This guide provides design and deployment steps to use the Cisco SD-Access and Cisco SD-WAN solutions to achieve end-to-end segmentation and consistent policy for the enterprise and branch. The guide focuses on the design considerations, best practices, and the step-by-step procedures needed to use the two solutions together.
The Cisco SD-Access | Cisco SD-WAN Independent Domain and Integrated Domain deployment models provide network administrators the ability to:
• Securely onboard network devices and interconnect campus and branch locations • Preserve Scalable Group Tags (SGTs) across the SD-WAN transport • Maintain end-to-end segmentation across the enterprise campus and branch locations • Define and enforce group-based policy throughout the network
These capabilities coupled with the unique capabilities provided through each solution enables organizations to build the next-generation Intent-Based Networking solution.
The guide focuses on the Integrated Domain deployment model where the SD-WAN controllers and Cisco DNA Center are integrated. In this approach, the WAN Edge devices perform both SD-WAN edge and SD-Access border and control plane functionality, managed and provisioned by the SD-WAN controllers. The SD-WAN vManage controller shares the WAN Edge devices to Cisco DNA Center. The SD-Access fabric components are managed and provisioned by the Cisco DNA Center.