What is Cisco SD-WAN?

Cisco SD-WAN is a secure, cloud-scale architecture that is open, programmable, and scalable. Through the Cisco vManage console, administrators can quickly establish an SD-WAN overlay fabric to connect data centers, branches, campuses, and other facilities to improve network speed, security, and efficiency. Cisco SD-WAN is an open, software-based solution that is flexible and easy to deploy. Customers have the freedom to implement it as an on-premises workload or in the cloud - giving customers a simple, cloud-managed Cisco SD-WAN solution that leverages existing hardware.

Following are the primary components of the Cisco SD-WAN architecture:

  • vSmart Controller - Central management of routing, policy, security, segmentation, and authentication of devices

  • vManage - A centralized dashboard for configuration and management

  • vEdge Routers - Full-featured IP routers that perform standard functions such as Border Gateway Protocols, Open Shortest Path First, Access Control Lists, Quality of Service, and various routing policies in addition to the overlay communication.

  • vBond Orchestrator - Initial authentication and authorization of all elements into the network; provides the information on how each of the components connects to other components.

Of these four components, the vEdge router can be a Cisco SD-WAN hardware device or software that runs as a virtual machine, and the remaining three are software-only components. The software vEdge router, Cisco vManage, and Cisco vSmart Controller software runs on servers, and the vBond orchestrator software runs as a process (daemon) on a vEdge router.

Cisco SD-WAN offering is a segmented network overlay that uses encryption for security, enforces policies locally and from a central location, and can integrate with third party services with ease.

Figure 1 : Architecture of Cisco SD-WAN solution plane

Each layer of Figure 1 has specific functions that are described below:

  • The Orchestration layer or plane provides automatic onboarding of SD-WAN routers in SD-WAN enabled Overlay.

  • The Management plane helps in central configuration and monitoring of SD-WAN components and Overlay.

  • The Control Plane is helpful in building and maintaining network topology and based on control plane takes decision for all traffic flows

  • The Data plane is responsible for forwarding data traffic based on decision taken from control plane