FREE SHIPPING on Orders Over US$79
United States
  • Highlights
  • Key Stats
  • Overview
  • Challenges
  • Solutions
  • Results
Highlights

Updated at Oct 28th 2024

Download

Highlights

  • Transitioning from proprietary Cisco DNA Center and Catalyst 9000 Chassis to AmpCon™ and PicOS® solution significantly reduced expenses while ensuring high performance.

  • Streamlined network management through the AmpCon™ Controller, automating provisioning, deployment, and lifecycle management.

  • The VXLAN-based virtualized network fabric scaled easily, ensuring future-proof flexibility for the expanding workforce without the need for disruptive upgrades.

  • Seamless integration with the existing Cisco infrastructure, maintain compatibility with management and security systems, and avoid vendor lock-in.

Key Stats

  • Deployed over 150 switches across access, aggregation, and core.

  • Replaced existing Cisco Catalyst 9410R chassis with PicOS® software switches.

  • Implemented VXLAN overlay fabric to connect L2 switching domains across 7 floors.

Overview

For a recent FS client, a multinational Top 10 global systems integrator, the goal was to future-proof its network for a new 7-story building on its campus. The company needed a robust network solution to ensure secure, interoperable, and flexible connectivity between its access, campus, and data center networks.

Challenges

The client requested that this deployment integrate with their existing Cisco infrastructure, encompassing hardware, software management, monitoring, and security systems, to effectively meet the needs of a globally distributed workforce. Additionally, the new infrastructure must support automation via open-standard APIs, enabling dynamic, policy-driven network management. Other challenges include accommodating the rapidly evolving workforce in the post-pandemic era, ensuring reliable and flexible network access, while minimizing configuration and management overhead, and maintaining cost efficiency.

Solutions

After evaluating Cisco Software-defined Access (SD-Access) and alternative open solutions and finding them difficult to implement and manage, the systems integrator turned to FS for its complete open networking software solution. FS replaced the existing Cisco Catalyst 9410R chassis with its PicOS® software switches, powered by a Linux-based Network Operating System (NOS).

Centralized Management and Automation

PicOS® software enables seamless integration across multiple switch and router vendors and networks. The AmpCon™ Controller centralizes management and enhances visibility by leveraging open standards-based APIs, offering a more cost-effective solution than Cisco DNA Center while avoiding vendor lock-in. AmpCon™ delivers one-touch deployment and scalability, automating configuration, provisioning, deployment, and lifecycle management. Furthermore, AmpCon™ provides Zero Touch Provisioning (ZTP) for on-premises environments, eliminating the need for costly licensing models.

Network Virtualization

PicOS® software virtualizes data center, campus and access network switch fabric. In the first phase of deployment, the solution supported more than 50 access, aggregation, and core switches spanning three floors of the building. The second phase, which expanded coverage to four additional floors, included over 100 access and aggregation switches. The entire network operates as a fully routed underlay with a VXLAN overlay fabric that connects Layer 2 switching domains across the enterprise. VXLAN tunnels are terminated at the virtual network edge (VNE) switches, where they are mapped to the local voice and data VLANs from the access switches.

Zero Trust Security

Zero Trust Network requirements are achieved through centralized integration with the existing Network Access Control (NAC) policy framework. Interfaces with Cisco’s Identity Services Engine (ISE) and downloadable access control lists (ACLs) dynamically assign device- and port-specific restrictions to manage access for desktops, VoIP phones, and IoT devices. The rapidly growing number of remote clients is dynamically assigned to VLANs, including an authorization framework for third party applications to access HTTP services. Integration with the existing Cisco SD-Access networks enables support for virtual workgroups distributed across the enterprise.

Results

The client, having worked closely with FS, fully understood and was satisfied with the performance of PicOS® and AmpCon™, which brought them significant value.

  • Cost Savings: By transitioning from Cisco's proprietary systems, the client successfully avoid costly licensing fees associated with Cisco DNA Center. Significant savings were realized in both capital and operational expenditures. The FS open PicOS® solution ensured lower long-term costs without sacrificing network performance.

  • Operational Efficiency: With centralized management through AmpCon™, the client reduced manual intervention and operational overhead. The automation capabilities of the AmpCon™ Controller drastically accelerated deployment and configuration, reducing the time required for network setup.

  • Scalability and Flexibility: The network architecture was designed to easily scale, supporting over 150 switches across multiple layers of the network. The implementation of a fully virtualized network fabric using VXLAN provided the necessary flexibility for future expansion, without requiring extensive reconfiguration or additional investments.

  • Enhanced Security: Integration with existing Network Access Control (NAC) frameworks offers robust access protection for the entire network. This not only safeguarded sensitive data across various devices but also supported the growing number of remote clients, ensuring reliable and secure access to network resources.