Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Cisco SD-WAN Solution Overview

Networking Solution Solution Overview

Available Languages

Download Options

  • PDF
    (1.6 MB)
    View with Adobe Reader on a variety of devices
Updated:October 20, 2020

Get 12 months or more free on a Cisco SD-WAN subscription for routers you already own. Start on SD-WAN innovation today.

Available Languages

Download Options

  • PDF
    (1.6 MB)
    View with Adobe Reader on a variety of devices
Updated:October 20, 2020
 

 

Deploy cloud-based applications without compromise

Introduction

Digital transformation is changing IT architectures across the world. Your network team must now manage complex edge and multicloud environments to ensure consistent everyday operations. Everything must operate as a single WAN.

The Internet of Things (IoT) and Operational Technology (OT) create even more complexity and place additional demands on your network. These connected endpoints proliferate on your network while workforce mobility grows. Access to information, optimal performance, and comprehensive security must be delivered no matter where people work. There can be no compromise.

It’s a challenge for any IT team, but it’s one that can be navigated with confidence when you choose Cisco® SD-WAN.

Only Cisco provides a complete SD-WAN fabric for unparalleled control over your network with automated security built into the solution, creating optimal, secure connectivity from branch to colocation facility and cloud.

Overview

Using the Cisco SD-WAN dashboard (Figure 1), you can quickly connect all company data centers, core and campus locations, WAN branches, colocation facilities, cloud infrastructure, and remote workers. To enable this, Cisco SD-WAN applies the Overlay Management Protocol (OMP) to your entire network. Cisco SD-WAN simplifies IT operations with automated provisioning, unified policies, and streamlined management, making changes, updates, and resolutions in record time. You gain advanced network functionality, reliability, and security.

The Cisco SD-WAN dashboard

Figure 1.               

The Cisco SD-WAN dashboard

Licensing

     Cisco DNA for SD-WAN and Routing subscriptions are available in three subscription tiers. Subscriptions can be purchased either transactionally or as an enrollment in a Cisco DNA Enterprise Agreement. Software licenses are portable across cloud and premises, are easy to upgrade across tiers, and include Software Support Service (SWSS).

     Software tiers:

    Cisco DNA Essentials for SD-WAN and Routing: Centralized, secure SD-WAN management for up to 50 devices. Optimized for cloud connectivity.

    Cisco DNA Advantage for SD-WAN and Routing: Unlimited SD-WAN segmentation, plus network and application assurance using WAN optimization and real-time analytics.

    Cisco DNA Premier for SD-WAN and Routing: Enables secure enterprise cloud edge functionality featuring Cisco Umbrella® secure internet gateway and Cisco Threat Grid.

The Cisco SD-WAN secure, cloud-scale architecture

Figure 2.               

The Cisco SD-WAN secure, cloud-scale architecture

Cisco provides a flexible architecture to extend SD-WAN to any environment (Figure 2). Whether you deploy your product in the cloud or on-premises, Cisco SD-WAN automatically discovers, authenticates, and provisions both new and existing devices.

After connecting to Cisco SD-WAN, each network device is able to find the best path to the applications your users need. Cisco SD-WAN is able to use any transport method (satellite, broadband, MPLS, 5G/LTE) from any location (core, edge, cloud) for any network service (security, application quality of experience, voice). Through OMP, Cisco SD-WAN supports both common and advanced routing protocols that are necessary for managing networks across the WAN and cloud, such as Border Gateway Protocol (BGP), Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), Virtual Router Redundancy Protocol (VRRP), and IPv6. Cisco SD-WAN provides this flexibility in both full and partial mesh encrypted deliveries, allowing for the utmost customization based on your needs.

Unique capabilities

Cisco SD-WAN can give your IT department control over the WAN, edge, and cloud as one network, all without compromise. The following capabilities combine to create a single fabric across your entire IT environment, from a single user to the cloud applications they need.

Cisco SD-WAN connects your core, edge and cloud

Figure 3.               

Cisco SD-WAN connects your core, edge and cloud

Multicloud choice and control

Businesses are using not just one cloud data center in their IT operations, but several clouds across Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS) (Figures 3 and 4). Connecting these workloads and applications together with the WAN and remote users is a challenge.

To help reduce this complexity, Cisco SD-WAN provides the ability to connect any WAN location to multiple cloud platforms, increasing connection speeds and enhancing connection reliability. Cisco SD-WAN Cloud OnRamp creates a WAN extension into your IaaS workloads, provides dynamic path selection for optimal SaaS application performance, and gives you the ability to consolidate branch office egress points into regional colocation facilities.

Monitoring underlay performance via the Cisco SD-WAN dashboard, Cisco SD-WAN Cloud OnRamp automatically selects the fastest, most reliable path to the cloud infrastructure, no matter where your end users are located. In the event of network service interruptions beyond your control, Cisco SD-WAN Cloud OnRamp will adjust paths as necessary, helping ensure continuous uptime and predictable performance.

SD-WAN Cloud OnRamp for IaaS

Cisco SD-WAN Cloud OnRamp for IaaS, PaaS, and SaaS applications

Figure 4.               

Cisco SD-WAN Cloud OnRamp for IaaS, PaaS, and SaaS applications

Cisco SD-WAN makes connecting the company WAN to IaaS environments such as AWS and Azure simple, automated, and secure—as though the cloud databases themselves are part of the corporate network. In the Cisco SD-WAN console, your network and operations teams can automate virtual private cloud connections to IaaS environments (Figure 5), extending the Cisco SD-WAN OMP to the cloud. Cisco SD-WAN applies automated connectivity requirements (loss, latency, and jitter) to find the optimal path to cloud IaaS applications, adjusting the IPsec route as needed to help ensure service delivery and performance while monitoring the hosting infrastructure for anomalies.

Dynamic path selection in Cisco SD-WAN Cloud OnRamp for IaaS

Figure 5.               

Dynamic path selection in Cisco SD-WAN Cloud OnRamp for IaaS

SD-WAN Cloud OnRamp for SaaS

In addition to building application workloads in IaaS cloud environments, many companies today use SaaS applications for streamlined operations. As with IaaS, connectivity to these applications requires sharing resources with other customers on distant hardware. Fortunately, Cisco SD-WAN Cloud OnRamp for SaaS makes connecting to and securing these SaaS environments simple.

Partnering with several SaaS providers, Cisco SD-WAN Cloud OnRamp automatically selects the fastest, most reliable path to SaaS applications for your users (Figure 6), engaging in real-time traffic steering to deliver the best user experience no matter where they are located. Should an internet service issue cause connectivity that falls below your benchmarks, Cisco SD-WAN Cloud OnRamp finds the next best path to help ensure continued application performance. Enjoy up to 40 percent faster performance for Office 365 with Cisco SD-WAN. In fact, Cisco has partnered with over 16 leading SaaS vendors to deliver superior application performance compared to competing SD-WAN solutions.

Dynamic path selection in Cisco SD-WAN Cloud OnRamp for SaaS

Figure 6.               

Dynamic path selection in Cisco SD-WAN Cloud OnRamp for SaaS

SD-WAN Cloud OnRamp for Colocation

Cisco SD-WAN refines distributed architectures so that colocations can serve as regional hubs for branches with both Multiprotocol Label Switching (MPLS) and Direct Internet Access (DIA). Colocation hubs streamline multicloud access by reducing the number of egress points to the cloud, regionalize security to reduce the attack surface, and encourage network efficiency through easier enforcement of end-user application policy.

By consolidating branches, remote offices, and even remote worker connectivity into a colocation facility (Figure 7), you can bring users closer to the services and applications they use, improving the application experience by. In addition, Cisco SD-WAN Cloud OnRamp for Colocation can help address data sovereignty requirements for compliance and privacy legislation. Finally, Cisco SD-WAN Cloud OnRamp for Colocation provides simple, efficient scaling capabilities for consolidating network function deployments.

Cisco SD-WAN Cloud OnRamp for Colocation

Figure 7.               

Cisco SD-WAN Cloud OnRamp for Colocation

A better SD-WAN fabric

Unified communications capabilities in Cisco SD-WAN

Figure 8.               

Unified communications capabilities in Cisco SD-WAN

Cisco patented the world’s first commercial router and possesses deep expertise in networking technologies. As a result, Cisco for your SD-WAN provides a more complete network fabric than other solutions.

Transitioning from a WAN to an SD-WAN should be simple—you shouldn’t have to compromise capabilities for convenience. Cisco SD-WAN, with its cloud controller architecture and overlay, supports many unified communications technologies and capabilities in its console, including centralized call and messaging control; Session Initiation Protocol (SIP) integration; centralized configuration and administration; analog, voice, and fax support; Cisco Unified Communications Manager; and Cisco Webex® Calling; and it includes outage survivability and emergency functionality such as 911 calling (Figure 8).

Multicast routing support allows your business to more efficiently manage many critical application streams. Whether you are managing video distribution, remote collaboration, a periodic push, or interactive simulation, policies and Quality of Service (QoS) are made simple (Figure 9).

Multicast routing support in Cisco SD-WAN automates several key use cases

Figure 9.               

Multicast routing support in Cisco SD-WAN automates several key use cases

Security that is built in, not bolted on

As the largest enterprise cybersecurity and networking provider, Cisco can deploy a complete security solution. either on-premises or with Cisco Umbrella cloud security. Enabling DIA with SD-WAN provides more efficient SaaS and internet connectivity but has security blind spots. Web-based attacks are a major source of threats. Cisco’s on-premises and cloud security provides strong protection against web-based attacks and delivers a complete set of features such as enterprise firewalls, cloud access security broker, secure web gateways, malware protection, intrusion prevention system, URL filtering, and DNS-layer protection. Plus you can implement segmentation across the entire network to isolate and protect critical assets (Figure 10). By choosing Cisco SD-WAN, you gain the ability to automate the right security in the right place, all from a single dashboard.

Cisco SD-WAN built-in on-premises security or Cisco Umbrella cloud security

Figure 10.           

Cisco SD-WAN built-in on-premises security or Cisco Umbrella cloud security

After a simple software upgrade, you can transform your purpose-built Cisco SD-WAN routers into advanced, multilayered security devices. Whether you deploy your SD-WAN security on-premises or in the cloud, Cisco SD-WAN uses real-time threat intelligence from Cisco Talos®, one of the largest commercial threat intelligence teams in the world, made up of world-class researchers, analysts, and engineers. After a few simple clicks in the dashboard (Figure 11), Cisco SD-WAN will harden your entire network from core to edge and cloud with security capabilities such as Next- Generation Firewall (NGFW), Cisco Umbrella secure internet gateway, and Advanced Malware Protection (AMP). No other SD-WAN solution delivers this level of comprehensive routing and threat intelligence on a certified trustworthy infrastructure.

Only Cisco can deploy multilayered security across the network in an automated manner. As a result, end users—whether in the data center, in a branch, on the campus, or in a remote location—can enjoy protection from a multitude of security threats. Cisco SD-WAN makes comprehensive network security simple, protecting your business against data exfiltration and insider threats.

Setting up security policies in Cisco SD-WAN

Figure 11.           

Setting up security policies in Cisco SD-WAN

Quote

 

Quote

 

Visibility and analytics

Analytics dashboard in Cisco SD-WAN

Figure 12.           

Analytics dashboard in Cisco SD-WAN

With the advanced analytics capabilities in Cisco SD-WAN, you can quickly provide stakeholders with the visibility necessary to plan WAN expansions and application deployments while isolating any service issues from core to cloud (Figure 12). Additional features include:

     End-to-end visibility into applications and infrastructure across the entire SD-WAN fabric

     Real-time information for failure correlation, cross-customer benchmarking, and application performance scores

     “What-if” scenarios for performance forecasting

     Assistance in planning application provisioning, bandwidth increases, and branch expansions

     Intelligent recommendations based on existing policies, templates, and preferences

     Application QoS categorization and policy changes for predictable performance

In addition, with an enhanced event correlation engine, Cisco SD-WAN helps you cut through noisy raw event data, using its contextual analysis to understand when to turn service interruptions into alarms. This capability drastically reduces false positives and unnecessary escalations, saving your IT department time so it can focus on what matters.

Cisco SD-WAN provides advanced analytics, monitoring, and automation for any connection across your network, whether MPLS or beyond the cloud edge. With Cisco SD-WAN, you can help ensure that users enjoy optimal speeds and the best performance from the applications they need for success.

Enjoy improved productivity and an enhanced user experience with consistent, secure access to business applications on certified trustworthy hardware.

SD-WAN platforms

Cisco SD-WAN platform capabilities

Figure 13.           

Cisco SD-WAN platform capabilities

Cisco offers the widest selection of platforms and appliances so that you can deploy SD-WAN anywhere (Figure 13). No other SD-WAN solution offers the quality and reach of Cisco SD-WAN. With Cisco SD-WAN, you can create the most comprehensive fabric possible, scaling your entire business into hybrid and multicloud environments with ease.

Quote

Edge

Edge locations are at the forefront of digital transformation. These locations vary widely, from branch offices to restaurants and sports stadiums. They’re united in requiring reliable security, connectivity, and application storage for IoT. Deploy Cisco SD-WAN on Cisco Catalyst 8300 Series Edge Platforms, vEdge 100 and 1000 routers or 1100 Series Integrated Services Routers (ISRs) with Viptela OS, or on Cisco 1000 or 4000 Series ISRs with Cisco IOS® XE. Cisco SD-WAN can also be deployed on SD-Branch solutions such as the Cisco 5000 Series Enterprise Network Compute System (ENCS) and Cisco UCS® E-Series platforms using Network Functions Virtualization (NFV). In addition, you can extend Cisco SD-WAN into adverse conditions such as industrial facilities, vehicles, and factories with the Cisco 1101 Industrial ISR (IR 1101) for mission-critical use cases. The IR 1101 offers stronger industrial router security and simplified management with SD-WAN architecture, edge compute, and Cisco IOS XE.

Core

Core locations are the backbone of any corporate WAN and include data centers and campuses. These locations have heavy traffic and require powerful throughput capabilities, resilient connectivity, and built-in security. Deploy Cisco SD-WAN at the core with the Cisco Catalyst 8500 Series Edge Platforms, vEdge 2000 or 5000 routers with Viptela OS, or the Cisco ASR 1000 Series Aggregation Services Routers with Cisco IOS XE to connect your core to the SD-WAN fabric.

Colocation

Simplify WAN management with Cisco SD-WAN Cloud OnRamp for Colocation. Deploy regional hub solutions on the Cisco Cloud Services Platform 5000.

Cloud

Cisco SD-WAN extends control and connectivity to cloud environments such as AWS and Azure. Deploy Cisco SD-WAN in cloud environments through the Cisco Catalyst 8000V Edge Software or the Cloud Services Router 1000V Series.

Getting started

There’s no question that businesses undergoing digital transformation are seeing their IT architectures change—and the challenges are enormous. Choose Cisco SD-WAN for the latest in networking and security technology, built with the trust earned from a history of innovation. Visit https://www.cisco.com/c/en/us/solutions/enterprise-networks/sd-wan/solution-overview.html?oid=%20otren012099 today to learn more.

Services

Cisco Services helps IT teams worldwide design, manage, and maintain some of the most sophisticated, secure, and intelligent platforms for digital business. Our innovation, expertise, and services quality, coupled with advanced analytics, automation, and security, help you bridge the talent gap, manage risk, deliver excellence, and stay ahead of the pace of change.

Quote

See more Cisco SD-WAN Customer Stories

How to buy

To view buying options and speak with a Cisco sales representative, visit www.cisco.com/c/en/us/buy.

Learn more