SD-Access Key features & UseCases
Cisco SD-Access solution is implemented and orchestrated via Cisco DNA Center, which provides design, Policy definition, automated provisioning along with assurance analytics for wired & Wireless network.
As in enterprise Architecture the network is spanned across branches, campus, remote location etc, and each contains multiple device for wired and wired connectivity. Cisco SD-Access solution provides end-to-end network architecture and also make sure that there is always consistency in connectivity, segmentation, and policy across different sites.
To facilitate this, Cisco SD-Access solution is segmented in to two parts.
- SD-Access Fabric
- DNA Center
Let’s discuss each layers in details and see what the key features each provides are.
Each enterprise network is divided in two sub layers, first one is Underlay network dedicated to Physical devices and its protocol routing for connectivity. Whereas second layer is said to be Overlay which provides wired and Wireless user logical connectivity with all services, policies applied. This combination of Underlay network and Overlay Networks is collectively called as Network fabric.
SD-Access Network Underlay:
This Underlay consists of Routers, Switches, and WLC, along with all combination of traditional routing protocols required to provide IP connectivity between each other , which further eliminates the requirement of STP , VTP , HSRP, VRRP etc. And On the top of it running a logical fabric topology builds functionality like multi-pathing, Optimized Convergence, Simplifies deployment & Troubleshooting.
Cisco DNA Center Automates the LAN which automatically discover, Provision, and deploy network devices. Once devices are discovered, the automated underlay provisioning leverages Plug & Play to configure Routing Protocols and further provides IP address Configuration.
SD-Access Fabric Overlay:
It is the logical, virtualized topology which are built on the top of underlay network. SD-Access Overlay has three main building blocks:
- Fabric data Plane: Using VXLAN Protocols to send and receive data packet between source & Destination with Group Policy Option (GPO).
- Fabric Control Plane: Logical mapping and resolving of users and devices with the help of LISP protocol.
- Fabric Policy Plane: Business Intent is translated to Network Policy using SGT (Scalable group Tags) and Group-based policies.
SD-Access has ability to instantiate logical network policy based on following services provided by fabric.
- Security Segmentation Services
- Quality of Services
- Capture/ Copy Services
- Application Visibility Services