Security solutions like Cisco Umbrella, EDR and Threat defense via AMP,, Firepower-level Firewall filters, IPS capability.ġ3. The Cisco ISR 1000, 4000 series, the ASR 1000 series, the Cisco ENCSE 5400 support the newer Cisco SD-WAN security solutions - they're purpose built for it. What are the SD-WAN Security capabilities and which platforms support SD-WAN Security? Now, each branch site, for example, can have it's own VPN calling it anything like VPN1 or VPN2.ġ2. The main overlay network is a segment itself called VPN0. I forgot the details.ġ1.ĝoes Cisco SD-WAN Solution support Network Segmentation and what are the benefits? I remembered Ivan Pepelnjak post in his blog security concerns on SD-WAN solutions last year. I'd like to take the stance of Cisco and Viptela to say yes due to the use of TPMs, pre-staged Certificate installation, and device registration. There's migration and then there's a new addition of device but most enterprises would be doing a migration of the DCs or Hub first and then add in new sites or migrate older sites while ensuring the routes go with those branches as we don't want network advertisement from the legacy network and the new one. How is Cisco SD-WAN deployed at branch offices and data center network or regional hubs? It's like ESP would put in a space for API interaction with vManage.ĩ. lol Haven't seen a REST/RESTful application interface with vManage yet but I'm told it can be done. This is the controller where you configure the policies, device templates, feature templates, create rules and stuff on application routing - you all do it here. I'm tempted to say it's an Orchestrator - tells you who to connect to, what details one vSmart needs to expect from an incoming vEdge/cEdge traffic or request. I'll probably change my mind in a few weeks on this.Ī vSmart controller is your centralized Control Plane in Cisco SD-WAN distributed environment. You spend far more time planning for SD-WAN than the actual implementation time then what follows next is the operations portion - OMP connections, IPSec Tunnels, physical links going down, investigation on the unusual and malicious traffic and others. How do you manage and operate Cisco SD-WAN?Īs of now, I look at this as some kind of trick question. Pretty sure with this one as I watch Cisco Live. Which sectors and industries have deployed the Cisco SD-WAN Solutions?įinance.
Cisco throws in free hosting of the Controllers in their cloud infrastructure. Which problems can a Cisco SD-WAN overcome which other Vendor SD-WAN cant?Īh! I probably need to look into other vendor's solutions. In a nutshell, cost, speed of deployment, standardization in configuration, analytics and addition of Cisco's Cyber Security protection.ģ. What are the key benefits offered by Cisco SD-WAN?
It started as a Viptela SD-WAN solution Cisco bought where a proprietary overlay protocol is managing connectivity between Edge devices using mostly TLS connections unless Symmetric NAT is in place, hence the DTLS/TLS communication with controllers like the vBond, acting as an orchestrator, a vManage server where policies are created plus templates and stuff, then a vSmart controller that centralizes Control Plane signaling and communications.Ģ. Here is the list of Top Cisco SD-WAN Interview Questions they came up with. i-Medita does have an answer key - I'd look into that after I finish answering and re-answering the whole list.
i-Medita created a top 50 asked questions on Cisco SD-WAN and I'd probably revisit this as I complete my studies.ĭepends on which part of the globe you're in you wouldn't be asked some of the questions you'd probably be grilled with the nitty gritty. In my SD-WAN studies, I found that panel questioning in the presentations I watched helped me learn more.