Cisco SD WAN Training

Start Date: January 01, 1970 – 12:00 AM (Pacific Time)

End Date: January 01, 1970 – 12:00 AM (Pacific Time)


*Looking for flexible schedule (after hours or weekend)? Please call or email us: 858-208-4141 or
Student financing options are available.

Transitioning military and Veterans, please contact us to sign up for a free consultation on training and hiring options.

Download PDF of Course Details

Course Description:

The Cisco SD-WAN Operation and Deployment (ENSDW) course provides an overview of the Cisco SD-WAN solution and SD-WAN components. Students will learn how to create, manage, and operate a secure extensible network using Cisco SD-WAN products. The course covers how to configure, operate, and monitor overlay routing in a secure extensible network. Students will also learn about policies and quality of service (QoS) in the SD-WAN overlay network.

This is a 2-day course, if you are interested in learning more about our 3-day course, please follow the link to Viptela Training – Cisco SD-WAN.

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

  • Know and understand Cisco’s SD-WAN concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today’s networks.
  • Differentiate and explain each of the building blocks of SD-WAN Solution
  • Explain the concept of “Fabric” and the different node types that conform it (Fabric Edge Nodes, Control Plane Nodes, Management Nodes and Orchestration Nodes)
  • Identify the roles and functions of vEdge, vSmart, vManage and vBond entities
  • Know and understand the Zero Touch Provisioning Model
  • Know and understand the Zero Trust Provisioning Model
  • Identify Overlay Management Protocol (OMP) as a key element of the SD-WAN solution and the role it plays for Control Plane setup
  • Understand segmentation of SD-WAN fabric, through the use of VPN’s (VRF’s)
  • Understand the role that templates have in SD-WAN solution, differentiate templates and know how to apply them
  • Differentiate Control, Data and Application Route Policies and know how they are used in SD-WAN
  • Identify and apply QoS mechanisms to SD-WAN fabric
  • Discuss Use Cases for SD-WAN

Course Modules

  • Module 1: SD-WAN Solution Overview
    • Traditional WAN – Challenges
    • SD-WAN Overview and definitions
    • SD-WAN Benefits
    • SD-WAN Key Concepts
    • SD-WAN Main Components
    • vEdge
    • vSmart
    • vManage
    • vBond
    • On-Premise vs. Cloud-based Control Plane


  • Module 2: Secure Control Plane Bring-Up
    • Zero Trust Security Principles
    • Secure Control Channels
    • Establishing vEdge Router Identity
    • Establishing Control Elements Identities (vBond, vSmart, vEdge)
    • Secure Control Channel between vEdge Router and vBond
    • Secure Control Channel between vEdge Router and vSmart/vManage


  • Module 3: Secure Data Plane Bring-Up
    • Limitations of traditional key exchange mechanisms (IKE)
    • SD-WAN new centralized Encryption key distribution
    • Traffic Encryption for data privacy
    • Authentication Header for Data Plane Integrity
    • Anti-Replay Protection (man-in-the-middle)
    • Role of Bidirectional Forwarding Detection (BFD)
    • Considerations about MTU and MSS
    • End to End Segmentation (VPN’s)
    • Role of Application Visibility and Recognition
    • Infrastructure DDoS Mitigation
    • Security Policies and Services
    • Cloud Security: Secure Direct Internet Access


  • Module 4: Overlay Management Protocol (OMP)
    • Definition of overlay routing
    • Role and characteristics of Overlay Management Protocol (OMP)
    • OMP Advertised Routes
    • Route Redistribution (edge routing protocol to OMP and vice versa)
    • Best Path Algorithm


  • Module 5: Using Templates
    • Basic Elements in the configuration for any device
    • Need for Templates
    • Options to Apply Templates to Devices
    • Overview of Feature Templates
    • Categories of Feature Templates
    • Workflow for Applying Templates to Devices


  • Module 6: Using Policies
    • Policy Architecture
    • Application Aware Routing Policies
    • Control Policies
    • Data Policies
    • VPN Membership Policies
    • Routing Policies
    • Cflowd Templates


  • Module 7: Quality of Service (QoS)
    • QoS Pipeline – vEdge Router
    • Data Packet Flow
    • Queueing Management
    • Control Traffic Prioritization
    • Random Early Detection (RED)
    • Traffic Policing
    • Traffic Shaping
    • Marking and Remarking
    • Class-Map
    • QoS Scheduler
    • QoS Map
    • Applying QoS policies


  • Module 8: Basic Troubleshooting
    • Troubleshooting Control Plane Bring Up
    • GUI validation in vManage
    • CLI validation with “Show” commands in vEdge Router
    • Troubleshooting Data Plane
    • Troubleshooting OMP


  • Module 9: Use Cases & Design
    • Guest Wi-Fi
    • Bandwidth Augmentation
    • Cloud onRamp for SAAS
    • Critical Applications SLA
    • Regional Secure Perimeter

Lab Outline

  • Lab 1: Accessing the Lab Devices
  • Lab 2: Reset vEdge Cloud Router
  • Lab 3: Remove vEdge Router from vManage Inventory
  • Lab 4: Add vEdge Router to vManage Inventory
  • Lab 5: Configure and Deploy Control-Plane Connectivity
  • Lab 6: Configure and Deploy an Overlay Network
  • Lab 7: Provision and Deploy vManage Templates
  • Lab 8: Provision and Deploy vManage Policies

Target Audience

The primary audience for this course is as follows:

  • Enterprise Network System Installers
  • System Integrators
  • System Administrators
  • Network Administrators
  • Solutions Designers


  • It is recommended, but not required, to have the following knowledge and skills before attending this course:
    • Strong understanding of enterprise wide area network design
    • Strong understanding of routing protocol operation, including both interior and exterior routing protocol operation
    • Familiarity with Transport Layer Security (TLS) and IP Security (IPSec)

    The following are recommended Cisco learning offerings that may help students meet these prerequisites:

    • Implementing Cisco IP Routing (ROUTE)
    • Troubleshooting and Maintaining Cisco IP Networks (TSHOOT)
    • Implementing Cisco Edge Network Security Solutions (SENSS)


With CCS Learning Academy, you’ll receive:

  • Certified Instructor-led training
  • Official Training Seminar Student Handbook
  • Pre and Post assessments/evaluations
  • Collaboration with classmates (not currently available for self-paced course)
  • Real-world learning activities and scenarios
  • Exam scheduling support*
  • Enjoy job placement assistance for the first 12 months after course completion.
  • This course is eligible for CCS Learning Academy’s Learn and Earn Program: get a tuition fee refund of up to 50% if you are placed in a job through CCS Global Tech’s Placement Division*
  • Government and Private pricing available.*

*For more details call: 858-208-4141 or email:;