Managed Secure Access Service
The service is built around on-premise DNA center as the core component and is provided in 2 uses cases:
- DNA center as an Assurance and automation tool
- Full SD-Access deployment
In its managed service, SpotIT strives to a best practice architecture implementation (greenfield approach) in order to decrease the number of incidents at a customers’ environment.
Depending on the location’s size a recommended standardized design is applied.
The services (DNA, ISE, WLC, Stealthwatch, AD) are centralized or at least available via a separate management zone behind the datacenter firewall, which is a prerequisite for this managed service. On each site the underlay network is build with L3 core Catalyst 9K switches with a segmentation firewall on top. Local functions can be made available on the switches and further distribution can be set up via an additional segregation layer.
On smaller sites the core switches can function as collapsed core, redundancy is provided via stacking.