

Through his journey building a robust campus network for a global medical client, Systal’s Principal Network Architect Adam Wawer explores the impact of SD-Access in elevating Systal clients through their digital journey and future-proofing their networking capabilities.

One of the most challenging projects of my career was building a robust campus network for a global medical customer approximately three years ago. The decision-makers were faced with the issue of constructing an extensive network within an incredibly constrained timeframe. To meet the deadline, the moderators turned to a solution based on the Cisco SD-Access suite of products. The prospect of implementing a cutting-edge technology like Cisco SD-Access was both exciting and daunting to me. This was not just about building a network; it was about laying the foundation for a digital infrastructure that could propel the client into the future.

The transformative capabilities of SD-Access were soon evident. One of the standout features I noticed with Cisco SD-Access is its efficiency. The transformative power of SD-Access lies in its ability to automate and streamline tasks that once demanded significant time and effort. What would typically have taken months was accomplished in a matter of weeks, showcasing the efficiency and agility brought by this cutting-edge solution.

What is SD-Access?

SD-Access, or Software-Defined Access, is a revolutionary networking paradigm based on a structured four-step process: define, design, deploy, and operate. This SDN model is orchestrated through controllers, strategically positioned either on premises or on the cloud. SD-Access offers end-to-end segmentation on the network through policy-defined virtual networks (VNs). Micro segmentation, facilitated by Security Group Tags (STG), enhances network security. The solution also provides an uncomplicated software upgrade process, opening a new era of network automation, and seamless integration with Identity Services Engine (ISE) for identity services and Wireless LAN Controller (WLC) for wireless network provisioning.

Figure 1. The workflow of SD-Access with its major components.

Source: https://www.cisco.com

The top component is a controller responsible for the provision and management of the whole SD-Access solution. The automated middle fabric is dedicated for the real wired and wireless network. Advanced features available to the user allow for mobility, better communication and telemetry.

This makes SD-Access extremely efficient and exceeds capabilities of old networking technologies such as three-layer networking with manual process of building. Old technologies also required separate instalment of tools that allowed troubleshooting of the network or mitigation of a manual upgrade process of the network components.

What is unique about SDA Fabric?

SD-Access introduces the concept of the SDA Fabric, a dynamic system that acts as the heartbeat of this revolutionary technology. The controller functions as the brain, providing automation and assurance, while the fabric overlay and underlay handle the service and forwarding planes respectively. The Locator/ID Separation Protocol (LISP) manages the Control plane, and the Virtual Extensible LAN (VXLAN) serves as the Data plane. Adding an additional layer of security, the Cisco TrustSec Policy Plane ensures a comprehensive and integrated policy framework for secure network operations.

Why we chose SD Access?

The decision to embrace SD-Access was not arbitrary; it stemmed from its manifold advantages. The speed of deployment was a critical consideration, and the ability to build networks based on policies with automation was a game-changer that streamlined the process for me, making it efficient and adaptable. While the underlay network required some manual preparation, the bulk of the provisioning was efficiently managed by the Controller. Mobility, facilitated by the LISP protocol, added a layer of flexibility, contributing to the solution’s overall appeal. The inclusion of Assurance and Analytics features proved invaluable for troubleshooting, offering a holistic approach to network maintenance. The seamless integration of security further solidified SD-Access as the preferred choice for the client, ensuring that the network is not just fast but also secure.

The effectiveness of previous technologies such as routing, switching, vpc, vxlan, QOS, multicast etc. have been integrated into SD-Access. These technologies have been precisely prepared by Cisco engineers to be compatible and to be available as a fully automated, single functional “organism solution”.

The impact of SD-Access in elevating digital success

The latest version 3.5.x of Cisco SD-Access is a testament to the commitment of Cisco to continuous improvement. The once perceived challenges I have found have given way to a more advanced and less buggy system. Our client can now benefit from:

  • A network infrastructure that is rapid and reliable.
  • An automated upgrade process which can now be scheduled to commence at any time without manual intervention.
  • The ability to add a new separate virtual network in just one hour for the entire system.
  • Integrated tools to assist with the ease of troubleshooting problems.
  • Enhanced visibility to catch any errors in the network and the ability to set up notifications for the operator via email or other means.
Summary

In summary, my requirements for SD-Access in this context was driven by the requirement for speed, security, and scalability. I found that not only is SD-Access reliable but also built to withstand technological shifts, adapting to the evolving demands of the digital landscape. Moreover, the ease with which solutions like Quality of Service can be implemented underscores the practicality and efficiency of SD-Access, making it a compelling choice for businesses looking to future-proof their networking capabilities.

Contact our experts

Systal is a strategic and gold partner of Cisco, representing the newest networking technology solutions offered by Cisco businesses. Systal engineers are ready to serve and assist our clients through their digital journey into new fascinating and reliable technologies such as SD-Access, among others.

Adam Wawer CCIE # 46751 is a Principal Network Architect within Systal. He has almost 30 years of international experience working for some of the world’s leading IT corporations, implementing large-scale architect projects across data centres, networking, communications and Converged/Hyper Converge infrastructure. He has extensively provided tailored SDN networking solutions to clients, incorporating ACI and SD-Access services. 

Contact Systal's Experts

Have a question or want to discuss your technology and key business challenges?

Contact us