What’s latest with Software-Defined Access at Cisco?
Charting our progress on how we’re making networking simple again
Organizations worldwide are continuously adding more devices, more controls, more security, and better segmentation in a never-ending push to connect everyone and everything. Cisco is dedicating our significant engineering resources towards making the complex simple again. It’s been just over a year since we introduced intent-based networking with the industry’s first Software-Defined Access (SD-Access) solution that I described in this blog Access in the Era of Intent-based Networking.
The magic behind SD-Access is that it makes the complex look simple while providing near-infinite flexibility and control over data, devices, and connectivity. A global or campus network looks like a single virtual switch to the people and devices connecting to it. With transparent mobile access to authorized resources, users can be free to securely connect to anything and work from anywhere.
We’re now seeing huge momentum as organizations adopt SD-Access to not only solve their business challenges, but do so faster and with reduced IT costs. For example, they’re implementing fully automated policy-based administration in their campus, weaving consistent administrative and security policies into the entire enterprise network fabric. They are implementing SD-Access and DNA Center in brownfield enterprise networks to obtain the most value from their existing infrastructure while improving service, security, and flexibility. And they are creating entirely new greenfield networks to creatively serve aggressive acquisition strategies.
Flexible, seamless, intuitive network management
The latter example brings to mind a cool program underway near us in San Francisco by an international conglomerate. Like many large companies, this organization expands their core business through synergistic acquisitions. The challenge is to knit these acquisitions – some still in the process, some completed – into one fluid network that respects the required legal and security boundaries of sensitive information. To accommodate the acquisitions, the organization is building a new 130,000 sq. ft. research site housing 600 people who undoubtedly will use multiple devices. The new networked site will unite the acquired teams with the parent organization and provide:
- Micro-segmentation in the software-defined campus fabric to keep each organization’s sensitive data separate.
- Employees from each organization with the ability to connect wherever and whenever they need in the site, but only have access to data and applications for which they are authorized.
- Simplified user onboarding to dynamically connect wired and wireless clients to the appropriate segment for secure access.
This complex implementation would have been impossible to manage without Cisco SD-Access capabilities.
Other multi-national organizations are leveraging SD-Access and DNA Center to build enterprise networks that are intent-driven. AmorePacific, a Korean cosmetic company for example, has built a new multi-story building and implemented SD-Access to dramatically reduce provisioning times, provide granular network visibility, automate the distribution of consistent access policies, and deliver fast and easy service enablement throughout the new site. This deployment which would have normally taken up to three weeks to complete was rolled out in just eight hours with the power of SD-Access!
Near-infinite network flexibility
Our next expansion of SD-Access will help organizations deploy and manage a myriad of IoT devices at scale using purpose-built switches for IoT, identity-based device segmentation, granular device policy control, and dynamic endpoint management. We will also add policy enforcement across larger campuses to aid organizations with many different facilities and need to enforce consistent access policies across people, devices, and end points.
Stay tuned and follow me to witness the rapid evolution and adoption of Software-Defined Access in enterprises worldwide.