• Skip to main content
  • Skip to header right navigation
  • Skip to site footer

Roger Perkin

Network Automation Architect

  • Network Automation
    • Network Automation Courses
    • What is NetDevOps?
    • Workflow Orchestration
    • Ansible Automation Platform
    • Ansible Workshop
    • What is Network Automation?
    • Network Automation Tools
    • ContainerLab
    • Ansible Training
      • What is Ansible?
      • Ansible Tutorial for Beginners
      • Ansible Network Automation
      • Ansible Hosts File
    • Python Network Automation
      • Nornir
      • Python Network Automation Course
      • Python for Network Engineers
      • Python VENV / Virtual Environment Tutorial
      • Python Tutorial for Beginners
      • pyATS
    • Network Source of Truth
      • NetBox Training
      • Infrahub
    • NetDevops
    • DevOps Tutorial
      • Git Training
      • Terraform Training
      • Linux Training
      • Kubernetes Training
      • Devops Training Course
      • Azure Devops Training
    • Terraform
    • GIT
      • Git Commands
      • What is GitHub?
    • Docker Training
    • Confluence
    • Microsoft Azure
  • Cisco
    • ISE
    • SD WAN Training
    • Password Recovery
    • Software-Upgrade-Guides
    • BGP
    • Data Center
    • WIRELESS
  • CCIE
  • Blog
  • About
    • My Red Special Guitar
  • Contact

What is Software Defined Access?

Home » Software Defined Access

What is Cisco Software Defined Access?

Also referred to as SD-Access, or Cisco SDA, software defined access is campus fabric with DNA Center.

Using DNA center you can orchestrate all the policy and security of your campus networks.

It is giving you a single point of configuration instead of having to configure ISE policies and then switch configurations, and then worry about software upgrades. By making the campus network a fabric of switches you can configure and monitor them as one.

There are three main components of Software Defined Access

  • The DNA Center Controller
  • The Network Fabric
  • Cisco Identity Services Engine

Also, all switches must run the DNA Advantage license

DNA Center Controller

The brains of Cisco software defined access is the DNA controller, this can be done device or a cluster of 3 with optional standby nodes or standby clusters.

You cannot run SDA without a DNAC.

The Network Fabric

Within the software defined campus network there is no longer the concept of Core / Distribution and Access switches. Instead they are referred to as Control Plane Nodes, Fabric Border Nodes and Fabric Edge Nodes. The network is typically formed of Catalyst 9k switches running the DNA advantage license.

Control Plane Nodes

The control plan node keeps track of the location of the host. Within an SD-Access network you can run a single subnet as each host device shows up as a /32 host in the routing table.

Fabric Border Nodes

Fabric border nodes have one leg in the fabric and one leg that lives outside the fabric and connected to MPLS, they talk IP and provide the connectivity in and out of the fabric.

Do you have to have a border? Not if you don’t require any connectivity in our out of your fabric, but there aren’t many networks that do not require connectivity in our out.

Fabric Edge Nodes

An edge node is what directly connects to the host.

Fabric Wireless Controller

To enable seamless integration with wireless, you need to have a wireless controller in the fabric, you can then have the same policy defined for a wired and wireless. If you wish to maintain your existing controllers you can run “over the top” wireless and just use the Fabric as a transport.

What are the three components of Software Defined Access?

1. The DNA Center controller
2. The network fabric
3. Cisco Identity Services Engine
Also all switches must run the DNA Advantage license

Category: Software Defined Access
ansible course for network engineers
Get Access to my Ansible Course NOW
Previous Post:Git vs GitHub
Next Post:Gitlab vs Github the Differences Explained

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Sidebar

Hi I'm Roger Perkin,
Based in the UK working as a Network Automation Architect, CCIE #50038
About Roger | Twitter | Linkedin

python course for network engineers

Topics

Network Automation
Ansible
Python for Network Automation
CCIE
Cisco ISE
F5 Certification
BGP
OSPF
Network Automation Conferences
auvik promo banner
Pluralsight Trial

Git for Network Engineers

Ansible vs Nornir

Start learning today with my Network Automation Courses

Master Ansible, Python, Git, Nornir, Jenkins and more..


Buy me a coffeeBuy me a coffee

ansible network automation course

Have you seen my YouTube Channel?

YouTube Subscribe

Let’s get started

Take a look at my premium courses on Ansible, Nornir & Git or buy them all with the Network Automation Bundle!

Network Automation Courses

Navigation

Python VENV Tutorial
Python for Network Engineers

Network Automation
Network Automation Courses
Network Discovery Tools
Network Automation Conferences
Ansible Training
What is Ansible?
Devops Tutorial
Network Source of Truth
DevOps Glossary
Network Monitoring Software

Contact

Contact

Get in touch with me here

[email protected]

  • Twitter
  • LinkedIn
  • YouTube
Buy me a coffeeBuy me a coffee

Copyright © 2025 · Roger Perkin · All Rights Reserved · Privacy Policy – Terms