Cisco SD-WAN stands for Cisco Software-Defined Wide Area Network. It is a modern network architecture that allows network management and optimization from a central location using automated configurations and templates. SD-WAN is designed to bring greater flexibility, performance, and security to wide area network (WAN) environments.
The traditional approach to WANs involves placing physical devices at sites that are connected via various data connectivity to Internet providers. At these facilities, IPSEC tunnels were configured to "connect" remote offices to the central office. The encrypted connection ensured the privacy of the communication.
The Cisco SD-WAN solution is based on a central management system, through which the entire solution is managed. Individual sites are automatically connected to the network, without the need to configure the device. Using templates and automation scripts, devices can be centrally managed. Thanks to the central management, the end devices focus only on sending data, all decision-making and management is handled by dedicated elements located in the customer's network or in the cloud.
Pillars of SD-WAN:
The solution can be implemented on ISR 4xxx, ISR 1000, C8000 and C8000v series routers
Central vManage can be installed in a local network or cloud environment
Department of control, management and data plane
Central management of solutions from the vManage console
Support for multiple WAN connections
Routing based on application traffic
Integrated security (NGFW, IPS, AMP, UMBRELA...)
End-to-End visibility of the applications being transferred and the state of the transport network
QoS policy for infrastructure applications
Centralized network management from one place. The solution makes it easy to configure, manage and monitor the entire network.
Optimise network traffic and enable fast and reliable connectivity for applications at all locations. Network traffic is dynamically routed over different connections (e.g. MPLS, Internet, LTE) based on current network conditions, ensuring the best possible quality of service and minimizing latency.
Direct Internet Access, allows direct access to the Internet for critical applications without the need to communicate through a central hub.
Wide possibilities for network expansion and adaptation to new requirements.
Integrated security protection for network traffic. Includes firewall, data encryption, threat protection and the ability to implement various security policies.
Monitor transport networks and select the best path for critical applications.
Optimizing cloud connectivity, thanks to DIA (Direct Internet Access). Traffic that must not be modified or decrypted can be routed directly to the Internet without the need to communicate through a central hub.
