The Overlooked 300-415 ENSDWI Pitfall: Are You Next?

The journey to Cisco certification is often paved with good intentions, late-night studies, and countless cups of coffee. Yet, for many pursuing the Implementing Cisco Catalyst SD-WAN Solutions certification, represented by the challenging 300-415 ENSDWI exam, an insidious pitfall lies in wait. It's not always a lack of knowledge, but rather a series of common, often overlooked, mistakes that can derail even the most dedicated candidate.

Are you meticulously preparing for your 300-415 ENSDWI exam? Are you confident you're covering every angle? This article aims to shine a spotlight on these hidden dangers, offering cautionary insights and practical, supportive guidance to help you navigate the complexities of Cisco Catalyst SD-WAN and emerge victorious. Let's uncover the traps before you fall into them.

Understanding the 300-415 ENSDWI Landscape: More Than Just an Exam

The Cisco 300-415 ENSDWI exam is a critical component for anyone aiming to validate their expertise in Cisco Catalyst SD-WAN solutions. It's part of the broader CCNP Enterprise certification track, signifying a specialist level of understanding. But what exactly does this exam entail?

Exam at a Glance: What to Expect

Before diving into the pitfalls, it's crucial to grasp the exam's structure and demands. The Cisco 300-415 ENSDWI exam is not merely a test of recall; it assesses your ability to implement, manage, and troubleshoot complex SD-WAN environments.

• Exam Name: Implementing Cisco Catalyst SD-WAN Solutions
• Exam Code: 300-415 ENSDWI
• Exam Price: $300 USD
• Duration: 90 minutes
• Number of Questions: 55-65
• Passing Score: Variable (typically 750-850 out of 1000)

The sheer breadth and depth of topics, combined with time pressure, make it imperative to have a robust preparation strategy. Many candidates search for "How to pass Cisco 300-415 ENSDWI exam" or "Cisco 300-415 ENSDWI exam difficulty" – and for good reason. It's not a walk in the park.

The Overarching Pitfall: Underestimating Practical Application

One of the most common oversights for the 300-415 ENSDWI is treating it purely as a theoretical exam. Cisco exams, especially at the professional level, demand hands-on experience. Candidates often focus solely on "Cisco 300-415 ENSDWI study guide" materials without complementing them with lab work. This leads to a disconnect between conceptual understanding and practical implementation, a gap that the exam effectively exploits.

Pitfall 1: Neglecting the Official Exam Blueprint

Before you even open a study guide, the first step should be a thorough dissection of the official exam topics. Many candidates gloss over this, assuming their chosen "Cisco 300-415 ENSDWI study guide" covers everything perfectly. This is a critical mistake.

Why the Blueprint is Your Bible

The official exam blueprint, available on the Cisco Learning Network, outlines the exact "Cisco 300-415 exam blueprint topics" and their weightage. Each topic is broken down into specific capabilities you're expected to demonstrate. Failing to meticulously review this document means you might be studying irrelevant material or, worse, not giving enough attention to highly weighted sections.

For instance, if "Router Deployment" accounts for 20% of the exam, but you spend 80% of your time on "Architecture," you're setting yourself up for failure. A balanced approach based on the blueprint is essential for efficient preparation for the Cisco 300-415 ENSDWI. This also ties into mastering "Cisco Catalyst SD-WAN configuration exam topics."

Pitfall 2: Superficial Understanding of Architecture (20%)

The Architecture section lays the foundation for all other topics. A common pitfall here is memorizing definitions rather than truly understanding the interplay of components.

The "Who Does What?" Conundrum

Many candidates struggle with the distinct roles and responsibilities of vManage, vSmart, vBond, and the vEdge/cEdge routers. They might know the name, but not the "why" or "how" behind each component's function in a Cisco Catalyst SD-WAN fabric. The exam frequently tests scenarios where a deep understanding of these architectural roles is crucial.

• Mistake: Not grasping the control plane (vSmart), data plane (vEdge/cEdge), and orchestration plane (vBond, vManage) separation.
• Solution: Diagram complex scenarios, explain them verbally, and ensure you understand failure modes for each component.

Pitfall 3: Overlooking Controller Deployment Nuances (15%)

Deploying controllers seems straightforward on paper, but the real-world complexities and potential misconfigurations are where many stumble.

The vManage Single Point of Failure Myth

While vManage is central, understanding its redundancy options and scaling considerations is often overlooked. Candidates might know how to install it but fail to grasp multi-homed vManage clusters or disaster recovery aspects. Additionally, the intricacies of Certificate Authority (CA) integration and device onboarding processes are frequently underestimated.

This section often requires detailed knowledge of "Cisco Implementing Catalyst SD-WAN Solutions vManage" setup and configuration, including specific commands and steps. Without hands-on practice, relying solely on theoretical knowledge gleaned from "Cisco 300-415 ENSDWI practice questions" can be risky.

Pitfall 4: Router Deployment - More Than Just ZTP (20%)

Zero Touch Provisioning (ZTP) is a cornerstone of SD-WAN, but thinking it's the only router deployment mechanism, or that it always works flawlessly, is a significant pitfall.

Template Troubles and Transport Ignorance

Candidates often struggle with the nuances of feature and device templates. What are the best practices for template design? How do you troubleshoot template attachment issues? Furthermore, a weak understanding of underlying transport networks (MPLS, Internet, LTE) and how they connect to the SD-WAN fabric, including tunnel establishment and TLOC extensibility, is a common trap.

Understanding the full lifecycle of a cEdge or vEdge router, from initial onboarding to template application and eventual overlay network formation, is vital for the 300-415 ENSDWI. This is where "Cisco Catalyst SD-WAN configuration exam topics" really come into play.

Pitfall 5: Misinterpreting Policies (20%)

Policies are the "brains" of Cisco Catalyst SD-WAN, dictating traffic flow, security, and application behavior. They are also, arguably, the most complex aspect and a frequent source of errors.

The Policy Order and Interaction Blind Spot

A huge pitfall is not understanding the order of operations and interactions between different policy types: control policies, data policies, application-aware routing, and access policies. A control policy might permit traffic, but a data policy could drop it. Overlooking these interactions leads to misconfigured networks and failed exam scenarios.

Many candidates can describe what each policy does in isolation, but fail to articulate or configure how they work together to achieve a specific outcome. Hands-on labs are indispensable here. Relying only on "Cisco 300-415 ENSDWI sample questions" won't build the muscle memory for policy creation and troubleshooting.

Pitfall 6: Skimping on Security and Quality of Service (15%)

In a world of increasing cyber threats and demand for application performance, security and QoS are not optional extras. They are integral to a successful SD-WAN deployment, and candidates often allocate insufficient study time to these areas for the 300-415 ENSDWI.

Encryption, Segmentation, and QoS Markings

Common pitfalls include a superficial understanding of IPSec encryption within the SD-WAN fabric, confusing control plane security with data plane security, and failing to grasp the power of VPN segmentation. For QoS, many know the acronyms but struggle with mapping applications to service classes, implementing queueing mechanisms, and understanding the impact of various QoS policies on traffic flow.

This section demands not just theoretical knowledge but also an appreciation for real-world design considerations to secure and optimize traffic within the SD-WAN overlay. A solid "Cisco ENSDWI certification study guide" will dedicate ample space to these crucial topics, alongside "Cisco Catalyst SD-WAN troubleshooting concepts 300-415."

Pitfall 7: Ignoring Management and Operations (10%)

After deployment, managing and operating the SD-WAN solution becomes paramount. This 10% section might seem small, but it covers essential day-2 operations that reveal a candidate's true proficiency.

Troubleshooting and Monitoring Deficiencies

Many candidates excel at deployment but falter when it comes to diagnosing and resolving issues. The exam will test your ability to use vManage tools for monitoring, alarming, reporting, and troubleshooting common problems. A significant pitfall is not practicing troubleshooting methodologies, failing to analyze logs, or misinterpreting alarms and events.

Understanding how to upgrade the SD-WAN fabric, perform backups, and restore configurations are also vital aspects often neglected. This is where practical experience, beyond just reading a "Cisco 300-415 ENSDWI study guide," truly pays off. For more general advice on Cisco certifications, you might find useful insights on CiscoCentral.

Your Lifeline: Effective Preparation Strategies for 300-415 ENSDWI

Avoiding these pitfalls requires a deliberate, multi-faceted approach. Your "Implementing Cisco Catalyst SD-WAN Solutions exam prep" needs to be comprehensive and hands-on.

1. Deep Dive into Official Resources

• Official Cisco Course: Consider enrolling in an "Implementing Cisco Catalyst SD-WAN Solutions course." This provides structured learning and often includes lab environments.
• Cisco Documentation: Cisco's official documentation (configuration guides, design guides) for Catalyst SD-WAN is invaluable. Don't just read; implement.
• Cisco Learning Network: Beyond the blueprint, engage with the community for insights and discussions.

2. Hands-On Lab Practice is Non-Negotiable

This is the "best way to prepare for Cisco 300-415 ENSDWI." Set up a virtual lab environment (Cisco dCloud, EVE-NG, GNS3 with vEdges/cEdges, or even a basic Viptela lab). Configure, troubleshoot, break, and fix. There's no substitute for practical experience with "Cisco Catalyst SD-WAN configuration exam topics."

3. Leverage Quality Practice Materials

While "Cisco ENSDWI certification exam dumps" are detrimental to true learning, legitimate "Cisco 300-415 ENSDWI practice questions" and "Cisco 300-415 ENSDWI sample questions" can help identify knowledge gaps and familiarize you with exam format. Look for reputable sources that offer detailed explanations.

4. Create a Detailed Study Schedule

Allocate time according to the blueprint's weightage. Don't neglect the smaller sections; they can make the difference between passing and failing. Regularly review topics to reinforce learning.

5. Join Study Groups and Forums

Collaborate with peers, ask questions, and explain concepts to others. Teaching is a powerful way to solidify your own understanding. Online communities, can be excellent resources for "Cisco ENSDWI certification requirements" discussions and study tips.

6. Master Troubleshooting Concepts

Focus specifically on "Cisco Catalyst SD-WAN troubleshooting concepts 300-415." Learn how to isolate issues, interpret logs, and use vManage tools effectively. Practice scenarios where you have to diagnose and fix problems.

Navigating the Exam Day: Avoiding Last-Minute Traps

Even with excellent preparation, exam day can bring its own challenges. The pressure of a 90-minute exam with 55-65 questions, coupled with the "Cisco 300-415 ENSDWI exam difficulty," requires mental fortitude.

• Time Management: Practice "Cisco 300-415 ENSDWI practice test questions" under timed conditions. Learn to pace yourself. Don't dwell too long on a single question.
• Read Carefully: Many questions are designed to test your attention to detail. Read every word, paying close attention to keywords like "NOT" or "MOST likely."
• Simulations: Be prepared for potential simulation questions. Your lab experience will be critical here.
• Stay Calm: If you encounter a tough question, take a deep breath. Mark it for review and move on. Come back to it later if time permits.

Conclusion: Your Path to 300-415 ENSDWI Success

The Cisco 300-415 ENSDWI certification is a significant achievement that opens doors to advanced roles in network architecture and engineering. By understanding and actively avoiding these common pitfalls – from underestimating the blueprint to neglecting hands-on practice and policy intricacies – you can dramatically increase your chances of success.

Remember, true mastery of Implementing Cisco Catalyst SD-WAN Solutions comes from a blend of theoretical knowledge, extensive lab experience, and strategic preparation. Don't just study; understand. Don't just read; do. Your dedication to a thorough and practical approach will transform potential pitfalls into stepping stones on your certification journey.

Ready to test your knowledge and further solidify your understanding? Dive into relevant "Cisco 300-415 ENSDWI practice questions" and sample questions to gauge your readiness and identify areas for improvement. Begin your final preparation today!

For further resources and "Cisco 300-415 ENSDWI sample questions," visit: NWExam.

Frequently Asked Questions About the 300-415 ENSDWI Exam

1. Is the Cisco 300-415 ENSDWI exam difficult?

• Yes, the Cisco 300-415 ENSDWI exam is considered challenging due to its breadth of topics, requiring both theoretical knowledge and practical understanding of Cisco Catalyst SD-WAN solutions. Many candidates find the policy section particularly complex.

2. What is the best way to prepare for Cisco 300-415 ENSDWI?

• The best preparation involves a combination of official Cisco training courses, thorough review of the exam blueprint and documentation, extensive hands-on lab practice with Cisco Catalyst SD-WAN components, and using high-quality "Cisco 300-415 ENSDWI practice questions" to test your knowledge.

3. How much does the Cisco 300-415 ENSDWI exam cost?

• The Cisco 300-415 ENSDWI exam typically costs $300 USD. Prices may vary slightly by region or testing center, so it's always best to check the official Cisco certification page for the most up-to-date pricing.

4. Are "Cisco ENSDWI certification exam dumps" useful for passing the 300-415 exam?

• While some may use them, relying on "Cisco ENSDWI certification exam dumps" is generally not recommended. Dumps do not provide a true understanding of the material, often contain incorrect answers, and can lead to failing the exam if the questions change. Real learning and hands-on practice are far more effective and ethical.

5. What kind of hands-on experience is needed for the 300-415 ENSDWI?

• For the 300-415 ENSDWI, you need practical experience with deploying, configuring, managing, and troubleshooting Cisco Catalyst SD-WAN solutions. This includes setting up controllers (vManage, vSmart, vBond), deploying vEdge/cEdge routers, configuring various policies (control, data, AAR), implementing security features, and monitoring the SD-WAN fabric using vManage. Virtual labs are excellent for gaining this experience.

Continue reading

Identity-centric SASE with Cisco SD-WAN and Microsoft’s Security Service Edge Solution

In today’s rapidly evolving IT landscape, enterprise WAN requirements have evolved with hybrid work becoming the norm. Security for both on-premises and cloud workloads is crucial, especially for secure access to the internet, Microsoft applications, and other critical office applications. Organizations need a flexible solution that protects against advanced threats, optimizes application performance, and simplifies network management.

Cisco Catalyst SD-WAN offers unparalleled choice, meeting customers where they are in their security journey and supporting an open ecosystem. Catalyst SD-WAN allows customers to build secure access service edge (SASE) architectures tailored to their business needs by seamlessly integrating with a broad spectrum of third-party secure service edge (SSE) vendors and, now, Microsoft.These integrations help organizations maximize their investment in cloud security by simplifying the integration process with Catalyst SD-WAN.

Bridging the Gap Between Networking and Security

With Cisco Catalyst SD-WAN and Microsoft, businesses can enjoy a more unified and consistent experience for networking and security, all managed through a single dashboard.

The new integration with Microsoft’s Security Service Edge solution (SSE) bridges the gap between connectivity and protection, ensuring that data transmitted across the network is not only optimized for performance but also safeguarded against threats. Combining Cisco Catalyst SD-WAN with Microsoft’s SSE solution delivers a resilient, high-performance, and scalable WAN alongside a comprehensive suite of cloud-based security services designed to protect data, manage risks, and ensure compliance.

Key Benefits of the Microsoft’s SSE Solution Integration

Cisco Catalyst SD-WAN and Microsoft’s SSE solution integration provides secure access to the internet and SaaS applications with an identity-centric secure web gateway (SWG). This integration enhances the security of branch internet traffic by efficiently redirecting it through Microsoft Entra Internet Access, part of Microsoft’s SSE solution, for secure inspection, helping ensure that traffic from branch edges to the public internet or SaaS applications is thoroughly protected. The result is a secure networking solution that offers peace of mind and operational efficiency for enterprise customers.

• Enhanced security posture: Branch internet traffic is securely redirected to Microsoft’s Security Service Edge solution for advanced inspection and protection against internet-based threats, helping to ensure secure access to public internet and Microsoft SaaS applications. IT teams gain AI-powered visibility into network traffic and security events, enabling fast detection and response to threats.
• Improved cloud security: The integration leverages Microsoft’s advanced security capabilities to protect against malicious internet traffic and other cyberthreats with a comprehensive, cloud-delivered network security toolset that includes web content filtering, threat protection, information protection, and identity management.
• Seamless deployment and configuration: This integration simplifies the deployment and management process by providing an integrated solution for both networking and security. A single solution helps you to reduce operational complexity by eliminating the need for multiple point products, simplifying management, and helping you deliver a unified experience for your users. With a few clicks users can deploy thousands of branches, providing ease of configuration and the added advantage of using a Cisco validated design. Templatized workflows using SIG templates makes setup easy with end-to-end validation and enables organizations to quickly deploy new applications and services.

How Microsoft’s SSE Solution Integration Works

• Secure tunnels: Secure tunnels are created for advanced inspection, helping ensure that traffic to the internet and Microsoft SaaS applications is securely managed and enhancing bandwidth at the branch. Multiple tunnels with load balancing and ECMP give users the ability to select the nearest PoP/DC, perform an application health check through the tunnels, and steer traffic through the right tunnel.
• Traffic redirection: Relevant traffic from SD-WAN branch edges is efficiently redirected to Microsoft’s SSE solution. Users are able to select specific users and traffic, such as applications or IP addresses, to be sent to Microsoft via tunnels instead of sent directly to the internet. Enabling traffic redirection gives users granular control over traffic and allows remote workers to connect to the internet securely.
• Inspection and protection: Microsoft’s SSE solution inspects the traffic to provide robust protection against threats. Microsoft Entra Internet Access enforces unified access controls through a single policy engine and leverages multiple Entra ID integrations, including universal conditional access and continuous access evaluation (CAE), token theft protection, and data exfiltration controls.

Looking Ahead

As enterprise WAN requirements continue to evolve with hybrid work becoming the norm and applications spread across hybrid cloud and SaaS environments, both on-premises and cloud workload security are crucial. Organizations need a solution that protects against advanced threats, optimizes application performance, and simplifies network management. The Cisco Catalyst SD-WAN and Microsoft’s SSE solution integration is a forward-looking response to this need, offering businesses a powerful tool to navigate the complexities of modern networking and security challenges.

Source: cisco.com

Continue reading

Understanding the Differences between SD-WAN and MPLS

In the realm of networking, SD-WAN and MPLS are two terms that frequently arise, each offering distinct advantages and functionalities. In this comprehensive guide, we delve into the nuances of these technologies, providing clarity on their disparities and assisting you in making informed decisions for your network infrastructure.

What is SD-WAN?

SD-WAN, or Software-Defined Wide Area Network, is a modern approach to networking that utilizes software-defined networking (SDN) concepts to intelligently manage and optimize Wide Area Network (WAN) connections. Unlike traditional WAN setups that rely heavily on hardware, SD-WAN leverages software to dynamically route traffic across the network based on predefined policies and conditions.

Key Features of SD-WAN:

1. Centralized Management: SD-WAN solutions offer centralized management interfaces that provide administrators with granular control over network configurations and traffic flow.
2. Dynamic Path Selection: With SD-WAN, traffic is intelligently routed across multiple network paths, including broadband, MPLS, and LTE, based on real-time conditions such as link quality and latency.
3. Application Awareness: SD-WAN platforms often incorporate deep packet inspection and application recognition capabilities, allowing for the prioritization of critical applications and traffic shaping based on application requirements.
4. Cost Efficiency: By leveraging lower-cost internet connections alongside more expensive MPLS links, SD-WAN can significantly reduce WAN expenses without compromising performance or reliability.

Understanding MPLS

MPLS, or Multiprotocol Label Switching, is a legacy networking technology commonly used for building private, high-performance WANs. MPLS operates by assigning labels to network packets, enabling routers to make forwarding decisions based on these labels rather than IP addresses.

Key Features of MPLS:

1. Traffic Engineering: MPLS networks support traffic engineering capabilities, allowing administrators to optimize network paths and allocate bandwidth efficiently.
2. Quality of Service (QoS): MPLS offers robust QoS mechanisms, ensuring that critical applications receive the necessary bandwidth and latency guarantees to maintain optimal performance.
3. Security: MPLS inherently provides a higher level of security compared to public internet connections, as traffic remains within the confines of the private MPLS network, reducing exposure to external threats.
4. Reliability: MPLS networks are known for their reliability and predictability, making them ideal for applications that require consistent performance and uptime.

Contrasting SD-WAN and MPLS

While both SD-WAN and MPLS serve the purpose of connecting geographically dispersed locations within an organization, they differ significantly in terms of architecture, cost, and flexibility.

Architecture:

• SD-WAN: SD-WAN architectures are decentralized and software-driven, offering flexibility and scalability to adapt to changing network requirements rapidly.
• MPLS: MPLS networks are centralized and hardware-dependent, typically requiring substantial upfront investments in infrastructure and equipment.

Cost:

• SD-WAN: SD-WAN solutions often provide cost savings compared to MPLS, particularly for organizations with diverse connectivity requirements or those seeking to augment MPLS with lower-cost internet links.
• MPLS: MPLS services can be costly, primarily due to the need for dedicated circuits and long-term contracts with service providers.

Flexibility:

• SD-WAN: SD-WAN architectures offer unparalleled flexibility, allowing organizations to seamlessly integrate various transport technologies and cloud services into their network environments.
• MPLS: MPLS networks are less flexible, with limited support for cloud connectivity and scalability compared to SD-WAN solutions.

Conclusion

In summary, both SD-WAN and MPLS have their merits and are suited to different network environments and business requirements. SD-WAN excels in providing agility, cost efficiency, and flexibility, making it an attractive option for organizations seeking to modernize their network infrastructure. On the other hand, MPLS offers reliability, security, and quality of service, making it well-suited for mission-critical applications and industries with stringent compliance requirements.

Ultimately, the choice between SD-WAN and MPLS depends on factors such as budget, performance needs, and organizational priorities. By understanding the nuances of each technology, organizations can make informed decisions that align with their strategic objectives and drive business success.

Continue reading

AIOps Drives Exceptional Digital Experience Through Network Assurance

The distributed workforce―and the distributed applications and services they consume―have vastly changed the enterprise network paradigm. Many connections—such as private cloud, internet, public cloud, multicloud, and software-as-a-service (SaaS) networks—now begin and end outside of the traditional corporate infrastructure. The coexistence of these complex connections creates new layers of operational complexity for teams responsible for ensuring predictable performance and quality of service.

What is needed to combat this complexity is a network assurance platform that includes true end-to-end visibility capabilities. Insight is needed into users and their devices, locations, and connected things, as well as into access networks, network services, multiple clouds, and corporate enterprise data centers and applications (Figure 1). A solution that combines these different data sets and uses artificial intelligence and machine learning (AI/ML) to analyze the data, can help drive decisions that make network operations proactive and predictive, instead of reactive.

Figure 1. Span of end-to-end visibility required (click to enlarge)

In our 2023 Global Networking Trends Report, nearly half (47%) of respondents said they are prioritizing the adoption of predictive network analytics over the next two years, primarily to help with managing the connectivity and digital experience of their remote workforce.

A predictive network analytics solution requires the ability to correlate massive amounts of network data in real time and at tremendous scale. By continuously analyzing performance data and applying predictive modeling to forecast conditions and recommend actions, predictive capabilities can become a reality. Predictive analytics empowers teams to avoid adverse application impacts to distributed workers and to ensure the best possible user experience.

Predictive analytics for SD-WAN and an internet-centric world

For the software-defined WAN (SD-WAN), a platform that uses artificial intelligence for IT operations (AIOps) can provide predictive analytics to forecast performance (Figure 2). AIOps refers to the strategic use of AI, ML, and machine reasoning (MR) technologies to simplify and streamline IT processes and optimize the use of IT resources. By correlating and analyzing real-time and historical SD-WAN performance data and applying predictive models, AIOps can use these forecasts to deliver per-site recommendations for optimal path selection by application type to deliver an optimal experience based on available paths.

By integrating predictive analytics into SD-WAN solutions, IT teams can improve dynamic enforcement of application service levels with intelligent routing across alternative paths before any degradation occurs.

Figure 2. Predictive analytics through a continual feedback loop (click to enlarge)

Combining traffic data sets from an organization’s ecosystem of ISPs, cloud providers, SaaS applications, and other external services, further enriches predictive analytical systems. Operations teams can rapidly identify, escalate, and remediate issues with providers using internet telemetry data. When outage behavior is detected, a root cause can be identified and shared with providers to prioritize fixes or escalate to peers and transit providers.

Predictive analytics at work in the real world 

When Insight Global—one of the largest staffing agencies in the United States—allowed its employees to return to the office, they leveraged information from ThousandEyes’ WAN Insights to optimize its SD-WAN policies and improve application experiences proactively and continuously. Once the solution was in place, they gained greater visibility into critical network environments and routing, and Insight Global’s IT team was better able to detect and avoid potential issues before those issues could impact the business.

Predictive and proactive operations is the way forward

It’s time to move from reactive to proactive operations management through end-to-end visibility and AI/ML-powered predictive analytics. It’s time for a consistent way of automating operations, analyzing and diagnosing issues, and assuring the user experience across all the different networking domains.

We believe strongly in this way forward. It’s the cornerstone of Cisco’s approach to network assurance and Cisco’s Networking Cloud vision—a unified management experience platform for on-premises and cloud operating models to simplify IT, everywhere, at scale.

Source: cisco.com

Continue reading

End-to-End Visibility and Actionable Insights Underpin Great Connected Experiences

Three networking megatrends have upended how businesses approach networking to support the distributed workforce.

First, cloud has become the new data center, with workloads moving from on-premises to hybrid cloud and multicloud architectures. Secondly, the internet is now the new network, with reliance on business connectivity traversing diverse networking domains. And lastly, with so many remote and hybrid workers, the office is now essentially anywhere.

This evolution has made delivering a high-quality, reliable experience—connecting everyone to everything everywhere—significantly more complex. After the need to provide secure access to applications across multiple clouds, the second biggest challenge cited by 37% of respondents in our 2023 Global Networking Trends Report was gaining end-to-end visibility into network performance and security as more traffic originates or terminates beyond the boundaries of the corporate network.

Which begs the question: How do you identify, diagnose, and remediate problems that occur throughout the digital supply chain—the domains within and outside your infrastructure and all hops between a user’s device and an application or service in the cloud? Read on to find out how.

Tackling assurance complexity across multiple network domains

Great connected experiences are table stakes for businesses today. The digital economy relies on always-on applications and services to support employees and consumers. Failure is not an option.

Prior to the hyperconnectivity of today’s digital economy, business applications and services within corporate domains were well served by network monitoring solutions and processes that were localized and handled specific domains like wireless. But to remediate issues in enterprise WANs, admins had to contact their counterparts within cloud and internet provider organizations to jointly diagnose and remediate service and security problems. Often, this resulted in a lot of finger pointing. Businesses acted reactively instead of proactively. Issues could take a long time to get resolved.

Providing network assurance for a high-quality connected experience today requires end-to-end visibility and insights across diverse clouds, network providers, the internet, devices, and geographies—each with their own operational domains (see Figure 1). Without end-to-end visibility into network performance, application responsiveness, and security, it is extremely challenging for IT teams to deliver consistent digital experiences to end users.

Figure 1. Complex digital supply chain with interdependencies, increased failure surface, and unpredictability (click to enlarge)

A person working from home, for example, might run into a problem with Slack. The wireless network in their home office would be connected to an access network that would be connected to an edge router traversing a cloud network to the Slack application. Domain-specific tools can only see a small segment of this traffic. Admins without end-to-end visibility can’t see the big picture.

End-to-end visibility is foundational for SASE

A majority (51%) of organizations in our 2023 Global Networking Trends Report said that with their adoption of more software-as-a-service (SaaS) and multicloud solutions, they see investment in a solution that provides end-to-end visibility as a top priority. This may be in response to recent research by the Uptime Institute that found third-party operators—including cloud, hosting, colocation, and telecom providers—accounted for 70% of all publicly reported outages.

End-to-end visibility, analytics, and operational workflows allow admins to take decisive action to proactively remediate connectivity issues. In a secure access service edge (SASE) architecture, for example, end-to-end visibility feeds the actionable intelligence used to optimize path selection to provide the best digital experience anywhere at any time. Reliable connectivity is foundational to securely connecting people and things in a SASE architecture. If connectivity is poor, the secure access experience will be degraded.

Even before an SD-WAN or a converged SASE architecture with security service edge (SSE) is rolled out, organizations can use end-to-end visibility to evaluate, compare, and optimize the network experience before and after adoption of these architectures. The performance of individual providers in different locations that each form part of a digital supply chain can be proactively tested and benchmarked, with the results used to make more informed vendor selections to ensure the delivery of always-on digital experiences.

Gaining visibility into every connection

A European airline transitioned its network infrastructure from MPLS to SD-WAN, moving many applications and services to the cloud. The company needed to make sure that services met agreed-upon service level agreements (SLAs). To do so, the IT department deployed end-to-end visibility, specifically to monitor and enhance the digital experiences of customers and employees. With this solution in place, the airline can now measure connection latency and other factors—with a specific focus on connections between its data center and the cloud provider, Amazon Web Services. They can continually monitor and prioritize network experiences by accelerating incident response times, introduce more proactive maintenance, and enjoy greater cost efficiency through streamlined troubleshooting.

RichRelevance, a customer experience personalization provider for 250 global retailers, reduced its outages by 88% and shrunk outage windows from an average of four hours to 30 minutes, all thanks to end-to-end visibility. IT service management software company ServiceNow identified network issues 95% faster for their customers with visibility across all network layers that focused on the application experience.

Enabling quality digital experiences through a networking platform approach

Cisco is pioneering end-to-end network visibility and driving exceptional experiences through operational simplicity. It’s a cornerstone of our Cisco Networking Cloud long-term vision, a unified management experience platform for on-premises and cloud operating models to reduce IT complexity.

End-to-end visibility relies on compute power to capture and analyze billions of daily measurements in the digital supply chains that comprise today’s enterprise networks (see Figure 2). It is a powerful and indispensable feature that helps organizations maintain top-quality digital experiences and move from reactive to preventative and automated operations.

Figure 2. Organizations need to leverage a platform-driven approach that drives end-to-end visibility throughout the digital supply chain (click to enlarge)

Continue reading

How SD-WAN Solves Multicloud Complexity

Cloud is the undisputed center of gravity when supporting distributed workforces. But managing secure connectivity in a growing multicloud environment continues to be more complex, expensive, and time consuming.

Enter the software-defined WAN (SD-WAN), a powerful, abstracted software layer that serves as a centralized control plane to enable organizations to automate, simplify, and optimize their network transport for any application to any cloud.   

Are you ready to steer traffic on demand, based on centralized policy, network insights, and predictive AI, and further enhanced by end-to-end visibility? Do you want to be more proactive instead of reactive in how you manage this traffic and run your network? If so, read on! 

Abstracting the complexity of multicloud 

Enterprises accelerated their transition to cloud and software-as-a-service (SaaS) during the pandemic to support their distributed workforces at home and on the go. This has seen multicloud environments become the norm. Our 2023 Global Networking Trends Report found that 92% of respondents used more than one public cloud in their infrastructure and 69% used over five SaaS applications.  

Connecting to different providers and network layers in multicloud environments has led to a patchwork of infrastructure and management controllers. This results in more complexity and cost for organizations looking to ensure a secure, consistent user experience.  

Networking complexity, from first to last mile 

Let’s look at these networking layers and why IT simplification is crucial in connecting today’s highly mobile workforce to business-critical applications.  

In the first mile, users access services from offices and campuses near data centers or remotely, from uncontrolled facilities using various devices (Figure 1). Workers connect through Multiprotocol Label Switching (MPLS), broadband, Wi-Fi, and cellular. Remote workers use their internet service provider (ISP) to connect them to concentrators at regional peering points of presence (PoPs).

Figure 1. New architecture for the distributed workplace  

The middle mile is the long-haul transport layer that has grown in complexity with the migration to the cloud. It serves as the connective tissue between first and last mile, interconnecting different types of cloud services, cloud applications (e.g., SaaS, IaaS), and data centers. Specialized middle-mile providers like Equinix and Megaport provide cross-connects between business networks, the internet, and cloud providers globally. Adding to the array of choices in the middle mile, public cloud providers like AWS, Google Cloud, and Microsoft Azure offer customers the ability to access their apps with site-to-cloud, site-to-site, region-to-region, cloud-to-cloud, and other connection options with different quality of experience metrics.  

The last mile is the connection between the data center or service provider and the end user’s device and application.    

Managing multicloud complexity with SD-WAN integrations  

Using applications distributed across multiple clouds and SaaS, workers have widely different experiences depending on their location. Adverse and unpredictable amounts of downtime, latency, and speed, for example, can threaten business continuity. So, establishing reliable, consistent, high-quality experiences is very much on the minds of enterprise IT managers today. 

More than half (53%) of respondents to the 2023 Global Networking Trends Report said they are prioritizing integration with cloud providers to improve connectivity to cloud-based apps from distributed locations. Additionally, 49% said they are using SD-WAN integrations across providers and multiple clouds to provide a simpler, consistent, optimized, and secure IT and application experience. 

SD-WAN unifies the entire WAN backbone and brings secure, private, cloud-aware connectivity that is agnostic to all kinds of link types, providers, and geographies (Figure 2).  

Figure 2. SD-WAN integrations with IaaS, SaaS, and middle-mile providers are vital for a better IT and user experience 

With SD-WAN providing connectivity between cloud, SaaS, and middle-mile providers, real-time traffic steering based on centralized policy and end-to-end analytics is possible. Network admins can be proactive instead of reactive, changing traffic parameters on demand, according to application, congestion, location, user, device, and other factors. 

SD-WAN multicloud integrations in action 

Tamimi Markets, a major Saudi Arabian supermarket chain, was having trouble providing a consistent experience to users at markets, warehouses, branch offices, and remote locations. Dependent on three ISPs for end-to-end connectivity in a hub-and-spoke architecture, they moved to a cloud architecture to eliminate the need to backhaul network traffic through the headquarters and in the process quadrupled bandwidth speeds. An integrated SD-WAN enables them to steer their traffic over a variety of link options based on network demand, cost, and quality of experience metrics.  

Asian food manufacturer Universal Robina Corporation shifted to a multicloud architecture to support remote workers after the pandemic. It uses SD-WAN to connect users and apps to its multicloud architecture securely, wherever they are located. The multicloud integrations enable secure connectivity from branches to the Microsoft Azure cloud and with Microsoft 365 for a superior application experience with informed network routing (INR) that enables the exchange of telemetry between Cisco and Microsoft while providing full visibility to Universal Robina’s IT team. 

Foundational for a SASE architecture 

Another benefit of SD-WAN is that it is one half of a converged secure access service edge (SASE) architecture. SASE radically simplifies security and networking through unified and centralized management to connect users to applications in complex and highly distributed environments. By combining SD-WAN networking infrastructure and routing traffic through a cloud-centric security service edge (SSE) solution, companies can maintain the same level of security for cloud users as data center users (Figure 3).

Figure 3. SD-WAN is foundational to a SASE architecture 

It’s a multicloud world and SD-WAN―with tight integrations to leading cloud, SaaS, and middle-mile providers―is the connective tissue from first mile to last, managing complexity and driving agility throughout sprawling multicloud environments.

What’s more, SD-WAN multicloud integrations bring together each organization’s many different types of transport connections and policies under one management system for secure, consistent service.

The cost savings from automation and the ability to steer traffic on demand with optimized routing are further compelling reasons why SD-WAN continues to grow in popularity. Once established, these features enable IT departments to build an optimized global network in a simplified, fully automated way, within hours. 

Source: cisco.com

Continue reading

Understanding Application Aware Routing (AAR) in Cisco SD-WAN

One of the main features used in Cisco SD-WAN is Application Aware Routing (AAR). It is often advertised as an intelligent mechanism that automatically changes the routing path of applications, thanks to its active monitoring of WAN circuits to detect anomalies and brownout conditions.

Read More: 300-410: Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)

Customers and engineers alike love to wield the power to steer the application traffic away from unhealthy circuits and broken paths. However, many may overlook the complex processes that work in the background to provide such a flexible instrument.

In this blog, we will discuss the nuts and bolts that make the promises of AAR a reality and the conditions that must be met for it to work effectively.

Setting the stage

To understand what AAR can and cannot do, it’s important to understand how it works and the underlying mechanisms running in unison to deliver its promises.

To begin, let’s first define what AAR entails and its accomplices:

Application Aware Routing (AAR) allows the solution to recognize applications and/or traffic flows and set preferred paths throughout the network to serve them appropriately according to their application requirements. AAR relies on Bidirectional Forwarding Detection (BFD) probes to track data path characteristics and liveliness so that data plane tunnels between Cisco SD-WAN edge devices can be established, monitored, and their statistics logged. It uses the collected information to determine the optimal paths through which data plane traffic is sent inside IPsec tunnels. These characteristics encompass packet loss, latency, and jitter.

The information above describes the relationship between AAR and BFD, but it’s crucial to note that they are separate mechanisms. AAR relies on the BFD daemon by polling its results to determine the preferred path configured,  based on the results of the BFD probes sent through each data plane tunnel.

It is a logical next step to explain how BFD works in SD-WAN as described in the Cisco SD-WAN Design Guide:

On Cisco WAN Edge routers, BFD is automatically started between peers and cannot be disabled. It runs between all WAN Edge routers in the topology encapsulated in the IPsec tunnels and across all transports. BFD operates in echo mode, which means when BFD packets are sent by a WAN Edge router, the receiving WAN Edge router returns them without processing them. Its purpose is to detect path liveliness and it can also perform quality measurements for application aware routing, like loss, latency, and jitter. BFD is used to detect both black-out and brown-out scenarios.

Searching for ‘the why’

Understanding the mechanism behind AAR is essential to comprehend its creation and purpose. Why are these measurements taken, and what do we hope to achieve from them? As Uncle Ben once said to Spider-Man, “With great power comes great responsibility.”

Abstraction power and transport independence require significant control and management. Every tunnel built requires a reliable underlay, making your overlay only as good as the underlay it uses.

Service Level Agreements (SLAs) are crucial for ensuring your underlay stays healthy and peachy, and your contracted services (circuits) are performing as expected. While SLAs are a legal agreement, they may not always be effective in ensuring providers fulfill their part of the bargain. In the end, it boils down to what you can demonstrate to ensure that providers keep their i’s dotted and their t’s crossed.

In SD-WAN, you can configure SLAs within the AAR policies to match your application’s requirements or your providers’ agreements.

Remember the averaged calculations I mentioned before? They will be compared against configured thresholds (SLAs) in the AAR policy. Anything not satisfying those SLAs will be flagged, logged, and won’t be used for AAR path selections.

Measure, measure, measure!

Having covered the what, who, and the often-overlooked why, it’s time to turn our attention to the how! ?

As noted previously, BFD measures link liveliness and quality. In other words, collecting, registering, and logging the resulting data. Once logged, the next step is to normalize and compare the data by subsequently averaging the measurements.

Now, how does SD-WAN calculate these average values? By default, quality measurements are collected and represented in buckets. Those buckets are then averaged over time. The default values consist of 6 buckets, also called poll intervals, with  each bucket being 10 minutes long, and each hello sent at 1000 msec intervals.

Putting it all together (by default):

◉ 6 buckets

◉ Each bucket is 10 minutes long

◉ One hello per second, or 1000 msec intervals

◉ 600 hellos are sent per bucket

◉ The average calculation is based on all buckets

Finding the sweet spot

It’s important to remember that these calculations are meant to be compared against the configured SLAs. As the result is a moving average, voltage drops or outages may not be considered by AAR immediately (but they might already be flagged by BFD). It takes around 3 poll intervals to motivate the removal of a certain transport locator (TLOC) from the AAR calculation, when using default values.

Can these values be tweaked for faster AAR decision making? Yes, but it will be a trade-off between stability and responsiveness. Modifying the buckets, multipliers (numbers of BFD hello packets), and frequency may be too aggressive for some circuits to meet their SLAs.

Let’s recall that these calculations are meant to be compared against SLAs configured.

Phew, who would have thought that magic can be so mathematically pleasing? ?

Source: cisco.com

Continue reading

Deploy and manage networks globally with Cisco SD-WAN Multi-Region Fabric

How often do we prefer to avoid a detour to reach our home, office, restaurant, or subway station? The answer is – every time! We do not have the time for detours and delays in life as it affects our productivity and schedule. Similarly, business networks also need non-stop connectivity for greater performance and scalability.

As enterprises continue to grow and expand, they need a network that scales at the speed of their business. New business models drive the need for a network design that ensures seamless connectivity and greater application performance.

Multicloud infrastructure necessitates the need for networks with global connectivity

The accelerated adoption of a cloud-first strategy has changed how IT teams should design and deploy networks to manage global connectivity. With applications and workloads moving to multicloud architectures, businesses need to ensure that their SD-WAN design & architecture can scale easily without impacting connectivity and performance end-users expect across the globe. To achieve network scalability, organizations are pivoting to designs that involve splitting up the network into multiple regions, with geo-specific points-of-presence (PoPs) or Service Exchanges leading to a hierarchical architecture. This hierarchical architecture enables customers to use different traffic transport service providers for each region and for the central core-region network to optimize costs and deliver greater traffic and application performance. To make the best use of these different transports, enforce common- routing and business policy intent across regions, and leverage several rich features within SD-WAN, enterprises are leaning towards deploying end-to-end SD-WAN fabric across such networks.

Figure 1. The challenges of a tiered or hierarchical network design

Adopting a multi-region network design demands resolving a few network and operational challenges. To benefit from a multi-region type of network architecture, the use of a middle-mile WAN or global backbone WAN network is becoming increasingly prevalent. Enterprises are looking for ways to easily integrate middle-mile WANs with the rest of their network without the added complexity of operating, configuring, monitoring, and troubleshooting these networks as separate entities. As these deployments grow in complexity and scope, enterprises need a more effective way to scale connectivity across different regions to deliver greater application performance. An easy approach to accomplish this is to extend the SD-WAN fabric over the middle-mile WAN as well, thus enabling them to use SD-WAN to manage both intra- and inter-region site-to-cloud, site-to-site traffic via a single pane of glass.

Cisco SD-WAN Multi-Region Fabric – Your pathway to global network connectivity

Cisco SD-WAN Multi-Region Fabric is a new suite of capabilities that divides a single Cisco SD-WAN overlay network into multiple regions with a central core-region network for managing inter-regional traffic. You can scale the network architecturally and operationally by introducing the concept of regions and device roles natively into your SD-WAN solution. It enables you to extend the Cisco SD-WAN fabric across multiple regions within your network as well as the middle-mile, to provide:

◉ End-to-end SD-WAN capabilities and control​

◉ End-to-end encryption of inter-region traffic

◉ Transport independence​

◉ Performance measurements

◉ Greater control over traffic paths between domains

Figure 2. Multi-Region Fabric reducing operational complexity by introducing ‘regions’ and device ‘roles’ natively into Cisco SD-WAN

Multi-Region Fabric offers advanced capabilities such as region-aware routing, simplified site scalability for higher throughput, and reduces the complexity of network architecture and policy configuration. It provides the ability to enforce a common traffic steering policy across the entire WAN or on a per-region(s) basis and end-to-end WAN segmentation – all via a single dashboard (vManage) to configure, monitor, and troubleshoot the network. This new capability within the SD-WAN fabric allows the creation of a globally distributed network in minutes with just a couple of clicks.

Multi-Region Fabric means reduced complexity, increased scalability & greater performance

This new architecture can provide significant benefits for customers, partners, and Managed Service Providers (MSPs) who are considering the adoption of a hierarchical network design (with a middle-mile) for use cases such as:

◉ Regionalization of network services such as Security, Identity Management, Netflow, Logging, WAN optimization, etc.

◉ Improving multicloud and SaaS user experience by providing high-quality onramps into Software as a Service (SaaS) and any cloud infrastructure providers like Amazon Web Services, Microsoft Azure, Google Cloud Platform) via regional PoPs.

◉ Reducing time spent on the last mile for user traffic.

◉ Adapting network scale, compliance, or resiliency in a geo/segment/region-specific manner.

The Multi-Region Fabric Advantage  

◉ Scalable architecture to address dynamic network needs & business intent across regions

◉ Simplified policy design brings operational simplicity by eliminating the need for complex business/routing policies

◉ Flexibility to select the best transport for each region provides better performance for traffic across geographical regions

◉ Operationally easier to deploy and manage

Your growing business needs a network that can keep up with it, and Cisco SD-WAN Multi-Region Fabric can help you build and manage that network for you!

We understand deciding how to deploy SD-WAN for the best network scalability can bring uncertainty. How you reduce costs and complexity, simplify policy management, provide secure, seamless connectivity, and ultimately deliver superior user experience may also be difficult to fully understand. Join us for a live webinar and demo to learn more. Our speakers Hamzah Kardame, Leader, Product Management for Cisco SD-WAN, and Tahir Ali, Technical Marketing Engineering Technical Leader for Cisco SD-WAN will discuss:

◉ Why do networks need more scalability and flexibility in today’s hybrid and multicloud environments?

◉ How are WAN architectures evolving today and rise of middle-mile WAN-based network designs?

◉ The challenges that come with adopting such next-gen WAN architectures

◉ Multi-Region Fabric capabilities are available within Cisco SD-WAN to help support this transition.

◉ How Cisco SD-WAN Multi-Region Fabric works and what is ahead

Source: cisco.com

Continue reading

Want SASE? Just Add Software!

Twenty-first-century networking

It seems like a simple idea. All you want is to get the network to do what you intend it to. Nothing more, nothing less. But in today’s world, there are so many factors when it comes to networking: more users, more devices, security concerns, various domains, distributed applications, cloud, artificial intelligence (AI), 5G, IoT — the list goes on and on.

Cisco’s SD-WAN can help you. It transforms a legacy manual network into a software-defined overlay that helps both automate deployment and management and provides more intelligence with policies for path selection to improve user experience. Those policies are then applied consistently across the network, a network that now uses insights and automation to continuously monitor and adjust network performance to meet your business intent. Think of it as a continual feedback loop of incremental improvement.

Building upon the connectivity of SD-WAN, secure access service edge (SASE) is an architecture that combines connectivity and security. Coined by Gartner in 2019, SASE unifies SD-WAN networking and security services into a cloud-delivered architecture to provide access and security from edge to edge — including the data center, remote offices, roaming users, and beyond.

Is your wide area network underpinned by a 1000 Series ISR? Are you running 4000 Series ISRs? Do you have a few ASR 1000 Series units? Did you have a Cisco ONE license? Did you recently renew your Software Support Service (SWSS) on those devices? Consider this: the Cisco routing devices you currently have in your wide area network may already hold your ticket to entry into the world of SD-WAN and SASE.

You don’t need a forklift

“How can that be?” you may be wondering. The answer lies in the magic of software.

Think of it this way. In the past, if you wanted to upgrade the performance of a car, you had to swap out hard parts. Camshafts. Differentials. Transmissions. Engines.

Today, many cars just need a software update to the engine control module (ECM). Dinan for BMW. Cobb Tuning for Mitsubishi. And of course, Tesla and its downloadable software updates to unlock the high-performance “Ludicrous Mode.”

Figure 1. Tesla Driver Console

Not a car buff? Then how about mobile phones? Same hardware, but new Android or iOS software with added functionality. For example, the iPhone 6S came out in September 2015 running iOS 9. Six years and an equal number of major software releases later (iOS 15.2 was released on December 13, 2021), the iPhone 6S can be still upgraded to iOS 15.2.

Why shouldn’t it be the same for networking hardware? Upgrade the software and enjoy new functionality on your old hardware. Did you know that your Cisco routers are also software-based? This may enable you to migrate from traditional routing to SD-WAN with the hardware you have today. You may even have the Cisco DNA software entitlement already and not know it!

Figure 2. Cisco Router Families

Where the bytes meet the copper

You likely have some or all of the three product families shown above (the ISR 1000 Series, the ISR 4000 Series, and the ASR 1000 Series) supporting your traditional routing network. And they have undoubtedly been doing an exemplary job. But those devices are capable of so much more. In fact, these models can be upgraded to our latest software for routers: Cisco IOS XE SD-WAN. With this new software they can handle your changing traffic pattern: the tsunami of traffic headed to new cloud services and software-as-a-service (SaaS) applications in public clouds and the internet.

Cisco makes this upgrade easy with an SD-WAN conversion tool that greatly facilitates migrating from traditional routing to SD-WAN. This tool analyzes your current router configuration and automatically creates a new router configuration for SD-WAN. Not only does this save countless hours of work, but it also guarantees consistency in the configuration of each branch router. You can even automate the software installation with Cisco vManage zero-touch upgrading.

All it takes to unlock these nascent capabilities is Cisco DNA Software for SD-WAN and Routing. Three subscription tiers are available: Essentials, Advantage, and Premier. Each is aligned to the degree of enhancement network managers need in SD-WAN security, management, and automation. Every Cisco DNA Software for SD-WAN and Routing subscription also includes a perpetual license that covers all aspects of traditional routing, a license that never expires.

Figure 3. Cisco Subscription Licensing for SD-WAN

For those of you looking to continue your journey with SD-WAN into the world of SASE, Cisco provides all the core building blocks of a SASE architecture and Cisco DNA Premier is your tier. Once in place, you can layer on Cisco Umbrella for security, Cisco Duo for zero-trust network access, and Cisco ThousandEyes for internet and cloud visibility. This combination of best-in-class networking, connectivity, security, and extended visibility capabilities helps you deliver an exceptional user experience across a distributed IT landscape. 

You don’t want to miss out!

If you recently upgraded your Cisco SWSS for your routers, you may not have noticed that Cisco DNA Essentials for SD-WAN and Routing are included. This means that initiating the jump into SD-WAN may be a no-cost endeavor for you. You really do owe it to yourself to at least explore the possibility of migrating over to SD-WAN to avail yourself of its benefits, especially if you already own the license to enjoy it.

And finally, don’t let that subscription lapse. The traditional routing perpetual license is nice to have, but there are two things you need to be aware of with that license. First, any network management you enjoy through Cisco DNA Center is contingent upon a valid Cisco DNA license. And second, you will lose the entitlement to use any SD-WAN functionality should the subscription license expire.

Source: cisco.com

Continue reading