The Cisco SD-WAN solution is composed of four main components, each with a specific role:
vManage serves as the management plane, providing a centralized platform for monitoring and managing the SD-WAN fabric.
vBond serves as the orchestrator and authenticator plane, providing secure device authentication and zero-touch provisioning.
vSmart serves as the control plane, providing centralized control and policy management.
vEdge/cEdge devices serve as the data plane.
One of the key features of SDN/SD-WAN is the separation of the Control Plane and Data Plane, and this separation is what allows SD-WAN solutions like cisco SD-WAN to scale up to thousands of branches.
In the Viptela solution, the Control Plane is centralized in the vSmart Controller, which manages the entire SD-WAN fabric. The Data Plane, on the other hand, is distributed across the SD-WAN devices deployed at each branch location. This separation of Control Plane and Data Plane allows the Viptela solution to scale up to thousands of branch locations while maintaining a centralized and consistent management model.
Furthermore, the separation of the two planes allows for intelligent traffic routing decisions to be made based on real-time network conditions. The vSmart Controller can dynamically program the SD-WAN devices to route traffic over the most optimal path based on network performance metrics such as latency, packet loss, and jitter.
vMnage Key Features:
- Centralized Management: vManage provides a centralized platform for managing and monitoring network devices such as routers, switches, and firewalls.
- Network Visualization: vManage offers a graphical representation of the network topology, enabling network administrators to quickly identify network devices and their interconnections.
- Configuration Management: vManage provides a user-friendly interface for configuring network devices and policies, simplifying network management and reducing the risk of errors.
- Real-time Monitoring: vManage offers real-time monitoring of network performance metrics such as bandwidth usage, latency, and packet loss, enabling administrators to quickly identify and resolve network issues.
- Troubleshooting: vManage includes powerful troubleshooting tools that enable administrators to quickly diagnose and resolve network issues, minimizing downtime and improving network performance.
- Security Management: vManage includes advanced security management features such as intrusion detection and prevention, enabling administrators to proactively identify and mitigate security threats.
- Compliance Management: vManage includes compliance management features that enable administrators to ensure that the network is in compliance with regulatory requirements and industry best practices.
- API Integration: vManage offers API integration, enabling administrators to integrate vManage with other network management tools and automate network management tasks.
vSmart Key Features:
- Centralized Control Plane: vSmart provides a centralized control plane for the SD-WAN fabric, enabling administrators to configure and manage the entire network from a single location.
- Routing & Policy Management: vSmart offers advanced routing and policy management features, enabling administrators to define and implement complex routing policies based on network conditions and business requirements.
- Dynamic Path Selection: vSmart includes intelligent path selection algorithms that enable the SD-WAN fabric to dynamically route traffic over the most optimal path based on real-time network conditions.
- Security and Encryption: Shares the data plane keys of a vEdge with other vEdges based on the policy to allow them to build the IPSEC tunnel.
- Zero-touch Provisioning: vSmart supports zero-touch provisioning, enabling SD-WAN devices to be automatically provisioned and configured without the need for manual intervention.
- Act As Route Reflector: Acts as a Route reflector by advertising the branches prefixes based on the policy.
- Brain: vSmart acts as the centralized brain of the cisco SD-WAN system,
vBond Key Features:
- Device Authentication: vBond provides secure device authentication using X.509 certificates and a Public Key Infrastructure (PKI), ensuring that only authorized devices can join the SD-WAN fabric.
- Secure Device Onboarding: vBond supports zero-touch device onboarding, enabling new SD-WAN devices to be securely provisioned and added to the network fabric without the need for manual intervention.
- Centralized Management: vBond provides a centralized management platform for SD-WAN devices, enabling administrators to easily manage and monitor the entire network fabric.
- Secure Communication: vBond provides secure communication between SD-WAN devices, enabling them to securely exchange control plane information and route traffic over the SD-WAN fabric.
vEdge/cEdge Key Features:
- Routing and Switching: vEdge provides advanced routing and switching functionality, including support for BGP, OSPF, and static routing, enabling it to seamlessly integrate with existing network infrastructures.
- WAN Optimization: vEdge includes WAN optimization features such as TCP optimization, compression, and deduplication, enabling it to improve application performance and reduce bandwidth utilization.
- Security and Encryption: vEdge includes advanced security and encryption features such as IPsec VPN, SSL VPN, and NAT, ensuring the confidentiality, integrity, and availability of network traffic.
- Zero-touch Provisioning: vEdge supports zero-touch provisioning, enabling it to be automatically provisioned and configured without the need for manual intervention.
- Cloud Integration: vEdge integrates with cloud services such as AWS and Azure, enabling organizations to easily extend their SD-WAN fabric to the cloud.