on 10-21-2022 04:57 AM - edited on 03-30-2023 02:38 PM by Tyler Langston
Cisco SD-WAN Version 20.6.3 offers major usability benefits across all use cases. There are enhancement to SD-WAN Infrastructures, SDCI and SD-WAN Security, with innovation and Improvement around Cloud Networking, Operational Efficiency and Application Experiences.
We have put together the table below to give you a quick look at some of the key features in this release.
Feel free to ask any questions about upgrading your Cisco SD-WAN software using the "comment" section below the post.
If you want to stay up to date with our Software Compliance and key feature articles make sure to subscribe to the label 'Software Upgrades'!
Infra & Services
Feature | Description | Pre |
AAR and Data-policy Enhancements •Application-Level Gateway support for NAT and Firewall •Multi-Region Fabric Enhancements |
•In this release, you have the option to configure preferred Color Group list defining primary, secondary and tertiary preference. • 20.9/17.9 now supports NAT ALG for specific protocol such as Domain Name System (DNS), FTP, and Session Initiation Protocol (SIP) which inter-operates with Zone-Based Firewall if it is enabled. •You have significant operational simplification by migrating SD-WAN networks to the MRF architecture, which delivers increased network resiliency since MRF reacts to dynamic network state and can adjust the routing state accordingly. |
•Previously, there was no way to prioritize the set of colors as per requirement in order to avoid hashing on all available links. •Prior to 20.9/17.9, SD-WAN didn’t support NAT Application-Level Gateway, which prevents the application traffic from getting imposed to firewall actions necessary to offer granular security control over them. •Previous deployments concept of a region is achieved indirectly using complex control policies and BGP in core network. |
Operational and Security
Feature | Description | Pre |
•Network Wide Path Insights (NWPI) | •NWPI phase 3 in 20.9/17.9 is further enhanced with the insight summary, which includes Path insight overview, Application Performance Insight, Event Insight and QoS Insight. Flow level Path insights provide details on path selected and what features/policies have determined that routing decision. | •The earlier version didn't have the Insight summary feature, which limits you to have a complete granular visibility on your network and applications. |
•Identity-based Firewall •Enhanced SIG Tunnel Monitoring, ZScaler |
•20.9/17.9 introduces the capability to match user identity and apply zone-based firewall policy based on identities. vManage and vSmart controllers in this case integrate with ISE/PXGRID, which is further integrated with Active Directory. •Now we have enhanced Monitoring and Visibility for SIG tunnels, which includes State of the SIG tunnel and Security Events. |
•Previously, SD-WAN-embedded security stack is not aware of the users’ identities and therefore cannot apply security policies based on identities. •Previously, there is no support for SIG Tunnel monitoring on vManage Security dashboard regarding the status of tunnel (“Up/Down/Degraded”) and details about the Events which has caused the tunnel failure. |
Cloud & vManage
Feature | Description | Pre |
•CoR Multicloud: SDCI connectivity to Cloud Gateway •Microsoft Informed Routing |
•With 20.9/17.9 version, you can extend the SD-WAN fabric from the Interconnect gateway in SDCI into the Public Cloud Service Providers which also provides an enhanced layer of security, Multi-path and Multi-segment support. •Now you have enhanced Path Analytics dashboard integrated into M365 App 360 as part of vAnalytics, which includes telemetry metrics like CoR SaaS, Network probes, and Microsoft Telemetry probes. |
•Previously there was limited End-to-end encryption from branch to SDCI to Cloud. •Previously, there was lack of visibility on vAnalytics of selected path and associated telemetry metrics in Microsoft Informed Routing. |
•UX2.0 Customizable Dashboard | •You can now customize the Monitoring Overview Dashboard to allow users to select and sort Dashlets of interest and this customization is retrieved every time the user logs back in to vManage, to build the dashboard. | •Previously, the Monitoring Overview Dashboard is not customizable and sort them as required for viewing. |
Reference:
I don't use the application at the moment, but it is excellent information.
I hope there will be an interactive guide for the newbies on Cisco SDWAN.
The future of networking, until a new future comes along
thank you very much for the information, excellent contribution.
Stability / reliability in sd-wan software releases is key for us .... we're currently suffering from a memory leak which is forcing us to having to upgrade our whole environment (worldwide) again.
are ther any voice/collaboration subject planned for similar coverage?
Our organization may implement SD-WAN in the future, so it’s good to learn of how it’s features are evolving. Thanks.
Thanks for the share !
Great that Equinix is now supported along with Azure. Everything is moving to the cloud now.
I am interested in this technology. Hoping to have a hands on experience on deploying this product.
There are enhancement to SD-WAN Infrastructures, SDCI and SD-WAN Security, with innovation and Improvement. Thanks for sharing information
We are exploring the SD WAN and hopefully will implement anytime soon.
Thank you, great information..
Really nice features; still waiting on a working proxy feature for vManage though.
Excelente experiencia trabajando con SDWAN; hemos mejorado la experiencia de los usuarios finales de las aplicaciones e hemos incrementado brechas de seguridad.
Gran aporte se agradece
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: