Cisco Software-Defined Access Excellent solution, but still [needs] to be improved
November 05, 2021

Cisco Software-Defined Access Excellent solution, but still [needs] to be improved

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Cisco Software-Defined Access (SD-Access)

I configured and implemented this solution [Cisco SD- Acess] for 2 large companies. The main benefit I can include about this solution so far is the consolidation of all the below points: -Security: Identify and verify all endpoints and network segmentation (high and low level) -Monitoring: Network, applications and endpoints health, the best benefit in this point is related to insights that the controller provides to solve network issues. -Configuration: The deployment can be done in a way that saves time, not only for the first deployment but also for subsequent device incorporation in the network.
  • Security: Macro and micro segmentation
  • Configuration: LAN Automation and provisioning
  • Monitoring and telemetry: Network metrics and insights
  • Documentation: Working in this solution I realized there were missing information details about the fusion device support for nexus.
  • Fusion router: This roll in the fabric should be already integrated in the solution, right now it is configured manually.
  • Bugs: Unfortunately the solution still present a lot of bugs, mainly in the controller.

Do you think Cisco Software-Defined Access (SD-Access) delivers good value for the price?

Yes

Are you happy with Cisco Software-Defined Access (SD-Access)'s feature set?

Yes

Did Cisco Software-Defined Access (SD-Access) live up to sales and marketing promises?

Yes

Did implementation of Cisco Software-Defined Access (SD-Access) go as expected?

No

Would you buy Cisco Software-Defined Access (SD-Access) again?

Yes

  • Positive: Less time to provisioning a device in the campus Lan network
  • Positive: Less time to troubleshoot the network
  • Negative: the implementation phase itself was too long because of a lot of bugs in the oldest versions.
  • Cisco Application Centric Infrastructure (Cisco ACI)
Security policies between SGTs (SD-Access) and EPGs (ACI), were made and we achieved end-to-end security between the LAN and the datacenter services. These policies are easy to handle and configure.
We were able to identify endpoints using SGTs with the solution, we defined policies to manipulate and permit/deny the access according to the customer profiles. We also exchange network policies with other network domains like ACI, through the configuration of Cisco ISE. Using Assurance we were able to monitor the device, network, and application health and made easy QoS configurations using DNAC.
SD-Access TAC is well prepared to support this new solution, we always received quick support from them. Unfortunately, there are a lot of bugs still present in the solution and opening cases is very common. We needed to recur to the TAC many times for problems in our deployment and this delays a lot of implementations times.
Unfortunately I haven't tested similar solutions from other vendors.
Cisco SD-WAN, PRTG Network Monitor, SolarWinds NetFlow Traffic Analyzer (NTA)
The best way to use this solution [Cisco Software SD-Access] is in Campus LAN environments, [which] could be small, medium, and large sites, that includes remote branches also. And always use with 3 node (HA) availability. This solution is not appropriate for Data Center environments. This solution is not mean[t] to connect remote sites (the WAN itself). This solution is ideal to achieve high and low level hierarchies of security and connectivity of end users in a network.