Cisco SD WAN Cloud Interconnect With Megaport and Announcing A New SASE Bundle Offer - 20210527 1501 1

Optimize your Cloud
Architecture with Cisco

Cisco SD-WAN Cloud Interconnect with Megaport and
Announcing a new Cisco SASE bundle offer
Cisco Enterprise Networking & Cloud Teams

May 2021
For internal use only. Not for external use or consumption.
Agenda
Cisco SD-WAN Cloud

Interconnect with
Megaport
Cisco SASE Architecture
Cisco SASE Offer
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Cisco SD-WAN Cloud Interconnect with
Megaport
Aaron Rohyans and James McElvanna
Cisco SD-WAN Facilitates Your Multicloud Journey
Programmable
SD-WAN
BYO
Management
Cloud Interconnect
Site/Private DC
5G
MultiCloud Networking
Cisco
MPLS
SD-WAN GoogleCloud
IaaS
On-demand Backbone
Internet
Secure
SaaS SD-WAN
SD-WAN Automated Cloud Edge

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The WAN of Yesterday, Today and Tomorrow
Centralized Access Distributed Access Optimized Access
SaaS IaaS Branches SaaS IaaS Branches SaaS IaaS Branches
Data Data
Center Center Regional
Cross-Connect
What is the Middle-Mile?
East Coast
Branches
Service Provider A Service Provider B Service Provider C
Direct Peering
West Coast
Branches
Hop Count Reduction

Latency Reduction End to End Optimization
Cisco SD-WAN Cloud
Interconnect Internet Unify Fractured
IaaS Access Peerings
SD-WAN Edge
SaaS
Optimize Network
Users Peering Points
EMEAR
US East
Branches
IaaS Delivered
US Central Network Service
Data Center
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Dynamic/Automated High-Speed
Regional Cross-Connect
Why Megaport?
Who is Megaport?
Pay for what you use Ease of use Secure and on-demand Leading service providers
Who we connect
Enterprises Cloud service providers Data centre operators Network service providers
9
Platform Evolution
2014 2018 2020
1
0
MVE Tech Specs
500 Mbps 40
1 Gbps 100
5 Gbps 500
Connecting the Ecosystem
102 Unique Data Megaport’s Unique 365+ Service Providers

2,100+ Customers
Centre Operators Value Proposition
Scalable and on demand
Multicloud connectivity
Private and Secure
Flexible Terms
1
2
NaaS - Global Connectivity
Customer example
https://www.megaport.com/megaport-enabled-locations/ 13
ABOUT MEGAPORT
100+ Unique Data Centre Operator Partners
14
Enabled Cloud Regions
15
Megaport Cloud Enablement
Available Cloud Regions
227 Onramps
3QFY21 +7 +3%
Total - Asia Pacific (Sydney) - Australia East - UAE North - Asia Northeast1 (Japan) - APAC Sydney
- Asia Pacific (Hong Kong) - Australia South East - US Gov Arizona - Asia Northeast2 (Osaka) - APAC Melbourne
Onramps - Asia Pacific (Singapore) - East Asia - US Gov Virginia - Asia Southeast1 (Singapore) - Japan East (Tokyo)
Microsoft Azure 51 - Asia Pacific (Tokyo) - Southeast Asia - US Gov San Antonio - Australia South East1 (Sydney) - Japan West (Osaka)
- Asia Pacific (Osaka) - Japan East - US DoD East (Virginia) - Asia East1 (Taiwan) - EMEA Frankfurt
AWS 45 - EU (London) - Japan West - US DoD Central (Chicago) - Europe West1 (Belgium) - UK South (Slough)
Google Cloud 36 - EU (Ireland) - UK South - North Central US - Europe West2 (UK) - UK Gov (London)
- EU (Frankfurt) - France South - South Central US - Europe West3 (Germany) - Switzerland North (Zurich)
Oracle Cloud 22 - EU (Paris) - Germany North - West Central US - Europe West4 (Netherlands) - US Ashburn
IBM Cloud 19 - EU (Stockholm) - Germany Central - East US - Europe West6 (Zurich) - US Chicago
Cloudflare 14 - AWS GovCloud (West) - West Europe (Amsterdam) - East US2 - North America-Northeast1 (Montréal) - US West Phoenix
- US East (Ohio) - North Europe (Ireland) - West US - US Central1 (Iowa) - US West San Jose
Salesforce 10 - US East (N.Virginia) - Switzerland North - West US2 - US East1 (South Carolina) - US Gov DC
Rackspace 9 - US West (N.California) - Switzerland West - Canada East - US East4 (Virginia) - US Gov PHX
- US West (Oregon) - Norway East - Canada Central - US West1 (Oregon) - Canada (Toronto)
Alibaba Cloud 8 - Canada (Central) - Norway West - US West2 (Los Angeles) - Canada (Montreal)
Nutanix 5
SAP 5
OVHcloud 3
- Asia Pacific SE1 (Singapore) - Amsterdam - Sydney

- APAC South (Sydney) - Washington DC - Australia (Sydney)
- Asia Pacific SE2 (Sydney) - Chicago - Tokyo - San Francisco - Frankfurt - US East
- APAC North (Tokyo) - Dallas - Europe (Frankfurt)
- CN-Hong Kong - Dallas - Toronto - Santa Clara - London - US West
120 Regions
- EU (London) - Chicago - US East (Ashburn)
- US West 1 (Silicon Valley) - Frankfurt - Washington DC - Ashburn - Paris - EU Central
- EU (Germany) - Hong Kong - US East (Sterling)
- US East 1 (Virginia) - Hong Kong - London UK
- US East (DC) - London - US West (Chandler)
- London - Tokyo
- US South (Dallas) - Frankfurt
- Miami
3QFY21 - New York - Sydney
- San Jose
- Seattle
- Singapore
Megaport enabled AWS Direct Connect
Direct Connectivity at the closest entry-point to AWS.
Europe
United States • London⌾ • Paris⌾
• Atlanta⌾ • Portland
• London2 • Paris2⌾
• Ashburn(N.VA) • New York⌾
• Dublin • Stockholm ⌾
• Reston(N.VA)⌾ • San Jose⌾
• Amsterdam ⌾ • Zurich⌾
• Boston • Seattle⌾
• Frankfurt⌾
• Chicago⌾ • Frankfurt2
• Chicago2 Canada
• Madrid ⌾
• Columbus • Toronto⌾
• Dallas⌾ • Montréal⌾
• Denver • Montréal2
• Houston • Vancouver
• Los Angeles⌾
• Las Vegas⌾ U.S. Gov Cloud
• San Jose
Asia Pacific1
• Tokyo⌾
U.A.E. • Tokyo2⌾
North America Regions • Osaka⌾
• Dubai
• us-east-1 (N. Virginia)
• us-east-2 (Ohio) Asia Pacific1 Asia Pacific2
• us-west-1 (N. California) • Hong Kong⌾
• ap-northeast-1 (Tokyo) • Singapore⌾
• us-west-2 (Oregon) • ap-northeast-3 (Osaka)
• ca-central-1 (Canada Central) • Singapore2
Asia Pacific2
Europe Regions • ap-east-1 (Hong Kong)
• eu-west-1 (Ireland) • ap-northeast-2 (Seoul) Australia
• eu-west-2 (London) • ap-southeast-1 (Singapore) • Sydney⌾
• eu-west-3 (Paris) • Sydney2
• eu-north-1 (Stockholm) • Melbourne⌾
• eu-central-1 (Frankfurt) Asia Pacific3 • Canberra
• ap-southeast-2 (Sydney) • Perth⌾
⌾ = Hosted Connection
⌾ = Hosted Connection Coming Soon
Megaport enabled Azure ExpressRoute Locations
The entry-point to the Microsoft network. Where Megaport meets Azure.
United States Canada Europe

• Washington DC • Toronto • London • Dublin
• Washington DC2 • Quebéc City • London2 • Oslo
• Atlanta • Montréal • Amsterdam • Stockholm
• Miami • Vancouver • Berlin • Stavanger
• New York • Frankfurt • Geneva
• Chicago U.S. Gov Cloud • Paris • Zurich
• Dallas • Washington DC
• San Antonio • Chicago
• Los Angeles • Dallas
• Minneapolis • San Antonio
• Silicon Valley • Phoenix
• Las Vegas • Seattle
• Denver Japan
• Seattle • Tokyo
UAE
• Osaka
North America Regions • Dubai2
• East US • North Central US Asia

• East US 2 • West Central US • Hong Kong
• West US • Canada Central • Singapore
• West US 2 • Canada East • Singapore2
Japan
• Central US
• South Central US • Japan West
• Japan East
Europe Regions Australia/New Zealand

Asia
• Sydney
• UK West • France Central • East Asia
• Sydney2
• UK South • France South • Southeast Asia
• Melbourne
• West Europe • Norway East • Perth
• North Europe • Norway West • Auckland
• Germany North • Switzerland North Australia
• Germany West Central • Australia Southeast
• Australia East
Megaport enabled Google Cloud Interconnect Locations
Hey Google. Megaport Interconnection to Google Cloud.
United States Canada Europe

• Ashburn • Toronto • London
• New York • Montréal • Amsterdam
• Dallas • Frankfurt
• Chicago • Stockholm
• Los Angeles • Zurich
• Las Vegas • Paris
• San Jose
• Seattle
• Council Bluffs (Omaha)
North America Regions

• us-central1 (Iowa) Asia Pacific
• us-east1(S. Carolina) • Tokyo
• us-east4 (N. Virginia) • Osaka
• us-west1(Oregon) • Hong Kong
• us-west2 (Los Angeles) • Singapore
• us-west3 (Salt Lake City)
• us-west4 (Las Vegas) Asia Regions
• northamerica-northeast1 (Montréal)
• asia-east1 (Taiwan)
• asia-east2 (Hong Kong)
Europe Regions • asia-northeast1 (Tokyo)
• europe-north1 (Finland) • asia-northeast2 (Osaka)
• europe-west1 (Belgium) • asia-northeast3 (Seoul)
• europe-west2 (UK) • asia-southeast1(Singapore) Australia
• europe-west3 (Germany) • Sydney
• europe-west4 (Netherlands)
• europe-west6 (Zürich)
To learn more about Megaport and connecting to the cloud
Cisco SDCI with Megaport

https://www.megaport.com/services/megaport-virtual-edge/
Connecting to the Cloud

https://docs.megaport.com/
Any questions - email us at:

sales@megaport.com
20
Integrating with Cisco SD-
WAN
Use Case: Site-to-Cloud
OLD Static and Complex Connections to IaaS
• Multiple Providers with expensive infrastructures

• Individual policy and access management
• Insecure, unreliable connectivity
• Limited bandwidth
• Fractured complex peering workflows for each cloud
NEW Dynamic and Programmable Connections

Regional
Cross-Connect
Region1 • Single Provider - Single pane via vManage, end-to-end
Branches network automation
• End to End Security - End to End Policy and
Segmentation
• Guaranteed SLAs - on Megaport backbone (99.995%)
• Flexible deployment – Expand and contract monthly
• Private redundant direct connect – worldwide to all CSP
Region2 in minutes
Branches
Use Case: Site-to-Site
OLD Static and Expensive
• Months to provision
• Static, inflexible, long-term contracts
• Intra-region only connections
NEW Dynamic and Programmable Connections

Regional
Cross-Connect • Minutes to provision connectivity through vManage
Region1 • Dynamic, change BW monthly
Branches • Up to 75% cheaper!
• Worldwide connections at will
Region2
Branches
Months to Minutes - Faster time to service

Getting Started…
• Megaport Virtual Edge (MVE) Licensing:
➢ MVE is also known as Cisco Interconnect Gateway
➢ License is for compute within Megaport facility (hosting C8KV)
➢ Priced by region and bandwidth (small = 500Mbps, medium =
1Gbps, large = 5Gbps)
• Cisco Catalyst 8000V Licensing:

➢ BYOL model
➢ DNA-Advantage / DNA-Premier licensing with necessary
bandwidth entitlement
➢ Cisco will offer Solutions Support
• Virtual Cross-Connect Licensing:

➢ Priced based on bandwidth
➢ Short-haul and Long-haul
Architectural Overview
REST API vManage
Onboarding within Megaport
system
host-name $HOSTNAME
system-ip $SYSTEM_IP
Cloud site-id $SITE_ID
Init sp-organization-name $SP_ORG_ID
organization-name $ORG_ID
vbond $VBOND
Megaport Region1 interface GigabitEthernet1

no shutdown
ip address dhcp client-id GigabitEthernet1
ip mtu 1504
exit
interface Tunnel$TUNNEL_NUMBER
no shutdown
ip unnumbered GigabitEthernet1
Cisco CSP-5228 ipv6 unnumbered GigabitEthernet1
Megaport Region2 tunnel source GigabitEthernet1
tunnel mode sdwan
exit
sdwan
interface GigabitEthernet1
Cisco CSP-5228 tunnel-interface
encapsulation ipsec weight 1
color $COLOR
Cisco NCS-5501
Cisco NCS-5501
Megaport Region3
SD-WAN Fabric
* Customer is responsible for “first mile” connectivity (i.e. branch ISP)
Day0 Configuration
Cloud-Init
Catalyst 8000v system
host-name $HOSTNAME
system-ip $SYSTEM_IP
site-id $SITE_ID
sp-organization-name $SP_ORG_ID
organization-name $ORG_ID Device Template:
vbond $VBOND • Default template
no shutdown Default_MEGAPORT_ICGW_
ip address dhcp client-id GigabitEthernet1 C8000V_Template_V01
ip mtu 1504
exit
• Attached to spare C8KV chassis
interface Tunnel$TUNNEL_NUMBER • Defines System IP, Site ID and
no shutdown
ip unnumbered GigabitEthernet1
Hostname
ipv6 unnumbered GigabitEthernet1 • Defines parent WAN interface
tunnel source GigabitEthernet1 (GigabitEthernet1) MTU as 1504
tunnel mode sdwan
exit • Defines Internet-facing Color
sdwan • Can be modified DayN
tunnel-interface
encapsulation ipsec weight 1
color $COLOR
Catalyst 8000v Architecture
• Provisioned on CSP-5228
Catalyst 8000v • Untagged WAN (Internet) interface

• 802.1Q sub-interfaces for each
connection
Gig1.X
(VPNn)
Service
… IAAS • VLANs defined by Megaport

Gig1.n
• One sub-interface per cloud or
backbone connection
Gig1 INET
• Single VPN; VPN per VxC; Many
Gig1.X Region1 VxC to Many VPN
Transport
(VPN0)
• Virtual interface handoff is 1Gbps,

Lo1 Gig1.Y Region2
though IOS-XE negotiates 10Gbps
(Unbound) …
Gig1.n Region3
Site-to-Cloud
AWS Hosted VIF
Catalyst 8000v User-defined Bandwidth

(Policed in underlay) AWS RegionX
802.1Q EC2
Services
L2 Point-to-Point Direct BG
P
Connect
Gateway
BG
P
Gig1.X Public or IP VPC
Private
(VPNn)
Service
BG EC2
P
Gig1.n BG
P
Services
Direct
SD-WAN Connect
Gateway
Fabric Public or
Private
IP VPC
Transport
AWS RegionY
(VPN0)
Gig1
Scope of Automation
AWS Hosted Connection
AWS RegionX
BG
P
EC2
Services
Catalyst 8000v User-defined Bandwidth

Public VIF
BG
(Policed in underlay) P
802.1Q IP VPC
L2 Point-to-Point Direct
Connect Private VIF
Gateway
BG
BG P
P Transit
IP
Gig1.X Gateway
(VPNn)
Service
Transit VIF
BG BG
P P
Gig1.n EC2
Services
Direct Public VIF

SD-WAN Connect BG
Gateway
Fabric P
IP VPC
Transport
(VPN0)
Private VIF
Gig1 BG
P
Transit
IP Gateway
Transit VIF
AWS RegionY
Scope of Automation
Cloud Connection Configuration
Catalyst 8000v interface GigabitEthernet1.$VLAN New Interface Block:

no shutdown
encapsulation dot1Q $VLAN • VLAN ID provided by Megaport
ip address $IP_ADDRESS • IP Address is user-defined in
ip mtu 1500
Global Settings or custom-defined
exit
… within workflow
router bgp $BGP_LOCAL_AS
bgp log-neighbor-changes
neighbor $BGP_NEIGH remote-as $BGP_AS
neighbor $BGP_NEIGH ebgp-multihop 1
BGP Peering:
neighbor $BGP_NEIGH password $PASS • Peering instantiated with AWS
address-family ipv4 unicast Direct Connect Gateway
neighbor $BGP_NEIGH remote-as $BGP_AS
neighbor $BGP_NEIGH activate
automatically
neighbor $BGP_NEIGH send-community both • Peer address is custom-defined
redistribute omp during workflow or as part of
exit-address-family
…
Global Settings
omp • Mutual redistribution (OMP to
address-family ipv4 BGP and vice versa)
advertise bgp
Cloud Connection Configuration (Segmentation)
Catalyst 8000v vrf definition $VRF Service VPN Definition:

rd 1:$VRF • VRF/VPN discovered via Device
address-family ipv4 Template
route-target export 1:$VRF • Cross-connect is mapped to VRF
route-target import 1:$VRF
exit-address-family
during workflow
…
…
…
…
interface GigabitEthernet1.$VLAN Service VPN Interface:
no shutdown • Interface is placed into appropriate
vrf forwarding $VRF
encapsulation dot1q $VLAN VRF
ip address $IP_ADDRESS • Routes learned over this
ip mtu 1500 connection are isolated to Service
exit VPN/VRF
Site-to-Site:
Backbone as a Service
Backbone on Demand
Catalyst 8000v 802.1Q

L2 Point-to-Point
Catalyst 8000v
User-defined Bandwidth
(Policed in underlay)
(VPNn)
(VPNn)
Service
Service
Gig1.X Gig1.X
Lo1 Lo1
Region1 Region2
(Unbound) (Unbound)
Gig1.n Gig1.n
Transport
Transport
(VPN0)
(VPN0)
SD-WAN
Fabric
Gig1 Gig1
Scope of Automation
Backbone on Demand Configuration
Catalyst 8000v interface GigabitEthernet1.$VLAN1 New Interface Block:

no shutdown • VLAN ID provided by Megaport
encapsulation dot1Q $VLAN
ip address $IP_ADDRESS • IP Address is auto-defined
ip mtu 1500 • Represents L2 point-to-point
exit
interface Loopback1 connection to remote region
no shutdown
ip address $IP_ADDRESS New TLOC Interface:
ip mtu 1500 • Unbound Loopback
interface Tunnel1
no shutdown • New backbone connections to
ip unnumbered Loopback1 other regions create a new
ipv6 unnumbered Loopback1
tunnel source Loopback1 sub-interface, but utilize
tunnel mode sdwan existing Loopback
exit • IP Address is auto-defined
ip route $PEER_LOOPBACK_IP
$PEER_PHYS_IP • Static route defined to
sdwan establish connectivity to
interface Loopback1
tunnel-interface remote Loopbacks
color $COLOR • Color defined in Global
max-control-connections 0
vmanage-connection-preference 0
Settings
Demo
Summary
Realize Cloud Potential with SD-WAN Interconnect
Worldwide network
Highly Available
Ready to go Backbone Single provider connecting to worldwide End-to-End Visibility
Network
providers
• Reduce provisioning • 99.999% availability • Reduce touchpoints • 200 network • Visibility to 1500+
from months to minutes underlay virtual cross from multiple service providers, business applications
- Create connections in connections providers to 1 provider more than 700 data (including SaaS
10 minutes or less – Cisco centers, and 360 IT applications) and major
• End to end security, service providers IaaS clouds
• End to end network segmentation and • Shift to OPEX and and aaS providers
Automation from policy through SD- reduce overhead costs • Extend Cisco SD-WAN
branch into clouds WAN fabric by 20% • Reduce cost up to fabric across SDCI
54% in egress fees backbone
• Virtual everything - No • Connect anywhere to • Point and click circuit and 75% in MPLS
HW requirements everywhere provisioning through fees
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential vManage
Cisco SASE Architecture & Offer
Reshma Patil
Contents
SASE Market Opportunity
Positioning Cisco SASE Solution
Cisco SASE Bundle Offer

Incentives
Use Cases
Value Proposition
Call to Action
Additional Resources
Why is this Bundle Offer Important to You?
Must Act Now
Customers making No one has the

strategic decisions now breadth of Cisco Help customers
secure the edge and
Looking at SASE to Today: all the core capabilities remote workers
re-architect network and security of a
for the future SASE architecture Fend off competitors,
defend your base
Future: delivered as
a single, integrated Sell the new SASE offer as the
subscription service next step in the journey
Problem Statement Solution Outcome

Cloud Disruption of the Customer Technology Stack
Disruption in Process
Compute Storage
Network + Security
Massive distribution of users
and applications
Disrupted Disrupted
Internet as transport of choice
Single platform for policy and visibility
Flexible, subscription-based service
Major SASE use cases
Internet /
SaaS / IaaS
Secure remote worker Secure edge
• Seamless connection to apps • Streamline connectivity to public
and data anywhere users work and private apps across all office
Secure Access Service locations
• Secure access to internet and Edge
cloud apps SD-WAN • Provision SD-WAN fabric across
fabric thousands of users and locations
• Authenticate users and ensure
device health before • Secure access to apps
establishing connection and direct internet access
Remote worker Campus/Branch,

colocation and
hosted data centers 45
Positioning Cisco
SASE Solution
Solving the problem statement
Today’s cloud-centric world
Drives the need for a secure access service edge (SASE) architecture
• Combine networking and security

functions in the cloud Internet / SaaS / IaaS
• Connect users to the apps and data
needed — in any environment, from
anywhere Secure Access Service Edge
• Control access and enforce the right

security protection consistently
All locations Headquarters/ Remote

campus workers
Components of Cisco’s SASE architecture
Connect Control
Converge
SD-WAN Cloud security
Powered by Available as a single offer Umbrella: SWG, firewall,
Viptela or Meraki DNS security, CASB
Integrated solutions
Remote access Zero trust
AnyConnect, Duo network access
Duo
Observability: ThousandEyes
Selling Cisco SASE
Building blocks Now Future
Cloud Security A la carte

(Umbrella) Components purchased independently Single subscription service
over time
All SASE functionality delivered
Zero Trust Network Access through a cloud dashboard as a single
(Duo) SASE Bundle Offer subscription service
Components orderable and priced
under single SKU
SD-WAN
(Viptela, Meraki)
Enterprise Agreement
Components wrapped in multi-year, Provider offer
Observability enterprise-wide deal
(ThousandEyes) SASE subscription offering for
Providers to build partner-led
managed SASE solutions
Cisco
SASE Bundle Offer
Cisco SASE Bundle Offer
SASE-XARC-OFFER
• A single Major Line Bundle PID • Leverage existing PID structure from each of the products
• Investment Protection: Bridges to future subscription offer • Flexibility in bundle to configure necessary options
• Offer GA Date May 2021 within the quote

• Subject to Product availability in local countries
• Buy any 2 or more from the offer groups and save
Secure SD-WAN Secure SD-WAN Zero Trust

Cloud Security Observability
Viptela Meraki Network Access
Hardware Hardware Cisco Umbrella Duo ThousandEyes*

C112X, C116X, 1SR1100, MX250, MX450, MX64, SIG Essentials, with Beyond TE-Units
Cat8K MX67, MX68, Z3 optional add-ons: TE-Users
Duo Support
• L7 Cloud TE-Insights
Software Licenses Software Licenses* Premium Support
Delivered Firewall
Cisco DNA Essentials Enterprise • Data Loss Prevention**
Cisco DNA Advantage Advanced Security • Remote
SD-WAN Plus
Cisco DNA Support Browser Isolation**
Solution Support
SIG Advantage**
Umbrella Support
Enhanced Support
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Premium Support 51
*Basic Support included *Support included
**Coming Q4 FY21 *Basic Support included *Support included
Sales/Partner
Cisco SASE Partner Promotional Offer
SASE-XARC-OFFER
To qualify for the discounts, buy 2 or more product categories
and earn incremental discount points when you register the deal
Earn 15% incremental Earn 6% incremental discounts Earn 8% incremental discounts
discounts
Secure SD-WAN Secure SD-WAN Zero Trust

Cloud Security Observability
Viptela Meraki Network Access
Hardware Hardware Cisco Umbrella Duo ThousandEyes*

C112X, C116X, 1SR1100, MX250, MX450, MX64, SIG Essentials, with Beyond TE-Units
Cat8K MX67, MX68, Z3 optional add-ons: TE-Users
• L7 Cloud TE-Insights
Software Licenses Software Licenses*
Delivered Firewall
Cisco DNA Essentials Enterprise • Data Loss Prevention**
Cisco DNA Advantage Advanced Security
SD-WAN Plus SIG Advantage**
**Coming Q4 FY21
• Incremental discount points stack on top of OIP/TIP and Security Deal Registration and • Incremental discount points to not apply to support line items.
Security Account Breakaway where applicable. • All discounts are for direct / distributor pricing, and all 2-tier partners must negotiate directly with their distributor.
Partner Incremental Discount Examples Sales/Partner
SASE-XARC-OFFER
Secure SD-WAN Secure Remote Worker

Example 1: Example 3:
Product Incremental Discount Product Category Incremental Discount
Secure SD-WAN Meraki 6% pts Cisco Umbrella 6% pts
Cisco Umbrella 6% pts Duo 8%pts
ThousandEyes 8% pts
Example 2:
Product Incremental Discount
Secure SD-WAN Viptela 15% pts
Cisco Umbrella 6% pts
ThousandEyes 8% pts
Incentives
Register Your SASE Deal
Deal Registration is the only way to get the best possible discounts and the most
competitive price
Deal Registration protects the pre-sales investments you make when driving
specific behaviors (hunting, teaming, finding new technologies)
Helps align and build relationships between you and Cisco Account Managers
Partners who follow this strategy increase their chances of winning deals
while increasing margins and profitability
SASE Partner Discounts
Base Discount SASE SASE Offer with
SASE Promotional Offer
(Core or Market Category) Offer Discount Hunting/Teaming
Cisco Viptela 42% 57% +15 65% +15
Cisco Meraki 42% 48% +6 56% +6
Cisco Umbrella 42% 48% +6 66% +6
Cisco Duo 20% 28% +8 43% +8
Cisco ThousandEyes 20% 28% +8 38% +8
All discounts are for direct/distributor pricing, and all 2-tier partners must negotiate directly with their distributor.
Earn Backend Rebates
VIP Rebates Perform Plus
The SASE promotion combines The SASE promotion combines

Enterprise Networking and Security for Enterprise Networking and Security for
a cross Architecture VIP Payout a cross Architecture Payout in Perform
Plus of 2%
Earn Q4 VIP Kickers of up to 4% for Earn incremental Security SaaS
eligible Enterprise Networking PIDS Portfolio Bonus of 4%
increasing your VIP Rebate Payout
More on Link to Perform Plus
www.cisco.com/go/vip www.cisco.com/go/performplus
Cisco SASE
“Shogun” Reward
for Partner SEs
https://www.ciscoshogun.com/
ViewAllPromotions
Seller Rewards SASE Deal Registration SPIFF
(AMER and APJ )
Account Manager (AM) and SE Rewards
Account Systems
SASE Deal
Manager Engineer
Bookings
Points Points
$25k - $149k 300,000 300,000
$150K - $299K 400,000 400,000
$300K - $499K 500,000 500,000
$500K and above 600,000 600,000
Account Managers (AM) Click Here to Claim
Up to 600,000 points each for each deal

Use Cases
Solve SASE Use Cases With This Offer
SASE-XARC-OFFER
Secure Remote Worker
Cloud security Zero trust Observability
Umbrella Duo ThousandEyes
Secure Edge
SD-WAN Cloud security Zero trust Observability
or
Meraki Viptela Umbrella Duo ThousandEyes
Secure
Remote Worker
Use Case
Key challenges: Secure remote worker
Providing users with safe access to the internet and
applications from any location
Challenges:
• Hard to protect roaming users without negatively impacting end users
• Users often bypass VPN and on-prem security stack
• Difficult to verify identity of users and health of devices
• Inconsistent enforcement of security protection across disparate locations
Keeping up with evolving threats and the

acceleration of distributed work
Challenges:
• Hard to identify and address gaps in protection consistently
• Need better visibility into threats and access to rich threat intelligence
aggregated from multiple sources
• Require stronger integrations across their security stack to reduce
response times
Use case: Secure remote worker
• How it works
CISCO SASE
Internet
AnyConnect
Umbrella Duo
DNS security Adaptive MFA
Public cloud/ SaaS
Remote worker Secure web gateway Device health
Cloud access security broker Behavior analytics
(CASB) Clientless remote access
Private apps / nets

Co-location nets
Connect Control Converge

Umbrella, Duo, AnyConnect Umbrella, Duo
• Secure onramp to the Internet by redirecting DNS • Reduce malware by easily delivering the right • Simple, integrated deployment to connect and secure
and web traffic to cloud security level of security to your distributed workforce • Common cloud-delivered security policy and visibility
• Reduce reliance on VPN for access to web • Intuitive multi-factor authentication and single • Built-in SecureX platform for visibility, orchestration
applications and SSH servers sign-on workflows for quick and secure access and extended detection and response (XDR)
• Access to Cisco AnyConnect Secure Mobility client from any device to any application
(license included in Umbrella SIG) to deploy • Meet compliance goals with adaptive policies
Umbrella
© 2021 module
Cisco and/or to forward
its affiliates. All rightstraffic.
reserved. Cisco Confidential based on user and device trust 64
Customer Case Study: KCA Deutag
Challenge Solution Result
• Delivering safe and effective operations across • Cisco Umbrella • Complete visibility into internet activity
diverse geographical locations across all users, devices, and locations
• Cisco Duo
• Backhauling internet traffic to central locations • Granular application controls to prevent risky
• Cisco Identity Services Edge (ISE)
was expensive and negatively impacted user activities
experience. • Cisco AMP for Endpoints • Cisco Umbrella’s secure web gateway (SWG)
• Difficulty getting engineers to remote oil rigs • Cisco Threat Grid inspects and controls web traffic to ensure
due to challenging environments compliance with policies and blocks hidden threats
• Lacked important security capabilities to • Cisco’s integrated security architecture,
discover and block hidden threats, reduce the streamlines investigations and threat response
risks of shadow IT apps, and simplify policy
• With direct internet access, KCA Deutag now
enforcement for user access across all sites
enjoys faster access to cloud applications and
workloads
“A lot of our rigs are in remote locations, drilling in Sub-Saharan Africa or Arctic Russia. They’re very challenging
environments from a safety, accessibility, and connectivity point of view. The Customer Success team made our rollout and
deployment a lot smoother than it would have been without their help. Umbrella has definitely improved our security posture
by an order of magnitude from where we were before."
-Mark McRitchie, IT and Security Architect, KCA Deutag
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Jan 2021: Cisco.com Blog 65
Secure Edge
Use Case
Key challenges: Secure edge
Connect to applications securely anywhere
60% of organizations expect majority of applications
to now be SaaS
Challenges:
• Multi-vendor cloud deployments result in complex connectivity
• Lack of simplified management, automation and tight integrations
• Avoiding inconsistent and poor user application experience
• Lack of visibility from user across to any multi cloud environment
• Flexibility of choices
Secure traffic from any user to any location

IT needs to deliver secure access as close to the users
as possible
Challenges:
• Scalable for anywhere access
• Protect users, devices and applications from the latest cyber threats
• Seamlessly authenticate everyone and anything
• Policies that follow the user wherever they come from to keep them secure
Use case: Secure edge
CISCO SASE
• How it works
Umbrella Duo
DNS security Adaptive MFA
Secure web gateway Device posture and health
Cloud-delivered firewall Behavior analytics Internet
Cloud access security Continuous verification
broker (CASB)
Network edge SD-WAN SaaS
Analytics / automation Application SLA

Middle-mile efficiency SaaS optimization
ThousandEyes / telemetry Integrated multi-cloud access
Private/public cloud
Connect Control Converge

Cisco SD-WAN Umbrella, Duo
• Software-defined transport agnostic • SaaS optimization (ie. M365) for • Cloud security stack to secure all • Simple, fast deployment of network and
dynamic path selection improved user experience outbound traffic to internet/SaaS security
• Integrated multicloud connectivity • End-to-end observability with • Establish zero trust application access • Zero touch provisioning
enabling consistent policy to cloud telemetry insights for user/device • Common cloud-delivered security policy
networks
• Automate response across network
• Cloud agnostic middle-mile
diameter with SecureX
optimization
© 2021 (SDCI)
Cisco and/or its affiliates. All rights reserved. Cisco Confidential 68
Customer Case Study: Fortune 100 Company
Challenge Solution Result
• Deliver a seamless and secure global connectivity • Cisco DNA for SD-WAN and Routing • Holistic network design inclusive of security and
platform based on SASE, tied to Work from services
ANYWHERE approach • Cisco Umbrella
• Complete visibility into internet activity
• Enable innovation and business transformation • Cisco Threat Grid
across all users, devices, and locations
• Create a new array of perspectives and possibilities • Cisco AnyConnect • Granular application controls to prevent risky
for businesses in different fields including supply
• Cisco AMP activities
chain, retail, safety, aerospace and defense,
building and manufacturing. • Cisco Cloud OnRamp • Inspection and control of web traffic ensures
• Improve the experience of developers and users as compliance with policies and blocks hidden threats
the centralized datacenter model was not working • Integrated VPN capabilities
with new SaaS environments
• Automated networking and security
• Explore cost savings, network simplification and
site level refinements via SDWAN
“Cisco further expanded our biggest strategic initiative, SD-WAN, by delivering a single vendor, SASE-based solution. Several
Cisco products operate together seamlessly to enable our diverse workforce and subsidiaries to be productive from any
location, ensuring secure access to shared company resources. Cisco has a fully realized SASE vision that delivers the goods.”
-Chief Digital Technology Officer, Fortune 100 Company
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Jan 2021: Cisco.com Blog 69
Value Proposition:
Customer
Partner
Why Your Customers Should Care
Buy Complete SASE Architecture, Do SASE Your Way

Simply Transition to the cloud where and when it makes sense
Cisco offers all core components of a SASE for your business.
architecture. Make it simple to purchase in a single
offer.
Protect Investments Solve SASE Use Cases Today

Add to existing Cisco investments as you adopt SASE. Purchase and implement technology to deliver secure
Easily transition to single subscription service in the access to applications, anywhere users work
future, with investment protection.
Why Should Partners Utilize The SASE Offer?
Capitalize on The Biggest Market Build – Scale – Optimize
Opportunity Position your security, networking,
integration, migration and observability
40% of enterprises intend to adopt SASE by 2024 (Gartner,
services to drive adoption
The Future of Network Security Is in the Cloud, August
2019). Scale customers’ applications, from on-
prem to Cloud
20.3B TAM IDC WW Network Security Forecasts 2022
Optimize customers’ deployments
Outpace the Competition
Leader in networking & security and Enhance Trusted Advisor Role
the largest SD-WAN provider in the world, with #1 Demonstrate intimate knowledge
market share and more than 30,000 customers. of future networking trajectories.
Expand your conversations into offering cross Advise and guide customers towards future-
architecture SASE solutions to address customer needs state architecture, not current state.
and workflows.
Increase discount levels when 2 or more SASE Deliver investment protection that bridges
components are purchased. customer to as-a-service SASE.
Simple offer: Single PID SASE-XARC-OFFER
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Engage new buying centers and add72more
value
Call to Action
Call to Action
Drive POC's and adoption Position SASE by leveraging

to earn Seller and/or dCloud demos and engage
Shogun Rewards with PAMs to identify
opportunities
Take the SASE Mission Sell your services and

Training* further enhance your
profitability
*available end of May 2021 74
Additional
Resources
SASE Sales Hub
Cisco SASE Resources SASE for customers:
https://cisco.com/go/sase
SASE Campaign on Marketing Velocity
Central

Cisco Live! 2021 SASE track
Cisco Umbrella
Cisco Zero Trust
ThousandEyes
Cisco Secure Access
Questions about the Cisco SASE Bundle Offer for partners?
Email sase-offer-partners@cisco.com
Cisco SD-WAN
Cisco Partner Resources
Seller Rewards
Cisco Shogun
Perform Plus
Value Incentive Program
Deal Registration
Cisco Ready for Partners
Cisco Black Belt Academy

Cisco SD WAN Cloud Interconnect With Megaport and Announcing A New SASE Bundle Offer - 20210527 1501 1

Uploaded by

Copyright:

Available Formats

You might also like

Cisco SD WAN Cloud Interconnect With Megaport and Announcing A New SASE Bundle Offer - 20210527 1501 1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cisco SD WAN Cloud Interconnect With Megaport and Announcing A New SASE Bundle Offer - 20210527 1501 1

Uploaded by

Copyright:

Available Formats

Optimize your Cloud

Architecture with Cisco

Cisco Enterprise Networking & Cloud Teams

Cisco SD-WAN Cloud

Cisco SASE Architecture

Cisco SASE Offer

SD-WAN Automated Cloud Edge

Hop Count Reduction

102 Unique Data Megaport’s Unique 365+ Service Providers

Scalable and on demand

Private and Secure

100+ Unique Data Centre Operator Partners

- Asia Pacific SE1 (Singapore) - Amsterdam - Sydney

United States Canada Europe

• East US • North Central US Asia

Europe Regions Australia/New Zealand

United States Canada Europe

North America Regions

Cisco SDCI with Megaport

Connecting to the Cloud

Any questions - email us at:

• Multiple Providers with expensive infrastructures

NEW Dynamic and Programmable Connections

NEW Dynamic and Programmable Connections

Months to Minutes - Faster time to service

1Gbps, large = 5Gbps)

• Cisco Catalyst 8000V Licensing:

• Virtual Cross-Connect Licensing:

Megaport Region1 interface GigabitEthernet1

Catalyst 8000v • Untagged WAN (Internet) interface

… IAAS • VLANs defined by Megaport

• Virtual interface handoff is 1Gbps,

Catalyst 8000v User-defined Bandwidth

Catalyst 8000v User-defined Bandwidth

Direct Public VIF

Catalyst 8000v interface GigabitEthernet1.$VLAN New Interface Block:

Catalyst 8000v vrf definition $VRF Service VPN Definition:

Catalyst 8000v 802.1Q

Catalyst 8000v interface GigabitEthernet1.$VLAN1 New Interface Block:

Positioning Cisco SASE Solution

Cisco SASE Bundle Offer

Must Act Now

Customers making No one has the

Problem Statement Solution Outcome

Remote worker Campus/Branch,

• Combine networking and security

• Control access and enforce the right

All locations Headquarters/ Remote

Building blocks Now Future

Cloud Security A la carte

• Offer GA Date May 2021 within the quote

Secure SD-WAN Secure SD-WAN Zero Trust

Hardware Hardware Cisco Umbrella Duo ThousandEyes*

Secure SD-WAN Secure SD-WAN Zero Trust

Hardware Hardware Cisco Umbrella Duo ThousandEyes*

Secure SD-WAN Secure Remote Worker

Secure SD-WAN Meraki 6% pts Cisco Umbrella 6% pts

Cisco Umbrella 6% pts Duo 8%pts