The Cisco Catalyst SD-WAN Portal is a cloud-infrastructure automation tool tailored for Cisco Catalyst SD-WAN, which provides a quick way to provision, monitor, and maintain Cisco Catalyst SD-WAN controllers on public cloud providers.

You can provision the following controllers using the Cisco Catalyst SD-WAN Portal:

• Cisco SD-WAN Manager

• Cisco SD-WAN Validator

• Cisco SD-WAN Controller

The Cisco Catalyst SD-WAN Portal enforces multi-factor authentication (MFA) by default for the portal access. You can configure the Cisco Catalyst SD-WAN Portal to use an identity provider (IdP) that lets you connect any user with any application on any device, using single sign-on (SSO).

• Purchase a Cisco DNA subscription on the Cisco Commerce Workspace.

• Create or open an existing Smart Account.

• Create a Virtual Account associated with your Smart Account.

• Add the device serial numbers on the Cisco Plug and Play (PnP) Connect portal.

  For more information, see Cisco Network Plug and Play Connect Capability Overview.

• Enables visibility into critical statistics like instance CPU utilization

• Provides a centralized dashboard for real-time monitoring of your Cisco Catalyst SD-WAN overlay networks

• Includes a wizard-driven interface for easy navigation to the appropriate task in the workflow

• Provides selection of cloud providers with options for specifying geographic locations for primary and secondary data storage

• Supports secure log in using an IdP for single sign on (SSO) with multi-factor authentication (MFA)

• Supports role-based access control (RBAC)

• Supports provisioning of new overlay networks with custom subnets for on-premises TACACS server connections to overlays

Payment Card Industry Data Security Standard (PCI DSS) is an industry information security standard designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. For more information, see the PCI Security Standards Council website.

Companies handling credit card information are required to maintain data in a secure manner that reduces the likelihood of sensitive financial data being stolen. If merchants fail to securely handle credit card information, then that data can become compromised and used to make fraudulent purchases. Additionally, sensitive information about the cardholder can be used in identity fraud.

While Cisco Catalyst SD-WAN does not directly store or process any cardholder data, Cisco Catalyst SD-WAN is considered a Cloud Service Provider (CSP).

The Cisco Catalyst SD-WAN solution is a certified PCI DSS level 1 service provider and is available on all extended support releases.

The Cisco Catalyst SD-WAN solution includes security controls aligned with PCI DSS requirements. PCI DSS certification is possible using version 4.0 with Cisco Catalyst SD-WAN as an integral part of their network.

If you want to obtain a PCI DSS certification for your network, we recommend purchasing the Cisco Catalyst SD-WAN certified version for one of the supported releases.

To receive a report for Cisco Catalyst SD-WAN PCI DSS compliance, contact your channel partner.

A Smart Account contains the licenses purchased by your organization. A Smart Account is a central repository where you can view purchased software assets, register, and report software use, and manage licenses across the entire organization.

For the Cisco Catalyst SD-WAN Portal, Cisco enables access to the Cisco Catalyst SD-WAN Portal Smart Account administrator. A Smart Account administrator can view and perform operational tasks related to your controller infrastructure, such as viewing the controllers’ IP addresses and modifying the controllers' IP access lists. If you do not wish for certain users to receive such access, go to the Manage Smart Account section of Cisco Software Central, and remove those users as Smart Account administrators, or use the IDP (identity provider) onboarding feature to grant access to the Cisco Catalyst SD-WAN Portal based on the trusted users in the IDP.

For more information, see Workflow for Smart Account and Virtual Accounts for Provisioning the Controllers.

Virtual Accounts are subaccounts within your Smart Account. Virtual Accounts help you organize your Cisco assets in a way that is logical for your business. You can set up Virtual Accounts by department, product, geography, or other designation that best fits your company's business model.

A default Virtual Account is created for you. We recommend that you create a dedicated Virtual Account for creating Cisco Catalyst SD-WAN overlays.

For more information, see Create a Virtual Account Associated with Your Smart Account.

To provision a Cisco Catalyst SD-WAN controller, a Virtual Account must be associated with an offer attribute that is Cisco Catalyst SD-WAN capable. An Cisco Catalyst SD-WAN-capable attribute is associated with a Virtual Account when ordering your Cisco DNA cloud license.

Note

When you order Cisco DNA licenses using the enterprise agreement, automatic association of Virtual Accounts to an SD-WAN-capable attribute is not available. You need to submit a cloud-controller provisioning request form through the Enterprise Agreement Workspace for the Cisco CloudOps team to provision the controllers. Contact Cisco Catalyst SD-WAN Technical Support to request that the desired Virtual Account become available on the Cisco Catalyst SD-WAN Portal. After the desired Virtual Account is available on the Cisco Catalyst SD-WAN Portal, you can provision the controllers after providing the necessary enterprise agreement contract information.