Scribd Logo
Upload

Welcome to Scribd!

  • 33 views

    5.19.20 - Q and A For Cisco Automates and Secures The Edge

    Uploaded by

    pankaj
    The document summarizes a Q&A session about Cisco's SD-WAN and routing advancements in release 17.2. Key points include: - Release 17.2 includes new SD-WAN and routing features. A CVD on multicast design is coming soon. - PIM-SM and SSM are supported. SRST and T1/E1 support will be added in future releases. - The ISR4K router can function as a CUBE in 2021. Umbrella integration was added in release 17.2. - DNA Premier includes full SIG capabilities while DNA Essentials provides basic DNS monitoring and routing.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    5.19.20 - Q and A For Cisco Automates and Secures The Edge

    Uploaded by

    pankaj
    33 views6 pages
    The document summarizes a Q&A session about Cisco's SD-WAN and routing advancements in release 17.2. Key points include: - Release 17.2 includes new SD-WAN and routing features. A CVD on multicast design is coming soon. - PIM-SM and SSM are supported. SRST and T1/E1 support will be added in future releases. - The ISR4K router can function as a CUBE in 2021. Umbrella integration was added in release 17.2. - DNA Premier includes full SIG capabilities while DNA Essentials provides basic DNS monitoring and routing.

    Original Description:

    Original Title

    5.19.20_Q and A for Cisco Automates and Secures the Edge.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document summarizes a Q&A session about Cisco's SD-WAN and routing advancements in release 17.2. Key points include: - Release 17.2 includes new SD-WAN and routing features. A CVD on multicast design is coming soon. - PIM-SM and SSM are supported. SRST and T1/E1 support will be added in future releases. - The ISR4K router can function as a CUBE in 2021. Umbrella integration was added in release 17.2. - DNA Premier includes full SIG capabilities while DNA Essentials provides basic DNS monitoring and routing.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    33 views6 pages

    5.19.20 - Q and A For Cisco Automates and Secures The Edge

    Uploaded by

    pankaj
    The document summarizes a Q&A session about Cisco's SD-WAN and routing advancements in release 17.2. Key points include: - Release 17.2 includes new SD-WAN and routing features. A CVD on multicast design is coming soon. - PIM-SM and SSM are supported. SRST and T1/E1 support will be added in future releases. - The ISR4K router can function as a CUBE in 2021. Umbrella integration was added in release 17.2. - DNA Premier includes full SIG capabilities while DNA Essentials provides basic DNS monitoring and routing.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 6

    Q&A Session for Cisco Automates and Secures the Edge with Routing and SD-WAN Advancements

    Date: Tuesday, May 19, 2020

    ________________________________________________________________

    Q: Is this session about 17.2 features? Or, is it irrelevant?

    A: It is primarily 17.2 features. But covers major aspects of SD-WAN.

    ________________________________________________________________

    Q: Any plans about providing the ability to change BFD dscp value, example for UC traffic circuits?

    A: For the most traffic is marked with the appropriate DSCP values. Support for changing the DSCP
    values for BFD is under consideration.

    ________________________________________________________________

    Q: What flavors of PIM are supported?

    A: PIM-SM, SSM.

    ________________________________________________________________

    Q: When upgrading an existing end point to 17.2 will it boot in autonomous mode after the upgrade
    even if it is currently being managed by a controller?

    A: The default mode is autonomous mode. You can switch the controller mode.

    ________________________________________________________________

    Q: What is the best way to size the replicator in multicast in term of performance and platforms
    needed?

    A: Depends on the amount of multocats stream and receivers... recommend head-end nodes like ASR1K
    or VEdge 5K.

    ________________________________________________________________

    Q: Is the RP configured manually or automatically?

    A: Both options are supported - AutoRP and static RP.


    ________________________________________________________________

    Q: Is any white paper or validated design for multicast?

    A: CVD (Cisco Validated design) document will be published soon. Team is working on it.

    ________________________________________________________________

    Q: With rls 17.2, can we have the SRST running on the same router?

    A: SRST will be supported on the same SD-WAN router.

    ________________________________________________________________

    Q: What is the timeline for 17.3 as voice gateway without T1/E1 support doesn't make sense.

    A: T1/E1 PRI will be supported is expected to come by the July release.

    ________________________________________________________________

    Q: Can SD-WAN ISR4k router also act as a CUBE?

    A: Yes the same SD-WAN router will deliver CUBE functionality. CUBE is scoped for 2CY2021.

    ________________________________________________________________

    Q: Where is the most important one - SBC (CUBE)?

    A: CUBE is expected to supported by 2H CY2021.

    ________________________________________________________________

    Q: If CUBE is not until 2CY2021 what is the SIP function in 17.2?

    A: SIP-FXO, SIP-FXS, SIP-T1 are the flows that will be supported till CUBE comes into play.

    ________________________________________________________________

    Q: I mean 17.3, 17.6 and so on

    A: Is the question on naming for extended maintenance releases? The naming convention will stay same
    for standard and maintenance releases.
    ________________________________________________________________

    Q: 17.1 and 17. are standard e.g. 17.3 ext.

    A: The convention is <<Major number.Minor number.Maintenance number>>> So 17.2.2 for example


    will mean second maintenance release of the 17.2

    ________________________________________________________________

    Q: If we have internet only through head office, do we need to integrate branch sd wan routers to
    umbrella? How is the license goes?

    A: Branch routers do not need to be integrated to Umbrella in that case. You can make the connection
    just head office if you want to use Umbrella still. No change in Umbrella licensing (it is done per seat).

    ________________________________________________________________

    Q: Related to Umbrella / SIG - Can you explain more of what the Zscaler L7 Healthcheck is?

    A: This utilizes an HTTP layer connecting test instead of IPsec/IKE dead peer detection to determine if
    the tunnel is active and healthy. The L7 option provides a higher fidelity indicator of system health, and
    can detect changes to status faster than DPD. Basically its IPSLA to Zscaler. Umbrella is working with
    Viptela on getting this supported. Target is July with 17.3.

    ________________________________________________________________

    Q: Are these tunnels created in VPN0?

    A: Yes VPN0.

    ________________________________________________________________

    Q: What SDWAN license level covers the SIG?

    A: DNA Premier includes SIG. DNA-Advantage gives you up to DNS Monitoring. DNA-Premier license
    gives you SIG Essentials.

    ________________________________________________________________

    Q: Will the L7 SIG be covered with DNA-P also, or is it a different license?

    A: Some L7 features are included in DNA-P: Hostname filtering, URL filtering, all types of HTTP
    inspection. The only thing not included is the L7 AVC for non-HTTP apps. This is available as an add-on.
    ________________________________________________________________

    Q: Did I miss that the Umbrella integration will become available in 17.3?

    A: It was released in 17.2

    ________________________________________________________________

    Q: Does SIG need additional subscription?

    A: Yes, it can be purchased as la carte or inside the DNA/p package.

    ________________________________________________________________

    Q: Can we have umbrella DNS security only without SIG on the edge devices?

    A: Absolutely. This can be done with a DNS Essentials or DNS Advantage license. The DNS security
    options are also included in the SIG license if you want to have some devices with SIG and some with
    just DNS.

    ________________________________________________________________

    Q: Is OpenDNS.org integrated into Umbrella?

    A: OpenDNS is fully integrated into Umbrella.

    ________________________________________________________________

    Q: Do you plan to have partnership with gCloud

    A: Yes. Please check this: https://cloudblog.withgoogle.com/topics/partners/introducing-cisco-sd-wan-


    cloud-hub-with-google-cloud/amp/

    ________________________________________________________________

    Q: What are the features which lack if we use only dna-essentials regarding umbrella compared to dna
    premier?

    A: DNA-E, doesn’t include SIG and is a DNS monitor only. You could purchase DNS Essentials to get
    blocking protection.
    ________________________________________________________________

    Q: Is there any integration between viptela and meraki sdwan?

    A: Could you be more specific? There is no connector or a way to manage both, but you could create an
    IPSEC tunnel between them. Not sure I get the question.

    ________________________________________________________________

    Q: So DNA-E gives you DNS and DNA-P gives you everything else (full SIG), correct? Does DNA-A provide
    anything in-between?

    A: DNS monitoring only in DNA/e, in DNA/a you get a shadow IT app. Neither provide blocking
    (protection).

    ________________________________________________________________

    Q: Is vedge 18.3 cycle continued in parallel with 17.2 version?

    A: Yes, the updates are valid for both ViptelaOS 20.1 and IOS XE 17.2.

    ________________________________________________________________

    Q: Does ISR 1100 replace Vedge 1000 platform since you showing arrow?

    A: Yes ISR 1100 is the next gen vEdge.

    ________________________________________________________________

    Q: Secure DIA Design Guide - link please?

    A: https://www.cisco.com/c/en/us/solutions/design-zone/networking-design-guides/branch-wan-
    edge.html

    ________________________________________________________________

    Q: How many service vpns are supported in DNA Essentials?

    A: One service VPN is supported.

    ________________________________________________________________
    Q: When Umbrella SIG supports L7 App firewall - will DNA Primer licenses be able to use the L7 umbrella
    capabilities at with nu upcharge of $$?

    A: When DNA-Premier license is chosen, it will be a single license SKU. No change in DNA-P price today,
    there will be seat limitations (Umbrella seats) beyond certain bandwidth tiers for which you can buy
    add-on licenses.

    ________________________________________________________________

    Q: What is Cisco Cube Connector in DNA Essentials?

    A: CUBE connector is an option to support CUBE which does not need Transcoding.

    ________________________________________________________________

    You might also like