Join Us at Our Upcoming Events Events
Skip to Main Content

How does Cisco SD-Access Work

A Comprehensive Overview of Cisco SD-Access

This overview answers questions you have about SD-Access and “How does SD-Access work?” among other questions.

What is Cisco SD-Access?

The first question answered in the Cisco SD-Access overview is “What is it?”. Cisco has over the years, maintained its stance as a leader in the networking industry, by consistently dishing out innovative tools and applications that make enterprise network more effective and easier to manage. SD-access is one of such innovative tools that joined the market in recent years, and it has proven itself as a software to be grateful for.

Let’s assume that as a network administrator, you once imagined possessing the ability to manage all users and devices in your campus network architecture with ease. Probably have a single platform that allows you to bring all the users, applications and devices in one place, apply the right policies to each, secure your network even better, and add new components without mixing up the traffic or making adjustments in your network.

Your imagination could have gone in a number of directions; but the fact remains that you wish there are more comfortable and faster ways to manage traffic, regulatory compliance, and security in your corporate network. Well, it is time to stop wishing and get real, because SD-access is a package that makes it all possible – and even adds more.

Cisco Software-Defined Access was developed based on the Cisco Digital Network Architecture (Cisco DNA) principles, which aims at making enterprise networks more agile, extensible, flexibly software-driven, and simpler to manage. Cisco DNA is targeted at digitization of a network through automation, assurance, security, and segmentation of its processes. And it is further enhanced by SD-access through the provision of intent-based policy and automation for both wired and wireless campus networks.

If you are new to the solution, you probably have a lot of questions to ask, or you are just curious to know more. In this article, we will highlight the nitty-gritty of SD-access – as much that can help you have a great understanding of the software.

How Does Cisco SD-Access Work?

Another commonly asked overview questioned about Cisco Software-Defined Access is “How does it work?”. This analytic and monitoring solution is in with other software-defined technologies which aim at the virtualization of a network, to give room for speed, automation, scalability and all the good things we desire in a network. But what makes Cisco SD-access stand out is its ability to provide for the security and access features of the network to be automated. And as well allow for the simplification and application of complex configurations across various user groups in a single network fabric, simultaneously; without restructuring the network.

For Cisco Software-Defined Access to virtualize the network, it brings in a few hardware into the network circle. These gears will function as the layers that provisions for software abstraction in the platform. Also, they help form a platform for policy deployment.

The services offered by SD-access is made available through the DNA center, which is an integrated dashboard that network administrators can use to communicate with the software. The DNA center is accompanied by three appliances: Identity Service Engine (ISE), Application Policy Infrastructure Controller Enterprise Module (APIC-EM) and Network Data Platform which play some of the major roles that make SD-access what it is.

Identity Service Engine

This is what makes segmentation possible in SD-access. With it as the identity management feature in the platform, it obtains device and user information from Active Directory and feeds them into the DNA center. Operators are then able to pull and aggregate devices and users in a network from the DNA center, and assign access policies and configuration to each defined group.


In the platform, APIC-EM is a software-defined network controller found between the network device and the DNA center. It collects the policy and management requests input into the DNA center by operators, and use them to configure the Access Control Lists, QoS settings, etc. in the hardware components to allow for policy implementation.

Network Data Platform (NDP)

This is an engine for network analysis and monitoring. Here, all logs, SNMP, NetFlow, and other forms of data are collected, correlated, and analyzed in real time. NDP can be programmed to collect data from network components automatically, or the components can be programmed to send data to the NDP instead.

For NetOps, this is particularly incredible; they can obtain statistics and operational data that gives an insight into the network’s performance, get real-time error notifications, and boost MTTR.

Why Cisco SD-access?

No Cisco SD-Access overview is complete without asking “Why?”. Network administrators go through a whole during manual application of configurations and management of the numerous tools available for each network component. Lots of rooms are created for errors, and the whole process is too slow for an IT environment that is ever changing. What’s more? New day, new users, new devices; so the network is getting more complex, and it is getting harder to be consistent in policy implementation across the network.

Fortunately, Cisco SD-access jumps in to save the day with various enticing features, and goes further to make businesses more productive with their time and boost bottom line.

Quicker network deployment

In a matter of some insignificant minutes, Cisco SD-access helps NetOps to deploy network switches that would have taken lots of hours to install.

Greater network visibility

Simply put, with everything simplified and streamlined on a single network fabric, Cisco SD-access as a monitoring and analytic tool provides visibility into all parts of the network fabric.

Improved network security

Network security is a priority in network management, and administrators can leverage on SD-access to automate user policies, provide secure end-to-end segmentation for applications, users, and devices. Additionally, with the automation of security policies, networks will proactively detect and alert on or cut off threats, as they adopt the policies. And regulatory compliance is easily achieved.

The segmentation also helps in speeding up the resolution process, as the networks can be programmed to automatically respond to attacks on particular users, applications, or devices.

Policy application

User access policy can be easily automated and applied across users and devices on the network, to improve QoE.

Creates more room for integration

The use of this network solution provisions for the integration of more components and features such as IoT and other non-traditional network capabilities into the network.

LiveNX and SD-Access

SD-access made even more powerful by LiveNX, as it offers additional support  to form a powerful network performance management solution. Just as with Cisco SD-WAN  LiveNX provides a baseline for the successful deployment of SD-Access in a campus network architecture, with simultaneous visibility in the physical underlay and virtual overlay of the network.

Learn more about the LiveAction Cisco SD-Access solution. Or contact us at Sales for more information.