Cisco SDWAN: What a Surprise

Software-Defined solutions are….. AWESOME!!! 💥


Let’s take a look at Cisco SDWAN Solution! 😉
Cisco SD-WAN is a Wide Area Network (WAN) overlay architecture that applies the principles of Software-Defined Networking (SDN) into the traditional WAN. It is designed to meet the needs of modern enterprise applications and the rapidly growing security requirements.

Here the benefits of Cisco SDWAN (From Cisco website):

Better application experience

  • High availability, with predictable service, for all critical enterprise applications
  • Multiple hybrid active-active links for all network scenarios
  • Dynamically routed application traffic with application-aware routing, for efficient delivery and improved user experience
  • Improved OpEx, replacing expensive Multiprotocol Label Switching (MPLS) services with more economical and flexible broadband (including secure VPN connections)

More security

  • Application-aware policies with end-to-end segmentation and real-time access control
  • Integrated threat protection enforced at the right place
  • Secure traffic across broadband Internet and into the cloud
  • Distribute security to the branch and remote endpoints with NGFW, DNS security, and NGAV

Optimized cloud connectivity

  • Seamless extension of the WAN to multiple public clouds
  • Real-time optimized performance for Microsoft Office 365, Salesforce, and other major SaaS applications
  • Optimized workflows for cloud platforms such as Amazon Web Services (AWS) and Microsoft Azure

Simplified management

  • A single, centralized, cloud-delivered management dashboard for configuration and management of WAN, cloud, and security
  • Template-based, zero-touch provisioning for all locations: branch, campus, and cloud
  • Detailed reporting of application and WAN performance for business analytics and bandwidth forcasting

Those are some of the most important features for me! Moreover thanks to the automation you can deploy multiple changes to multiple devices with just a couple of lines of code! It is incredible, isn’t it? 😊
Yeah, I’m doing automation with SDWAN in order to continue the CCNA DevNet journey

Cisco SDWAN Components

Cisco vManage
The SD-WAN system’s Management Plane is Cisco vMange. It manages the system’s user interface and serves as the dashboard that network administrators utilize on a daily basis. Administrators utilize it to develop device templates, distribute configurations, and carry out overlay traffic engineering. Additionally, It is in charge of gathering network telemetry data, running analytics, and sending alerts when something happens in the SD-WAN fabric.
It is possible to deploy Cisco vManage on-premises, in a public cloud, or in a Cisco cloud-hosted environment. Because of how resource-intensive it is, the majority of consumers choose cloud solutions.

Cisco vBond
he SD-WAN system’s orchestration plane is Cisco vBond. Its responsibility is to coordinate the onboarding of new, unconfigured devices into the SD-WAN fabric. It is in charge of distributing control and management information as well as authentication and whitelisting of vEdge routers.

Cisco vSmart
The Control Plane of the SD-WAN system is Cisco vSmart. The overlay fabric’s brains are the vSmart controllers. They promote security, policies, and routing. In the control plane topology, they are positioned as hub routers, and all vEdge routers peer with all vSmart controllers. vSmart controllers resemble BGP Route-reflectors or DMVPN NHRP routers to knowledgeable network experts.
It’s crucial to realize that these devices do not participate in packet forwarding and are not a part of the data plane.

Cisco vEdge
The SD-WAN data plane is represented by Cisco vEdge devices. They establish the network fabric while seated at the WAN edge and join the SD-WAN overlay. The SD-WAN system itself is located north of the vEdge routers. Over the Overlay Management Protocol, vEdge routers and vSmart controllers communicate routing data (OMP).
The WAN Edge routers may be Cisco IOS-XE or Viptela platforms. Appliances can be either virtual or physical. The system automatically configures vEdges. This procedure was known as Zero-Touch Provisioning (ZTP) during the Viptela era, and it is currently known as Cisco Plug-and-Play with Cisco devices (PnP). Both names actually have the same meaning and are equivalent.


How to study SDWAN? Well…. There are tons of information that can be found online. During the last months I decided to go through this resources in order to pass the 300-415 exam and achieve the certification:

CBT Nuggets course is incredible! All the instructors are well-prepared and they explain the concepts smoothly, I love them! 😊
Along with this course I created a small topology on my EVE-ng server, it helps me in testing and practising with particular features like TLOC-Extension, template and policies.
The Book is a must, you can buy it from CiscoPress site (take care of the extra tax, it arrives from USA) both physical and digital copy, from Amazon or read it online on Oreilly

Moreover, for the first time I didn’t use any piece of paper and/or book in order to take notes, but just OneNote. It’s soo cool and the cloud availability allows me to study during some long trips with my phone!

EVE-ng topology (similar to the topology used during CBT Nuggets course):

Thanks for your time I hope that you’re enjoying my blog!
If you have some questions, please drop me a message through social networks!😊
👈 You can find the relative icons here on the left of the page