SD-WAN FUNDAMENTAL

PRESENTATION

TRAN LE PHUONG _ SOLUTION TEAM _ BDC

AGENDA
INTRODUCTION

SOLUTION & COMPONENTS

C O R E F E AT U R E S

BENEFITS

WHY CISCO

2
 INTRODUCTION

Local Area Network

và

Wide Area Network

3
INTRODUCTION
WAN truyền thống

4
 INTRODUCTION
S D - W A N – s o ft w a r e d e fi n e d W A N

SD-WAN: đặc điểm nổi bật

1. Nhận dạng ứng dụng và định tuyến dựa trên QoS (Quality of Service) của từng ứng dụng chứ không chỉ dựa vào TCP/IP

2. SD-WAN ảo hóa toàn bộ các bộ định tuyến và các dịch vụ WAN như MPLS, Internet, 3G/4G/5G và xem các tài nguyên này
như tài nguyên mạng – Resource pool. Giải pháp điều khiển sẽ tận dụng tối đa tất cả các kết nối hiện có để điều khiển sao
cho tối ưu nhất .
- Bằng cách nhận diện ứng dụng, set QoS và điều hướng, tự động lựa chọn đường truyền để đảm bảo QoS
3. Bảo mật cho từng đường truyền dựa trên tính năng thiết bị

5
 CISCO SD-WAN

Thành phần của giải pháp

Select the right platform
Potential customer use cases or characteristics
Cisco Meraki Cisco
SD-WAN Viptela
Prizes full stack branch management for security & networking

“Lean IT” organization

Existing Meraki customer

Customer is evaluating Fortinet, HPE/Aruba, Riverbed, CloudGenix

Needs end-to-end WAN segmentation across on-prem and public cloud infrastructure

Existing ISR 4K customer or CAT8K

Complex WAN topologies with high degree of customization

Customer is evaluating Velocloud, Silverpeak, Versa

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Core Features

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Automated, Zero-Touch Onboarding
• SD-WAN appliance will onboard itself
into the SD-WAN fabric automatically
Cisco PNP
with no administrative intervention.
I

• Connect the SD-WAN appliance to a

1 3 WAN transport that can provide a
2
dynamic IP address, default-gateway
and DNS information.
WAN • AutoIP feature allows SD-WAN
appliances to “learn” their static IP
I

assignment through ARP

requests/responses.
4 IPsec Fabric
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
 vEdge 
Flexible NAT Support cEdge 

• Can be enabled via NAT route or Centralized Data

Policy vSmart
• Support for: Central Data Policy
• Inside Dynamic NAT (LAN  Overlay, LAN 
DIA)
• Inside Dynamic NAT with PAT Overload (LAN  S = 10.1.1.3
D = 10.0.0.3
IPv4

Overlay, LAN  DIA)

• Inside Static NAT (LAN  Overlay, LAN  DIA) INET/MPLS
• Inside Static NAT with Port Forwarding (LAN 
Overlay, LAN  DIA)
• Outside Dynamic NAT (Overlay  LAN)
• Outside Dynamic NAT with PAT Overload (Overlay NAT
NAT
 LAN)
• Outside Static NAT (Overlay  LAN) 192.168.1.3/24 192.168.1.3/24

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
 vEdge 
DIA Support with SLA Tracking cEdge 

• Enterprises are increasingly adopting a

Direct Internet Access (DIA) model
Tracker
Record
• Without SLA tracking, SD-WAN
RTT: 20ms
Tracker
appliances have limited visibility into
INET DC/Colo
Status: Up
the status of Internet-facing interface(s)
• SD-WAN v20.3 and IOS-XE v17.3 now
support SLA tracking to probe the
Branch
MPLS Internet (DIA) interface for reachability
Primary Path • Should the primary interface be
Backup Path degraded, the router can invoke a
ICMP Probe backup path.
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
 vEdge 
Static Route Tracking Support cEdge 

• SD-WAN v20.3 and IOS-XE v17.3

supports SLA tracking on to probe
the next-hop address of static routes
within Service VPNs Tracker
Record INET
• Probing provides visibility into RTT: 20ms
Status: Up
devices outside the SD-WAN fabric
Firewall
• Should the next-hop become 0.0.0.0/0  10.0.0.1

unreachable, the router can invoke a

backup path. Tracked Next-Hop Primary Path
Backup Path
ICMP Probe

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
 vEdge 
Dynamic On-Demand Tunneling cEdge 
HUB

• By default, Cisco SD-WAN operates in full-mesh

• While topology modification is possible, full-
mesh carries a huge computational burden on
branch resources (affecting scale)
• Enterprise customers need full-mesh connectivity,
but also a way to offset the resource burden
Branch Branch
• SD-WAN v20.3 / 17.3 supports Dynamic On-
Demand Tunneling
• Branch routers will maintain an “always-on” Branch
tunnel to a hub location, then dynamically build
Backup Path
site-to-site tunnels, where necessary.
On-Demand Path

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
 End-to-End Segmentation with Multi-Topology
vSmart
Single Tunnel Route
Tables

A A
MPLS
Inet
B B
C C
4G/LTE
WAN Edge Router WAN Edge Router

Segment connectivity across the SD-WAN fabric WAN Edge routers maintain per-VPN routing table for
without reliance on underlay transport complete control plane separation
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Multicast Support
vSmart Controllers
OMP
Update
IGMP/PIM OMP
Update
SD-WAN
OMP Sender
Update Fabric
Receiver Branch RP
S: 192.168.1.1 IPv4
OMP
D: 233.252.1.1
Update S: 192.168.1.1
D: 233.252.1.1
IPv4

IGMP/PIM Data
S: 192.168.1.1
D: 233.252.1.1
IPv4 Center

Receiver Branch Control Plane Multicast Stream

Replicators
 IOS-XE SD-WAN devices interoperate with IGMP v2/v3 and PIM  cEdge Replicators replicate multicast stream to receivers
on the service side  Multicast is encapsulated in point-to-point tunnels
 IOS-XE SD-WAN devices advertise receiver multicast groups  Multicast traffic is compatible with Application Aware Routing
using OMP
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Cloud OnRamp

IaaS SaaS
Analytics

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
vAnalytics: Translate Raw Data into Intelligent Insights

Granular Multi-layer Network Application Intuitive UI

visibility insights KPIs performance

Intuitive Visualization of Correlate Application behavior Leverage Insights for better

Network KPIs and historical trends (QoE) with the network conditions planning

Robust, Scalable, Cloud-hosted SaaS Service

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
vAnalytics v2.0

Visibility into network KPIs – loss, latency, jitters,

Network Performance
and bandwidth consumption across WAN
Multi-layer insights correlating application
Application Insights behavior (QoE) with the underlying network
conditions

Granular Statistics Site-level, VPN-level, and Device-level statistics;

Top Talkers, Top Flows

Improved experience Refreshed GUI for easy navigation; Secure login

with multi-factor authentication (MFA)

Improved overall network visibility and insights

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Benefits

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Why Cisco

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
SD-WAN của Cisco
được Gartner đánh giá
ở cấp Leader thị
trường

Đối thủ cạnh tranh:

Fortinet
VMware
* Why Cisco – SDWAN