About this course
Course Overview
Learn how to design, deploy, configure and manage your Cisco® Software-Defined WAN (SD-WAN) solution in a large-scale live network, including how to migrate from legacy WAN to SD-WAN. You will learn best practices for configuring routing protocols in the data center and the branch, as well as how to implement advanced control, data, and application-aware policies.
The course also covers SD-WAN deployment and migration options, placement of controllers, how to deploy WAN Edge devices, and how to configure Direct Internet Access (DIA) breakout, and how to deploy a Multi-Region Cisco SD-WAN fabric. You will also learn about the various Application Quality of Experience (AppQoE) traffic optimization capabilities. Finally, the training looks at the different Cisco SD-WAN security options available. The course looks at the different Cisco SD-WAN security options available, such as application-aware enterprise firewall, Intrusion Prevention System (IPS), URL filtering, Cisco Advanced Malware Protection (AMP), Secure Sockets Layer/Transport Layer Security (SSL/TLS) proxy, and Cisco Umbrella® Secure Internet Gateway (SIG) and Cisco TrustSec in Cisco SD-WAN.This course is worth 32 Continuing Education (CE) credits towards recertification.
Target Audience
Engineers involved in the design, planning, deployment, maintenance and troubleshooting of a Cisco SD-WAN solution.
Course Objectives
After completing this course you should be able to:
- Describe the Cisco SD-WAN solution and how modes of operation differ in traditional WAN versus SD-WAN.
- Describe options for Cisco SD-WAN cloud and on-premises deployment.
- Explain how to deploy WAN Edge devices.
- Compare the Zero-Touch Provisioning (ZTP) and traditional Plug-n-Play processes and examine technical specifics for on-premises deployment.
- Describe configuration groups and feature profiles for configuration management.
- Describe device and feature configuration templates.
- Describe options for providing scalability, high availability, and redundancy.
- Explain how dynamic routing protocols are deployed in an SD-WAN environment, on the service side and transport side.
- Describe Cisco SD-WAN policy concepts, which includes how policies are defined, attached, distributed, and applied.
- Define and implement advanced control policies, such as policies for custom topologies and service insertion.
- Describe the Multi-Region SD-WAN fabric feature.
- Define and implement advanced data policies, such as policies for traffic engineering and QoS.
- Describe the Application Quality of Experience (AppQoE) capabilities available in Cisco SD-WAN.
- Define and implement an Application-Aware Routing (AAR) policy.
- Implement Direct Internet Access (DIA) and Cisco SD-WAN Cloud OnRamp options.
- Describe Cisco SD-WAN security components and integration.
- Describe how to design pure and hybrid Cisco SD-WAN solutions, as well as how to perform a migration to Cisco SD-WAN.
- Describe the different tools and options available for managing a Cisco SD-WAN fabric.
- Describe the different tools and options available for monitoring the Cisco SD-WAN fabric.
- Describe Cisco SD-WAN support for multicast.
Course Content
Examine the Cisco SD WAN Architecture
- Software-Defined Networking for the WAN
- SD-WAN Components and Functions
- Underlay and Overlay Network
- SD-WAN Terminology
- Secure Control Plane
- Secure Data Plane
- SD-WAN Platforms
- IOS XE and IOS XE SD-WAN Software
Examine Cisco SD-WAN Deployment Options
- Flexible Controller Deployment Options
- SD-WAN Cloud Deployment
- SD-WAN Managed Service Provider Deployment
- SD-WAN On-Premises Deployment
- Using an Enterprise CA
- Controller Placement and Challenges
Deploying WAN Edge Devices
- Onboard WAN Edge Devices
- Deploy Cisco Catalyst 8000v IOS XE Devices
- ZTP Process Overview - Pure Play Viptela operating system
- Cisco Plug-and-Play Process Overview
- Working with NAT
Manage Device Configuration
- Configuration Groups Overview
- Configuraion Group Feature Profile Overview
- Device Configuration Template Overview
- Device Configuration Template Features
Explore Redundancy, High Availability, and Scalability
- Horizontal Solution Scale
- Cisco vManage, vSmart and vBond Redundancy
- Routed and Bridged Site Design
Enabling Service-Side and Transport-Side Routing
- Implement OSPF
- Implement BGP
- Impement EIGRP
- Implement TLOC Extensions
- Loop Prevention Mechanism
Explore SD-WAN Policy Configuration Basics
- Policy Configuraton Overview
- Policy Attachment, Distribution and Operation
Define Advanced Control Policies
- Control Policy Overview
- Control Policy Application
- Using Arbitrary VPN Topology
- Using Hierarchical Topology
- VPN Membership Policies
- Multi-Region Fabric
- Implementing Traffic Engineering
- Implementing Service Insertion and Chaining
- Implementing Shared Services
- Dynamic On-Demand Tunnels
Define Advanced Data Policies
- Data Policy Overview
- Implementing Traffic Engineering
- Data Forwarding and Qos
- Implementing Qos in Cisco SD-WAN
Implement Application Quality of Experience
- Application Quality of Experience Overview
- TCP Optimization
- Data Redundancy Elimination
- Packet Duplication
- Forward Error Correction
- AppNav-XE
Implement Application-Aware Routing
- AAR Overview
- Implement AAR Policy
Examine Direct Internet Access and Cloud Deployment Options
- Implement Direct Internet Access
- Cisco SD-WAN Cloud OnRamp for SaaS
- Cisco SD-WAN Cloud onRamp for IaaS
- Cisco SD-WAN Cloud onRamp for Multicloud
- Cisco SD-WAN Cloud OnRamp for Colocation
- Cisco Enterprise NFV Infrastructure Software (NFVIS) SD-Branch
Explore Cisco SD-WAN Security
- Cisco SD-WAN Intent Based Security Use Cases
- Cisco SD-WAN Security Components
- Cisco Umbrella DNS Security and SIG Integration
- Cisco Legacy and Unified Policy
- Describe Cisco SD-WAN TrustSec
Design and Migrate to Cisco SD-WAN
- Design Considerations for Hybrid Scenarios
- Enabling Cisco SD-WAN in the Data Center
- Migrating the Branch to Pure SD-WAN
- Migrating a Branch to a Hybrid Model
Perform Cisco SD-WAN Network Management and Troubleshooting
- Managing Cisco SD-WAN
- Monitoring Cisco SD-WAN
- Troubleshooting Cisco SD-WAN
- Upgrading Cisco SD-WAN Components
Examine Cisco SD-WAN Multicast Support
- Multicast Overlay Routing
- Multicast Protocol Support
- Traffic Flow in Multicast Overlay Routing
Lab outline
- Lab 1: Deploy Cisco SD-WAN Controllers
- Lab 2: Manage Cisco SD-WAN Device Configuration
- Lab 3: Configure Cisco SD-WAN Controller Affinity
- Lab 4: Implement Service Side Routing Protocols
- Lab 5: Implement Transport Location (TLOC) Extensions
- Lab 6: Implement Control Policies
- Lab 7: Implement Data Policies
- Lab 8: Implement Application-Aware Routing
- Lab 9: Implement Branch and Regional Internet Breakouts
- Lab 10: Configure Application Firewall
- Lab 11: Migrate Branch Sites
- Lab 12: Perform Cisco SD-WAN Software Upgrade
Course Prerequisites
Attendees should meet the following prerequisites:
- Knowledge of Software-Defined Networking (SDN) concepts as applied to large-scale live network deployments
- Strong understanding of enterprise WAN design
- Strong understanding of routing protocol operation, including both interior and exterior routing protocol operation
- Familiarity with Transport Layer Security (TLS) and IP Security (IPSec)
Recommended prerequisites:
- CCNA - Implementing and Administering Cisco Solutions
- ENCOR - Implementing and Operating Cisco Enterprise Network Core Technologies
Test Certification
Recommended as preparation for the following exams:
- 300-415 - ENSDWI - Implementing Cisco SD-WAN Solutions