SD-WAN
Overview
Cisco SD-WAN offers a software-defined WAN solution that enables enterprises and organizations to connect users to their applications securely. It provides a software overlay that runs over standard network transport, including MPLS, broadband, and internet, to deliver applications and services. The overlay network extends the organization’s network to Infrastructure as a Service (IaaS) and multicloud environments, thereby accelerating their shift to the cloud.
This virtualized network runs on the industry’s most broadly deployed routing technology, from physical branch routers such as the Cisco Catalyst® 8000 Edge Platforms Family to virtual machines in the cloud such as the Cisco vEdge Cloud routers. Centralized controllers, which oversee the control plane of the Cisco SD-WAN fabric, efficiently manage the provisioning, maintenance, and security for the entire Secure Extensible Network (SEN) overlay network.
Cisco vManage provides a highly visualized dashboard that simplifies network operations. It provides centralized configuration, management, operation, and monitoring across the entire SD-WAN fabric. Integration with Cisco Umbrella® accelerates the transition to a SASE architecture. Open programmability enables data extraction for enhanced visibility and actionable insights
Cisco SD-WAN offers integrated security, including full-stack multilayer security capabilities on the premises and in the cloud. This integrated security provides real-time threat protection where and when it is needed — for branches connecting to multiple Software-as-a-Service (SaaS) or IaaS clouds, data centers, or the internet, further accelerating the transition to a SASE-enabled architecture.
Cisco SD-WAN Multicloud Operations
Cisco SD-WAN makes connecting the company WAN to IaaS environments such as Amazon Web Services, Google Cloud, and Microsoft Azure simple, automated, and secure — as though the cloud databases themselves are part of the corporate network. In the Cisco SD-WAN console, your network and operations teams can automate virtual private cloud connections to IaaS environments, extending the Cisco SD-WAN OMP to the cloud. Cisco SD-WAN applies automated connectivity requirements (loss, latency, and jitter) to find the optimal path to cloud IaaS applications, adjusting the IPsec route as needed to help ensure service delivery and performance while monitoring the hosting infrastructure for anomalies.
Implementing Cisco SD-WAN Solutions (ENSDWI) v2.0
Technology Areas
● Networking
● Software-defined networking
Objectives
After taking this course, you should be able to:
● Describe the Cisco SD-WAN solution and how modes of operation differ in traditional WAN versus SD-WAN
● Describe options for Cisco SD-WAN cloud and on-premises deployment
● Explain how to deploy WAN Edge devices
● Review the Zero-Touch Provisioning (ZTP) process and examine technical specifics for on-premises
deployment
● Review the device configuration template and describe new features of device configuration templates
● Describe options for providing scalability, high availability, and redundancy
● Explain how dynamic routing protocols are deployed in an SD-WAN environment, on the service side and
transport side
● Describe Cisco SD-WAN policy concepts, which includes how policies are defined, attached, distributed,
and applied
● Define and implement advanced control policies, such as policies for custom topologies and service
insertion
● Identify and implement advanced data policies, such as policies for traffic engineering and QoS
● Define and implement an Application-Aware Routing (AAR) policy
● Implement Direct Internet Access (DIA) and Cisco SD-WAN Cloud OnRamp options
● Describe Cisco SD-WAN security components and integration
● Describe how to design pure and hybrid Cisco SD-WAN solutions, as well as how to perform a migration to
Cisco SD-WAN
● Describe Cisco SD-WAN Day-2 operations, such as monitoring, reporting, logging, troubleshooting, and
upgrading
● Describe Cisco SD-WAN support for multicast
Prerequisites
You should have the following knowledge and skills before taking this course:
● Knowledge of Software-Defined Networking (SDN) concepts as applied to large-scale live network
deployments
● Strong understanding of enterprise WAN design
● Strong understanding of routing protocol operation, including both interior and exterior routing protocol
operation
● Familiarity with Transport Layer Security (TLS) and IP Security (IPSec)
These recommended Cisco offerings that may help you meet these prerequisites:
● Implementing and Administering Cisco Solutions (CCNA®)
● Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)
Outline
● Examining the Cisco SD WAN Architecture
● Examining Cisco SD-WAN Deployment Options
● Deploying WAN Edge Devices
● Onboarding WAN Edge Devices with ZTP and PnP
● Using Device Configuration Templates
● Exploring Redundancy, High Availability, and Scalability
● Enabling Service-Side and Transport-Side Routing
● Understanding Cisco SD-WAN Policy Configuration Basics
● Defining Advanced Control Policies
● Defining Advanced Data Policies
● Implementing AAR
● Examining Direct Internet Access and Cloud Deployment Options
● Exploring Cisco SD-WAN Security
● Designing and Migrating to Cisco SD-WAN
● Performing Cisco SD-WAN Network Management and Troubleshooting
● Examining Cisco SD-WAN Multicast Support
Lab Outline
● Deploy Cisco SD-WAN Controllers
● Add a WAN Edge Router Using ZTP
● Deploy Cisco SD-WAN Device Using Configuration Templates
● Configure Cisco SD-WAN Controller Affinity
● Implement Service Side Routing Protocols
● Implement Transport Location (TLOC) Extensions
● Implement Control Policies
● Implement Data Policies
● Implement Application-Aware Routing
● Implement Branch and Regional Internet Breakouts
● Migrate Branch Sites
● Perform Cisco SD-WAN Software Upgrade
Who should enroll
● System installers
● System integrators
● System administrators
● Network administrators
● Solutions designers