Installing, Configuring, Monitoring and Troubleshooting Cisco Catalyst SD-WAN v20.25.2

This release begins the Journey of streamlining Configuration Groups and Policy Groups, empowering network administrators with greater control and efficiency. This release is pretty close to feature complete, and the first release that I would tell customers that it is time to look to convert Configuration Templates to Configuration Groups.

Retail Price: $4,395.00

Next Date: 04/14/2025

Course Days: 5

Enroll in Next Date

Request Custom Course

Objective

SD-WAN Overview
SD-WAN Controllers (vSmart)
Allow Lists and Certificates
Platforms
Router Deployment
Configure SD-WAN Manager (vManager)
SD-WAN Software Updates
OMP / Fabric
QoS / QoE
Security / SASE
Creating and Applying SD-WAN Templates
Local and Central Policy
Deploying using Templates
ThousandEyes Integration
Cloud Onramp for SaaS
Analytics
Monitoring & Troubleshooting the SD-WAN Solution

Who should sit this course?

This course is suitable for Network Engineers, System Administrators, IT Professionals, Technical Support Staff, and Cisco-Certified Professionals looking to enhance their skills and proficiency with Cisco Catalyst SD-WAN network management tailored for networks.

The course is highly recommended for:

Network Engineers: Professionals tasked with the design, implementation, and maintenance of the network infrastructure. This includes managing both Catalyst SD-WAN and data communication systems, ensuring they meet the high standards required for government operations.
System Administrators: Individuals responsible for the daily management and configuration of the network systems. Their role is crucial in ensuring the reliable operation of Catalyst SD-WAN and WAN services across various departments.
IT Professionals: This group includes a wide range of IT personnel working who require a robust understanding of secure and reliable Catalyst SD-WAN network systems. Their work is critical in ensuring that these networks comply with stringent standards and regulations.
Technical Support Staff: These are the frontline personnel who provide essential technical support for Catalyst SD-WAN network systems within the environments. Their expertise ensures that any issues are promptly resolved to maintain network integrity and security.
Cisco Certified Professionals: Individuals who have already achieved Cisco certifications and are looking to further their knowledge and expertise specifically in Catalyst SD-WAN Networks and Technologies. This course offers them an opportunity to specialize in Catalyst SD-WAN solutions, enhancing their skill set in the context of the network requirements.

Outline

Module 0: Introductions

Module 1: Catalyst SD-WAN (Viptela) Platform Overview

Module Topics
Lesson 1: SD-WAN WAN Architecture Overview
Lesson 2: Cisco SD-WAN Solution Overview
Lesson 3: New Features by Version
Lesson 4: Licensing for Cisco SD-WAN
Lesson 5: SD Routing Overview (20.12)
Module Summary

Module 2: Cisco SD-WAN Controllers

Module Topics
Lesson 1: Cisco SD-WAN Controller Architecture
Lesson 2: Cisco Catalyst SD-WAN Portal
Lesson 3: Multitenant Tenancy
Lesson 4: Controller High Availability
Lesson 5: Verify Control Plane
Module Summary

Module 3: Catalyst SD-WAN Platforms

Module Topics
Lesson 1: SD-WAN Platform Overview
Lesson 2: SD-WAN vEdge Platforms
Lesson 3: Cisco ISR 4000 Series Routers
Lesson 4: Cisco ASR 1000 Routing Portfolio
Lesson 5: Catalyst 8000 Series Router Overviews
Lesson 6: Catalyst 8500 Series Routers
Lesson 7: Catalyst 8300 Series Routers
Lesson 8: Catalyst 8200 Series Routers
Lesson 9: Catalyst 8000v Series Virtual Router
Lesson 10: Catalyst 8000 SD-WAN Supported Modules
Lesson 11: Cellular Gateways for SDWAN
Lesson 12: SD-WAN WAN Edge High Availability
Module Summary

Module 4: Cisco SD-WAN WAN Edge Deployments

Module Topics
Lesson 1: Adding Device to the PNP Portal
Lesson 2: Device Initial Bootup and Image Selection
Lesson 3: SD-WAN Zero Touch Provisioning
Lesson 4: SD-WAN Quick Connect
Lesson 5: Manually Provision SD-WAN IOS-XE
Lesson 6: Verifying SD-WAN WAN Edge Configuration
Module Summary

Module 5: Catalyst SD-WAN SD Routing

Module Topics
Lesson 1: SD Routing Overview
Lesson 2: SD Routing Onboarding
Lesson 3: SD Routing Configuration
Lesson 4: SD Routing Management
Module Summary

Module 6: Configuring SD-WAN Manager

Module Topics
Lesson 1: Dashboard Overview and Changes
Lesson 2: SD-Wan Manager Monitoring Dashboard
Lesson 3: SD-WAN Manager Configuration
Lesson 4: SD-WN Manager Tools
Lesson 5: SD-WAN Manager Maintenance
Lesson 6: Administrative Settings
Lesson 7: Resource Groups
Lesson 8: Users and Groups
Lesson 9: RADIUS and TACACS
Lesson 10: Single Sign-On / IDP Management
Lesson 11: License Management
Lesson 12: Network Wide Path Insight
Module Summary

Module 7: SD-WAN Software Upgrades

Module Topics
Lesson 1: Upgrading the SD-WAN Environment
Lesson 2: Upgrade SD-WAN Controllers
Lesson 3: Software Upgrade Workflow Version 20.10 / 17.10
Lesson 4: Upgrading Devices via CLI
Module Summary

Module 8: SD-WAN OMP/Fabric

Module Topics
Lesson 1: SD-WAN Fabric Overview and Terminology
Lesson 2: SD-WAN Segmentation
Lesson 3: OMP / TLOCs / Routes
Lesson 4: SD-WAN BFD
Lesson 5: On-Demand Tunnels
Lesson 6: SD-WAN Fabric Verification
Module Summary

Module 9: SD-WAN QoS / QoE

Module Topics
Lesson 1: QoE / QoS Challenges
Lesson 2: Quality of Experience (QoE) / Quality of Service (QoS)
Lesson 3: Per-Tunnel QoS
Lesson 4: Adaptive QoS
Lesson 5: Per VPN QoS
Lesson 6: Application Quality of Experience (AppQoE)
Lesson 7: Forward Error Correction (FEC) / Packet Duplication
Lesson 8: TCP Optimization
Lesson 9: Data Redundancy Elimination (DRE) / Lempel-Ziv Compression (LZ)
Lesson 10: SD-AVC / Microsoft O365 Telemetry
Module Summary

Module 10: SD-WAN Security

Module Topics
Lesson 1: Security Overview
Lesson 2: Secure Analytics (StealthWatch) Integration
Lesson 3: Locking Down Edge Access
Lesson 4: SD-WAN Fabric Security
Lesson 5: IPSec Key Exchange in SD-WAN Fabric
Lesson 6: SD-WAN Security Options
Lesson 7: SD-WAN Integrated Security
Lesson 8: SD-WAN Enterprise Firewall
Lesson 9: SD-WAN Identity Firewall
Lesson 10: SD-WAN Intrusion Prevention System
Lesson 11: URL Filtering
Lesson 12: Anti-Malware Protection / Threatgrid
Lesson 13: DNS Security
Module Summary

Module 11: SD-WAN Templates and Configuration Groups

Module Topics
Lesson 1: Template Overview
Lesson 2: Feature Templates
Lesson 3: Device Templates
Lesson 4: CLI Templates
Lesson 5: Create Device Templates using Feature Templates
Lesson 6: Attaching Devices to Template
Lesson 7: Configuration Groups Overview
Lesson 8: Creating Configuration Groups
Lesson 9: Deploy Configuration Group Workflow
Lesson 10: View/Edit Configuration Groups
Lesson 11: Configuration Catalog
Module Summary

Module 12: SD-WAN Local Policy

Module Topics
Lesson 1: Local Policy Overview
Lesson 2: Local Policy Lists
Lesson 3: Local Data Policies
Lesson 4: Local Policy QoS Configuration
Lesson 5: Access Control Lists
Lesson 6: Localized Control Policy
Lesson 7: Save and Apply Local Policy
Module Summary

Module 13: SD-WAN Central Policies

Module Topics
Lesson 1: Central Policy Overview
Lesson 2: Policy Construction
Lesson 3: Central Control Policy
Lesson 4: Control Policy - Dis-contiguous Data Planes
Lesson 5: Control Policy - Data Center Priority
Lesson 6: Control Policy - VPN Topologies
Lesson 7: Control Policy - VPN Membership Policy
Lesson 8: Control Policy - Application-Aware Routing
Lesson 9: Control Policy - Service Chaining
Lesson 10: Central Data Policies
Lesson 11: Central Data Policies - Use Cases
Lesson 12: Central Data Policies - Cflowd
Lesson 13: Creating Centralized Policies
Module Summary

Module 14: SD-WAN Policy Groups

Module Topics
Lesson 1: What are Policy Groups?
Lesson 2: Groups of Interest (Policy Objects)
Lesson 3: Application Priority and SLA
Lesson 4: NGFW
Lesson 5: SIG/SSE and DNS Security
Lesson 6: Policy Group Creation
Lesson 7: Associate and Deploy Policy Groups
Lesson 8: UX 2.0 Topology
Module Summary

Module 15: Cisco SD-WAN with ThousandEyes Integration

Module Topics
Lesson 1: ThousandEyes Introduction
Lesson 2: Architecture and SD-WAN Deployment
Module Summary

Module 16: Cloud On Ramp for SaaS

Module Topics
Lesson 1: Cloud OnRamp - Overview
Lesson 2: Cloud OnRamp for SaaS Overview
Lesson 3: Cloud OnRamp for M365
Lesson 4: Cloud OnRamp for Webex
Lesson 5: Cloud OnRamp for Enterprise & Custom Apps
Lesson 6: Cloud OnRamp for SaaS – Security
Lesson 7: Deployment Use cases
Lesson 8: Cloud OnRamp for SaaS Configuration
Lesson 9: Cloud OnRamp for SaaS Monitoring
Module Summary

Module 17: Analytics 3.0

Module Topics
Lesson 1: SD-WAN Analytics Overview
Lesson 2: SD-WAN Analytics Dashboards
Lesson 3: SD-WAN Analytics KPIs and Scores
Lesson 4: SD-WAN Analytics Bandwidth Forecasting
Lesson 5: SD-WAN Analytics Troubleshooting
Lesson 6: SD-WAN Analytics IDP Onboarding
Lesson 7: SD-WAN Analytics Onboarding & Access Workflow
Module Summary

Module 18: Monitoring & Troubleshooting the SD-WAN Solution

Module Topics
Lesson 1: SD-WAN Troubleshooting Overview
Lesson 2: SD-WAN Technical Support Access
Lesson 3: Controller Failure Scenarios
Lesson 4: Troubleshooting Controllers
Lesson 5: Troubleshooting Control Connections
Lesson 6: Typical Control Connection Issues
Lesson 7: Troubleshooting Data Plane
Lesson 8: Troubleshooting Routing
Lesson 9: Centralized Policies Troubleshooting
Lesson 10: Packet Forwarding Troubleshooting
Lesson 11: Device Configuration and Upgrades Failure
Lesson 12: vDiagnose - Diagnostic Tool for SD-WAN
Lesson 13: Troubleshooting cEdge
Lesson 14: Troubleshooting using SD-WAN Manager
Lesson 15: Device Troubleshooting
Lesson 16: Using the GUI for cli show command Under Troubleshooting > Real-time
Lesson 17: CLI Troubleshooting
Lesson 18: Network Wide Path Insights
Lesson 19: NetFlow Collectors
Lesson 20: SNMP Overview
Lesson 21: SD-WAN Logs
Lesson 22: SD-WAN Reporting
Lesson 23: SD-WAN Manager APIs & Programmability
Module Summary

Appendix A: Deploying SD-WAN Controllers

A: On-Prem Controller Deployment
B: Create vManage VM Instance on ESXi or KVM (slide 6)
Lesson 3: Initial vManage Setup (slide 30)
Lesson 4: Create vBond VM Instance on ESXI or KVM (slide 44)
Lesson 5: Create vSmart VM Instance on ESXI or KVM (slide 63)
Lesson 6: Add Controllers to vManage (slide 81)
Lesson 7: Enterprise CA Configuration (slide 87)
Module Summary

LAB OUTLINE

Lab 1: Deploy the SD-WAN Controller

Deploy the vManage Controllers
Deploy the vBond Orchestrator
Deploy the vSmart Controller
Configure Certificate Settings

Lab 2: Deploy the vEdge, ISR 4K /C8000V Routers

Deploy WAN Edges
Configure the WAN Edge Routers
Prepare vEdge Routers for ZTP

Lab 3: vManage Configuration

Explore the Interface
Add Controllers to the Whitelist
Add vEdge whitelist
BFD Tuning
Create and Update Users
Manage the Fabric

Lab 4-8: Creating Device Templates

Create CLI Policy Template
Create Feature Policy Template
Create vSmart Device CLI Template
Create DC1 vEdges Device Feature Template
Attach DC1 Devices to Template
Create DC2 IOS-XE CSRs Device Feature Template
Attach DC2 Devices to Template
Create BR1 vEdges Device CLI Template using TLOC Extensions
Attach BR1 Devices to Template
Create BR2 IOS-XE CSRs Device Feature Template using TLOC Extensions
Attach BR2 Devices to Template
Create BR3 IOS-XE ISR4K Device Feature Template
Attach BR3 Devices to Template
Configuration Rollback

Lab 9: Use APIs to Import Feature Templates

Lab 10: Upgrade SDWAN Environment

Lab 11-13: Perform ZTP on SDWAN Environment

Lab 14-17: SDWAN Policies

List types of policies that can be implemented in the SD-WAN solution
Describe how policies can be implemented that affect the control plane
Describe what affect policies can have on data traffic forwarding
Identify the various components of the vSmart policy architecture
Describe how different policies are enabled in different devices
Detail how policies are processed and applied
Control Policy Lab
Configure a Vpn-membership-policy
Configure Site-list Selection Policies
Configure a Service Chaining Policy
Configure an Extranet VPN Policy
Configure a Service path affinity Policy
Configure Fabric Policies
Configure Security Zones
Data Policy Lab
- Configure Shaping Policies
- Configure QoS Policies
- Configure a Service Chaining
- Configure an Extranet VPN Policy
- Configure Service path affinity Policy
- Configure a NAT Policies for DIA
- Configure an OSPF BGP Routing Policy
Application Aware Routing Policy Lab
SLA Classes
Path Selection using Application Policies
Create a cFlowd Policy
Create a Local Control Policy
Configure OSPF and BGP
Create a Local Data Policy
Create ACL
Create Device Access Policy
Configure QOS
Configure OSPF Route Policy

Lab 18: Application Visibility

Create a Centralized Policy for Application-Aware Routing
Identify Application Groups (FTP/Office 365/Voice)
Create Lists
Site Lists
Application Lists
Data Prefix Lists
VPN Lists
Create a SLA Classes
Create Traffic Rules
Apply Policies to Sites and VPNs

Lab 19: Cloud On-RAMP

Configure Cloud Onramp for SAAS

Lab 20: Monitoring / Troubleshooting

Explore vManage Dashboard analytics
Monitor Applications
Monitor Loss, Latency, and Jitter
Monitor Individual Device
- Check system Status
- Check Control Connections
- Check OMP Status
- Check BFD Status
- Check Interfaces for Issues
Use the CLI to view and troubleshooting debug Logs
Troubleshoot BFD
Troubleshoot OMP
Use troubleshooting tools to diagnose issues
- Use the Ping tool
- Use the Traceroute tool
- Use the App Route Visualization
- Simulate traffic flows
- Take a Packet
Troubleshoot Application Routing

Course Dates	Course Times (EST)	Delivery Mode
4/14/2025 - 4/18/2025	10:00 AM - 6:00 PM	Virtual	Enroll
4/28/2025 - 5/2/2025	10:00 AM - 6:00 PM	Virtual	Enroll
5/19/2025 - 5/23/2025	10:00 AM - 6:00 PM	Virtual	Enroll