Cisco is unwrapping a range of enhancements for its SD-WAN package that it says will help enterprise IT organisations secure, simplify and optimise their wide-area network operations and management.
The upgrades include new routing management capabilities, integration with Microsoft Sentinel and Skyhigh Security systems, a new Catalyst edge device, and improved support for Catalyst cellular connectivity. Cisco’s SD-WAN package includes myriad features to tie together routers, switches or virtualised customer premises equipment (vCPE) from cloud, branch and remote sites, all managed through a single console, the Catalyst SD-WAN Manager.
On the connectivity side, Cisco added a feature called SD-Routing that provides a new GUI interface to the Catalyst SD-WAN Manager.
“Cisco’s traditional routing base is huge, and management historically has been through CLI and scripts,” said JP Shukla, director of product management, SD-WAN, at Cisco. “With SD-Routing, we now provide a simplified GUI interface, and customers no longer need the highly skilled network engineers everywhere for monitoring, troubleshooting, upgrading and provisioning. With this new capability, Cisco is providing a single manageability experience for both traditional routing and SD-WAN environments.”
For customers that use Microsoft’s Sentinel cloud-based security information and event management (SIEM) offering, the Cisco SD-WAN package now can feed information to the SIEM platform to help customers observe user behavior, detect attacks and hunt for threats, Shukla said.
Cisco has developed a SIEM-based management dashboard that can integrate with Splunk – the security firm Cisco recently said it would acquire for $28 billion – that will ultimately compliment the Sentinel SD-WAN support, Shukla said.
“Organisations benefit from intelligent security analytics, threat intelligence integration, security orchestration and automation, automated response playbooks, enhanced visibility into user behavior, and seamless integration with the broader security ecosystem,” Cisco wrote in a blog about the integration of its SD-WAN and Sentinel. “These capabilities strengthen organisations’ security posture, allowing them to effectively detect, respond to, and mitigate a wide range of security threats.”
Cisco has also integrated its SD-WAN with technology from cloud security company Skyhigh Security. With this integration, customers have access to a straightforward, template-based configuration that can be set up in minutes and applied across thousands of sites to build secure access service edge (SASE) architectures tailored to their business, Cisco stated.
Cisco works closely with third-party connectivity providers Megaport and Equinix and has boosted integration between their platforms and Cisco’s SD-WAN package as well.
Specifically, Cisco has added its Catalyst virtual routing platform, Catalyst 8000V, to Equinix deployments. Equinix customers can now deploy Catalyst 8000V with Equinix fabric at all Equinix Network Edge-enabled locations to benefit from features including higher throughput and audit capabilities, Cisco stated.
In addition, Cisco’s Cloud OnRamp’s Audit Infrastructure can audit customers’ infrastructure in the cloud and at Megaport/Equinix sites to check for discrepancies generated when managing network and cloud resources through multiple dashboards and by multiple teams, Shukla said.
Other key SD-WAN-related enhancements include:
- A new 1RU family of Universal Customer Premise Equipment (uCPE) family of devices that can be managed via the SD-WAN Manager. The Catalyst 8300 Series Edge uCPE offers higher CPU power with 20 Intel Xeon core processors, increased network bandwidth with 4 included 10Gig SFP ports, and optional LAN and 5G modules for additional capacity, Shukla said. Customers can consolidate physical networking and security devices and manage uCPE device and guest VNFs running on them with the SD-WAN Manager, Shukla said.
- Catalyst cellular gateway customers can now upgrade their cellular gateways remotely and at scale from SD-WAN Manager. A dedicated firmware upgrade workflow allows customers to select a remote server from where devices will download firmware files.