ADV Cisco SD-WAN Design, Troubleshoot, Topology, Configuration & Policy Groups, & Features

In this ADV Cisco SD-WAN Design, Troubleshoot, Topology, Configuration & Policy Groups, & Features 5-day immersive, hands-on course covering Cisco Catalyst (Viptela) SD-WAN version 20.18 / IOS-XE 17.18, students will gain in-depth knowledge and practical skills to deploy, configure, manage, and troubleshoot Cisco SD-WAN environments. The course explores controller and edge device deployment, Zero Touch Provisioning (ZTP), device and feature template creation, and SD-WAN Manager interface operations. Students will work with advanced features including OMP, BFD, QoS, DRE, security integration (SASE, Umbrella, FW, IPS), and local and centralized policy design. Labs include deploying controllers, onboarding routers (vEdge, ISR, C8000V), upgrading environments, configuring policies, enabling Cloud On-Ramp for SaaS applications like O365 and Webex, and leveraging analytics and troubleshooting tools like ThousandEyes and vManage. By course end, students will be proficient in building robust, secure, and optimized enterprise SD-WAN solutions across cloud and hybrid infrastructures. This release begins the Journey of streamlining Configuration Groups and Policy Groups, empowering network administrators with greater control and efficiency. This release is pretty close to feature complete, and the first release that I would tell customers that it is time to look to convert Configuration Templates to Configuration Groups.

How you’ll benefit

This class will help you:

• Builds on the SDWAN class. Focuses on Advanced Features (Routing, Templates, Configuration Groups, Policies, SASE Security, Thousand Eyes Integration, Advanced QoS)
• Enhance voice integration and configuration expertise
• Will help prepare for the 300-415 ENSDWI Certification Between SDWAN and ADVANCED SDWAN

Why Attend with Current Technologies CLC

• Our Instructors are the top 10% rated by Cisco
• Our Lab has a dedicated 1 Gig Fiber Connection for our Labs
• Our Labs run up to Date Code for all our courses

• SD-WAN Review
• SD-WAN Advanced Settings
• SD-WAN High Availability
• SD-WAN APP-QoE, SD-AVC and QoS Policies
• Bridging
• Routing Protcols
• Multicast
• Direct Internet Access (DIA)
• SD-WAN Voice Configuration
• SD-WAN Migration
• Advanced Template Design and Troubleshooting
• Advanced Local & Central Policies on vEdge and IOS-XE Platforms
• Advanced Security Policies on vEdge and IOS-XE Platforms
• Advanced Troubleshooting of Policies on vEdge and IOS-XE Platforms

Who should sit this course?

This course is suitable for Network Engineers, System Administrators, IT Professionals, Technical Support Staff, and Cisco-Certified Professionals looking to enhance their skills and proficiency with Cisco Catalyst SD-WAN network management tailored for networks. 

The course is highly recommended for:

• Network Engineers: Professionals tasked with the design, implementation, and maintenance of the network infrastructure. This includes managing both Catalyst SD-WAN and data communication systems, ensuring they meet the high standards required for government operations.
• System Administrators: Individuals responsible for the daily management and configuration of the network systems. Their role is crucial in ensuring the reliable operation of Catalyst SD-WAN and WAN services across various departments.
• IT Professionals: This group includes a wide range of IT personnel working who require a robust understanding of secure and reliable Catalyst SD-WAN network systems. Their work is critical in ensuring that these networks comply with stringent standards and regulations.
• Technical Support Staff: These are the frontline personnel who provide essential technical support for Catalyst SD-WAN network systems within the environments. Their expertise ensures that any issues are promptly resolved to maintain network integrity and security.
• Cisco Certified Professionals: Individuals who have already achieved Cisco certifications and are looking to further their knowledge and expertise specifically in Catalyst SD-WAN Networks and Technologies. This course offers them an opportunity to specialize in Catalyst SD-WAN solutions, enhancing their skill set in the context of the network requirements

• Installing, Configuring, Monitoring and Troubleshooting Cisco Catalyst (SDWAN) v20.15

 Module 0: Introductions

• Introductions
  • Get familiar with the course structure and participants.

Module 1: Cisco Catalyst SD-WAN Review

• Catalyst SD-WAN Control Plane Overview
• An overview of Catalyst SD-WAN architecture and capabilities.
• SD-WAN Platform
  • Platform selection and deployment strategies.
• Potential issues within SD-WAN Fabric

Module 2: Advanced SDWAN Control Component Deployment

• On-Prem Controller Deployment
• Create Manager VM Instance
• Initial SD-WAN Manager Setup
• Create Validator VM Instance
• Create Controller VM Instance
• Add Control Components to Manager
• Enterprise CA Configuration
• Controller High Availability
• Orchestration Plane for Air Gap
• Management Plane for Airgap
• Additional Considerations for Air Gap Networks
• Verify Control Plane
• Manager Day-0 Setup

Module 3: Design & Advanced Settings

• Feature Summary by Version
• Design and Plan Topology
• Offline Licensing
• SD-WAN Configuration and Settings
• Ether Channel Support (20.6)
• LTE Design and Deployment Options
• C1100TG Terminal Gateway (20.16)
• Cisco Cyber Vision

Module 4: SD-WAN High Availability

• SD-WAN High Availability
• Manager Clustering
• SD-WAN Disaster Recovery
• Troubleshooting Cluster Operation
• LACP Configuration

Module 5: Template & Config Groups Optimization

• SD-WAN Device Configuration
• Using Python to Import / Export Templates
• Parsing JSON with Python
• Template Operations
• Configuration Groups Overview
• Creating Configuration Groups
• Deploy Configuration Group Workflow
• View/ Edit Configuration Groups
• Configuration Groups vs Templates
• Tagging
• Configuration Catalog
• Control Components Settings (20.18)

Module 6: SD-WAN APP-QoE, SD-AVC and QoS Policies

• Application Quality of Experience (APPQoE)
  • Enhancing app experience.
• SD-AVC
• Application Classification From 20.10
• Custom Application Identification
  • Defining custom apps.
• Application Catalog Enhancements (20.16)
• Bidirectional Forwarding Detection (BFD)
  • Monitor and recover tunnel loss.
• Cloud onRamp for SaaS for Office 365
  • Optimize O365 performance.
• QoS Design
• Per Tunnel QOS
  • QoS settings per tunnel.
• Adaptive QOS
  • Dynamic adjustments to QoS.
• SD-WAN 17.6/20.6 - Per VPN QOS
  • VPN-based traffic control.
• Upstream and Downstream Throttle (20.18)
• TCP Optimization
  • Improve TCP traffic performance.
• Service Nodes for AppQoE
  • Offload services to nodes.
• Forward Error Correction (FEC)
  • Error correction techniques.
• Packet Duplication
  • Resiliency for critical apps.
• QoS Queueing Statistics (20.18)

Module 7: Bridging

• Transparent Bridging
  • Enable Layer 2 bridging in SD-WAN.
• cEdge Bridging Template Configuration
  • Bridge config for IOS-XE.

Module 8: Routing Protocols

• SD-WAN Routing
  • Dynamic and static underlay routes.
• Static Routes
  • Configure static routing.
• VRRP Enhancements
  • Redundancy enhancements.
• HSRP Standby Router
• OMP Routing
• Border Gateway Protocol (BGP)
• BGP Review
• BGP Templates
• BGP Lists
• BGP Local Route Policies
• BGP Troubleshooting
• Open Shortest Path First (OSPF)
• SD-WAN OSPF
• OSPF Templates
• OSPF Local Policies
• OSPF Monitoring
• OSPF Troubleshooting
• Enhanced Interior Gateway Routing Protocol (EIGRP)
• EIGRP Template Configuration
• EIGRP Monitoring and Troubleshooting
• SD-WAN On Demand Tunnels
  • Create tunnels dynamically.
• Route Leaking
  • Cross-VPN route redistribution.
• SD-WAN 17.7
• Service VPN Route Leaking

Module 9: Multicast

• Multicast Overview
• Support for Mulitcast

Module 10: Direct Internet Access (DIA)

• Direct Internet Access (DIA)
• Direct Internet Access (DIA) Design
• Deploying DIA
• Central Data Policy
• NAT DIA Route
• DIA NAT Troubleshooting

Module 11: SD-WAN Voice Configuration

• SD-WAN UC Support
• Voice Card Feature Template
• Call Routing Feature Template
• Survivable Remote Site Telephony (SRST)
• Voice Policy
• Create a Voice Port Policy
• Voice Port Translation Profile
• FXO Supervisory Disconnect
• Webex Calling Local Survivability Gateway

Module 12: SD-WAN Security

• Security Overview
  • General overview of secure SD-WAN.
• Fabric Security
• On-Prem Security
• Snort/IPS
• Custom IPS Signatures (20.18)
• Advanced Malware Protection/AMP
• URL Filtering
• TLS/SSL Decryption
• Unified Logging
• Cloud Security
• Secure Internet Gateway (SIG)
• Cisco and ZScalar SIG
• Manager ZScaler Workflow for Auto-GRE SIG Tunnel
• ZScaler Workflow
• L7 Health Check Inside ZScaler Auto-GRE Tunnel
• Secure Access Service Edge (SASE)
• Configure Tunnels with Cisco Catalyst SD-WAN
• Cisco Secure Access Configuration

Module 13: SD-WAN Local Policies

• Localized Policies Overview
• Local Control Policies
• Local Data Policies
• Local Data Policy - QoS
• Configure Local Policies

Module 14: SD-WAN Central Policies

• Centralized Policies Overview
• Central Policy Functionality
• Centralized Policies
• Centralized Control Policies
• Service Chains
• Centralized Data Policies
• Application Aware Routing
• Central Data Policies - Cflowd
• Control Policy - VPN Membership Policy
• Policy Construction
• Policy Troubleshooting
• Centralized Control Policy
• Control Policies & Troubleshooting Workflow
• Centralized Data & AAR Policies Troubleshooting

Module 15: SD-WAN Policy Groups

• What are Policy Groups?
• Groups of Interest (Policy Objects)
• Application Priority and SLA
• NGFW
• SIG/SSE and DNS Security
• Policy Group Creation
• Associate and Deploy Policy Groups
• UX 2.0 Topology

Module 16: Multi-Region Fabric

• Multi-Region Fabric
• MGMT Regions

Module 17: Network Wide Path Insights (NWPI)

• NWPI
• NWPI Enhancements (20.18)

Module 18: Cisco SD-WAN Migration (Viptela) Migration Strategies

• Secure Automated WAN
• Migration and Deployment Models
• Controllers Design
• DC and Branches Design
• Migration and Onboarding Strategy
• Implementing Automated WAN
• UX Conversion Tool

Lab Outline

• Lab 0: Lab Access via View Horizon Client
• Lab 1: Controller Verification
• Lab 2: Modify Controller Settings
• Lab 3: NYC-DC1 Device Template
• Lab 4: EMEA-DC2 Configuration Group
• Lab 5: Editing the EMEA DC2 Configuration Group
• Lab 6: Deploying the Configuration Group for DC2
• Lab 7: Create BR-West-Coast Configuration Group
• Lab 8: Editing the BR-West-Coast Configuration Group
• Lab 9: Deploying the BR-West-Coast Configuration Group
• Lab 10: Integration Between SD-WAN and ISE
• Lab 11: Security Policy Lists Configuration
• Lab 12: Security Policy Configuration
• Lab 13: Unified Security Policy Configuration
• Lab 14: Local Policy List Configuration
• Lab 15: Localized Policy Configuration
• Lab 16: Central Policy List Configuration
• Lab 17: Centralized Policy Configuration
• Lab 18: Creating Security Objects
• Lab 19: Creating Network Objects
• Lab 20: Create and Deploy EMEA-DC2 Policy Group
• Lab 21: Creating Additional UX-2.0 Policies
• Lab 22: Topology
• Lab 23: Template Backup and Restore
• Lab 24: Network Wide Path Insight