Cisco Blogs

Access in the Era of Intent-based Networking

June 27, 2017 - 3 Comments

Intuition. It is one of the key traits that makes us human. What if we could make the network intuitive in translating intent into network configuration? Could a network learn to defend itself against malware and threats?

In a digital world, enterprises networks are under the onslaught of a myriad of different forces. On one hand, there is the explosion of devices getting on the network. This brings with it connectivity challenges and security challenges. On the other hand, transformations of computing and storage are starting to gain maturity and organizations are now looking to replicate these virtualization benefits at the level of the network. These new digital requirements need a fundamentally different approach.

Enter SD-Access.

While software-defined networking (SDN) concepts provided a starting point to begin solving some of these problems it clearly was not enough. SD-Access is a new capability that combines the power of policy-based networking, an intelligent network fabric and automation to make intent-based networking a reality today. SD-Access makes the network look like a “single” large virtual switch to the users and devices connecting to it. Establishing a layer of virtualization for the end user and the network node is becoming increasingly necessary to manage the growth of people and devices getting on to the network. Virtualization allows for agility and flexibility in ways that hitherto have been unavailable.

To delve deeper, SD-Access enables security and segmentation within the network. SD-Access makes it intuitive to segment your network based on user and device identity using simple and automated workflows. It has never been easier to build virtual networks of IOT devices, guest devices and user devices within a single converged infrastructure. SD-Access combines wired and wireless networks within the intelligent network fabric and makes it easy to seamlessly roam anywhere in the network providing uninterrupted mobility services to the end-user. Finally, SD-Access enables IT teams to now offer customized services to different lines of business.

What makes me proudest in regards to SD-Access is how we tackled the networking industry’s big, tough, “unsolvable” problem. We began this journey over two years ago and had the best minds in the industry work to fundamentally transform networking. Our engineers worked closely with a select set of customers to validate our hypothesis and use cases in a co-development model and used their critical inputs to refine our solutions. We conducted extensive user-testing and validation of our workflow to ensure that we could capture intent from very different user-personas and make this solution as simple and elegant as possible. Keeping up with growth and mobility isn’t just about making things faster, sometimes it’s about building in near-infinite flexibility that allows for expansion, new uses and newer innovations for years to come.

Let’s continue the conversation @asowal1234.


In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Just came from Cisco Live and it was great to see real testimonials who from customers like Wipro and others who have participated in EFT of SDA for last few weeks in live environments and shared their experience. These customers strongly believe that we are on right path with SDA and looking forward to wide-scale deployments in their production networks. They also provide useful insights on what they would like to see in roadmap.

    Congrats to all team members who have been part of SDA journey for last 2 years.

  2. SD-Access is a powerful concept and provides a greater flexibility and control for access, management as well as segmentation. As always its a well articulated blog and thanks for the insights. I am proud to be part of this journey!!

  3. SDA sounds awesome! When is the ETA for DNA Center ? What are the different software components of DNA Center? Is APIC-EM controller part of it too ?