Cisco Webex Teams

Questions? Use Cisco Webex Teams (formerly Cisco Spark) to chat with the speaker after the session How 1 Find this session in the Cisco Events Mobile App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space cs.co/ciscolivebot#BRKCRS-2117

BRKCRS-2117 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 2 BRKCRS-2117

Cisco SDWAN Design & Deployment

Steven Wood - Principal Engineer – Enterprise Networks David Prall – Principal Systems Engineer – Enterprise Networks Agenda

• Introduction • Network Architecture • Controller Design • Routing & Site Design • Policy Design • Resiliency Considerations • Summary

BRKCRS-2117 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 About the jargon…

vEdge – vEdge Router i.e. an SDWAN router cEdge – ISR/ASR Router

vSmart - controller vBond - orchestrator

vManage – Management Application

BRKCRS-2117 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 Cisco SD-WAN Solution Overview Applying SDN Principles To The Wide Area Network

vManage Orchestration Plane vBond vSmart

MANAGEMENT vBond

Management Plane API vEdge (Multi-tenant or Dedicated)

ORCHESTRATION ANALYTICS

Control Plane (Containers or VMs)

CONTROL

Secure DTLS Control Channel Secure IPSEC Data Channel INET MPLS 4G

Data Plane (Physical or Virtual)

Data Center Campus Branch Home Office

BRKCRS-2117 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Orchestration Plane vBond Orchestrator

vBond Main

MANAGEMENT Characteristics

API • Orchestrates control and management plane ORCHESTRATION ANALYTICS • First point of authentication • Distributes list of vSmarts/ vManage to all vEdge routers CONTROL • Facilitates NAT traversal • Requires public IP Address Secure DTLS Control Channel Secure IPSEC Data Channel INET MPLS 4G [could sit behind 1:1 NAT] • Highly resilient • Multitenant or single tenant

Data Center Campus Branch Home Office

BRKCRS-2117 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Management Plane vManage

vBond Main Characteristics

MANAGEMENT • Single pane of glass for API Day0, Day1 and Day2 operations ORCHESTRATION ANALYTICS • Centralized provisioning • Multitenant or single tenant • Policies and Templates CONTROL • Troubleshooting and Monitoring Secure DTLS Control Channel Secure IPSEC Data Channel INET MPLS 4G • Software upgrades • GUI with RBAC • Programmatic interfaces (REST, NETCONF) Data Center Campus Branch Home Office • Highly resilient

BRKCRS-2117 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 8 Control Plane vSmart Controller

vBond Main

MANAGEMENT Characteristics

API • Facilitates fabric discovery

ORCHESTRATION ANALYTICS • Disseminates control plane information between vEdges • Distributes data plane and app- aware routing policies to the CONTROL vEdge routers • Implements control plane policies Secure DTLS Control Channel Secure IPSEC Data Channel INET MPLS 4G • Dramatically reduces control plane complexity • Highly resilient

Data Center Campus Branch Home Office

BRKCRS-2117 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 9 Data Plane vEdge Router Main Characteristics vBond • WAN edge router

MANAGEMENT • Provides secure data plane with remote vEdge routers API • Establishes secure control plane

ORCHESTRATION ANALYTICS with vSmart controllers (OMP) • Implements data plane and application aware routing policies CONTROL • Exports performance statistics • Leverages traditional routing Secure DTLS Control Channel Secure IPSEC Data Channel INET MPLS 4G protocols like OSPF, BGP and VRRP • Support Zero Touch Deployment Data Center Campus Branch Home Office • Physica