Noser Group chooses Cisco SD-Access for network unification

The IT team at Noser Group of companies had a bit of a problem on their hands. On one hand, they were expected to provide a robust and secure connectivity to all employees, and on the other, they had to navigate through complex and unique requirements of the group’s several independently managed companies, with Noser Management AG as their parent company, with offices all over Switzerland.

Together these companies have over 600 employees providing advanced solutions in the field of information and communications technology (ICT).

 

	Noser Group
Industry: Technology Services		Region: Switzerland
Challenge	Solution	Results
Increased complexity and OpEx because of several independent networks in the group of companies Added security risks because of ad-hoc addition of multiple vendors’ devices Extra time in manual configurations and troubleshooting because of the lack of standardization	Cisco DNA Cisco SD-Access Cisco DNA Center Cisco Identity Services Engine Cisco Catalyst 9000 series switches Cisco Secure Network Analytics (Stealthwatch) Cisco Umbrella Cisco DNA Advantage subscription	A standardized access network with a single management domain under Cisco DNA Center 67% reduction in time spent in routing configuration and maintenance tasks Improved employee mobility and client information security through policy based segmentation and integration with security applications

The group companies had their own established networking solutions, access policies, and ways to secure their users. While the networks delivered results, their ongoing management and routine adjustments were becoming increasingly complex and as a result were taking longer and longer. The group leadership understood the importance of the network in achieving business results. They tasked Alex Dersch, Technical Manager, Cloud Systems, and his team at the group, to unravel the growing complexity and streamline operations.

We have been very pleased with our decision to invest in Cisco Catalyst 9000 switches, Cisco DNA, and SD-Access. With the resultant standardization and across the board automation, we have positioned ourselves well for our future based on connectivity, security, and digital transformation.”
~ Martin Wüthrich, CEO, Bucher + Suter, a Noser Group company

After spending a couple of months studying the requirements and evaluating competing solutions, the team came up with a strategy to modernize the group’s networking operations. Their solution based on Cisco Digital Network Architecture (Cisco DNA), Cisco Software-Defined Access (SD-Access), and Cisco security applications was so complete and compelling that the executive leadership approved it within a week.

 

Unification through network devices

The team’s first order of business was to take stock of what they had inherited. While most of the network consisted of older but still functional approved devices, they found other devices from various vendors were added ad-hoc without IT’s knowledge or consent. These had to go. “It was sheer luck that these unmanaged devices did not result in massive security breaches. It was clear to us, therefore, that to modernize our network and bring it up to par to meet our current and future needs, we would need to start at the device level and work our way upwards”, Alex revealed. The team decided to use their mandate to standardize all network devices to Cisco Catalyst 9000 series switches.

“The task of replacing all devices in the network was easier said than done,” admitted Alex, “But with a clear understanding of our end goal, we drew up a plan that worked for us, with each subsequent replacement smoother than the last.” So as not to disrupt normal work, the team staged new devices in the lab and rolled them out during evenings and weekends and provided adequate interim connectivity between the old and the new. “Except for getting new IP addresses, users didn’t feel any difference at all, and their work continued as usual”. No small feat, considering the sophisticated needs of technology workers.

 

Unification through consistent policies

As they put the new devices in place and ensured a uniform infrastructure, the team made sure of consistency in their configurations as well. This was important to have a dependable network that provided a predictable experience for all users across the group. “The usage of coherent policies, configuration templates, and their application through Cisco DNA Center was crucial in our evolution effort”.

As the central orchestrator, Cisco DNA Center provided the platform to define and enforce not only configuration but all networking policies including access control through segmentation. Alex explained the problem, “Our distributed nature presented us with unique challenges. We could not simply separate employees in each individual company from each other. Over time, employees in one constituent company now work in projects not only in their own, but in other companies as well.”

To address their security needs, and still not hamper employees, the team has currently segmented the new network by site. Eventually they plan to use micro-segmenting capabilities of SD-Access for creating more granular and flexible segments. For even more security that extends beyond SD-Access, Noser Group utilizes Cisco Secure Network Analytics (Stealthwatch) and Cisco Umbrella that integrate with and can be activated from within Cisco DNA Center simply and easily. Stealthwatch tells them precisely who is on their network, what they are doing, and if they pose any threats even if the threat is encrypted. Cloud-delivered security of Cisco Umbrella protects all users across their sites from malicious attacks.

 

Unification through management ease

Reflecting on their achievements so far, Alex commented, “Now that we have had the new network for a few months, we have built up internal expertise in its operations, and now can accomplish routine network management tasks very quickly.” Citing an example, Alex mentioned, “Our Bern site is our largest with over 300 employees. Using our experience gained from migrating other sites, with standardized devices and policies, we were able to get it done within a matter of days.”

Alex continues, “I would say that tasks that took us three days before, we can now do them in one, reflecting productivity gains of 67%. And we don’t even need to put our most qualified engineers to the job. We can now largely automate our standard design and simply monitor it to make sure it all works smoothly, a task that other people can do as easily”.

 

Unification through innovation acceleration

Once Noser Group has fully rolled out SD-Access in all their sites, they can continue to benefit from its continuing innovations. The team is already planning to extend policy capabilities from sites to the data center through Cisco SD-WAN, creating an organizational end-to-end access-to-application segmentation and service assurance domain.

Noser Group also wisely chose a Cisco DNA Advantage software license. With such a subscription they are assured of obtaining the most current advancements in Cisco DNA and SD-Access as soon as they are released and put them to work.

 

Resources

We invite you to explore more on Cisco solutions that have transformed IT and networking in Noser Group and in other organizations. To start your journey, here are some references:

• Read the SD-Access solution overview
• Browse more SD-Access case studies
• Learn how businesses can achieve an ROI of 462% with SD-Access in an IDC white paper

 

Check out our Intent-Based Networking video channel

 

 

Subscribe to the Networking blog