Course Overview:
This Viptela training is targeted to engineers and technical personnel involved in deploying, implementing, operating and optimizing Cisco SD-WAN solution (Viptela), both in enterprise and Service Provider environments, including advanced features for Multi-tenant deployment, QoS, application performance routing, configuration templates, control policies and troubleshooting common operating issues. The Cisco SD-WAN course is lab-intensive, and objectives are accomplished mainly through hands on learning. Students taking this Viptela training course should be familiar with Wide Area Networks (WANs) in a variety of ways, which can be found below. Ideal candidates for this course include engineering and planning teams who evaluate WAN evolution, personnel involved in SD-WAN Design, Implementation and Operation, and others.
Course Description:
Audience profile
- Engineering and Planning team evaluating WAN evolution
- Personnel involved in SD-WAN Design, Implementation and Operation
- Network Operations team with SD-WAN solution
- Cisco partners who sell and support SD-WAN solutions
At course completion
After completing this course, students will be able to:
- Know and understand Cisco’s SD-WAN concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today’s networks.
- Differentiate and explain each of the building blocks of SD-WAN Solution
- Explain the concept of “Fabric” and the different node types that conform it (Fabric Edge Nodes, Control Plane Nodes, Management Nodes and Orchestration Nodes)
- Identify the roles and functions of vEdge, vSmart, vManage and vBond entities
- Know and understand the Zero Touch Provisioning Model
- Know and understand the Zero Trust Provisioning Model
- Identify Overlay Management Protocol (OMP) as a key element of the SD-WAN solution and the role it plays for Control Plane setup
- Understand segmentation of SD-WAN fabric, through the use of VPN’s (VRF’s)
- Understand the role that templates have in SD-WAN solution, differentiate templates and know how to apply them
- Differentiate Control, Data and Application Route Policies and know how they are used in SD-WAN
- Identify and apply QoS mechanisms to SD-WAN fabric
- Discuss Use Cases for SD-WAN
Course Outline
Module 1: SD-WAN Solution Overview
- Traditional WAN – Challenges
- SD-WAN Overview and definitions
- SD-WAN Benefits
- SD-WAN Key Concepts
- SD-WAN Main Components
- vEdge
- vSmart
- vManage
- vBond
- On-Premise vs. Cloud-based Control Plane
Module 2: SD-WAN Licensing Model
- Pricing Model
- License Options by Features
- License Options by Bandwidth capacity
Module 3: Secure Control Plane Bring-Up
- Zero Trust Security Principles
- Secure Control Channels
- Establishing vEdge Router Identity
- Establishing Control Elements Identities (vBond, vSmart, vEdge)
- Secure Control Channel between vEdge Router and vBond
- Secure Control Channel between vEdge Router and vSmart/vManage
Module 4: Secure Data Plane Bring-Up
- Limitations of traditional key exchange mechanisms (IKE)
- SD-WAN new centralized Encryption key distribution
- Traffic Encryption for data privacy
- Authentication Header for Data Plane Integrity
- Anti-Replay Protection (man-in-the-middle)
- Role of Bidirectional Forwarding Detection (BFD)
- Considerations about MTU and MSS
- End to End Segmentation (VPN’s)
- Role of Application Visibility and Recognition
- Infrastructure DDoS Mitigation
- Security Policies and Services
- Cloud Security: Secure Direct Internet Access
Module 5: Overlay Management Protocol (OMP)
- Definition of overlay routing
- Role and characteristics of Overlay Management Protocol (OMP)
- OMP Advertised Routes
- Route Redistribution (edge routing protocol to OMP and vice versa)
- Best Path Algorithm
Module 6: Using Templates
- Basic Elements in the configuration for any device
- Need for Templates
- Options to Apply Templates to Devices
- Overview of Feature Templates
- Categories of Feature Templates
- Workflow for Applying Templates to Devices
Module 7: Using Policies
- Policy Architecture
- Application Aware Routing Policies
- Control Policies
- Data Policies
- VPN Membership Policies
- Routing Policies
- Cflowd Templates
Module 8: Quality of Service (QoS)
- QoS Pipeline – vEdge Router
- Data Packet Flow
- Queueing Management
- Control Traffic Prioritization
- Random Early Detection (RED)
- Traffic Policing
- Traffic Shaping
- Marking and Remarking
- Class-Map
- QoS Scheduler
- QoS Map
- Applying QoS policies
Module 9: Basic Troubleshooting
- Troubleshooting Control Plane Bring Up
- GUI validation in vManage
- CLI validation with “Show” commands in vEdge Router
- Troubleshooting Data Plane
- Troubleshooting OMP
Module 10: Additional Topics
- Solution Redundancy
- Control Policies
- Route Filtering
- TLOC
- Direct Internet Access (DIA)
- BFD
- Contrasting Cisco IWAN with Viptela SD-WAN approach
- Comparing Cisco’s SD-WAN with other vendors solutions
Module 11: Cloud on Ramp
Module 12: Use Cases & Design
- Guest Wi-Fi
- Bandwidth Augmentation
- Cloud onRamp for SAAS
- Critical Applications SLA
- Regional Secure Perimeter
Module 13: Multi-Tenancy
- Multi-Tenant Mode
- Creating Tenants
- Adding Controller
- Adding Vedges
- RBAC
Module 14: vAnalytics and Rest API
- vAnalytics
- Dashboard
- Data Analytics
- vManage Rest API
Lab Outline
- Lab 1: Accessing the Lab Devices
- Lab 2: Reset vEdge Cloud Router
- Lab 3: Remove vEdge Router from vManage Inventory
- Lab 4: Add vEdge Router to vManage Inventory
- Lab 5: Configure and Deploy Control-Plane Connectivity
- Lab 6: Configure and Deploy an Overlay Network
- Lab 7: Provision and Deploy vManage Templates
- Lab 8: Provision and Deploy vManage Policies
- Lab 9: Deploy Multi-Tenant vManage
Canada (en)
Canada (fr)
EU / EFTA
United Kingdom
France
India