Cisco SD-Access Overview
Over time, networking technologies have remained relatively static despite evolving enterprise needs in mobility, IoT, cloud, and security. This lack of agility hinders organizations from rapidly adopting innovations such as video, collaboration tools, and connected workspaces.
Wireless deployment poses challenges in network segmentation, limiting its virtualization capabilities. Policy implementation, ranging from security to QoS and device access control, is complex and often lacks comprehensive visibility. Cisco's Software-Defined Access (SD-Access) solution addresses these issues by providing a programmable network architecture.
SD-Access, managed through the Cisco DNA Center, offers end-to-end policy and segmentation, ensuring consistency across diverse network domains and locations. Its components include the Cisco DNA Center for automation, policy, and assurance and the SD-Access fabric for network forwarding infrastructure.
SD-Access offers several advantages, such as automated device deployment, streamlined network configuration, policy automation, network segmentation, contextual insights for issue resolution and capacity planning, and open interfaces for third-party integration.
SD-Access Fabric
SD-Access simplifies network architecture by dividing the enterprise network into two distinct layers, underlay and overlay. The underlay encompasses physical devices and traffic forwarding, while the overlay is a virtual layer where users, devices, and policies are logically connected. This separation streamlines operations, as policy changes only impact the overlay, leaving the underlay untouched. This combination of underlay and overlay creates a network fabric.
The underlay consists of physical network devices, such as routers and switches, with a traditional Layer 3 routing protocol serving as the foundation for device communication. Cisco DNA Center offers LAN automation to streamline device provisioning.
The overlay, built atop the underlay, creates virtualized networks for user traffic transport within the fabric, allowing policy-based control in security, QoS, and traffic monitoring areas. This logical segmentation simplifies management, ensures network security, and enhances the user experience.