Cisco Software-Defined Access Excellent solution, but still [needs] to be improved
November 05, 2021
Cisco Software-Defined Access Excellent solution, but still [needs] to be improved
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Cisco Software-Defined Access (SD-Access)
I configured and implemented this solution [Cisco SD- Acess] for 2 large companies. The main benefit I can include about this solution so far is the consolidation of all the below points: -Security: Identify and verify all endpoints and network segmentation (high and low level) -Monitoring: Network, applications and endpoints health, the best benefit in this point is related to insights that the controller provides to solve network issues. -Configuration: The deployment can be done in a way that saves time, not only for the first deployment but also for subsequent device incorporation in the network.
- Security: Macro and micro segmentation
- Configuration: LAN Automation and provisioning
- Monitoring and telemetry: Network metrics and insights
- Documentation: Working in this solution I realized there were missing information details about the fusion device support for nexus.
- Fusion router: This roll in the fabric should be already integrated in the solution, right now it is configured manually.
- Bugs: Unfortunately the solution still present a lot of bugs, mainly in the controller.
Do you think Cisco Software-Defined Access (SD-Access) delivers good value for the price?
Yes
Are you happy with Cisco Software-Defined Access (SD-Access)'s feature set?
Yes
Did Cisco Software-Defined Access (SD-Access) live up to sales and marketing promises?
Yes
Did implementation of Cisco Software-Defined Access (SD-Access) go as expected?
No
Would you buy Cisco Software-Defined Access (SD-Access) again?
Yes
- Positive: Less time to provisioning a device in the campus Lan network
- Positive: Less time to troubleshoot the network
- Negative: the implementation phase itself was too long because of a lot of bugs in the oldest versions.
- Cisco Application Centric Infrastructure (Cisco ACI)
Security policies between SGTs (SD-Access) and EPGs (ACI), were made and we achieved end-to-end security between the LAN and the datacenter services. These policies are easy to handle and configure.
We were able to identify endpoints using SGTs with the solution, we defined policies to manipulate and permit/deny the access according to the customer profiles. We also exchange network policies with other network domains like ACI, through the configuration of Cisco ISE. Using Assurance we were able to monitor the device, network, and application health and made easy QoS configurations using DNAC.
Unfortunately I haven't tested similar solutions from other vendors.