Advanced Cisco SD-WAN Design, Troubleshoot, Topology, Configuration & Policy Groups, & Features

Module 0: Introductions

• Introductions
  • Get familiar with the course structure and participants.

Module 1: SD-WAN Overview

• Cisco SD-WAN Overview
  • An overview of SD-WAN architecture and capabilities.
• SD-WAN Platform Discussion
  • Platform selection and deployment strategies.

Module 2: SD-WAN Advanced Settings

• Design Considerations and Scaling
  • Design for large-scale and performance.
• Site Design
  • Developing a reliable site architecture.
• Advanced Settings
  • Tuning and optimization settings.
• Ether Channel Support (20.6)
  • Use of link aggregation in SD-WAN.
• Hot Standby Router Protocol (HSRP)
  • Redundancy through HSRP.
• LTE Design and Deployment
  • Integrate LTE with SD-WAN.

Module 3: SD-WAN High Availability

• Common WAN Topologies Design and Deployment Considerations
  • Designing reliable WAN links.
• Active vManage, Backup Inactive vManage, Clustering vManage
  • vManage HA design.
• SD-WAN Disaster Recovery
  • Strategies for site and controller DR.
• Troubleshooting Cluster Operation
  • Identify and fix cluster issues.

Module 4: SD-WAN Templates

• Template Overview
  • Overview of template-based configurations.
• Using Python to Import / Export Templates
  • Automating with Python APIs.
• Parsing JSON with Python
  • Read/write JSON data structures.
• Create / Delete / Import / Export of Templates
  • Template operations and management.

Module 5: SD-WAN APP-QoE, SD-AVC and QoS Policies

• Application Quality of Experience (APPQoE)
  • Enhancing app experience.
• Custom Application Identification
  • Defining custom apps.
• Bidirectional Forwarding Detection (BFD)
  • Monitor and recover tunnel loss.
• Cloud onRamp for SaaS for Office 365
  • Optimize O365 performance.
• Per Tunnel QOS
  • QoS settings per tunnel.
• Adaptive QOS
  • Dynamic adjustments to QoS.
• SD-WAN 17.6/20.6 - Per VPN QOS
  • VPN-based traffic control.
• TCP Optimization
  • Improve TCP traffic performance.
• Service Nodes for AppQoE
  • Offload services to nodes.
• Forward Error Correction (FEC)
  • Error correction techniques.
• Packet Duplication
  • Resiliency for critical apps.

Module 6: Bridging

• Transparent Bridging
  • Enable Layer 2 bridging in SD-WAN.
• Bridging Template Configuration
  • Set up bridge templates.
• cEdge Bridging Template Configuration
  • Bridge config for IOS-XE.
• vEdge Bridging Template Configuration
  • Bridge config for vEdge.

Module 7: Routing Protocols

• SD-WAN Underlay Routing
  • Dynamic and static underlay routes.
• Static Routes
  • Configure static routing.
• VRRP Enhancements
  • Redundancy enhancements.
• Dynamic Routing Protocols
  • Implement BGP, OSPF, EIGRP.
• Routing Information Protocols
  • Overview of routing exchange.
• SD-WAN On Demand Tunnels
  • Create tunnels dynamically.
• Route Leaking
  • Cross-VPN route redistribution.
• Hierarchical SD-WAN (Regions)
  • Regional segmentation.

Module 8: Multicast

• Complete Multicast Support on Cisco SD-WAN
  • Multicast capability overview.
• vEdge Support
  • Multicast implementation on vEdge.

Module 9: Direct Internet Access (DIA) Overview

• SD-WAN Direct Internet Access (DIA)
  • Enable DIA for branch offices.
• Deploying DIA
  • Implementation strategies.
• Central Data Policy
  • Use central policies with DIA.
• NAT DIA Route
  • Route directly to Internet.

Module 10: SD-WAN Voice Configuration

• Voice Integration in SD-WAN
  • Deploy voice traffic in SD-WAN.
• Voice Card Feature Templates
  • Configure DSP and voice cards.
• Call Routing Feature Templates
  • Handle dial plans.
• Survivable Remote Site Telephony (SRST)
  • Maintain calls during WAN loss.
• Voice Policies
  • Control voice traffic and codecs.
• Create a Voice Port Policy
  • Define physical voice settings.
• Voice Port Translation Profile
  • Number translation rules.
• FXO Supervisory Disconnect
  • Handle analog signaling.
• Cisco Unified Border Element (CUBE)
  • Enable PSTN SIP trunking.

Module 11: SD-WAN Security Policy

• SD-WAN Security
  • General overview of secure SD-WAN.
• SD-WAN Base Security
  • Foundational protections.
• SD-WAN Cloud Security
  • Security for cloud edge.
• Zscaler Integration
  • Partner-based cloud security.
• SD-WAN Cloud Security Features
  • Deep packet inspection and controls.
• SD-WAN Integrated Security
  • NGFW, IDS/IPS built-in.
• 17.6/20.6 – Geo-Fencing
  • Location-based policy control.
• SD-WAN Security Configuration
  • Deploy security templates.

Module 12: SD-WAN Local Policy

• Policy Configuration Overview
  • Basic structure of local policies.
• Local Data Policies
  • Match and forward decisions.

Module 13: SD-WAN Central Policy

• Centralized Control Policies
  • Influence route propagation.
• Centralized Data Policies
  • Control forwarding actions centrally.
• Application Aware Routing
  • Use SLA for path decisions.
• Service Chaining
  • Redirect traffic through devices.
• Traffic Flow Monitoring with Cflowd
  • NetFlow-style data export.
• Policy Construction
  • Steps to build usable policies.
• Platform Support and Scalability
  • Deployment models and limitations.

Module 14: SD-WAN Migration

• SD-WAN Conversation Tool
  • Convert CLI to template-based.
• Cisco Sure Tool
  • Assisted deployment and validation.
• Migration and Deployment Models
  • Migration planning.
• Typical Migrations
  • Branch and DC best practices.
• Data Center / Hub Migration
  • Migrate hubs to SD-WAN.
• Branch / Spoke Site Migration
  • Convert branches to SD-WAN.

LAB OUTLINE

• Lab 0: Lab Access via View Horizon Client
• Lab 1: Controller Verification
• Lab 2: Modify Controller Settings
• Lab 3: NYC-DC1 Device Template
• Lab 4: EMEA-DC2 Configuration Group
• Lab 5: Template Backup and Restore
• Lab 6: Security Policy Lists Configuration
• Lab 7: Security Policy Configuration
• Lab 8: Local Policy List Configuration
• Lab 9: Localized Policy Configuration
• Lab 10: Central Policy List Configuration
• Lab 11: Centralized Policy Configuration