Implementing Cisco SD-WAN Solutions

Implementing Cisco SD-WAN Solutions Course Overview

Learn how to design, deploy, configure and manage your Cisco® Software-Defined WAN (SD-WAN) solution in a large-scale live network, including how to migrate from legacy WAN to SD-WAN. You will learn best practices for configuring routing protocols in the data center and the branch, as well as how to implement advanced control, data, and application-aware policies.

• The course also covers SD-WAN deployment and migration options, placement of controllers, how to deploy WAN Edge devices, and how to configure Direct Internet Access (DIA) breakout, and how to deploy a Multi-Region Cisco SD-WAN fabric. You will also learn about the various Application Quality of Experience (AppQoE) traffic optimization capabilities. Finally, the training looks at the different Cisco SD-WAN security options available. The course looks at the different Cisco SD-WAN security options available, such as application-aware enterprise firewall, Intrusion Prevention System (IPS), URL filtering, Cisco Advanced Malware Protection (AMP), Secure Sockets Layer/Transport Layer Security (SSL/TLS) proxy, and Cisco Umbrella® Secure Internet Gateway (SIG) and Cisco TrustSec in Cisco SD-WAN.

• This course is worth 32 Continuing Education (CE) credits towards recertification.

Skills Gained

After completing this course you should be able to:

• • Describe the Cisco SD-WAN solution and how modes of operation differ in traditional WAN versus SD-WAN.

• • Describe options for Cisco SD-WAN cloud and on-premises deployment.

• • Explain how to deploy WAN Edge devices.

• • Compare the Zero-Touch Provisioning (ZTP) and traditional Plug-n-Play processes and examine technical specifics for on-premises deployment.

• • Describe configuration groups and feature profiles for configuration management.

• • Describe device and feature configuration templates.

• • Describe options for providing scalability, high availability, and redundancy.

• • Explain how dynamic routing protocols are deployed in an SD-WAN environment, on the service side and transport side.

• • Describe Cisco SD-WAN policy concepts, which includes how policies are defined, attached, distributed, and applied.

• • Define and implement advanced control policies, such as policies for custom topologies and service insertion.

• • Describe the Multi-Region SD-WAN fabric feature.

• • Define and implement advanced data policies, such as policies for traffic engineering and QoS.

• • Describe the Application Quality of Experience (AppQoE) capabilities available in Cisco SD-WAN.

• • Define and implement an Application-Aware Routing (AAR) policy.

• • Implement Direct Internet Access (DIA) and Cisco SD-WAN Cloud OnRamp options.

• • Describe Cisco SD-WAN security components and integration.

• • Describe how to design pure and hybrid Cisco SD-WAN solutions, as well as how to perform a migration to Cisco SD-WAN.

• • Describe the different tools and options available for managing a Cisco SD-WAN fabric.

• • Describe the different tools and options available for monitoring the Cisco SD-WAN fabric.

• • Describe Cisco SD-WAN support for multicast.

•

Who will the Course Benefit?

Engineers involved in the design, planning, deployment, maintenance and troubleshooting of a Cisco SD-WAN solution.

Requirements

Attendees should meet the following prerequisites:

• • Knowledge of Software-Defined Networking (SDN) concepts as applied to large-scale live network deployments

• • Strong understanding of enterprise WAN design

• • Strong understanding of routing protocol operation, including both interior and exterior routing protocol operation

• • Familiarity with Transport Layer Security (TLS) and IP Security (IPSec)

•

NOTE: Course technical content is subject to change without notice.

---

Course Contents

Examine the Cisco SD WAN Architecture



• Software-Defined Networking for the WAN

• SD-WAN Components and Functions

• Underlay and Overlay Network

• SD-WAN Terminology

• Secure Control Plane

• Secure Data Plane

• SD-WAN Platforms

• IOS XE and IOS XE SD-WAN Software

Examine Cisco SD-WAN Deployment Options



• Flexible Controller Deployment Options

• SD-WAN Cloud Deployment

• SD-WAN Managed Service Provider Deployment

• SD-WAN On-Premises Deployment

• Using an Enterprise CA

• Controller Placement and Challenges

Deploying WAN Edge Devices



• Onboard WAN Edge Devices

• Deploy Cisco Catalyst 8000v IOS XE Devices

• ZTP Process Overview - Pure Play Viptela operating system

• Cisco Plug-and-Play Process Overview

• Working with NAT

Manage Device Configuration



• Configuration Groups Overview

• Configuraion Group Feature Profile Overview

• Device Configuration Template Overview

• Device Configuration Template Features

Explore Redundancy, High Availability, and Scalability



• Horizontal Solution Scale

• Cisco vManage, vSmart and vBond Redundancy

• Routed and Bridged Site Design

Enabling Service-Side and Transport-Side Routing



• Implement OSPF

• Implement BGP

• Impement EIGRP

• Implement TLOC Extensions

• Loop Prevention Mechanism

Explore SD-WAN Policy Configuration Basics



• Policy Configuraton Overview

• Policy Attachment, Distribution and Operation

Define Advanced Control Policies



• Control Policy Overview

• Control Policy Application

• Using Arbitrary VPN Topology

• Using Hierarchical Topology

• VPN Membership Policies

• Multi-Region Fabric

• Implementing Traffic Engineering

• Implementing Service Insertion and Chaining

• Implementing Shared Services

• Dynamic On-Demand Tunnels

Define Advanced Data Policies



• Data Policy Overview

• Implementing Traffic Engineering

• Data Forwarding and Qos

• Implementing Qos in Cisco SD-WAN

Implement Application Quality of Experience



• Application Quality of Experience Overview

• TCP Optimization

• Data Redundancy Elimination

• Packet Duplication

• Forward Error Correction

• AppNav-XE

Implement Application-Aware Routing



• AAR Overview

• Implement AAR Policy

Examine Direct Internet Access and Cloud Deployment Options



• Implement Direct Internet Access

• Cisco SD-WAN Cloud OnRamp for SaaS

• Cisco SD-WAN Cloud onRamp for IaaS

• Cisco SD-WAN Cloud onRamp for Multicloud

• Cisco SD-WAN Cloud OnRamp for Colocation

• Cisco Enterprise NFV Infrastructure Software (NFVIS) SD-Branch

Explore Cisco SD-WAN Security



• Cisco SD-WAN Intent Based Security Use Cases

• Cisco SD-WAN Security Components

• Cisco Umbrella DNS Security and SIG Integration

• Cisco Legacy and Unified Policy

• Describe Cisco SD-WAN TrustSec

Design and Migrate to Cisco SD-WAN



• Design Considerations for Hybrid Scenarios

• Enabling Cisco SD-WAN in the Data Center

• Migrating the Branch to Pure SD-WAN

• Migrating a Branch to a Hybrid Model

Perform Cisco SD-WAN Network Management and Troubleshooting



• Managing Cisco SD-WAN

• Monitoring Cisco SD-WAN

• Troubleshooting Cisco SD-WAN

• Upgrading Cisco SD-WAN Components

Examine Cisco SD-WAN Multicast Support



• Multicast Overlay Routing

• Multicast Protocol Support

• Traffic Flow in Multicast Overlay Routing

Lab outline



• Lab 1: Deploy Cisco SD-WAN Controllers

• Lab 2: Manage Cisco SD-WAN Device Configuration

• Lab 3: Configure Cisco SD-WAN Controller Affinity

• Lab 4: Implement Service Side Routing Protocols

• Lab 5: Implement Transport Location (TLOC) Extensions

• Lab 6: Implement Control Policies

• Lab 7: Implement Data Policies

• Lab 8: Implement Application-Aware Routing

• Lab 9: Implement Branch and Regional Internet Breakouts

• Lab 10: Configure Application Firewall

• Lab 11: Migrate Branch Sites

• Lab 12: Perform Cisco SD-WAN Software Upgrade