Cloud-delivered Cisco Catalyst SD-WAN Getting Started Guide

Cloud-delivered Cisco Catalyst SD-WAN is a platform for Cisco Catalyst SD-WAN services that reduces and simplifies operational tasks for your Cisco Catalyst SD-WAN fabric. With this platform, you can deploy the Cisco Catalyst SD-WAN fabric, managing only edge devices and the edge network, while Cisco manages almost all the operational responsibilities for the fabric. Cloud-delivered Cisco Catalyst SD-WAN provides flexible cloud consumption, operational simplicity, and the comprehensive analytics features that are part of Cisco Catalyst SD-WAN.

Cloud-delivered Cisco Catalyst SD-WAN is ideal for small-sized or medium-sized businesses and enterprises that have limited network resources and want to limit the operational burdens of running the Cisco Catalyst SD-WAN fabric.

This document describes the initial setup and configuration procedures for Cloud-delivered Cisco Catalyst SD-WAN. Perform these procedures from the Cisco Catalyst SD-WAN Portal, which provides options for creating and accessing management tools for fabrics in Cloud-delivered Cisco Catalyst SD-WAN.

Prerequisites for Cloud-delivered Cisco Catalyst SD-WAN

  • Active Cisco Smart Account.

  • Active Cisco Virtual Account.

  • SA-Admin role for your Cisco Smart Account. (Required to access the Cisco Catalyst SD-WAN Portal for the first time and to create a fabric. Not required thereafter.)

  • Valid order for cloud-delivered Cisco Catalyst SD-WAN Manager on Cisco Commerce (formerly CCW).

Create fabrics in the Cisco Catalyst SD-WAN Portal

Cloud-delivered Cisco SD-WAN provides two methods for creating a fabric.

  • Cloud-delivered SD-WAN fabric is the default workflow. Cloud-delivered Cisco Catalyst SD-WAN is developed for small- or medium-sized business and enterprise environments that have limited network resources and want to limit the operational burdens of running Cisco Catalyst SD-WAN Control Components. For example, if you plan to onboard more than 800 devices to Cisco Catalyst SD-WAN Control Components you can choose Cloud-delivered Cisco Catalyst SD-WAN.

  • Dedicated Cisco hosted fabric is recommended if you need dedicated control components in an isolated cloud environment and manage large number of sites. To create a dedicated fabric, you must have a valid Smart Account license.

Create a Cloud-delivered Cisco Catalyst SD-WAN fabric

All customers who have a valid Smart Account are eligible to add a cloud-delivered Catalyst SD-WAN fabric. No Smart Account license is required to create a Cloud-delivered Cisco SD-WAN fabric.


Note

The Create Cisco Hosted Fabric page has a banner that describes the steps to create dedicated fabrics. See Create a Dedicated Fabric for more information.

Procedure

Step 1

Open https://ssp.sdwan.cisco.com to log in to the Cisco Catalyst SD-WAN Portal.

Step 2

Enter your Cisco Connection Online (CCO) username and password to open the Cisco Catalyst SD-WAN Portal Dashboard.

Step 3

In the dashboard, click Create Fabric.

Step 4

To create a fabric, perform the following:

  1. From the Smart Account drop-down list, choose the name of your Cisco Smart Account.

  2. From the Virtual Account drop-down list, choose the name of your Cisco Virtual Account.

  3. Enter the Fabric Name.

  4. Chose the Fabric Location.

  5. Enter the Fabric Admin(s).

Note

 

The information you selected and entered in steps a-e is listed in the Preview area of the page.

Step 5

Click Terms & Conditions in the Preview area.

Step 6

On the Dasboard, click Create Fabric.

Note

 

The default expiration date is July 31, 2027, for all newly created fabrics.
You are sent an email indicating that the fabric is created.

What to do next

You can now access the fabric by logging into the Cisco Catalyst SD-WAN Portal.

Create a Cloud-delivered Cisco Catalyst SD-WAN dedicated fabric

If you use dedicated fabrics you need to follow these steps.

Procedure

Step 1

Contact Cisco TAC to open a case with the Catalyst SD-WAN Cloud Infra team and request a dedicated fabric. You must provide the following information:

  • Customer Name

  • Sales Order Number for the Cisco Catalyst SD-WAN subscription

  • Smart Account and Virtual Account used to deploy dedicated control components

  • Customer contact name, phone, and email

  • Cisco Catalyst SD-WAN Control Components primary location and secondary location

  • Cloud type (either AWS or Azure)

  • Start date (the same date as the sales order number for SD-WAN subscriptions

  • Expiration date (the same date as the end date of the sales order number for Cloud-delivered Cisco Catalyst SD-WAN subscriptions

  • Control components type (for example, dedicated control components)

  • Reason for requesting dedicated control components (instead of using the default cloud-delivered control components)

After you provide the information, the Catalyst SD-WAN Cloud Infra team will review the information. The Cloud Infra team with send you an email stating that the dedicated fabric is ready for creation. After you receive the confirmation email, proceed to Step 2.

Step 2

Open https://ssp.sdwan.cisco.com to log in to the Cisco Catalyst SD-WAN Portal.

Step 3

In the Dashboard click Create Fabric.

Step 4

Enter your Smart Account and Virtual Account details.

Note

 

Make sure the details are consistent with the information you entered in the TAC case.

Step 5

Enter the following information:

  1. Fabric Name

  2. Controller Component Size

  3. Location

  4. Contact Information

Step 6

Click Create Fabric.

You receive an email that the fabric has been created.

What to do next

You can now access the fabric by logging into the Cisco Catalyst SD-WAN Portal.

Add User

When you create a fabric your are automatically given the Admin role for that fabric. You can then configure roles for other users.

A role defines which Cisco Catalyst SD-WAN Manager features have read-only access to, and which features the have read and write access.


Note
Before you can add a role for a user, the user must have an account in Cisco Connection Online.

  1. Log in to the Cisco Catalyst SD-WAN Portal with the Admin role for the fabric.

  2. Click View Details.

  3. In the Fabric Details page, click User Role.

  4. Click Add User.

  5. In the User Email ID field, enter the Cisco Connection Online email address for whom you are adding a role.

  6. From the Role drop-down list, choose the user group to belong to.

    User groups are configured in Cisco Catalyst SD-WAN Manager. A user group specifies which features the users in the group have read-only access to, and which features the users have read and write access to.

  7. Click Add.

Access Cisco Catalyst SD-WAN Manager

Cisco SD-WAN Manager provides options for configuring, managing, and monitoring a fabric. Any user with a user role that has been added to the Cisco Catalyst SD-WAN Portal can access Cisco SD-WAN Manager.

  1. Log in to the Cisco Catalyst SD-WAN Portal.

    This login provides single sign-on authentication for the Cisco Catalyst SD-WAN Portal and Cisco SD-WAN Manager.

  2. Click Manage Fabric on the card of the fabric you want to access.

  3. Using your credentials, log in to Cisco SD-WAN Manager.

To exit the Cisco Catalyst SD-WAN Center and return to the Cisco Catalyst SD-WAN Portal, choose SD-WAN Portal from the Cisco SD-WAN Manager menu.

Access Cisco Catalyst SD-WAN Analytics for a Fabric

Cisco SD-WAN Analytics provides information about device behavior, traffic, and related activities in your fabric.

  1. Log in to the Cisco Catalyst SD-WAN Portal as a user with the Admin role for the fabric and navigate to the Cisco Catalyst SD-WAN for that fabric.

  2. From the Cisco Catalyst SD-WAN menu, choose Analytics > Overview.

For more information, see Cisco Catalyst SD-WAN Analytics.

Migrating Cisco Hosted Cisco Catalyst SD-WAN to Cloud-delivered Cisco Catalyst SD-WAN

Overview

If you are using Cisco hosted Cisco Catalyst SD-WAN with a dedicated fabric and fewer than 800 devices, we recommend that you migrate to cloud-delivered Cisco Catalyst SD-WAN to simplify your operations, reduce your daily networking management tasks, and bring your fabric into compliance with the Cisco Catalyst SD-WAN controller policy.

If you choose not to migrate, you need to purchase controllers for a dedicated Cisco Catalyst SD-WAN fabric.

Migration Process

If you are entitled to migrate from Cisco hosted Cisco Catalyst SD-WAN to cloud-delivered Cisco Catalyst SD-WAN, we’ll contact you. We’ll let you know that you are entitled to the migration, and we’ll request the information that we need from you for the migration process.

Alternatively, you can open a case with the Cisco Technical Assistance Center (TAC) and request that the Cisco Cloud Operations team perform a migration.

After you provide the information that is required for a migration, we’ll contact you within 48 hours to schedule a maintenance window during which to perform the migration. This migration can take up to approximately 6 hours, depending on the number of devices in your fabric.

The Cisco Cloud Operations team performs the migration remotely. If any issues prevent a successful migration, we’ll resolve the issues and contact you as needed.

A migration has a minimal effect on the data plane because the control connection is automatically reestablished after the migration completes.

What to Expect From the Migration

  • Enterprise certificates are not supported in cloud-delivered Cisco Catalyst SD-WAN.

  • Custom subnets are not supported in cloud-delivered Cisco Catalyst SD-WAN. Custom subnets that were configured in your Cisco hosted Cisco Catalyst SD-WAN for a dedicated fabric are removed during the migration.

  • A new URL is generated for accessing Cisco Catalyst SD-WAN Manager. You can access this URL from the Cisco Catalyst SD-WAN Portal. Your old URL for accessing Cisco Catalyst SD-WAN Manager is not retained.

  • Proxy settings from your Cisco hosted Cisco Catalyst SD-WAN for a dedicated fabric are disabled.

  • Statistics data from your Cisco hosted Cisco Catalyst SD-WAN for a dedicated fabric are not retained.

  • Analytics data from your Cisco hosted Cisco Catalyst SD-WAN for a dedicated fabric data is not retained.

  • Identity provider information Cisco hosted Cisco Catalyst SD-WAN for a DEDICATED fabric is not retained.

  • Configuring your own identity provider information is not supported in cloud-delivered Cisco Catalyst SD-WAN.

  • No inbound rules setting is required in cloud-delivered Cisco Catalyst SD-WAN.

Migration Prerequisites

Before we perform your migration from Cisco hosted Cisco Catalyst SD-WAN to cloud-delivered Cisco Catalyst SD-WAN:

  • Ensure that you have valid cloud-delivered Cisco Catalyst SD-WAN licenses in the Cisco Smart Account and Virtual Account for your current dedicated fabric.

    For information about obtaining these licenses, contact your Cisco representative.

  • Upgrade your Cisco hosted Cisco Catalyst SD-WAN fabric to match the current cloud-delivered Cisco Catalyst SD-WAN version. We’ll let you know what this version is.

    For upgrade instructions,, see Upgrade SD-WAN Controllers with the Use of vManage GUI or CLI.

  • When requested, provide us with the netadmin credentials for your existing Cisco hosted Cisco Catalyst SD-WAN fabric.

  • Optionally, delete all Cisco Catalyst 8000 Edge Platforms that you are using as cloud gateways for TACACS. Cloud-delivered Cisco Catalyst SD-WAN currently does not support cloud gateways for TACACS. If you do not delete these platforms, they exist after the migration but are not functional.

Post Migration

After the migration completes, your old Cisco hosted Cisco Catalyst SD-WANfabric is no longer operational. You can access your new cloud-delivered Cisco Catalyst SD-WAN fabric using the Cisco Catalyst SD-WAN Portal. For more information, see Cisco Catalyst SD-WAN Portal Configuration Guide.