Introduction to Software-Defined Access on TechWiseTV


– [Robb] Today’s show is all about
software-defined access, its introduction. We’re here to get you up to speed. It’s
time for TechWiseTV. ♪ [music] ♪ – [Lauren] You know, big promises always
put me on guard, especially from big vendors. Yeah, I think most of us have
developed the survival instinct, furl the caution flag when found in the
presence of overblown superlatives. – I mean, how many big promises have we
heard over the years? I still get spam. Robots? I’m still washing my own dishes.
What gives? I still subscribe to cable, Netflix, Amazon Prime, plus a few premium
channels, and I still can’t find the movie I know is available. In fact, I have all
the elements of a smart home, except for my locks don’t talk to the
lights. The garage doors are giving the Lexus the silent treatment, and my kids
have learned how to guide their friends past the cameras when they want a little
unrecorded visit. At least my Meraki wireless setup alerted me to the rogue
hotspot my son was building to get past the Wi-Fi restrictions. – Which makes it all the harder to get
well-deserved attention centered on truly great innovation. – Like with what Cisco has just announced,
the software-defined access. – And this is worth a closer look. In
fact, it’s quite exciting because we don’t make promises on TechWiseTV, we
demonstrate reality. Today’s show is our introduction to software-defined access.
We cover state of the enterprise, what happened to the promise of
simplicity, you know, constantly creating workarounds for network design challenges,
introduce DNA Center as a way to centrally manage your entire network, and
four key components that encapsulate everything you need for daily network
interaction. And we’ll show you where this came from, plus the ease of moving to and
living in a policy-based network that embraces mobility, security, and cloud.
And Robb will kick us off now in the lounge with Carl Solder. ♪ [music] ♪ – Well, Carl, I’m so happy to have you
back on TechWiseTV. Because we went through this long, dry period. We had you
on a long time ago, like 100 episodes ago. But then I haven’t missed you because
we’ve been talking a lot over the last year or year and a half. You and your team
have been hard at work. We’re finally able to go public.
– [Carl] Yes. – So SD Access, I think we’re calling it,
but it’s software-defined access is the big announcement. And within those three
little letters or three words lies a whole lot of work. And that’s what I want to
understand, really, which is, why is this acronym any different than the
other acronyms we tend to roll out here all the time? Because we’re saying it, and
I truly believe it now that I’ve had a chance to fully understand it. This is big
and this changes and provides options for people, I truly believe, in a way that
we’ve never had before. And so with that grandiose introduction, could you set the
stage for how did we get to this point that now is the right time? What’s been
the environment that has caused us to say, “Let’s do this now.”? – Absolutely, Robb. So it really… I
guess this whole project started off rolling back to 2007, 2008 when the
industry launched SDN, software-defined networking. And back then, it was a,
literally, a PhD thesis project at Stanford University, [inaudible]. And the
idea around that was, knowing everything we know about networking, if we were to
throw everything away and start from scratch, how would we go
about building a network? And SDN came out of
that and it really had the promise to revolutionize networking as
we know it. Now, a lot of vendors across the market, including Cisco, jumped in and
started developing various SDN technologies. Reality was that focus of it
was primarily on data center, solving problems in the data center, and
not so much on the enterprise. But what we’ve done is that we’ve taken
all those lessons that we’ve learned from those developments. Because interestingly
there’s a parallel on the enterprise side, the problem sets we were solving with SDN
on the data center side, we can equally utilize those to solve
similar problems that’s on the enterprise side. So that’s really what kind of
spawned the whole notion that we can do something to reinvent enterprise
networking as we know it. – So one good distinction to make is that
when we’re talking about it, at least for now, because it feels like
something we’re going to be working on for years…
– We will. – …but we’re really speaking in terms of
the enterprise network, which we would define as the campuses,
large campuses, multiple sites, you know, so those things outside the data
center, at least for the moment. What are the problems that… You know, in
my mind, when I look at it, the problems are these big, intractable
things that we almost forgot they were problems we’ve been working around
them for so long. What are the type of things that we were seeing that we’re
saying, “Hey, if we did this, now I see how we can solve this, and that
might have a positive ripple effect?” – Sure. So on the data center side, I
guess, you know, examples of problem sets that they were trying to solve with SDN,
application analytics, application mobility, multi-tenancy
policy, elastic services, all big things that we’re trying to solve. When you look
at enterprise there are, as I said, you can draw a lot of parallels
from those problem sets. So, in enterprise it’s focused on users,
devices, and things, as opposed to data centers, which is primarily more on
applications. But on the enterprise side, we still have to look at mobility. Users
have laptops, they have tablets, they’re moving around. So just as much as
we’re looking at solving problems with application mobility, user mobility,
application analytics, understanding analytics around users, devices and
things. On the data center side, we have multi-tenancy. On the enterprise
side, we have user and device segmentation. And still we want to have
consistent policy between the two. And there’s also a need to have services
spin up in the enterprise as well, you know, to support additional scale and
performance. Things like additional wireless LAN controllers, we might want to
spin up. Malicious traffic might hit our enterprise network, we may want to spin
up an IDS, IPS to inspect that, and maybe a firewall to spin up to better
protect our network. So the notion of services is also equally
applicable on the enterprise side. So, taking all those technologies and how
we went about solving the problem sets from the data center side, we can leverage
all of that to build out our framework for how we build that next generation
enterprise network. – I think our core audience is already
familiar with why this is the case. But just taking an isolated example that I
think most users don’t get, but why is it…it doesn’t seem like it’s
a big deal for me because sometimes I work in this office, this afternoon I’ll be in
a different building, I’ll work from the hotel later tonight,
I’m back home at my home office, I get onto the network, what’s so
difficult about this? I feel like I’m mobile. What problem are we really
solving? What’s really happening behind the scenes that needs to be overcome? – Yeah. So there is a number of things
that are happening here that… You’re right. To the user, it looks very
simple, but behind the scenes is a whole range of configuration effort that has to
happen in order to make that a reality. And the amount of configuration, if it can
be for some customers quite significant, and we really try to simplify the whole
experience of how you go about implementing things like policy. For
example, in the past, we had some very defined ways in which we went about
building out our networks. We had golden rules.Tanenbaumis a
classic book that a lot of people that might have read. – It’s a must read in the early days. – Yes. But, you know it defined rules like
VLAN equals IP subnets. And, you know, when we build our policies,
it was using IP-based access controllers. It was all tied to the IP address. In this
new world, we want to kind of break away from that. We want to move towards time
policy to user identity and also devices. And also as we’re bringing these things in
the whole IoT movement that comes in, there’s a whole range of new device, we
have to think about how our policy framework extends to that. So it’s time
for a rethink. We have to rethink about how we do things to make things more
simple. And the reality is, networks are not getting any less complex. We are
continually throwing more and more features at customers. So how can we
extract away that complexity while still enabling to get maximum value out of the
investments that they’re making in our products? – It’s interesting. I think sometimes
easy user access is equated to a cross your fingers, because we need to keep the
users moving but we’re hoping nothing goes wrong in the back side. And so you feel
like you can’t implement as much policy due to the complexity or the things
holding you back because all of a sudden it breaks other things because we’re
just fighting ourselves constantly. So I want to bring up this diagram that
kind of overviews what we’re talking about from my point perspective. Can you walk us
through what we’re seeing here so it puts reality to it? – Absolutely. So it’s good that we
actually talk about what does SD access really mean and what components make up. So along the bottom here, you
can see a whole range of devices, which is routers, wireless LAN
controllers, access points, all the stuff that we know and love and worked with
over many years. That really constitutes devices that will become part of this
fabric, and they can be managed by the controller, APIC-EM. On top of APIC-EM we
have this application, DNA Center, and this is really where the
magic starts to happen. It’s the window that the user will use to
manage that fabric of devices. Now, DNA Center will have four key
attributes to it: design, provision, policy, and assurance. So four key
functions that you have in that app. It’s also partnered with two other key
components. We have the Identity Services Engine, which is our policy store. That’s
the component that will push down those policies that we create into the network.
And on the right-hand side, a new bit of technology, Cisco Network
Data Platform. Yes, this is our new analytics engine, and it’s finely-tuned to
collecting telemetry in the fabric around users, devices, and things. And so it’s
going to do some crunching, it’s going to collect that telemetry and
present it in a more informed manner for the customer to consume
through DNA Center. – Interesting, because I think that’s a
part that we’ve always done as an add-on if we get it at all because it always felt
very expensive but fundamentally necessary, because it’s closing the loop
of knowledge, of understanding what is really happening, and you’re speaking in
real-time terms. And the best way to possibly do that, of course, is if you’re
doing it intrinsically with the network, not simply trying to scrape whatever the
network happens to give you. So I like that. I love the fact that we’ve
got APIC-EM, because we’ve been telling customers for a while they’re finding
value in APIC-EM before this, so that’s a component someone should
already be familiar with anyway because it’s free, you know, and the functions you
can start doing with it are just magical. If you’re not doing QOS with this thing,
you should be looking at it at the very least. I love the fact that we’re
continuing to extend the ISE, which has been around a long time, but
it’s getting simpler and simpler. Just calling out some components I really
love. So the new stuff, NDP, certainly DNA Center, from an
equipment perspective, I know we have new switches out. Are the new switches
required in this environment, or, you know, what’s our balance here? – They work in that environment, but a
key focus of that development, here, is to support [inaudible]. So we made…we
started to look at this and we said we have to be able to support existing
equipment that’s out there. So existing Catalyst, which is 3K, 4K, 6K, and Nexus
7K, existing routers, ISR, ASR, and wireless LAN controllers and access
points that are out there today will all be supported in this.
We’ll need a software upgrade… – Okay, so they’ve got to be able to
support that software upgrade. – Correct. So there’s a new software
upgrade that will be required to work with the controller and DNA Center, but that’s
the extent of it. But the actual investments in the hardware
will be intact. – Before we move on, just one final thing.
I wonder, so these four things that are on the outside here, can you walk me through?
Because I was left with the impression that this felt pretty comprehensive. And
so, I want to see if anyone else shares that with me, of course, as well.
What are they each responsible for? – Sure. They really try to encompass the
whole day zero, day one, day two operation set. So we start off
with design. This is about building out your site hierarchy: regions, sites, your
buildings, formats, doing heat maps, RF planning, and so on. Also, it’s about
risk management and IP address management, figuring out the IP address blocks you’re
going to be using for connected users and devices. Provisioning is really about
simplifying the whole provisioning experience, taking a lot of the knowledge
and intelligence we have and things like Cisco-validated designs, adding that into
the controller so that when the user onboards a device, with a few simple
clicks, we’re deploying best practice world-class configurations on those
devices. On the policy side, again, it’s about building out your
virtual networks; your user segmentation policies, access control policies,
application priority policies, and have those applied in a consistent manner.
And last but not least is the assurance, which is both the monitoring aspects,
understanding what’s happening in your network, and troubleshooting. So providing
you with more guidance on where problems are occurring, and even we want to provide
it a fix it button for certain types of problems, where if something happens we
know how to fix it, we’ll say, “Do you want me to fix it? Click here and
have the controller do it for you.” – Heck yeah, if you can do it. No,
that’s amazing because… Okay, so everything is running through…so DNA
Center becomes your one portal into this world.
– It does. – And what sounds like it’s different
here. We’re gonna take a look at DNA Center next. But what it really sounds
like is this is the fully-automated vision of saying from day zero through day N,
everything can be handled through here because the…it’s not the complexity
magically goes away, but there is a better way of dealing with it.
– Exactly. – Right? So it’s all still there.
And in fact, we don’t even hide it. I know customers can still get exposed to
it. So it really is going to play really well for certain customers who are
believing in it and need that type of thing. Other customers may be going a more
programmatic route and they want to start accessing…you know, as we continue to
open up our platforms for that. So CLI doesn’t go away, all that kind of
stuff is there. So nothing to fear from that perspective, right? We’re not about
to just put it in a big opaque container for you. But I think this kind of thing is
really needed because I think there’s less error and this gets us more keeping up
with what the software side is doing, right?
– Yes. – We need business velocity when it comes
to network, right? – Less error prone, more consistent
application of configuration elements we want to apply, and getting more
detailed insights around what’s actually happening in your network. – I like that. We can do more of that. So
it’s… I’ll try to remember the term used, policy-based automation? – Policy-based automation
from Edge to cloud. – From Edge to cloud. Okay, we’ll run with
that. Well, guys, hang on because we’re going to get into the lab next. Carl, it’s
not Carl, Shaun joins Lauren in the lab. We’re going to go through DNA Center and
look exactly how you do these things, make sure your questions are answered,
and then we’re going to do a whole another show even deeper so we can show you the
technologies, things you’re going to recognize, of how all this stuff works
together. It just makes a lot of sense once you start understanding what’s
happening here. It’s truly an exciting time. Software-defined access
in the lab next. – Shaun, we’re talking about DNA Center
and how it really gives us a GUI to manage almost everything, or actually everything
within our campus fabric. Is that fair to say? – [Shaun] Yeah, yeah. I mean we’ve had a
lot of automation tools. But traditionally, you had to do them
in, you know, different ways. You have to go to one and configure one,
go to a different one and configure that, finally all of that. So, you know, really
DNA Center is the first one to bring all these different things together. So that’s
what I’m going to show you today. – Awesome, can’t wait. Let’s get started. – Right. So this is the new DNA Center
landing page. I’ve already logged in, so I skipped that piece. And if you’re
already familiar with APIC-EM, then this should already be very familiar
to you. All the existing tools from APIC-EM are already present. So examples
like discovery, topology, plug and play, EaseQos, all these things already exist.
So we, of course, brought that in with the DNA Center. But what’s really new is how
we’re going about doing it and how we combine all those different tools
together. – Day zero to day N. – That’s right, that’s right. And, you
know, all the different people in a company that have to fill these different
roles, you know, for example, there’s solution architects, there’s
installers, there’s security folks, you know, and they each have their own
job, but, you know, traditionally you had to go to different tools and these kind of
things. So we’re going to take care of all those things with this tool.
– Great, let’s get started. – Cool. So, the first thing I’ll start off
with is design, and this is really geared towards your solution architect. So just
like the name suggests, it’s really, you know, being built
virtually. You’re just designing a network. Nothing is actually coming.
You’re just putting it all on paper, working your way through it, you know. – You may not even have the hardware, yet. – Probably don’t even have
the hardware, yet, yeah. This is a guy that, you know, he
probably had Vizio and a bunch of Excel spreadsheets. You know, he’s just trying
to think his way through it, you know. So, you know, it’s built out in
a virtual way. Of course, we start with the maps, right? So many
companies, you know, have different locations around the world, so we start
off with that. And, of course, you know, I have many already
pre-provisioned, try to keep things quick. But you can see it’s built up in
basically a hierarchy. It actually calls it network hierarchy, right? So, if
we take a particular example, start with the United States, right, you
can zoom in and you can see I have a couple different locations kind of East
Coast, West Coast thing. And then even here, you know, where
TechWiseTV is in San Jose, California, right, then we’ve got various
buildings built up here. – It’s like Google Map
representation of that. – Yeah, exactly. So, you know, just for
example, I can add a new building, and TechWise is in a building called
Building 13, right? So we’ll add Building 13 in there real fast. – Now you’ve given away our
super secret location. – Well, yeah. And then unfortunately I
have to put in the actual address. It’s in a cool place called Cisco Way. We
even got our own roads and everything. So, what it did was it’s building that
Building 13 there, right? So once it gets to that piece, right, now
I can go down to specifically Building 13, right? Now, under each one of the
buildings, then I can do things like add a floor, right? So, again, the whole purpose
here is really to build it virtually. So I know that there’s a new Building 13,
equipment’s coming in next month, and I need to, you know, put all the
configuration in place for it, right? So, I can build up the
characteristics of it. In this case I give it some dimensions. Click Add, going
through. Now one of the cool things is you can insert your own floor plans here,
right? So you can see it supports many different formats, JPEG, PNG. They even do
a 3D CAD, so you can like deal with it virtually in three dimensions. It’s very
nice. I’m just going to use a basic image in this case. So you can see the floor
plan. Now, like I said, one of the other advantages is to
logically lay out the network. So one of the jobs of the architect is to
decide where wiring goes, where does the wireless access points go. – And that’s very important, right?
– Absolutely. – I mean, for laying out your wireless
network, the access points need to be placed in such a way, so that there’s not
interference and so that you’re using them efficiently as well. – That’s right, that’s right. So you can
see, you know, just in this one example, I dropped in an access point and it gives
you some information about it, and then I’ll be able to do that RF
management piece of it. So now I have what are the basic constructs of a site, okay?
So the next thing is network settings, okay? So this is how APIC-EM and DNA
Center will actually communicate to other services. – All the common services, DHCP, DNS. – DCBS. We talked about the Identity
Services Engine doing these kind of things. Of course we need some kind of
device credentials. So this is how it talks to the switches and routers.
– Can you use HTTPS? – That’s right, all these different items.
Now, another thing that’s really important about design is IP address management.
We’ve actually put it in here on purpose because this is, again, happening before
the site actually comes online. So he’s just figuring out, you know,
what’s the kind of addressing I’m going to use in this new location? – Sure. And I like this because it’s a…
I mean, it’s as easy as an Excel spreadsheet but it’s actually useful. So
it’s going to be always up-to-date because you’re actually assigning IPs from here,
but it’s just a lot easier to consume. – Going from one tool to the next tool and
trying to keep all that synchronized, that’s right. So, you know, I can add a
new one here. And you’ll just see based on the drop down, I’ll skip this because I’ve
already have those, but you can see it’s very
simple adding the IPs. – People know what IPs are, yup. – One thing I will also say is DNA Center
will also integrate via the APIs with external IP address tools. – Nice, so like in info blocks or…
– Yeah, exactly. – Yeah, that is very…you know,
especially people already have their whole IP schemes established using those tools. – Just import it in here and it’s
available for the tool. – Perfect. Yeah, it’s great. – So the last step in here is
wireless. Because, again, this is all, you know, routing, switching,
and wireless. You’ll be able to set up your wireless SSID. So, again, I’m
planning basically where in San Jose all my IPs will be, where is my wireless,
these kind of things. So it’s real simple to add an SSID. – And this is going to be applied to
all of your WLCs, your… – That’s right, everything that is within
the constructs of that site. – Okay. – So in this example, I’ll show guest,
because there’s different types. You can have a regular enterprise
wireless. You can also set up a guest wireless in here. And you can see it’s a
very simple interface. If you’re used to the wireless LAN
controller interface, this is familiar to you, but that’s it, you know. I just did
that, right, save that information off, and now that information is available to
me through my site profile. – It seemed too easy. – Yeah, this is very easy. Other things
that are interesting are things like IP address management, right?
– Or image management? – Yeah, that’s right. So as the devices
come in, maybe they’ve got an old software version, you know, I can define all
that information in here and then it will just upgrade them automatically. – So I can actually provision that image
from DNA Center? – That’s right, that’s right. So once I’ve
completed that, now, again, the output is a profile, right? And
this is traditionally where the architect would give the installer, “Here’s a bunch
of config files and go get the right software.” Here, the profile is just
immediately available to the installer, right? Now let me take you over to policy.
So this is really designed for your security staff, your policy staff. They
may be a different team, they may be in the same team. But
traditionally, there’s a lot of back and forth between the network team, the
security team, like what IP subnets did you have, these sorts of things. The nice
thing about this is utilizing the TrustSec elements and group-based policy, I don’t
actually have to know what the network IP addresses are at this point. – It’s no longer about subnets or VLANs.
It’s just what people I want where or what servers I want where. – Exactly, exactly right. So the first
thing you land on and one of the critical elements for software-defined access is
the idea of a virtual network. So this is a true routing isolation. So,
you know, if you’re familiar with things like MPLS, this gives you the same
capabilities, but again, in a very simple user interface. So, if you do not need
that kind of capability, you’re always given this default VN. So,
you know, you’re always given this basic…
– Kind of a catch-all? – It’s a catch-all, exactly right. And
then again, if I want that kind of capability, then it’s very simple to add a
new virtual network. So we talked about guest, I’ll just create
a basic guest virtual network. – This kind of creates a VRF? – Yeah, that’s right.
– Okay. – On the actual routers and switches,
you’re creating a VRF. Now, within a VN, you’ve got the various
different groups, and these are the, again, just scalable group tags that we
talked about in TrustSec. And, you know, all I have to do, then, is
simple drag and drop, take some of these items, put them in here. And just like
that, I associate these different entities with this virtual network. – Okay. So, possibly all of these could
communicate depending on how I set up security, but… – That’s right, that’s right. And the
important thing is, again, this is all happening virtually. I haven’t
actually provisioned anything, there’s no IP subnets involved. I’m
just, as a policy staff, deciding how I want to
organize these different… – Haven’t even ordered the hardware yet. – Nope.
– Okay. – Not at all. So, if you’re curious where
these groups come from, we talked about the interaction of APIC-EM
and the Identity Services Engine. So where I get this group information from
is actually from ISE. So that registry page is just kind of
listing off what groups I have and where they came from. – Could you pull it from active directory
or something like that? – You can. ISE will always be kind of an
in the middle translation point. Because they come in different formats,
but ISE is able to translate all of that from different formats, so active
directory. We also do Cisco’s ACI solution, you know, there’s Amazon Web
Services, these kind of things. So, once I’ve defined that, then that
information comes from ISE into APIC-EM. – That makes sense. – So now I’ve got virtual networks, I’ve
got my groups. The last piece, very simple, start creating policies. So
you can see I’ve got a few of them they’re already programmed,
they’re already deployed. – Deny, deny, deny, like you’re a security
guy or something. – That’s right, all I do is deny.
Well, and you know, similar to a traditional IP-based access list, right,
you still have this idea of a source and a destination, but instead of an address,
now it’s just a group, source group, destination group. – Groups could contain multiple subnets. – That’s right, exactly right. And they
can move around and all these kind of things. So, you know,
taking this example, right, drop in a couple
on the source, right? – Oh, so you can do multiple?
That’s kind of cool, too. – Absolutely, and I can even,
like, click on several down here and then drag all five all of them in.
– Nice. – Right? And so this is just relationships
between the source, single group or multiple groups to single
or multiple destinations. – Okay. – Purely on a group name, right? So we’ll
give it something. We’ll call it TechWise. Give it some description.
We’re going to… – You shouldn’t let us do anything. – Now, the last piece on this is really
the contracts. So there’s a relationship source destination, but then it’s, “What
can I do between these two?” So in a very simple example, which I’m showing
here, is just permit and deny, but it can even go further
than that, right? – Yeah, like an ACL kind of a… – That’s right. Normally, ACL, you’d have
things like a layer for port, what kind of applications. So this is one
of the really exciting pieces, because, again, all this is happening
virtually. You know, I’m just deciding whether I allow that or not and what
quality of service I give, those things. – Very cool. And it’s nice that it’s
simple. I mean, obviously, that’s a simple example, but the GUI makes it very
easy to just think of it logically. – That’s right. – I want these and these people to talk. – That’s it.
– Okay. – All right. So save that off. That policy
will then begin being provisioned on the individual routers and switches. So,
again, through the automation piece of it, you know, it makes the whole
thing very, very simple. So last, let me take you off to provisioning.
– We got the hardware, finally. – Finally got the hardware, it’s finally
being installed. So you see the first thing we land on is the devices
themselves. And this could be, you know, your entire network. This could
be hundreds or thousands of devices. So the first thing here you want to do is
basically remember the profile from design, right, is I want to associate
them with that site, right? – SJC 13. – That’s right, that’s right. You can do
it at multiple levels. I can do it based on like the San Jose
level, I could do it based on the U.S.A. level, or I could do it specifically
on this building. So, I said, this equipment in SJC 13.
– Okay. – Right? Once it does those things, then
one last piece, which is to turn them on, to provision them, basically. – You do assign configuration, right? – Now I’m actually pushing all that
configuration down to it, right? So now they’ve got those particular
pieces. Then I go into create the fabrics themselves. Now, similar to the policy
element, right, where I said, you know, “If you don’t want to have
logical divisions, you can just use the default virtual network.” Same kind of
logic here. If I want to create different fabric networks, different campus fabrics
like we’ve discussed, then I can add new ones here. So perhaps
this is on geographic lines. So a difference between a San Jose fabric
and a New York fabric, something like that. But if you don’t want
that or you don’t need that, then you’re at least presented with a
default fabric. – Another catch-all. – Yeah, another catch-all. So we drill
down in there, right? And so now we’re starting to see the actual equipment
that’s been added to this site, okay? There’s some interesting widgets
with the application itself. I can zoom in, I can move it around, this
kind of things. And then it’s very simple. So I’ve set up my profiles, I’ve set up my
policies, all I really need to do now is add these devices to the fabric. – Design, policy, provision. – You got it. Now, we talked in other
episodes about the need for a control plane, we talked about border nodes, and
we talked about edge nodes, that kind of thing, so that’s effectively
what you’re doing here. You need to define at least one of them as
a control plane, right, and then one or more of them as a border,
the way that I get to the outside network. And then you’ve got your various
distribution layer access switches. And since they’re not doing any special
job like the control plane or the border, you just add them to the fabric. Very
simple. So far you’ve seen me just use single connects. You can also do a multi. – That’s nice when you have dozens, maybe
hundreds of switches. – Exactly right. Now, the very last piece
is wireless LAN controllers. And we talked about, you know, adding this
new wireless into the fabric. So now we can even add wireless LAN
controllers into the fabric. – And it gets the proper configuration,
because we already did that in the design phase. – That’s right, exactly right. So you save
that off. And then at that moment all of the overlay configuration is finally
pushed on there. So we’ve built our underlay, we’ve built our overlay, all the
policy information’s present with a couple of clicks. – That’s awesome. So literally we’re
managing our entire campus fabric through one central point of provisioning,
different roles in the company can use this in different ways,
and it’s all automated. – Completely automated. – Shaun, that was fantastic. Thank you so
much for joining me again. And that’s it for the Intro to SD Access
Show. Please tune in to our deep dive for more information that should already be
available. Thank you for watching today. Be sure to follow us online. All of our
social media stuff should be somewhere on the screen. You can always find all of the
shows, including the back catalog, at techwisetv.com.
See you on the next one. ♪ [music] ♪

Leave a Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2019 Geted Tabs Online. All rights reserved.