Cisco's Software-Defined Access (SD-Access) provides automated end-to-end segmentation to separate user, device and application traffic without redesigning the network. Cisco SD-Access automates user access policy so organizations can make sure the right policies are established for any user or device with any application across the network.
N/A
VMware NSX
Score 8.8 out of 10
N/A
VMware NSX is network virtualization technology. VMware NSX is no longer sold as a standalone product and is now available as a part of VMware Cloud Foundation.
It's well suited in our corporate offices, where all our business users resides and where we can control all their accesses. What doesn't really fit well is when we have our branch fronts, where all the software domain access features aren't utilized to its fullest, due to the fact that customers and users don't really need to have all the security features that SDA provides.
Our high-security environments require end to end encryption, but also tend to have larger budgets. Since beginning utilization of VMware NSX, we've been able to meet the unique requirements for our high-security clients, but it does have a large price tag that goes along with it. This isn't a particularly well-suited solution for environments with tighter budgets, but it definitely provides security where we need it and are willing to pay for this solution
Broadcast Suppression: By suppressing broadcast traffic, we have been able to deploy a single VDI network in a /18 network space, allowing for rapid growth and proper DHCP lease timing for a VDI instant clone environment.
Networking HA: Leveraging internal mechanisms for high availability, it provides disaster resiliency to a virtual networking environment.
Cost Savings: All available features of NSX are licensed simultaneously. Load balancers, firewalls, and routers are all licensed as features, not per object, allowing for the deployment of as many of these objects as are needed.
It is difficult to start using the product due to its unfamiliar name and acronyms. ,The task should be accomplished in a specific order to ensure success
As far as my experience with SD-Access -I'd say things that can be improved are - better functionality with ISE, ease to understand licensing and better documentation for configuration (add-ons, etc), and licensing.
I rated the training an 8 because overall, it was well-structured, and the instructor was highly knowledgeable on the subject matter. The content was relevant, and I appreciated the clear explanations of complex topics. However, I felt that some sections were covered too quickly, making it difficult to fully absorb the information before moving on. Additionally, I would have liked more time dedicated to Q&A, as there were moments when I had questions but didn’t get the opportunity to ask them due to time constraints. Adding more interactive discussions or hands-on exercises could further enhance the learning experience and make it even more engaging
Basically, we have various devices and solutions from Cisco and we are more focused on the next generation networks with the best support. We knew that Cisco has the best team sitting to support [any] issues and help us to troubleshoot whenever we need it. So we go with Cisco for this solution.
We use both Cisco ACI and VMware NSX, and while they have different strengths and capabilities, I would recommend VMware NSX, as it can be used in all VMware environments, without costly physical infrastructure changes. Cisco ACI provides some of the same capabilities, but not all. It's focus relies on physical networking changes.