Advanced Cisco SD-WAN Design, Troubleshoot, Topology, Configuration & Policy Groups, & Features

In this ADV Cisco SD-WAN Design, Troubleshoot, Topology, Configuration & Policy Groups, & Features 5-day immersive, hands-on course covering Cisco Catalyst (Viptela) SD-WAN version 20.18 / IOS-XE 17.18, students will gain in-depth knowledge and practical skills to deploy, configure, manage, and troubleshoot Cisco SD-WAN environments. The course explores controller and edge device deployment, Zero Touch Provisioning (ZTP), device and feature template creation, and SD-WAN Manager interface operations. Students will work with advanced features including OMP, BFD, QoS, DRE, security integration (SASE, Umbrella, FW, IPS), and local and centralized policy design. Labs include deploying controllers, onboarding routers (vEdge, ISR, C8000V), upgrading environments, configuring policies, enabling Cloud On-Ramp for SaaS applications like O365 and Webex, and leveraging analytics and troubleshooting tools like ThousandEyes and vManage. By course end, students will be proficient in building robust, secure, and optimized enterprise SD-WAN solutions across cloud and hybrid infrastructures. This release begins the Journey of streamlining Configuration Groups and Policy Groups, empowering network administrators with greater control and efficiency. This release is pretty close to feature complete, and the first release that I would tell customers that it is time to look to convert Configuration Templates to Configuration Groups

Retail Price: $4,295.00

Next Date: 05/04/2026

Course Days: 5

Enroll in Next Date

Request Custom Course

This class will help you:

Builds on the SDWAN class. Focuses on Advanced Features (Routing, Templates, Configuration Groups, Policies, SASE Security, Thousand Eyes Integration, Advanced QoS)
Enhance voice integration and configuration expertise
Will help prepare for the 300-415 ENSDWI Certification Between SDWAN and ADVANCED SDWAN

Objective

SD-WAN Review
SD-WAN Advanced Settings
SD-WAN High Availability
SD-WAN APP-QoE, SD-AVC and QoS Policies
Bridging
Routing Protcols
Multicast
Direct Internet Access (DIA)
SD-WAN Voice Configuration
SD-WAN Migration
Advanced Template Design and Troubleshooting
Advanced Local & Central Policies on vEdge and IOS-XE Platforms
Advanced Security Policies on vEdge and IOS-XE Platforms
Advanced Troubleshooting of Policies on vEdge and IOS-XE Platforms

Who should take this course?

This course is suitable for Network Engineers, System Administrators, IT Professionals, Technical Support Staff, and Cisco-Certified Professionals looking to enhance their skills and proficiency with Cisco Catalyst SD-WAN network management tailored for networks.

The course is highly recommended for:

Network Engineers: Professionals tasked with the design, implementation, and maintenance of the network infrastructure. This includes managing both Catalyst SD-WAN and data communication systems, ensuring they meet the high standards required for government operations.
System Administrators: Individuals responsible for the daily management and configuration of the network systems. Their role is crucial in ensuring the reliable operation of Catalyst SD-WAN and WAN services across various departments.
IT Professionals: This group includes a wide range of IT personnel working who require a robust understanding of secure and reliable Catalyst SD-WAN network systems. Their work is critical in ensuring that these networks comply with stringent standards and regulations.
Technical Support Staff: These are the frontline personnel who provide essential technical support for Catalyst SD-WAN network systems within the environments. Their expertise ensures that any issues are promptly resolved to maintain network integrity and security.
Cisco Certified Professionals: Individuals who have already achieved Cisco certifications and are looking to further their knowledge and expertise specifically in Catalyst SD-WAN Networks and Technologies. This course offers them an opportunity to specialize in Catalyst SD-WAN solutions, enhancing their skill set in the context of the network requirements

Prerequisites

Installing, Configuring, Monitoring and Troubleshooting Cisco Catalyst (SDWAN) v20.15

Module 0: Introductions

Introductions
- Get familiar with the course structure and participants.

Module 1: SD-WAN Overview

Cisco SD-WAN Overview
- An overview of SD-WAN architecture and capabilities.
SD-WAN Platform Discussion
- Platform selection and deployment strategies.

Module 2: SD-WAN Advanced Settings

Design Considerations and Scaling
- Design for large-scale and performance.
Site Design
- Developing a reliable site architecture.
Advanced Settings
- Tuning and optimization settings.
Ether Channel Support (20.6)
- Use of link aggregation in SD-WAN.
Hot Standby Router Protocol (HSRP)
- Redundancy through HSRP.
LTE Design and Deployment
- Integrate LTE with SD-WAN.

Module 3: SD-WAN High Availability

Common WAN Topologies Design and Deployment Considerations
- Designing reliable WAN links.
Active vManage, Backup Inactive vManage, Clustering vManage
- vManage HA design.
SD-WAN Disaster Recovery
- Strategies for site and controller DR.
Troubleshooting Cluster Operation
- Identify and fix cluster issues.

Module 4: SD-WAN Templates

Template Overview
- Overview of template-based configurations.
Using Python to Import / Export Templates
- Automating with Python APIs.
Parsing JSON with Python
- Read/write JSON data structures.
Create / Delete / Import / Export of Templates
- Template operations and management.

Module 5: SD-WAN APP-QoE, SD-AVC and QoS Policies

Application Quality of Experience (APPQoE)
- Enhancing app experience.
Custom Application Identification
- Defining custom apps.
Bidirectional Forwarding Detection (BFD)
- Monitor and recover tunnel loss.
Cloud onRamp for SaaS for Office 365
- Optimize O365 performance.
Per Tunnel QOS
- QoS settings per tunnel.
Adaptive QOS
- Dynamic adjustments to QoS.
SD-WAN 17.6/20.6 - Per VPN QOS
- VPN-based traffic control.
TCP Optimization
- Improve TCP traffic performance.
Service Nodes for AppQoE
- Offload services to nodes.
Forward Error Correction (FEC)
- Error correction techniques.
Packet Duplication
- Resiliency for critical apps.

Module 6: Bridging

Transparent Bridging
- Enable Layer 2 bridging in SD-WAN.
Bridging Template Configuration
- Set up bridge templates.
cEdge Bridging Template Configuration
- Bridge config for IOS-XE.
vEdge Bridging Template Configuration
- Bridge config for vEdge.

Module 7: Routing Protocols

SD-WAN Underlay Routing
- Dynamic and static underlay routes.
Static Routes
- Configure static routing.
VRRP Enhancements
- Redundancy enhancements.
Dynamic Routing Protocols
- Implement BGP, OSPF, EIGRP.
Routing Information Protocols
- Overview of routing exchange.
SD-WAN On Demand Tunnels
- Create tunnels dynamically.
Route Leaking
- Cross-VPN route redistribution.
Hierarchical SD-WAN (Regions)
- Regional segmentation.

Module 8: Multicast

Complete Multicast Support on Cisco SD-WAN
- Multicast capability overview.
vEdge Support
- Multicast implementation on vEdge.

Module 9: Direct Internet Access (DIA) Overview

SD-WAN Direct Internet Access (DIA)
- Enable DIA for branch offices.
Deploying DIA
- Implementation strategies.
Central Data Policy
- Use central policies with DIA.
NAT DIA Route
- Route directly to Internet.

Module 10: SD-WAN Voice Configuration

Voice Integration in SD-WAN
- Deploy voice traffic in SD-WAN.
Voice Card Feature Templates
- Configure DSP and voice cards.
Call Routing Feature Templates
- Handle dial plans.
Survivable Remote Site Telephony (SRST)
- Maintain calls during WAN loss.
Voice Policies
- Control voice traffic and codecs.
Create a Voice Port Policy
- Define physical voice settings.
Voice Port Translation Profile
- Number translation rules.
FXO Supervisory Disconnect
- Handle analog signaling.
Cisco Unified Border Element (CUBE)
- Enable PSTN SIP trunking.

Module 11: SD-WAN Security Policy

SD-WAN Security
- General overview of secure SD-WAN.
SD-WAN Base Security
- Foundational protections.
SD-WAN Cloud Security
- Security for cloud edge.
Zscaler Integration
- Partner-based cloud security.
SD-WAN Cloud Security Features
- Deep packet inspection and controls.
SD-WAN Integrated Security
- NGFW, IDS/IPS built-in.
17.6/20.6 – Geo-Fencing
- Location-based policy control.
SD-WAN Security Configuration
- Deploy security templates.

Module 12: SD-WAN Local Policy

Policy Configuration Overview
- Basic structure of local policies.
Local Data Policies
- Match and forward decisions.

Module 13: SD-WAN Central Policy

Centralized Control Policies
- Influence route propagation.
Centralized Data Policies
- Control forwarding actions centrally.
Application Aware Routing
- Use SLA for path decisions.
Service Chaining
- Redirect traffic through devices.
Traffic Flow Monitoring with Cflowd
- NetFlow-style data export.
Policy Construction
- Steps to build usable policies.
Platform Support and Scalability
- Deployment models and limitations.

Module 14: SD-WAN Migration

SD-WAN Conversation Tool
- Convert CLI to template-based.
Cisco Sure Tool
- Assisted deployment and validation.
Migration and Deployment Models
- Migration planning.
Typical Migrations
- Branch and DC best practices.
Data Center / Hub Migration
- Migrate hubs to SD-WAN.
Branch / Spoke Site Migration
- Convert branches to SD-WAN.

LAB OUTLINE

Lab 0: Lab Access via View Horizon Client
Lab 1: Controller Verification
Lab 2: Modify Controller Settings
Lab 3: NYC-DC1 Device Template
Lab 4: EMEA-DC2 Configuration Group
Lab 5: Template Backup and Restore
Lab 6: Security Policy Lists Configuration
Lab 7: Security Policy Configuration
Lab 8: Local Policy List Configuration
Lab 9: Localized Policy Configuration
Lab 10: Central Policy List Configuration
Lab 11: Centralized Policy Configuration

Course Dates	Course Times (EST)	Delivery Mode
5/4/2026 - 5/8/2026	9:00 AM - 5:00 PM	Virtual	Enroll
8/3/2026 - 8/7/2026	9:00 AM - 5:00 PM	Virtual	Enroll
11/2/2026 - 11/6/2026	9:00 AM - 5:00 PM	Virtual	Enroll