An ambitious vision for workplace transformation has provided the Government of Catalonia with an agile, automated network with the scale and flexibility to face any challenge.

The CTTI (Center for Telecommunications and Information Technologies), a division of the Government of Catalonia, operates a campus network with 2,600 users who support all public services for the over seven-million residents in Catalonia, Spain. In 2019 the CTTI approached Cisco with an incredible vision for a new campus network.  The IT administration, led by Ester Manzano, had decided to increase the efficiency and agility of all employees by bringing three divisions of the local government into a single IP network and radically changing the work experience. Traditional rows of desks with desktop PCs would be replaced with large common spaces facilitating communication and consensus building. Employees would be assigned laptops for a mobile-first experience and working from home a couple of days per week would be encouraged. Applications would be migrated to the cloud to better support this agile, anywhere access philosophy.

The biggest challenge they faced was how to provide network security and performance for their users. This new access-anywhere unified network would require zero-trust security policies that protected sensitive government information, while providing employees easy access to business-critical applications and files. Traditionally, network segmentation is implemented (either by VLAN or by IP address) to guarantee optimal service levels and secure access to application servers. But with 2,600 mobile workers connecting from anywhere on campus or remote, traditional segmentation would be far too complex.

Image 1: Cisco SD-Access group-based policy configured within Cisco DNA Center.

The answer was a Cisco SD-Access network based on Cisco DNA technology. This solution allows them to create profiles for each job description (finance, marketing, sales, etc.) or endpoint (video camera, point of sale terminal, etc.). When a user logs into the network they are matched to their profile which determines what assets they can access and their levels of service. This profile follows the user throughout the network guaranteeing the optimal performance, from wherever they are, and access only to the assets they require. These group-based access control policies are configured in a simple matrix within Cisco DNA Center (see image 1). Meanwhile, the Cisco DNA Center application experience functionality provides the intelligence to prioritize applications based on the intent of the business. Cisco’s software-defined Catalyst 9000 series switches and wireless have the intelligence to guarantee the appropriate level of service and security as user traffic flows through the network.

“This software-based solution opens up new possibilities. The network knows how people work, and this way, service can be more efficient.”
—Ester Manzano Peláez, Director General of Digital Administration for the Government of Catalonia

To facilitate efficient operation of this new agile network, the CTTI team needed to streamline network management, provisioning, and troubleshooting. Cisco DNA Center is the network management and command center for Cisco DNA and it gave them the features they needed. The network consisted of 127 Catalyst 9000 switches and 425 Catalyst 9100 access points. This system was onboarded and provisioned in 8 weeks using automation features in Cisco DNA Center. The Cisco DNA Assurance features, which are powered by cloud-based AI/ML technology help to automate troubleshooting and performance optimization. When Cisco DNA Assurance raises a network “Issue” it simultaneously offers guided remediation with steps to resolve that issue. Suggestions that can be resolved through a Cisco DNA Center configuration will have a “RUN” button next to it, for one-click resolution (see image 2). This allows the IT engineers to fix complex network challenges quickly and independently. It also facilitates remote network management for IT staff that might be working from home.

Image 2: Cisco DNA Assurance and the “Run Button”.

This brings us to the most incredible part of this story. IT Director, Ester Manzano created her vision for an agile workplace back in 2018. She spoke publicly about this ground-breaking design in February 2019 at the National Congress of Innovation and Public Services where she outlined forward-thinking goals such as technology training for all employees, mobile-first connectivity, applications that facilitate constant collaboration, and work from home (telecommuting) policies. Sitting here in 2020 it seems like Ms. Manzano had a crystal ball. But she will tell you that it wasn’t magic that offered this foresight; it was her insistence in leveraging the potential inherent in new technologies as innovators of change and flexible work environments. You can hear her outline these concepts in the video below, which was filmed in late 2019.

The architectural design based on open spaces and the mobile-first connectivity on the CTTI campus network facilitated an office redesign that provided a safe return to work for the CTTI staff following the national work from home orders in Spain. With a cloud-connected, mobile-first campus network, the staff at the CTTI division of the Government of Catalonia will always be ready for the next network challenge.

“We are facilitating the adoption of new ways of working, where you need elements of mobility, transpersonal connections, and efficient management of common spaces. …we needed to evolve the model of provisioning and management of IT services.”
Ester Manzano Peláez – Director General of Digital Administration for the Government of Catalonia

Learn more about Cisco DNA Center


Subscribe to the Networking Blog


Duval Yeager

Engineering Product Manager

DNA Center Product Management