How Cisco DNA Is Helping CFL to Build the Future of Public Transport in Luxembourg


Freedom of movement is something we all tend to take for granted. In any large transit station, everyone is rushing to get to their destinations. All aspects of this system need to run smoothly, which means it relies heavily on coordination and networking.

Few of the world’s transit systems can call themselves cutting edge—their clunky legacy systems are difficult and frustrating to manage. These systems are also an impediment to the ultimate goal of public transport: resolving issues immediately and getting passengers to where they need to go quickly and efficiently.


I have spent 25 years of my career working with the Société Nationale des Chemins de Fer Luxembourgeois (CFL), the past several of which in the role of Chief Information Officer (CIO). CFL is the backbone of public transportation in Luxembourg. With a population of almost 625,000, Luxembourg is one of the smallest countries in Europe, yet we still experience some of the world’s worst traffic jams due to all the cars on the road. This has led to a steady increase in the use of public transport year over year. 

A Broad Base to Support

Our strategy at CFL consists of several key pillars: safety, quality, and innovation as well as know-how and performance. Our IT team supports these pillars and covers standard IT services for our home office and departments such as HR, finance, legal, and more. 

At the heart of our work, however, we manage the IT needs for the whole CFL group. This includes our train company and, for example, everything related to train infrastructure—but not on the operational industrial side. In Luxembourg, we are still an integrated train company, much like it is in Switzerland. 

Our IT department manages IT networking and operations for both the infrastructure side as well as the needs of train and bus passengers. Supporting multimodal train transport, including freight, is another one of our responsibilities. We also have several other subsidiaries, which include: CFL Immo, our real estate company; CFL Evasion, our travel agency; CFL Mobility, our car-sharing company; and more.

A Clear Destination: Full Speed Ahead Toward Digital Transformation

When I became CIO in 2016, there were many legacy processes and positions throughout CFL. There were two separate and distinct IT departments, comprised of 50 people who managed 1,400 laptops and PCs. It was inefficient, and the overall image of IT at CFL wasn’t very positive. The first thing I did was a presentation for our entire board on the importance of digitisation. By the end of the meeting, everyone was clear about the two options before us: disrupt, or be disrupted. I was given the resources I needed to commence digital transformation at CFL.

Legacy #IT systems seldom work for companies that are focused on modernising the networks and processes they’re meant to support. @Cisco

But it wouldn’t be a quick fix. One year later, I returned to the board to initiate the consolidation of the IT teams into a single cohesive unit. By 2018, with the reorganisation, the budget, and the support from the entire board behind us, we could really get started on digitisation and pursue our new targets.

We essentially reinvented ourselves, planning 32 initiatives around management, governance, and collaboration. We conducted a self-analysis through Gartner and found that our digital maturity was a Level 2 and our target is to reach Level 4 by the end of 2021. Internally, we were eager to face the future and embrace digitisation. The bigger challenge was figuring out how to change a system that everyone thinks is running well from the outside—unaware of the ways it could be improved.

Externally, our network is quite complex, and there is dark fibre that runs all over Luxembourg. We actually had two different networks managed by our two separate IT teams before they united. There were even layers of networks managed by departments other than IT, that independently purchased and connected switches for their own needs. 

In every station, we have many buildings and locations where we have to install networks. Some buildings had five switches for five different networks, where the switches were only using seven out of 48 ports. It was inefficient, to say the least. Even managing just two networks in the old way was quite stressful because we also had to configure all the routers manually. Automation wasn’t the norm. 

Our layer 2 network was reaching the limit of its capabilities. It was getting even more complex to manage because we had to manually configure new routers. It was also getting increasingly difficult to manage its segmentation. To move forward with our digital transformation, we needed to choose a different architecture.

It was time for us to consolidate into a single network for the entire Group that would cover all needs and necessary situations. 

A First-Class Ticket to Innovation: Early Adoption 

CFL has been a Cisco customer for many years, but we don’t see Cisco as simply a vendor or a technology supplier. To us, Cisco is a trusted partner that provides solutions to our IT challenges. They provide us with customer care through solutions, configuration, implementation, and ongoing support. And when they introduced us to the Cisco Digital Network Architecture (DNA), a new solution at the time, it was clear this would be a perfect fit. We were glad that DNA was about as plug-and-play as it gets, and it also allowed us to keep some of our existing Cisco configurations.

Becoming early adopters of #IT technology is a bold move, but it can pay dividends when you have the right vision and support. @Cisco

As great as it sounded, the fact that the technology was so new in Europe was initially a big hurdle for our teams. There weren’t really any Cisco partners, local experts, informal support networks, or help forums that we could turn to. Because of this, the support we received from the Cisco engineering team was critical, especially for a small team such as ours. We relied on a Cisco engineer to assist us with internal testing, which began in early 2019.


The first rollout of Cisco SD-Access in our company was somewhat unorthodox. We started with a passenger-focused project, putting a digital passenger information system in place at our train stations. Besides being more accurate and reliable with the correct information, the system also allows us to broadcast voice messages on multiple platforms.

Rolling out the passenger information system led to more internal discussions about how to expand and maintain the entire IT network, who would lead those projects, who the network would belong to, and what type of governance policies would have to be created as a result. We now have a plan to renew all our network components over the next three years. We started this process at the end of 2018 in our older buildings, and we’re on schedule to be ready for a complete rollout by the end of 2021.

Being early adopters of such a new system has had its fair share of challenges, but it has also already given us some quick wins and other positive outcomes. For example, we’re already well-versed in Cisco SDA (Software-Defined Access) and have a lot of in-house expertise about the solution. Early adoption also means that we don’t have to worry that we’re working with technology that will soon become obsolete. Being a little ahead of the curve means that our investment will serve us well for years to come.

Embracing Automation, Reducing Overhead, and Seamless Configuration

Cisco DNA Center also helps us with automation, particularly when it comes to deploying switches, which used to be an almost entirely manual job. Despite Luxembourg being a small country, it was an inefficient use of our IT technicians' time to drive almost two hours to a site, install and deploy a switch, and then drive two hours back. It was also very expensive.

Embrace automation to speed toward your goal of system deployment while reducing overhead. @Cisco

Now, we have unconfigured switches that we can install right out of the box. We give them to teams from other departments who solely provide maintenance all around the country. These teams install the switches by plugging them in, and then the rest is configured automatically by us or by the system. Now it’s much faster to roll out new switches across the network. 

This has allowed us to be able to grow: over the past four years, we have doubled workstations from 1,400 to 2,800. The workload on our network is increasingly more intensive, but we can handle the increased demand without a problem. Even with our small team managing operations 24/7, Cisco DNA Center gives us a better overall view of the network so we’re able to handle any incidents immediately and reduce any downtime. With this improved view, our maintenance and operations are becoming more efficient every day.

The increased visibility of our network using Cisco DNA Assurance and Cisco SD-Access with ISE also means that we can spot problems more easily, which allows us to provide service to our customers that’s better and faster than ever before. DNA has become a complete management and operations system for our network. It's really an integrated platform. Cisco DNA has redefined the meaning of quality of service, which is key because it’s at the centre of everything we do. The needs of our passengers are always at the heart of our operations, including operations that happen behind the scenes and away from their direct experiences.

Our initial investment in Cisco DNA was the largest financial IT infrastructure investment ever presented to CFL’s board of directors. It had to be validated and justified, of course, and that process showed that Cisco DNA gives us more abilities and opportunities than we could’ve imagined—including creating virtual networks, VoIP, Cisco telephony, and more.

Eventually, we want to create a network operations centre (NOC) in conjunction with the teams that administer those additional CFL networks. This will allow us to centralise teams and operations, and support the entire network as one entity. And further in the future, we hope to be able to allow other companies to rent part of our network as we span the entirety of Luxembourg. 

On Track to Internal Harmony and an Improved Passenger Experience

CFL has undergone many changes in just a few years, and we have no regrets. In three years, IT, which had a poor image when I took over as CIO, is now a key player in meetings to which the department had previously been disinvited. We are an important part of this company.

Our relatively flat management structure means we can move more quickly with more unity, harmony, and efficiency. In fact, my colleagues in IT Infrastructure Team, have been instrumental in every step of the way. We’re a very collaborative team, which is a benefit of the flat management structure, and we rely on each other to ensure we are all informed. 

We are seen as the trailblazers of the company, leaping forward through trial and error to not only modernise CFL and its operations, but to also work toward our collective goal of serving and prioritising our customers. And when we know that we’re on track to internal systems harmony while we improve our passenger experience, we’re able to enjoy the journey as we speed toward digital transformation.