Objectives

• What - Policy Based Routing with User Identity | VRF Support for DVTI | Review Dashboards
• Why - High availability with near-Zero Network Down-time. Increased Usable Bandwidth. SD-WAN Management.
• How - Configure ISE for Authenticating Users | VRF and DVTI Configuration | SDWAN Summary and Site to Site Dashboards

As businesses evolve to meet changing demands, many have shifted to hybrid work environments, distributed workforces, and increased cloud adoption. While these changes have enabled greater flexibility and efficiency, they have also introduced new security challenges. With the rise of increasingly sophisticated threats, businesses need robust security solutions to ensure their networks are secure from potential threats.

To address these needs we have added many SDWAN capabilities to our Secure Firewall, thus making it an ideal choice to not only secure your network at the edge, but also provide efficient routing to reduce delays. It provides complete control and flexibility to the administrator on how they want to route the traffic.

In some of the previous 7.x releases, we added capabilities for:

• VTI/DVTI to quickly and efficiently build VPN tunnels
• Policy Based Routing to provide control to the administrator over how packets are routed
• Application Based Routing to route the traffic based on application and not just IP addresses
• Path Monitoring to determine the best path to a destination
• Umbrella Connector to send DNS queries to the Umbrella cloud and apply DNS policies
• SASE VPN to build VPN tunnels with Umbrella cloud and route packets for further inspection
• VRF support to segregate the routing tables

And Many More...

In version 7.4.x, we have added additional SDWAN capabilities:

• Policy Based Routing to route traffic based on User's Identity (username/group from Active Directory) or SGT (from ISE/local)
• VRF support for DVTI to allow DVTIs to be placed in specific user-defined VRFs
• WAN Summary Dashboard which provides administrators with a dashboard to look at their WAN deployment and with one glance check the status of different devices, VPN tunnels and much more
• SaaS Traffic Monitoring using HTTP ping

In this lab, we will cover the following features:

• PBR with SGT/User Identity: https://secure.cisco.com/secure-firewall/v7.6/docs/advanced-lab-pbr-with-sgt-user-identity
• VRF Support for DVTI: https://secure.cisco.com/secure-firewall/v7.6/docs/advanced-lab-vrf-support-for-dvti
• WAN Summary Dashboard: https://secure.cisco.com/secure-firewall/v7.6/docs/advanced-lab-wan-summary-dashboard
• Site to Site VPN Dashboard: https://secure.cisco.com/secure-firewall/v7.6/docs/advanced-lab-s2s-vpn-dashboard