Three years ago, Cisco started our journey to Software Defined Access at the trough of the Software Defined Networking (SDN) hype cycle. Our mission was to bridge the divide between our Enterprise customer’s demands for powerful networking capabilities and their need to simplify operations and lower their costs. We believed capitalizing on the networking standards innovations and the technology stack at that time provided us with an unprecedented opportunity to accomplish this.
Those last four years have indeed been an exhilarating experience. I’ve worked alongside some of the brightest minds and most experienced engineers. I believe we have delivered the most elegant and comprehensive solutions for modern enterprise networking needs in the market.
Since we launched Intent Based Networking at Cisco Live Las Vegas in 2017 with Cisco Software Defined Access (SD-Access) as a key solution of it, the journey has evolved from building technology to helping customers deploy SDA and realize all its many benefits. Our early customers – global enterprises, universities, state/local governments – have been true early adopters - taking one step after another where no one had ventured before. Seeing customers eyes light up with possibility as we detail the architecture and explain how it addresses their most critical network challenges has been truly energizing.
Nothing is more rewarding than building a solution that meets a specific customer need. Our early adopter customers were truly partners, going back to the drawing with us sometimes to create the perfect solution. One of these customers was a large healthcare provider who had hundreds of medical centers all over the US. It was common for the medical staff to move between the medical centers as needed in the same local geography. It created a challenge for the IT staff however trying to provision end-to-end policies across the medical centers. In addition, the customer had critical areas of their network like Emergency Rooms that had stringent requirements around resiliency and availability. This was the genesis of what came to be a Multi-Site deployment model for Software Defined Access.
By overlaying Software Defined Access control and dataplane for the interconnectivity between the various fabric enabled sites and automating that interconnectivity with the controller, we could seamlessly connect 100s of sites while at the same time enforce a consistent end-to-end policy across all multiple sites.
In addition, every fabric site was provided with its own local control planes and borders so that a site could be isolated into its own independent failure domain that was more limited in size. Multiple control planes and borders per-fabric site also provided the desired availability/resiliency characteristics. A side benefit of this was that traffic that was egressing the fabric site no longer had to be necessarily backhauled to the main HQ where the external borders were connected to. Every site could have its own local external borders for direct internet breakouts and optimal site-site traffic forwarding. This also provides for improved site survivability.
Through an extended customer co-development engagement over a period of 6 months, we were able to refine the SD-Access Multi-Site solution iteratively to something that could be deployed in even the most mission-critical IT environments.
As we were solving consistent multi-site end-to-end segmentation and site resiliency, we also found customers who wanted to extend Software Defined Access consistently to distributed environments where some locations could have as few as 50 endpoints and others as many as 50,000 endpoints. As a part of the Software Defined Access Multi-Site deployment architecture, we deliver a seamless scaling mechanism that enables customers to take a common architecture building block and consistently, cost effectively scale it to any number of locations and endpoints.
In addition, our customer engagement in manufacturing, oil & gas, state and government utility infrastructure and even some airports identified a need to provide a similar Software Defined experience for their networks. As a result, we are also building an SD-Access Extended Node deployment model for industrial and workspace networks to interconnect with the SD-Access fabric. This will extend the same policy-based automation and segmentation functionalities of SD-Access to those environments.
While it’s a continuous delight for me to work on cutting edge networking technologies, the last 8 months have reinforced my belief that innovation is most powerful when driven by customer needs. If customer and partner feedback is a true indicator, I am convinced that we are just starting on the innovation journey for Software Defined Access.