Menu

Viptela Training – Cisco SD-WAN

Overview

This Viptela training is targeted to engineers and technical personnel involved in deploying, implementing, operating and optimizing Cisco SD-WAN solution (Viptela), both in enterprise and Service Provider environments, including advanced features for Multi-tenant deployment, QoS, application performance routing, configuration templates, control policies and troubleshooting common operating issues. The Cisco SD-WAN course is lab-intensive, and objectives are accomplished mainly through hands on learning. Students taking this Viptela training course should be familiar with Wide Area Networks (WANs) in a variety of ways, which can be found below. Ideal candidates for this course include engineering and planning teams who evaluate WAN evolution, personnel involved in SD-WAN Design, Implementation and Operation, and others.

The primary audience for this course is as follows:

  • Engineering and Planning team evaluating WAN evolution
  • Personnel involved in SD-WAN Design, Implementation and Operation
  • Network Operations team with SD-WAN solution
  • Cisco partners who sell and support SD-WAN solutions

The knowledge and skills that a learner should have before attending this course are as follows:

  • Familiarity with Wide Area Networks (WANs)
    • Describe why customers desire SD-WAN
    • Explain the basic components of Cisco SD-WAN
    • Describe use cases of SD-WAN
    • Describe management features of Cisco SD-WAN
    • Understand the business areas to leverage Cisco SD-WAN

Upon completing this course, the learner will be able to meet these overall objectives:

  • Deploy and configure key elements in an SD-WAN solution, including routers and controllers, based on Zero Trust and Zero Touch principles
  • Setup and verify OMP as a key protocol element in the SD-WAN Solution
  • Use vManage GUI for centralized Monitoring and Configuring
  • Segment SD-WAN fabric, through the use of VPN’s (VRF’s)
  • Apply templates to configure devices and features
  • Apply control plane policies
  • Apply data plane policies
  • Apply QoS mechanisms to SD-WAN fabric
  • Route application traffic based on path performance using BFD
  • Deploy, configure and operate Multi-Tenant vManage NMS
  • Implement and test redundancy and high availability
  • Troubleshoot common operating issues in an SD-WAN solution
  • Implement secure Direct Internet Access on remote locations
  • Differentiate options for Cloud Services in SD-WAN (Cloud on Ramp for SaaS and IaaS)

Module 1: SD-WAN Solution Refresh

  • SD-WAN Key Concepts
  • SD-WAN Main Components
  • vEdge
  • vSmart
  • vManage
  • vBond
  • On-Premise vs. Cloud-based Control Plane

Module 2: Secure Control Plane Bring-Up

  • Zero Trust Security Principles
  • Secure Control Channels
  • Establishing vEdge Router Identity
  • Establishing Control Elements Identities (vBond, vSmart, vEdge)
  • Secure Control Channel between vEdge Router and vBond
  • Secure Control Channel between vEdge Router and vSmart/vManage

Module 3: Secure Data Plane Bring-Up

  • Limitations of traditional key exchange mechanisms (IKE)
  • SD-WAN new centralized Encryption key distribution
  • Traffic Encryption for data privacy
  • Authentication Header for Data Plane Integrity
  • Anti-Replay Protection (man-in-the-middle)
  • Role of Bidirectional Forwarding Detection (BFD)
  • Considerations about MTU and MSS
  • End to End Segmentation (VPN’s)
  • Role of Application Visibility and Recognition
  • Infrastructure DDoS Mitigation
  • Security Policies and Services
  • Cloud Security: Secure Direct Internet Access

Module 4: Overlay Management Protocol (OMP)

  • Definition of overlay routing
  • Role and characteristics of Overlay Management Protocol (OMP)
  • OMP Advertised Routes
  • Route Redistribution (edge routing protocol to OMP and vice versa)
  • Best Path Algorithm

Module 5: Using Templates

  • Basic Elements in the configuration for any device
  • Need for Templates
  • Options to Apply Templates to Devices
  • Overview of Feature Templates
  • Categories of Feature Templates
  • Workflow for Applying Templates to Devices

Module 6: Using Policies

  • Policy Architecture
  • Lists
  • Application Aware Routing Policies
  • Control Policies
  • Data Policies
  • VPN Membership Policies
  • Routing Policies
  • Cflowd Templates

Module 7: Quality of Service (QoS)

  • QoS Pipeline – vEdge Router
  • Data Packet Flow
  • Queueing Management
  • Control Traffic Prioritization
  • Random Early Detection (RED)
  • Traffic Policing
  • Traffic Shaping
  • Marking and Remarking
  • Class-Map
  • QoS Scheduler
  • QoS Map
  • Applying QoS policies

Module 8: BFD and Application Routing based on path performance

  • Components of Application-Aware Routing
  • Identification (traffic of interest)
  • Monitoring and Measuring (path performance)
  • Mapping Application Traffic to Specific Transport Tunnel
  • Detailed procedure to Configure Application-Aware Routing Policy

Module 9: Redundancy in SD-WAN Solution

  • Remote Location Connectivity Redundancy
  • Single vEdge Router – Single Connection
  • Single vEdge Router – Dual Connection
  • Dual vEdge Router – Dual Connection
  • Controllers Redundancy
  • vSmart Redundancy
  • vBond Redundancy
  • vManage Redundancy

Module 10: Cloud Services – Cloud on Ramp

  • Cloud Services Challenges
  • SD-WAN Cloud on Ramp as solution
  • Cloud on Ramp for SaaS
  • Cloud on Ramp for IaaS

Module 11: Troubleshooting Common Issues

  • Troubleshooting Control Plane
  • Troubleshooting Data Plane
  • Troubleshooting OMP
  • Troubleshooting policies

Module 12: Deploy Multi-Tenant vManage NMS

  • Overview of vManage Multitenant solution
  • Overview of vManage Multitenant deployment
  • Tenant On-boarding
  • Multitenant user Management Terminology
  • Multitenant vs Single Tenant Differences
  • Features and Functionality
  • Scale Out
  • Tenant Migration
  • Availability
  • Redundancy
  • Tenant Data Isolation
  • Upgrades

Lab Outline

  • Lab 1: Deploy SD-WAN Solution
    • Controllers Deployment
    • vEdge Router Deployment
    • Add vEdge Router to vManage Inventory
    • Configure, Deploy and Verify Control-Plane Connectivity
  • Lab 2: Configure and Deploy an Overlay Network
    • Enable OMP
    • Verify OMP
  • Lab 3: Provision and Deploy vManage Templates
    • Create Feature Templates
    • Basic Information Templates
    • Transport and Management VPN Templates
    • Service VPN Templates
    • Additional Templates
    • Create Device Templates
    • Apply Device Templates
    • Test Connectivity inside a VPN
    • Test isolation between VPN’s
  • Lab 4: Provision and Deploy vManage Policies
    • Deploy and Verify Control Plane Policies
    • Deploy and Verify Data Plane Policies
  • Lab 5: Apply and Verify QoS policies
    • Configure Classification and Marking
    • Configure Congestion Management with Queueing
    • Configure Congestion avoidance with WRED
    • Configure Traffic Policing
  • Lab 6: Apply App-Aware SLA-based Routing (using BFD)
  • Lab 7: Test Redundancy in SD-WAN
    • Test Control Plane Redundancy
    • Test vEdge Router Redundancy
    • Test Transport Redundancy
  • Lab 8: Troubleshooting Common Issues
    • Troubleshooting Control Plane
    • Troubleshooting Data Plane
  • Lab 9: Deploy Multitenant vManage NMS
    • Configure Multitenant vManage NMS
    • vManage Dashboard in Multitenancy mode
    • vManage Dashboard Multi-tenancy Widgets
    • Tenant Management
SLI Main Menu