Viptela Training – Cisco SD-WAN

Course Information

Duration: 3 days

Version: VIPTELA

Price: $2,900.00



Learning Credits:


Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.


Train face-to-face with the live instructor.

Interact with a live, remote instructor from a specialized, HD-equipped classroom near you.​

Attend the live class from the comfort of your home or office.



This Viptela training is targeted to engineers and technical personnel involved in deploying, implementing, operating and optimizing Cisco SD-WAN solution (Viptela), both in enterprise and Service Provider environments, including advanced features for Multi-tenant deployment, QoS, application performance routing, configuration templates, control policies and troubleshooting common operating issues. The Cisco SD-WAN course is lab-intensive, and objectives are accomplished mainly through hands on learning. Students taking this Viptela training course should be familiar with Wide Area Networks (WANs) in a variety of ways, which can be found below. Ideal candidates for this course include engineering and planning teams who evaluate WAN evolution, personnel involved in SD-WAN Design, Implementation and Operation, and others.


The knowledge and skills that a learner should have before attending this course are as follows:

  • Familiarity with Wide Area Networks (WANs)
    • Describe why customers desire SD-WAN
    • Explain the basic components of Cisco SD-WAN
    • Describe use cases of SD-WAN
    • Describe management features of Cisco SD-WAN
    • Understand the business areas to leverage Cisco SD-WAN

Target Audience:

The primary audience for this course is as follows:

  • Engineering and Planning team evaluating WAN evolution
  • Personnel involved in SD-WAN Design, Implementation and Operation
  • Network Operations team with SD-WAN solution
  • Cisco partners who sell and support SD-WAN solutions

Course Objectives:

Upon completing this course, the learner will be able to meet these overall objectives:

  • Deploy and configure key elements in an SD-WAN solution, including routers and controllers, based on Zero Trust and Zero Touch principles
  • Setup and verify OMP as a key protocol element in the SD-WAN Solution
  • Use vManage GUI for centralized Monitoring and Configuring
  • Segment SD-WAN fabric, through the use of VPN’s (VRF’s)
  • Apply templates to configure devices and features
  • Apply control plane policies
  • Apply data plane policies
  • Apply QoS mechanisms to SD-WAN fabric
  • Route application traffic based on path performance using BFD
  • Deploy, configure and operate Multi-Tenant vManage NMS
  • Implement and test redundancy and high availability
  • Troubleshoot common operating issues in an SD-WAN solution
  • Implement secure Direct Internet Access on remote locations
  • Differentiate options for Cloud Services in SD-WAN (Cloud on Ramp for SaaS and IaaS)

Course Outline:

Module 1: SD-WAN Solution Refresh

  • SD-WAN Key Concepts
  • SD-WAN Main Components
  • vEdge
  • vSmart
  • vManage
  • vBond
  • On-Premise vs. Cloud-based Control Plane

Module 2: Secure Control Plane Bring-Up

  • Zero Trust Security Principles
  • Secure Control Channels
  • Establishing vEdge Router Identity
  • Establishing Control Elements Identities (vBond, vSmart, vEdge)
  • Secure Control Channel between vEdge Router and vBond
  • Secure Control Channel between vEdge Router and vSmart/vManage

Module 3: Secure Data Plane Bring-Up

  • Limitations of traditional key exchange mechanisms (IKE)
  • SD-WAN new centralized Encryption key distribution
  • Traffic Encryption for data privacy
  • Authentication Header for Data Plane Integrity
  • Anti-Replay Protection (man-in-the-middle)
  • Role of Bidirectional Forwarding Detection (BFD)
  • Considerations about MTU and MSS
  • End to End Segmentation (VPN’s)
  • Role of Application Visibility and Recognition
  • Infrastructure DDoS Mitigation
  • Security Policies and Services
  • Cloud Security: Secure Direct Internet Access

Module 4: Overlay Management Protocol (OMP)

  • Definition of overlay routing
  • Role and characteristics of Overlay Management Protocol (OMP)
  • OMP Advertised Routes
  • Route Redistribution (edge routing protocol to OMP and vice versa)
  • Best Path Algorithm

Module 5: Using Templates

  • Basic Elements in the configuration for any device
  • Need for Templates
  • Options to Apply Templates to Devices
  • Overview of Feature Templates
  • Categories of Feature Templates
  • Workflow for Applying Templates to Devices

Module 6: Using Policies

  • Policy Architecture
  • Lists
  • Application Aware Routing Policies
  • Control Policies
  • Data Policies
  • VPN Membership Policies
  • Routing Policies
  • Cflowd Templates

Module 7: Quality of Service (QoS)

  • QoS Pipeline – vEdge Router
  • Data Packet Flow
  • Queueing Management
  • Control Traffic Prioritization
  • Random Early Detection (RED)
  • Traffic Policing
  • Traffic Shaping
  • Marking and Remarking
  • Class-Map
  • QoS Scheduler
  • QoS Map
  • Applying QoS policies

Module 8: BFD and Application Routing based on path performance

  • Components of Application-Aware Routing
  • Identification (traffic of interest)
  • Monitoring and Measuring (path performance)
  • Mapping Application Traffic to Specific Transport Tunnel
  • Detailed procedure to Configure Application-Aware Routing Policy

Module 9: Redundancy in SD-WAN Solution

  • Remote Location Connectivity Redundancy
  • Single vEdge Router – Single Connection
  • Single vEdge Router – Dual Connection
  • Dual vEdge Router – Dual Connection
  • Controllers Redundancy
  • vSmart Redundancy
  • vBond Redundancy
  • vManage Redundancy

Module 10: Cloud Services – Cloud on Ramp

  • Cloud Services Challenges
  • SD-WAN Cloud on Ramp as a solution
  • Cloud on Ramp for SaaS
  • Cloud on Ramp for IaaS

Module 11: Troubleshooting Common Issues

  • Troubleshooting Control Plane
  • Troubleshooting Data Plane
  • Troubleshooting OMP
  • Troubleshooting policies

Module 12: Deploy Multi-Tenant vManage NMS

  • Overview of vManage Multitenant solution
  • Overview of vManage Multitenant deployment
  • Tenant On-boarding
  • Multitenant user Management Terminology
  • Multitenant vs Single Tenant Differences
  • Features and Functionality
  • Scale Out
  • Tenant Migration
  • Availability
  • Redundancy
  • Tenant Data Isolation
  • Upgrades

Lab Outline

  • Lab 1: Deploy SD-WAN Solution
    • Controllers Deployment
    • vEdge Router Deployment
    • Add vEdge Router to vManage Inventory
    • Configure, Deploy and Verify Control-Plane Connectivity
  • Lab 2: Configure and Deploy an Overlay Network
    • Enable OMP
    • Verify OMP
  • Lab 3: Provision and Deploy vManage Templates
    • Create Feature Templates
    • Basic Information Templates
    • Transport and Management VPN Templates
    • Service VPN Templates
    • Additional Templates
    • Create Device Templates
    • Apply Device Templates
    • Test Connectivity inside a VPN
    • Test isolation between VPN’s
  • Lab 4: Provision and Deploy vManage Policies
    • Deploy and Verify Control Plane Policies
    • Deploy and Verify Data Plane Policies
  • Lab 5: Apply and Verify QoS policies
    • Configure Classification and Marking
    • Configure Congestion Management with Queueing
    • Configure Congestion avoidance with WRED
    • Configure Traffic Policing
  • Lab 6: Apply App-Aware SLA-based Routing (using BFD)
  • Lab 7: Test Redundancy in SD-WAN
    • Test Control Plane Redundancy
    • Test vEdge Router Redundancy
    • Test Transport Redundancy
  • Lab 8: Troubleshooting Common Issues
    • Troubleshooting Control Plane
    • Troubleshooting Data Plane
  • Lab 9: Deploy Multitenant vManage NMS
    • Configure Multitenant vManage NMS
    • vManage Dashboard in Multitenancy mode
    • vManage Dashboard Multi-tenancy Widgets
    • Tenant Management