Installing, Configuring, Monitoring and Troubleshooting Cisco Catalyst SD-WAN v20.15.2/17.15.2

In this 5-day immersive, hands-on course covering Cisco Catalyst (Viptela) SD-WAN version 20.15.2 / IOS-XE 17.15.2, students will gain in-depth knowledge and practical skills to deploy, configure, manage, and troubleshoot Cisco SD-WAN environments. The course explores controller and edge device deployment, Zero Touch Provisioning (ZTP), device and feature template creation, and SD-WAN Manager interface operations. Students will work with advanced features including OMP, BFD, QoS, DRE, security integration (SASE, Umbrella, FW, IPS), and local and centralized policy design. Labs include deploying controllers, onboarding routers (vEdge, ISR, C8000V), upgrading environments, configuring policies, enabling Cloud On-Ramp for SaaS applications like O365 and Webex, and leveraging analytics and troubleshooting tools like ThousandEyes and vManage. By course end, students will be proficient in building robust, secure, and optimized enterprise SD-WAN solutions across cloud and hybrid infrastructures.

Retail Price: $4,395.00

Next Date: 06/23/2025

Course Days: 5

Enroll in Next Date

Request Custom Course

Objective
- SD-WAN Overview
- SD-WAN Controllers (vSmart)
- Allow Lists and Certificates
- Platforms
- Router Deployment
- Configure SD-WAN Manager (vManager)
- SD-WAN Software Updates
- OMP / Fabric
- QoS / QoE
- Security / SASE
- Creating and Applying SD-WAN Templates
- Local and Central Policy
- Deploying using Templates
- ThousandEyes Integration
- Cloud Onramp for SaaS
- Analytics
- Monitoring & Troubleshooting the SD-WAN Solution their skill set in the context of the network requirements.
Who should sit this course?

This course is suitable for Network Engineers, System Administrators, IT Professionals, Technical Support Staff, and Cisco-Certified Professionals looking to enhance their skills and proficiency with Cisco Catalyst SD-WAN network management tailored for networks.

The course is highly recommended for:
- Network Engineers: Professionals tasked with the design, implementation, and maintenance of the network infrastructure. This includes managing both Catalyst SD-WAN and data communication systems, ensuring they meet the high standards required for government operations.
- System Administrators: Individuals responsible for the daily management and configuration of the network systems. Their role is crucial in ensuring the reliable operation of Catalyst SD-WAN and WAN services across various departments.
- IT Professionals: This group includes a wide range of IT personnel working who require a robust understanding of secure and reliable Catalyst SD-WAN network systems. Their work is critical in ensuring that these networks comply with stringent standards and regulations.
- Technical Support Staff: These are the frontline personnel who provide essential technical support for Catalyst SD-WAN network systems within the environments. Their expertise ensures that any issues are promptly resolved to maintain network integrity and security.
- Cisco Certified Professionals: Individuals who have already achieved Cisco certifications and are looking to further their knowledge and expertise specifically in Catalyst SD-WAN Networks and Technologies. This course offers them an opportunity to specialize in Catalyst SD-WAN solutions, enhancing their skill set in the context of the network requirements.

Outline

Module 0: Introductions

Module 1: Catalyst SD-WAN (Viptela) Platform Overview

SD-WAN WAN Architecture Overview
- Review SD-WAN architecture fundamentals.
Cisco SD-WAN Solution Overview
- Overview of Cisco SD-WAN platform.
New Features by Version
- Explore features introduced in new versions.
Licensing for Cisco SD-WAN
- Understand licensing models and options.
SD Routing Overview (20.15)
- Routing features available in version 20.15.

Module 2: Cisco SD-WAN Controllers

Cisco SD-WAN Controller Architecture
- Architecture for control plane components.
Cisco Catalyst SD-WAN Portal
- Portal-based access and management.
Multitenant Tenancy
- Controller tenancy model.
Controller High Availability
- Controller redundancy and failover.
Verify Control Plane
- Confirm control connectivity and functions.

Module 3: Catalyst SD-WAN Platforms

SD-WAN Platform Overview
- Overview of SD-WAN compatible platforms.
SD-WAN vEdge Platforms
- Capabilities of vEdge hardware.
Cisco ISR 4000 Series Routers
- Deployment using ISR 4000 routers.
Cisco ASR 1000 Routing Portfolio
- Use of ASR routers in SD-WAN.
Catalyst 8000 Series Router Overviews
- Main platform for SD-WAN routers.
Catalyst 8500 Series Routers
- High-performance edge routers.
Catalyst 8300 Series Routers
- Branch and small office routers.
Catalyst 8200 Series Routers
- Compact branch routers.
Catalyst 8000v Series Virtual Router
- Cloud-deployed router instance.
Catalyst 8000 SD-WAN Supported Modules
- Module compatibility and support.
Cellular Gateways for SDWAN
- Support for cellular transport options.
SD-WAN WAN Edge High Availability
- Redundancy options for WAN edge.

Module 4: Cisco SD-WAN WAN Edge Deployments

Adding Device to the PNP Portal
- Onboarding devices to SD-WAN.
Device Initial Bootup and Image Selection
- Initial software provisioning.
SD-WAN Zero Touch Provisioning
- Auto-provisioning with ZTP.
SD-WAN Quick Connect
- Rapid manual setup.
Manually Provision SD-WAN IOS-XE
- CLI-based setup of edge devices.
Verifying SD-WAN WAN Edge Configuration
- Confirming WAN edge deployment.

Module 5: Catalyst SD-WAN SD Routing

SD Routing Overview
- Routing technologies supported in SD-WAN.
SD Routing Onboarding
- Enable SD routing in the platform.
SD Routing Configuration
- Configure routing protocols and policies.
SD Routing Management
- Monitoring and verification.

Module 6: Configuring SD-WAN Manager

Dashboard Overview and Changes
- Updates in new SD-WAN manager UI.
SD-Wan Manager Monitoring Dashboard
- Monitor devices and events.
SD-WAN Manager Configuration
- Create and edit configurations.
SD-WN Manager Tools
- Available tools for operations.
SD-WAN Manager Maintenance
- Maintenance workflows.
Administrative Settings
- System-wide settings.
Resource Groups
- Segment access and resources.
Users and Groups
- Identity and access management.
RADIUS and TACACS
- Authentication integrations.
Single Sign-On / IDP Management
- Integrate identity platforms.
License Management
- Track and assign licenses.
Network Wide Path Insight
- Path analysis and visibility.

Module 7: SD-WAN Software Upgrades

Upgrading the SD-WAN Environment
- Upgrade best practices.
Upgrade SD-WAN Controllers
- Update controller software.
Software Upgrade Workflow Version 20.10 / 17.10
- Step-by-step process.
Upgrading Devices via CLI
- Command-line driven upgrade.

Module 8: SD-WAN OMP/Fabric

SD-WAN Fabric Overview and Terminology
- Control, data, and management planes.
SD-WAN Segmentation
- Isolating traffic across the fabric.
OMP / TLOCs / Routes
- OMP route propagation.
SD-WAN BFD
- Reliable transport detection.
On-Demand Tunnels
- Build tunnels only as needed.
SD-WAN Fabric Verification
- Test and validate fabric operation.

Module 9: SD-WAN QoS / QoE

QoE / QoS Challenges
- Common performance problems.
Quality of Experience (QoE) / Quality of Service (QoS)
- Understanding SD-WAN's approach.
Per-Tunnel QoS
- Traffic shaping per tunnel.
Adaptive QoS
- Dynamic quality adjustment.
Per VPN QoS
- Traffic management by VPN.
Application Quality of Experience (AppQoE)
- App-based optimization.
Forward Error Correction (FEC) / Packet Duplication
- Mitigation for lossy networks.
TCP Optimization
- Improve TCP performance.
Data Redundancy Elimination (DRE) / Lempel-Ziv Compression (LZ)
- Compression options.
SD-AVC / Microsoft O365 Telemetry
- Deep app-level analytics.

Module 10: SD-WAN Security

Security Overview
- Security in SD-WAN.
Secure Analytics (StealthWatch) Integration
- Integration with telemetry tools.
Locking Down Edge Access
- Best practices for access control.
SD-WAN Fabric Security
- Secure data and control planes.
IPSec Key Exchange in SD-WAN Fabric
- Encryption and key exchange.
SD-WAN Security Options
- Firewall, IPS, URL filtering.
SD-WAN Integrated Security
- Built-in advanced security.
SD-WAN Enterprise Firewall
- Layer 7 NGFW protection.
SD-WAN Identity Firewall
- User-identity-based policies.
SD-WAN Intrusion Prevention System
- Detect and stop intrusions.
URL Filtering
- Web access control.
Anti-Malware Protection / Threatgrid
- Integrated malware detection.
DNS Security
- Secure DNS lookups.

Module 11: SD-WAN Templates and Configuration Groups

Template Overview
- Use of templates to simplify management.
Feature Templates
- Configure per-feature settings.
Device Templates
- Apply complete configurations.
CLI Templates
- Freeform CLI input.
Create Device Templates using Feature Templates
- Combine templates for reuse.
Attaching Devices to Template
- Apply settings to devices.
Configuration Groups Overview
- Reusable config bundles.
Creating Configuration Groups
- How to define groups.
Deploy Configuration Group Workflow
- Deploy changes with review.
View/Edit Configuration Groups
- Manage groups over time.
Configuration Catalog
- Manage and browse configuration items.

Module 12: SD-WAN Local Policy

Local Policy Overview
- Device-specific policy application.
Local Policy Lists
- Match conditions for local policy.
Local Data Policies
- Routing or forwarding logic.
Local Policy QoS Configuration
- Bandwidth controls at device level.
Access Control Lists
- Permit or deny flows.
Localized Control Policy
- Control-plane route influence.
Save and Apply Local Policy
- Policy enforcement process.

Module 13: SD-WAN Central Policies

Central Policy Overview
- Controller-wide policy model.
Policy Construction
- How to build a policy.
Central Control Policy
- Route influence using OMP.
Control Policy - Dis-contiguous Data Planes
- Cross-VPN path control.
Control Policy - Data Center Priority
- Traffic prioritization policies.
Control Policy - VPN Topologies
- Star and full-mesh configurations.
Control Policy - VPN Membership Policy
- Which VPNs access what.
Control Policy - Application-Aware Routing
- Path selection by application.
Control Policy - Service Chaining
- Traffic redirection via middlebox.
Central Data Policies
- Forwarding decisions centrally enforced.
Central Data Policies - Use Cases
- Practical implementations.
Central Data Policies - Cflowd
- Traffic visibility.
Creating Centralized Policies
- Putting the concepts into action.

Module 14: SD-WAN Policy Groups

What are Policy Groups?
- Logical grouping of policies.
Groups of Interest (Policy Objects)
- Reuse building blocks.
Application Priority and SLA
- Define app expectations.
NGFW
- Next-generation firewall control.
SIG/SSE and DNS Security
- Secure Internet Gateway integration.
Policy Group Creation
- Build new policy groups.
Associate and Deploy Policy Groups
- Activate across the network.
UX 2.0 Topology
- Improved interface for topology mapping.

Module 15: Cisco SD-WAN with ThousandEyes Integration

ThousandEyes Introduction
- Digital experience monitoring.
Architecture and SD-WAN Deployment
- Deploying with SD-WAN.

Module 16: Cloud On Ramp for SaaS

Cloud OnRamp - Overview
- What OnRamp enables.
Cloud OnRamp for SaaS Overview
- End-to-end SaaS optimization.
Cloud OnRamp for M365
- Microsoft apps acceleration.
Cloud OnRamp for Webex
- Better experience for Webex.
Cloud OnRamp for Enterprise & Custom Apps
- Non-standard SaaS apps.
Cloud OnRamp for SaaS – Security
- Securing SaaS access.
Deployment Use cases
- Example architectures.
Cloud OnRamp for SaaS Configuration
- Initial deployment.
Cloud OnRamp for SaaS Monitoring
- Health visibility.

Module 17: Analytics 3.0

SD-WAN Analytics Overview
- Data collection and use cases.
SD-WAN Analytics Dashboards
- Visual insights for metrics.
SD-WAN Analytics KPIs and Scores
- Performance indicators.
SD-WAN Analytics Bandwidth Forecasting
- Predict future bandwidth needs.
SD-WAN Analytics Troubleshooting
- Identify root causes.
SD-WAN Analytics IDP Onboarding
- IDP integration with analytics.
SD-WAN Analytics Onboarding & Access Workflow
- Enable analytics for sites.

Module 18: Monitoring & Troubleshooting the SD-WAN Solution

SD-WAN Troubleshooting Overview
- Approach to resolving issues.
SD-WAN Technical Support Access
- TAC support options.
Controller Failure Scenarios
- Recovering from controller issues.
Troubleshooting Controllers
- Isolate and fix controller faults.
Troubleshooting Control Connections
- Fix routing and tunnel issues.
Typical Control Connection Issues
- Common misconfigurations.
Troubleshooting Data Plane
- Check traffic flow issues.
Troubleshooting Routing
- Check route leaks or flaps.
Centralized Policies Troubleshooting
- Misapplied or misconfigured policies.
Packet Forwarding Troubleshooting
- Verify path decisions.
Device Configuration and Upgrades Failure
- Upgrade failure recovery.
vDiagnose - Diagnostic Tool for SD-WAN
- In-depth diagnostics.
Troubleshooting cEdge
- Troubleshoot IOS XE edges.
Troubleshooting using SD-WAN Manager
- GUI-based diagnosis.
Device Troubleshooting
- Command-based troubleshooting.
Using the GUI for cli show command under Troubleshooting > Real-time
- Real-time visibility.
CLI Troubleshooting
- Command line issue resolution.
Network-Wide Path Insights
- End-to-end flow tracking.
NetFlow Collectors
- Flow visibility using NetFlow.
SNMP Overview
- Basic device monitoring.
SD-WAN Logs
- View event logs.
SD-WAN Reporting
- Custom and scheduled reporting.
SD-WAN Manager APIs & Programmability
- Automate via API.

Appendix A: Deploying SD-WAN Controllers

On-Prem Controller Deployment
- Manual deployment in local DC.
Create vManage VM Instance on ESXi or KVM
- Virtual appliance setup.
Initial vManage Setup
- Bootstrap process.
Create vBond VM Instance on ESXI or KVM
- Orchestrator deployment.
Create vSmart VM Instance on ESXI or KVM
- Control-plane setup.
Add Controllers to vManage
- Unified visibility in vManage.
Enterprise CA Configuration
- Configure certificate authority.

LAB OUTLINE

Deploy the SD-WAN Controller
Deploy the vEdge, ISR 4K /C8000V Routers
vManage Configuration
Creating Device Templates (Lab 4-8)
Use APIs to Import Feature Templates
Upgrade SDWAN Environment
Perform ZTP on SDWAN Environment (Lab 11-13)
SDWAN Policies (Lab 14-17)
Application Visibility
Cloud On-RAMP
Monitoring / Troubleshooting

Course Dates	Course Times (EST)	Delivery Mode	GTR
6/23/2025 - 6/27/2025	9:00 AM - 5:00 PM	Virtual		Enroll