Cloud-delivered Cisco Catalyst SD-WAN Getting Started Guide


Note
To achieve simplification and consistency, the Cisco SD-WAN solution has been rebranded as Cisco Catalyst SD-WAN. In addition, from Cisco IOS XE SD-WAN Release 17.12.1a and Cisco Catalyst SD-WAN Release 20.12.1, the following component changes are applicable: Cisco vManage to Cisco Catalyst SD-WAN Manager, Cisco vAnalytics to Cisco Catalyst SD-WAN Analytics, Cisco vBond to Cisco Catalyst SD-WAN Validator, Cisco vSmart to Cisco Catalyst SD-WAN Controller, and Cisco Controllers to Cisco Catalyst SD-WAN Control Components. See the latest Release Notes for a comprehensive list of all the component brand name changes. While we transition to the new names, some inconsistencies might be present in the documentation set because of a phased approach to the user interface updates of the software product.

Cloud-delivered Cisco Catalyst SD-WAN is a platform for Cisco Catalyst SD-WAN services that reduces and simplifies operational tasks for your Cisco Catalyst SD-WAN fabric. With this platform, you can deploy the Cisco Catalyst SD-WAN fabric, managing only Edge devices and the Edge network, while Cisco owns almost all the operational responsibilities for the fabric. Cloud-delivered Cisco Catalyst SD-WAN provides flexible cloud consumption, operational simplicity, and the comprehensive analytics features that are part of Cisco Catalyst SD-WAN.

Cloud-delivered Cisco Catalyst SD-WAN is ideal for small-sized or medium-sized businesses and enterprises that have limited network resources and want to limit the operational burdens of running the Cisco Catalyst SD-WAN fabric.

This document describes the initial setup and configuration procedures for cloud-delivered Cisco Catalyst SD-WAN. Perform these procedures from the Cisco Catalyst SD-WAN Portal, which provides options for creating and accessing management tools for fabrics in cloud-delivered Cisco Catalyst SD-WAN.

Prerequisites for Cloud-delivered Cisco Catalyst SD-WAN

  • An active Cisco Smart Account.

  • An active Cisco Virtual Account.

  • The SA-Admin role for your Cisco Smart Account. (Required to access the Cisco Catalyst SD-WAN Portal for the first time and to create a fabric. Not required thereafter.)

  • A valid order for cloud-delivered Cisco Catalyst SD-WAN on Cisco Commerce (formerly CCW).

Create a Fabric in the Cisco Catalyst SD-WAN Portal

  1. In your web browser, enter the following URL to access the Cisco Catalyst SD-WAN Portal:

    https://ssp.sdwan.cisco.com

  2. Follow the prompts to log in with your Cisco Connection Online user name and password, and authenticate.

    The Cisco Catalyst SD-WAN Portal Dashboard appears.

  3. Click Create Fabric.

  4. In the Create Fabric page, perform these actions:

    1. From the Smart Account drop-down list, choose the name of your Cisco Smart Account.

    2. From the Virtual Account drop-down list, choose the name of your Cisco Virtual Account.

    3. Click Assign SDWAN Fabric License.

    4. In the Assign SD-WAN Fabric License pane, choose Cloud-Delivered from the License Type drop-down list, choose SD-WAN from the Fabric Choice drop-down list, and click Assign.

    5. In the Fabric field, enter a name for the fabric.

    6. From the Location drop-down list, choose the location where the fabric will be spun up.

    7. In the Fabric Admin field, enter the Cisco Connection Online email address or mailer list name of the administrator of the fabric.

      The Cisco Catalyst SD-WAN Portal sends notifications about the fabric to this email address or mailer list.

    8. Click Click here to review and agree to Terms & Conditions before proceeding, and in the Terms and Conditions dialog box, review the information that is shown, and click I Agree.

    9. Click Create Fabric.

      The system creates the fabric. This process can take up to 60 minutes. Information about the progress of this process appears in the Create Fabric Progress area.

      After the fabric is created, it appears as a tile in the Cisco Catalyst SD-WAN Portal Dashboard window and you can manage it from the Cisco Catalyst SD-WAN Portal.

Add User Roles

A user who creates a fabric is automatically given the Admin role for that fabric. This user can then configure user roles for other users.

A user's role defines which Cisco Catalyst SD-WAN Manager features the user has read-only access to, and which features the user has read and write access to.


Note
Before you can add a role for a user, the user must have an account in Cisco Connection Online.

  1. Log in to the Cisco Catalyst SD-WAN Portal as a user with the Admin role for the fabric.

  2. Click View Details.

  3. In the Fabric Details page, click User Role.

  4. Click Add User Role.

  5. In the User Email ID field, enter the Cisco Connection Online email address for whom you are adding a role.

  6. From the Role drop-down list, choose the user group to which this user should belong.

    User groups are configured in Cisco Catalyst SD-WAN Manager. A user group specifies which features the users in the group have read-only access to, and which features the users have read and write access to.

  7. Click Add.

Access Cisco SD-WAN Manager

Cisco SD-WAN Manager provides options for configuring, managing, and monitoring a fabric. Any user with a user role that has been added to the Cisco Catalyst SD-WAN Portal can access Cisco SD-WAN Manager.

  1. Log in to the Cisco Catalyst SD-WAN Portal.

    This login provides single sign-on authentication for the Cisco Catalyst SD-WAN Portal and Cisco SD-WAN Manager.

  2. Click Manage Fabric on the card of the fabric you want to access.

  3. Using your credentials, log in to Cisco SD-WAN Manager.

To exit the Cisco Catalyst SD-WAN Center and return to the Cisco Catalyst SD-WAN Portal, choose SD-WAN Portal from the Cisco SD-WAN Manager menu.

Access Cisco Catalyst SD-WAN Analytics for a Fabric

Cisco SD-WAN Analytics provides information about device behavior, traffic, and related activities in your fabric.

  1. Log in to the Cisco Catalyst SD-WAN Portal as a user with the Admin role for the fabric and navigate to the Cisco Catalyst SD-WAN for that fabric.

  2. From the Cisco Catalyst SD-WAN menu, choose Analytics > Overview.

For more information, see Cisco Catalyst SD-WAN Analytics.

Migrating Cisco Hosted Cisco Catalyst SD-WAN to Cloud-delivered Cisco Catalyst SD-WAN

Overview

If you are using Cisco hosted Cisco Catalyst SD-WAN with a dedicated fabric and fewer than 800 devices, we recommend that you migrate to cloud-delivered Cisco Catalyst SD-WAN to simplify your operations, reduce your daily networking management tasks, and bring your fabric into compliance with the Cisco Catalyst SD-WAN controller policy.

If you choose not to migrate, you need to purchase controllers for a dedicated Cisco Catalyst SD-WAN fabric.

Migration Process

If you are entitled to migrate from Cisco hosted Cisco Catalyst SD-WAN to cloud-delivered Cisco Catalyst SD-WAN, we’ll contact you. We’ll let you know that you are entitled to the migration, and we’ll request the information that we need from you for the migration process.

Alternatively, you can open a case with the Cisco Technical Assistance Center (TAC) and request that the Cisco Cloud Operations team perform a migration.

After you provide the information that is required for a migration, we’ll contact you within 48 hours to schedule a maintenance window during which to perform the migration. This migration can take up to approximately 6 hours, depending on the number of devices in your fabric.

The Cisco Cloud Operations team performs the migration remotely. If any issues prevent a successful migration, we’ll resolve the issues and contact you as needed.

A migration has a minimal effect on the data plane because the control connection is automatically reestablished after the migration completes.

What to Expect From the Migration

  • Enterprise certificates are not supported in cloud-delivered Cisco Catalyst SD-WAN.

  • Custom subnets are not supported in cloud-delivered Cisco Catalyst SD-WAN. Custom subnets that were configured in your Cisco hosted Cisco Catalyst SD-WAN for a dedicated fabric are removed during the migration.

  • A new URL is generated for accessing Cisco Catalyst SD-WAN Manager. You can access this URL from the Cisco Catalyst SD-WAN Portal. Your old URL for accessing Cisco Catalyst SD-WAN Manager is not retained.

  • Proxy settings from your Cisco hosted Cisco Catalyst SD-WAN for a dedicated fabric are disabled.

  • Statistics data from your Cisco hosted Cisco Catalyst SD-WAN for a dedicated fabric are not retained.

  • Analytics data from your Cisco hosted Cisco Catalyst SD-WAN for a dedicated fabric data is not retained.

  • Identity provider information Cisco hosted Cisco Catalyst SD-WAN for a DEDICATED fabric is not retained.

  • Configuring your own identity provider information is not supported in cloud-delivered Cisco Catalyst SD-WAN.

  • No inbound rules setting is required in cloud-delivered Cisco Catalyst SD-WAN.

Migration Prerequisites

Before we perform your migration from Cisco hosted Cisco Catalyst SD-WAN to cloud-delivered Cisco Catalyst SD-WAN:

  • Ensure that you have valid cloud-delivered Cisco Catalyst SD-WAN licenses in the Cisco Smart Account and Virtual Account for your current dedicated fabric.

    For information about obtaining these licenses, contact your Cisco representative.

  • Upgrade your Cisco hosted Cisco Catalyst SD-WAN fabric to match the current cloud-delivered Cisco Catalyst SD-WAN version. We’ll let you know what this version is.

    For upgrade instructions,, see Upgrade SD-WAN Controllers with the Use of vManage GUI or CLI.

  • When requested, provide us with the netadmin credentials for your existing Cisco hosted Cisco Catalyst SD-WAN fabric.

  • Optionally, delete all Cisco Catalyst 8000 Edge Platforms that you are using as cloud gateways for TACACS. Cloud-delivered Cisco Catalyst SD-WAN currently does not support cloud gateways for TACACS. If you do not delete these platforms, they exist after the migration but are not functional.

Post Migration

After the migration completes, your old Cisco hosted Cisco Catalyst SD-WANfabric is no longer operational. You can access your new cloud-delivered Cisco Catalyst SD-WAN fabric using the Cisco Catalyst SD-WAN Portal. For more information, see Cisco Catalyst SD-WAN Portal Configuration Guide.