Cisco Software-Defined Wide Area Networks

Designing, Deploying and Securing Your Next Generation WAN with Cisco SD-WAN

; Dana Yanch ; Dustin Schuemann ; John Curran

Cisco Software-Defined Wide-Area Networks from Cisco Press will help you learn, prepare, and practice for exam success. This study guide is built with the objective of providing assessment, review, and practice to help ensure you are prepared for your certification exam. Les mer
Vår pris
775,-

(Produkt bestående av flere enkeltprodukter) Fri frakt!
Leveringstid: Sendes innen 7 virkedager

Produkt bestående av flere enkeltprodukter
Legg i
Produkt bestående av flere enkeltprodukter
Legg i
Vår pris: 775,-

(Produkt bestående av flere enkeltprodukter) Fri frakt!
Leveringstid: Sendes innen 7 virkedager

Om boka

Cisco Software-Defined Wide-Area Networks from Cisco Press will help you learn, prepare, and practice for exam success. This study guide is built with the objective of providing assessment, review, and practice to help ensure you are prepared for your certification exam.

Cisco Software-Defined Wide-Area Networks presents you with an organized test preparation routine using proven series elements and techniques. Key Topic tables help you drill on key concepts you must know thoroughly. Chapter-ending Review Questions help you to review what you learned in the chapter.


Master Implementing Cisco SD-WAN Solutions (ENSDWI 300-415) exam topics
Assess your knowledge with chapter-ending review questions
Review key terms 
Practice with realistic exam questions in the practice test software



Cisco Software-Defined Wide-Area Networks enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Four leading Cisco technology experts share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.

This study package includes



A test-preparation routine proven to help you pass the exams
Chapter-ending Key Topic tables, which help you drill on key concepts you must know thoroughly
Chapter-ending Review Questions, to review what you learned in the chapter
The powerful Pearson Test Prep Practice Test software, with two full exams comprised of well-reviewed, exam-realistic questions, customization options, and detailed performance reports
An online, interactive Flash Cards application to help you drill on Key Terms by chapter



Well regarded for its level of detail, study plans, assessment features, and review questions, this study guide helps you master the concepts and techniques that ensure your exam success.

This study guide helps you master the topics on the Implementing Cisco SD-WAN Solutions (ENSDWI 300-415) exam, including


Architecture
Controller Deployment
Router Deployment
Policies
Security and Quality of Service
Management and Operations


Companion Website:

The companion website contains the Pearson Test Prep practice test software with two full exams for the CCNP Enterprise SD-WAN exam ENSDWI 300-415 and Key Terms flash cards.

Includes Exclusive Offers for Up to 70% Off Practice Tests, and more

Pearson Test Prep online system requirements:

Browsers: Chrome version 73 and above; Safari version 12 and above; Microsoft Edge 44 and above. Devices: Desktop and laptop computers, tablets running on Android v8.0 and iOS v13, smartphones with a minimum screen size of 4.7". Internet access required.

Pearson Test Prep offline system requirements:

Windows 10, Windows 8.1; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases

Also available from Cisco Press for Cisco Certified DevNet Associate study is the Cisco Software-Defined Wide-Area Networks Premium Edition eBook and Practic Test. This digital-only certification preparation product combines an eBook with enhanced Pearson Test Prep Practice Test.

This integrated learning package:



Allows you to focus on individual topic areas or take complete, timed exams
Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
Provides unique sets of exam-realistic practice questions
Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most

Fakta

Innholdsfortegnelse

Introduction     xix
Chapter 1  Introduction to Cisco Software-Defined Wide Area Networking (SD-WAN)     1
Networks of Today     1
Common Business and IT Trends     4
Common Desired Benefits     5
High-Level Design Considerations     7
Introduction to Cisco Software-Defined WAN (SD-WAN)     9
    Transport Independence     10
    Rethinking the WAN     12
Use Cases Demanding Changes in the WAN     13
    Bandwidth Aggregation and Application Load-Balancing     13
    Protecting Critical Applications with SLAs     14
    End-to-End Segmentation     15
    Direct Internet Access     15
    Fully Managed Network Solution     16
Building an ROI to Identify Cost Savings     17
Introduction to Multidomain     18
    Cloud Trends and Adoption     19
Summary     21
Review All Key Topics     22
Key Terms     22
Chapter Review Questions     22
Chapter 2  Cisco SD-WAN Components     25
Data Plane     27
Management Plane     32
Control Plane     34
Orchestration Plane     36
Multi-Tenancy Options     38
Deployment Options     38
Summary     39
Review All Key Topics     39
Key Terms     40
Chapter Review Questions     40
References     42
Chapter 3  Control Plane and Data Plane Operations     43
Control Plane Operations     44
    Overlay Management Protocol     47
       OMP Routes     48
       TLOC Routes     52
       Service Routes     54
    Path Selection     56
    OMP Route Redistribution and Loop Prevention     58
Data Plane Operations     65
    TLOC Colors     66
    Tunnel Groups     70
    Network Address Translation     73
       Full Cone NAT     74
       Symmetric NAT     75
       Address Restricted Cone NAT     76
       Port Restricted Cone NAT     77
    Network Segmentation     81
    Data Plane Encryption     83
    Data Plane Encryption with Pairwise     86
Summary     88
Review All Key Topics     88
Key Terms     89
Chapter Review Questions     89
References     90
Chapter 4  Onboarding and Provisioning     91
Configuration Templates     93
Developing and Deploying Templates     97
Onboarding Devices     101
    Manual Bootstrapping of a WAN Edge     102
    Automatic Provisioning with PNP or ZTP     103
Summary     105
Review All Key Topics     106
Chapter Review Questions     106
References     107
Chapter 5  Introduction to Cisco SD-WAN Policies     109
Purpose of Cisco SD-WAN Policies     109
Types of Cisco SD-WAN Policies     110
       Centralized Policy     110
       Centralized Policies That Affect the Control Plane     111
       Centralized Policies That Affect the Data Plane     112
    Localized Policy     112
    Policy Domains     113
Cisco SD-WAN Policy Construction     115
Types of Lists     118
Policy Definition     119
Cisco SD-WAN Policy Administration, Activation, and Enforcement     122
    Building a Centralized Policy     122
    Activating a Centralized Policy     125
Packet Forwarding Order of Operations     127
Summary     128
Review All Key Topics     129
Define Key Terms     129
Chapter Review Questions     129
Chapter 6  Centralized Control Policies     133
Centralized Control Policy Overview     134
Use Case 1: Isolating Remote Branches from Each Other     136
    Use Case 1 Review     149
Use Case 2: Enabling Branch-to-Branch Communication Through Data Centers     149
    Enabling Branch-to-Branch Communication with Summarization     150
    Enabling Branch-to-Branch Communication with TLOC Lists     152
    Use Case 2 Review     168
Use Case 3: Traffic Engineering at Sites with Multiple Routers     169
    Setting TLOC Preference with Centralized Policy     171
    Setting TLOC Preference with Device Templates     177
    Use Case 3 Review     179
Use Case 4: Preferring Regional Data Centers for Internet Access     180
    Use Case 4 Review     188
Use Case 5: Regional Mesh Networks     188
    Use Case 5 Review     195
Use Case 6: Enforcing Security Perimeters with Service Insertion     195
    Use Case 6 Review     202
Use Case 7: Isolating Guest Users from the Corporate WAN     202
    Use Case 7 Review     206
Use Case 8: Creating Different Network Topologies per Segment     206
    Use Case 8 Review     210
Use Case 9: Creating Extranets and Access to Shared Services     211
    Use Case 9 Review     222
Summary     223
Review All Key Topics     223
Define Key Terms     224
Chapter Review Questions     224
Reference     226
Chapter 7  Centralized Data Policies     227
Centralized Data Policy Overview     228
Centralized Data Policy Use Cases     228
    Use Case 10: Direct Internet Access for Guest Users     230
       Use Case 10 Review     242
    Use Case 11: Direct Cloud Access for Trusted Applications     243
       Use Case 11 Review     253
    Use Case 12: Application-Based Traffic Engineering     253
       Use Case 12 Review     260
    Use Case 13: Protecting Corporate Users with a Cloud-Delivered Firewall     261
       Use Case 13 Review     269
    Use Case 14: Protecting Applications from Packet Loss     269
       Forward Error Correction for Audio and Video     270
       Packet Duplication for Credit Card Transactions     274
       Use Case 14 Review     280
Summary     280
Review All Key Topics     281
Define Key Terms     282
Chapter Review Questions     282
References     284
Chapter 8  Application-Aware Routing Policies     285
The Business Imperative for Application-Aware Routing     286
The Mechanics of an App-Route Policy     286
Constructing an App-Route Policy     287
Monitoring Tunnel Performance     294
       Liveliness Detection     295
       Hello Interval     295
       Multiplier     297
    Path Quality Monitoring     298
       App-Route Poll Interval     298
       App-Route Multiplier     300
Mapping Traffic Flows to a Transport Tunnel     304
    Packet Forwarding with Application-Aware Routing Policies     304
       Traditional Lookup in the Routing Table     305
       SLA Class Action     306
Summary     315
Review All Key Topics     316
Define Key Terms     316
Chapter Review Questions     316
Chapter 9  Localized Policies     319
Introduction to Localized Policies     319
Localized Control Policies     320
Localized Data Policies     334
Quality of Service Policies     338
    Step 1: Assign Traffic to Forwarding Classes     339
    Step 2: Map Forwarding Classes to Hardware Queues     341
    Step 3: Configure the Scheduling Parameters for Each Queue     341
    Step 4: Map All of the Schedulers Together into a Single QoS Map     342
    Step 5: Configure the Interface with the QoS Map     343
Summary     346
Review All Key Topics     347
Chapter Review Questions     347
Chapter 10  Cisco SD-WAN Security     349
Cisco SD-WAN Security: Why and What     349
Application-Aware Enterprise Firewall     352
Intrusion Detection and Prevention     360
URL Filtering     367
Advanced Malware Protection and Threat Grid     372
DNS Web Layer Security     377
Cloud Security     381
vManage Authentication and Authorization     384
    Local Authentication with Role-Based Access Control (RBAC)     384
    Remote Authentication with Role-Based Access Control (RBAC)     387
Summary     389
Review All Key Topics     389
Define Key Terms     389
Chapter Review Questions     389
Chapter 11  Cisco SD-WAN Cloud onRamp     393
Cisco SD-WAN Cloud onRamp     393
Cloud onRamp for SaaS     394
Cloud onRamp for IaaS     412
Cloud onRamp for Colocation     429
    Why Colocation?     432
    How It Works     432
    Service Chaining for a Single Service Node     434
    Service Chaining for Multiple Service Nodes     436
    Service Chaining and the Public Cloud     436
       Infrastructure as a Service     438
       Software as a Service     438
       Redundancy and High Availability     440
       Service Chain Design Best Practices     440
    Configuration and Management     442
       Cluster Creation     442
       Image Repository     449
       Service Chain Creation     449
    Monitoring     454
Summary     455
Review All Key Topics     456
Define Key Terms     456
Chapter Review Questions     456
Chapter 12  Cisco SD-WAN Design and Migration     459
Cisco SD-WAN Design Methodology     459
Cisco SD-WAN Migration Preparation     460
Cisco SD-WAN Data Center Design     462
    Transport-Side Connectivity     463
    Loopback TLOC Design     465
    Service-Side Connectivity     466
Cisco SD-WAN Branch Design     469
    Complete CE Replacement—Single Cisco SD-WAN Edge     470
    Complete CE Replacement—Dual Cisco SD-WAN Edge     471
    Integration with Existing CE Router     475
    Integration with a Branch Firewall     476
    Integration with Voice Services     478
Cisco SD-WAN Overlay and Underlay Integration     480
    Overlay Only     480
    Overlay with Underlay Backup     481
    Full Overlay and Underlay Integration     485
Summary     490
Review All Key Topics     490
Chapter Review Questions     490
Chapter 13  Provisioning Cisco SD-WAN Controllers in a Private Cloud     493
SD-WAN Controller Functionality Recap     493
Certificates     496
vManage Controller Deployment     501
    Step 1: Deploy vManage Virtual Appliance on VMware ESXi or KVM     503
    Step 2: Bootstrap and Configure vManage Controller     506
    Step 3/4: Set Organization Name and vBond Address in vManage; Install Root CA Certificate     506
    Step 5: Generate, Sign, and Install Certificate onto vManage Controller     511
vBond Controller Deployment     513
    Step 1/2/3: Deploy vBond Virtual Machine on VMware ESXi; Bootstrap and Configure vBond Controller; Manually Install Root CA Certificate on vBond     514
    Step 4/5: Add vBond Controller to vManage; Generate, Sign, and Install
Certificate onto vBond Controller     516
vSmart Controller Deployment     518
    Step 1/2/3: Deploy vSmart Virtual Machine from Downloaded OVA; Bootstrap and Configure vSmart Controller; Manually Install Root CA Certificate on vSmart     519
    Step 4/5: Add vSmart Controller to vManage; Generate, Sign, and Install Certificate onto vSmart Controller     520
Summary     523
Review All Key Topics     524
Define Key Terms     524
Chapter Review Questions     524
References     526
Appendix A:  Answers to Chapter Review Questions     527
Appendix B:  Example 7-17     539
Glossary of Key Terms     553
Index     557

Om forfatteren

Jason Gooley, CCIE No. 38759 (RS and SP), is a very enthusiastic and spontaneous person who has more than 25 years of experience in the industry. Currently, Jason works as a Technical Evangelist for the Worldwide Enterprise Networking Sales team at Cisco Systems. Jason is very passionate about helping others in the industry succeed. In addition to being a Cisco Press author, Jason is a distinguished speaker at Cisco Live, contributes to the development of the Cisco CCIE and DevNet exams, provides training for Learning@Cisco, is an active CCIE mentor, is a committee member for the Cisco Continuing Education Program (CE), and is a program committee member of the Chicago Network Operators Group (CHI-NOG), www.chinog.org. Jason also hosts a show called MetalDevOps. 

Dana Yanch, CCIE No. 25567 (RS,DC) CCDE No. 20130071, at the time of writing content for this book was a Global Technical Solutions Architect at Cisco focused on designing and deploying SD-WAN solutions for large enterprises around the world. Prior to spending the last six years working with Viptela and other SD-WAN technologies, Dana had a focus on fabric-based data center technologies. Dana has presented at several Cisco Live Events worldwide and has a passion for public speaking and mentorship. Dana can now be found at Aviatrix, the multi-cloud networking platform, designing cloud connectivity architectures every single day.

Dustin Schuemann, CCIE No. 59235 (R&S), is a Technical Solutions Architect at Cisco Systems. Within the Demo CoE organization, Dustin is a subject matter expert on all things SD-WAN, including development of SD-WAN demo offerings and CPOC labs for some of Cisco’s largest customers. He has been a distinguished speaker at Cisco Live multiple times, where he has presented on multiple topics around Cisco SD-WAN. Dustin has more than 17 years of experience in the network engineering field, and before Cisco he was a network architect for multiple firms within the manufacturing and financial industries. He is very passionate about giving back to the IT community and helping to mentor other network engineers. Dustin currently resides in Raleigh, North Carolina.

John Curran is a Technical Solutions Architect with Cisco’s Global Virtual Engineering team, where he assists customers and partners with the design of their next-generation networks. John is a subject matter expert in routing and SD-WAN and is excited to spend time teaching and training on these topics. John presents regularly at Cisco Live events around the world and has been repeatedly recognized as a Distinguished Speaker. In his prior role at Cisco, John worked as a Network Consulting Engineer for Cisco’s Advanced Services team, supporting government and education customers. John holds a Bachelor of Science degree in Computer Engineering Technology from the University of Cincinnati.