EMAIL SUPPORT
dclessons@dclessons.comLOCATION
USSD-WAN Deployment Option & Licencing
There are two methods of deployments
- Physical deployment
- Virtual Deployment
Cisco SD-WAN can connect to any transport and each vEdge router have almost 7 interface which can provide connectivity to different WAN circuits
Physical Platforms support Cisco ISR , ASR and Cisco vEdges. Virtual platform like CSR-1000v ( running XE SD-WAN ) and Cisco vEdge Cloud are supported on public cloud like AWS , Google and Azure, where as they are also supported on private cloud, runs on either VMware EXSi or KVM Hypervisors.
These Virtual Platform can also be deployed on branch via Cisco Enterprise Network Compute Systems (ENCS) abd Cisco Cloud Services platform(CSP). These Platform also supports integration with different VNFs like Firewalls ot third party virtual appliances.
Controller Deployment Method:
The SD-WAN architecture provides maximum flexibility for deploying the controllers: Cisco vManage, vSmart, and vBond.
Controllers are deployed in the cloud or on-premises in one of three ways:
Cisco CloudOps hosts in the cloud (recommended approach)
The CloudOps team deploys the controllers in Amazon Web Services (AWS) or Microsoft Azure. Single or multiple zones are available for deployment. Most customers opt for Cisco cloud-hosted controllers for ease of deployment and flexibility in scaling. Cisco provisions the controllers with certificates and meets the requirements for scale and redundancy. Also, Cisco is responsible for backups, snapshots, and disaster recovery. The customer has access to vManage to manage device configurations and build control and data policies for the overlay. When you choose a cloud-based subscription for your SD-WAN controllers, Cisco deploys vManage, vBond, and vSmart on the public cloud. Cisco then grants you administrator access. By default, a single controller each for vManage, vBond, and vSmart are deployed in the primary cloud region, and an extra controller each for vBond and vSmart are deployed in the secondary or backup region. In addition to this dedicated overlay deployment, CloudOps supports a shared overlay deployment option, enabling multiple, smaller customers to share the same controllers. For MSPs, the CloudOps team can deploy dedicated multitenant overlays. In this type of deployment, hosting SD-WAN controllers, such as vManage, vBond, and vSmart, is dedicated to a service provider. The controllers operate in multitenant mode, and the MSP hosts shared overlays for its end customers.
MSP or partner hosts in the cloud
In this approach, the MSP or partner hosts in the cloud privately or publicly by deploying in AWS or Azure. Typically, the MSP or partner must provision the controllers and is responsible for backups and disaster recovery.
Organization hosts in a private cloud or data center onsite
In this approach, the customer must provision the controllers and is responsible for backups and disaster recovery. Financial institutions and government entities often choose to run on-premises deployments for security and compliance reasons.
MSPs can offer a range of services and management solutions to clients using any of these deployments.
Controller can be deployed in following defined method:
- On Premise
- Hosted Environment
With cloud-hosted deployments, controllers can be deployed in AWS or Azure. With on-premises or service provider–hosted deployments, controllers are deployed in a data center on VMware vSphere ESXi (ESXi) or Linux Kernel-based Virtual Machine (Linux KVM) servers as virtual machines (VMs).
Controllers must be IP-reachable from the edge devices and other controllers. However, the actual location is flexible:
You can have controllers deployed entirely in the cloud, which is recommended. Azure and AWS are supported directly and integrated into the solution. You can deploy in single or multiple availability zones.
You can deploy controllers entirely on-premises, using public and private transport networks.
You can mix the two deployment models, as long as the controllers can reach each other on an IP level and the WAN Edge devices can reach the controllers.
vEdge Cloud Virtual Routers deployment Method
VEdge can be deployed in following different method
Cisco/Partner Managed Service: AWS Instances
Cisco SD-WAN components can also be deployed on AWS instance on cloud, some brief deployment option are given below
vBond Orchestrator Server Recommendation:
Below are the Server requirement to run vBond orchestrator on VMware ESXi or KVM server. It is depends on the number of devices you deploy in overlay network
vEdge Cloud Router Server Recommendation:
Below table lists about resource required for vEdge Cloud router on ESXi or KVM server.
vManage NMS Server Recommendation:
Again the resource required to run vManage on ESXi or KVM server vary depending upon number of devices you deploy in overlay network
If you have small overlay network with small number of devices , but they generate large number of DPI or Cflowd data than it is recommended to use device specification given for 251 to 1001 or more devices
vSmart Controller Server Recommendation:
The resources required to run vSmart controller on ESXi or KVM server depends upon number of devices you deploy in overlay network. Following are vSmart Controller Server recommendation:
Hypervisor Compatibility Matrix for vManage, vSmart, vBond and vEdgeCloud
TABLE OF CONTENTS
- Onboarding & Provisioning Configuring Templates
- Authentication between vSmart & vBond
- Authentication between vSmart Controller
- Authentication between vBond & vEdge Router
- Authentication between vEdge Router & vManage NMS
- Authentication between vSmart Controller & vEdge Router
- Viptela Specific Port Terminology
- Deploy & Configure vManage & Generate Certificate
- Deploy & Configure vBond & Generate Certificate
- Deploy & Configure vSmart & Generate Certificate
- Configure vEdge & Generate Certificate
- Secure DataPlane Bringup
- Enterprise CA for SDWAN Instances
- Control Plane & Data Plane Operation - Unicast Routing Overview
- Configuring OMP & Its attributes
- Configure Unicast Overlay Routing
- Routing Configuration Example
- Segmentation Overview
- Configuring Segmentation
- Segmentation Configuration Example
- Data Traffic across Private WANs
- NAT in SDWAN & Data Encryption
- SD-WAN Viptela Policy Overview
- SD-WAN Centralized & Localized Control Policy Overview
- SD-WAN Centralized & Localized Data Policy
- Application – Aware Routing Overview
- Service Chaining
- Traffic Flow Monitoring
- vEdge Router as NAT Device
- Zone Based Firewalls
- Configuring Application Aware Routing
- Configure Centralized Control Policy
- Configuring Centralized Data Policy
- Configuring Cflowd Traffic Monitoring
- Configuring Zone based Firewall
- Service Chaining Configuration Example
- Configuring Service Side NAT
- Configuring Transport side NAT
RECENT POSTS
- How Our Online Python Certification Will Prepare You for a Career in Network Automation
- What You'll Learn in Juniper Mist Labs: A Deep Dive into AI-Driven Wireless Networking
- 10 Benefits of Studying Cisco ISE for Network and Security Folks
- Which AWS Advanced Networking Labs Course Includes # Real World Traffic Flows and Examines Objectives?
- How Do You Practice Cisco Nexus Configuration with Online Labs, No Physical Equipment?
- Why Cisco SD-WAN Viptela Training is Necessary in the Current Cloud-First Networking Age
- 5 Best Reasons to Learn Cisco SD-Access: From Networking Issues to Automation Solutions
- What is Cisco SD-LAN? A Beginner’s Guide to Software-Defined Access
- Why Enroll in Cisco UCS Online Training? Key Benefits for Network Engineers
- Why Python Network Automation Training is a Must-Have for Modern IT Engineers
LEAVE A COMMENT
Please login here to comment.