I work for a Cisco Partner who employs around 15 engineers, predominantly designing and optimising Wireless networks.
We were awarded an amazing opportunity in the first quarter of 2020 : designing and implementing the wired and wireless network for a hospital destined as a COVID recovery facility. And best of all: have it operational in 6 weeks of starting onsite. The pressure was on.
Clinical and Hospital Wi-Fi always demands special care and attention, and even more so when delivered quickly.
Network Design Phase
Together with Cisco we put together an ambitious design that would provide switching and Wi-Fi across 9 floors, with 210 access points around the facility. While our wireless design team was creating access point predictive designs, we simultaneously crafted detailed designs for the Cisco 9800 WLC, Cat 9K LAN, DNAC, ASA, ISE, UCS Compute and Unified Comms.
All of these Cisco products were SDA ready, and the intent was to design and deploy the solution with DNAC.
The requirements included placing various data flows in their own VRFs and micro-segmentation within the VRFs. That’s what SDA was built for. My role was to design and deploy Cisco ISE, DNAC and UCS. The documentation gathering requirements, designing and testing was essential and that alone could have consumed 6 weeks!
Rapid Deployment needs an Agile Approach
We adopted an agile approach once the designs were ready to allow us to start deployment, given the tight deadlines. The lead times and delivery complications during the pandemic started to present us with some challenges.
We desperately needed Cat 9500 switches to build the switching core but we knew the kit would not arrive in time. Thanks to our great relationship with the local Cisco team we got loan equipment to allow us to immediately construct the Core and access layer. The next challenge was that the delivery times of the DNAC were too close to the go live date.
This was a pivotal moment for us, since DNAC would have hidden all the complexity of the VRFs and micro-segmentation, to allow the customer to operate the network with relative ease. In the short time frames, we used our DevOps team to automate the creation of the IOS-XE commands for the various access layer switches, which reduced time and errors. It was an iterative process and the automation proved invaluable.
The VRF design was done by hand, and micro-segmentation was postponed to a future project. It would have been possible to but at the expense of handing over a network that the operators had no time to learn or prepare for.
First Online: LAN Comes Alive
The LAN was up and running very quickly and the customer was connecting the end devices as quickly as time permitted.
The LAN is always a fundamental component of any network installation, making sense this component goes first.
The image on the left shows the initial switch installation, prior to cabling up.
Each level of installation requires a certain amount of OCD to ensure its installed neatly and in the right order.
As the network builds, it’s a great feeling to add the higher level layers.
The next stage is patching out the network.
Using a colour coded patching scheme for easier identification at the access layer. We needed to test nurse call, security systems, telephony integration – to list but a few services.
Next Step: UCS Servers
My UCS servers had not arrived yet due to COVID related delays and we had to improvise yet again.
Luckily we had a Cisco BE7000 Unified Comms server on site and we appropriated some of its resources to host the services we needed to run, including the Cisco Firepower Management Console, various Windows servers, security and essential nurse call components. Doing this is not officially supported but it was a life saver to allow integrators to test their services. The UCSs arrived in time for me to migrate the VMs from our surrogate BE7000 server to a vCenter managed cluster.
Towards the end, our beefy DNAC appliance arrived which slotted in nicely as our assurance platform for the entire solution.
One massive time saver with DNA Center was the Ekahau integration. Our wireless architects provided me with the Ekahau project file that contained all the precise AP placements, down to the centimetre accuracy for Hyper-Location. It would have taken a week to place all those APs by hand, but with DNAC it was a matter of seconds.
We completed the project on time and the outcome was successful.
The success was not only due to extreme hard work by our onsite teams, but also to vendor partnership and human ingenuity when things don’t go according to your best intentions.
The long term goal for this customer is to fully modernise their various hospital ICT networks using SDA, but this requires planning and approaching this new SDN world in smaller steps.
This COVID facility still contains sufficient new technology that the customer will embrace over time, since the operations team needs to make the leap from AireOS WLC to C9800, and from Prime to DNAC.
On the plus side, it’s a gentle introduction to the building blocks of SDA.