4 DTraining Presentation Partner
4 DTraining Presentation Partner
• Closing
Training Structure
One to Many/One-on-One Workshops
Consistency
Metrics that Matter – Pipeline and Revenue Impact
• Trends, Challenges, Benefits, Capabilities
• High Level Design Considerations
• Cisco SD-WAN Solution/Architecture Overview
• Demonstration of Capability
• Cisco vManage
• Cisco vAnalytics
• Cisco vEdge Cloud
• Cisco CloudExpress
• Complete Communications
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Digital Transformation
Requires Network Evolution
Centralized Enterprise and Web Apps Distributed SaaS, Mobile, & M2M Apps
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Digital Readiness Model
Framework for DNA
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Digital Business Drivers
Requirement for Dynamic Policy Changes
REDUCED COST
Principles & COMPLEXITY
Automation
& Assurance
LOWER RISK
Security &
Compliance
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Opportunities for Additional Learning
Other Software Defined DNA Solutions
• Software Defined Access 4D On-Demand SE Foundational Training
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
4D Engagement
Training in Context
Teaching and Learning
A Slightly Different Approach
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Leveraging
4D Technical the Foundation
Engagement
Strategy Driven No Limits, No Fear, No Rules Execution
Assess
Technical Capabilities
Defend Our
Discovery
Position
Questions
Cisco
High Level Partner Advanced
Design Services
Present
Demo Solution
1 Tip
Do you understand your customer’s What to do
challenges and the benefits they are • Ask the customer what challenges they are attempting to address and what a) If the Account Manager has already obtained this information
benefits they are hoping to realize as part of a next generation refresh then treat this a more of a validation and verification exercise by
attempting to realize? starting with comments such as, “It is my understanding that…”
• Share some unique insights regarding how other customers are addressing
b) Sharing insights is not about selling or positioning our solutions at
similar issues, their overall approach and why this matters to the business this stage of the engagement, but rather about building credibility
and consensus
2
Are you gathering enough information What to do
about the current state environment • Ask the customer to provide network drawings or to white board the Tip
and future initiatives to effectively environment for you a) Review diagram details with the customer to ensure that you have a
conduct a design session follow-up? solid understanding
• Focus on the following categories:
b) Coach the customer to be more design oriented by asking what
Layout
design priorities influenced decisions that resulted in the current
Services Centralization
state design
Application Footprint
c) Understanding the application environment as well as current and
Hardware and Software Configuration
3 Scalability and Provisioning
d)
future traffic patterns is critical
Leverage the 4D WAN Discovery Pool of Questions
Are you taking a cross architectural What to do
approach in your discovery with the • Expand your line of questioning to promote cross architectural discovery Tip
customer? • Highlight interdependencies between solution decisions associated with different a) Centralized WLAN Controller deployments leveraging remote site
CAPWAP AP termination prevent application visibility for traffic
places in the network that essentially come together to provide a complete end- traversing the WAN
to-end best practices design b) Certain application optimization engines create tunnels that
interfere with intelligent path control capabilities and asymmetric
4
route handling
1 Tip
Are you leveraging documentation What to do
and information gathered during the • Leverage discovery documentation to introduce key capabilities needed to a) If the Account Manager has already obtained this information
address challenges and to ensure the realization of benefits then treat this a more of a validation and verification exercise by
discovery phase of your starting with comments such as, “It is my understanding that…”
engagement? • Do a compare and contrast of current state vs. future state design and
b) Sharing insights is not about selling or positioning our solutions at
capabilities by leveraging customer provided infrastructure documentation this stage of the engagement, but rather about building credibility
and consensus
2
Are you mapping Cisco innovation to What to do
desired capability requirements in a • List the challenges, benefits and associated capabilities to keep the customer Tip
way that solves customer relevant focused a) Review diagram details with the customer to ensure that you have a
problems and that delivers on solid understanding
• Make sure that any product, feature and innovation maps back to documented
b) Coach the customer to be more design oriented by asking what
customer desired benefits? capability requirements design priorities influenced decisions that resulted in the current
• Identify which capabilities require demonstration state design
• Check off capability requirements upon establishing consensus c) Understanding the application environment as well as current and
3 d)
future traffic patterns is critical
Leverage the 4D WAN Discovery Pool of Questions
Are you referencing PPDIOO, Top What to do
Down Network Design and Plan • Share these frameworks with the customer upfront to ensure there is consensus Tip
Build Manage models to effectively around proven design methodologies a) Top Down Network Design is regarded as the most neutral and
facilitate the design session? straight forward framework
• Hold off on the product conversation until capability requirements and logical
b) Customers may want to push you to discuss product early on in the
design considerations have been documented and agreed to conversation, so be ready to challenge by pointing back to the
• Prepare to address brownfield migration considerations model
4
c) The most common objections are related to uncertainty in terms of
migration approach
Will you be in position to provide a What to do
blueprint, reference architecture, • Co-develop a reference architecture and HLD with your customer Tip
journey map, high level design (HLD) • Document a high level journey map a) Make sure that you are documenting thing in the customer’s words
and/or any other relevant artifact(s) in b) Complete Communications offers a no cost/no obligation service to
• Leverage companies like Complete Communications to build the financial case
help the customer build a financial case leveraging advanced tools
the weeks following the design
session?
4D SE Demo
Showcasing of solution capability to make IT real: Takeaway
-
-
Avoid canned demos that don’t map back to customer relevant desired next generation capability requirements
Must reinforce information shared during the discovery and design phases
Reference
- This step should lead to providing an opportunity for the customer staff to get a hands on experience
1
Are your demos tailored to reinforce What to do
Tip
information shared during the • Paint the vision for the specific customer you are working with
• Make a point to highlight how what is being showcased addresses customer a) Document all customer requirements on a virtual or physical
discovery and design phases? whiteboard as a point of reference
challenges and empowers the company to realize desired benefits b) Check off each priority item after demonstration of capability
realization while validating and verifying that there is group
2
consensus
3 have personally gotten their hands dirty with the technology and
innovation
Are your demos about more than What to do
products and solution innovation? • Challenge yourself to use phrases such as you and your rather than customers Tip
and their a) Be on the look out for making general references regarding solution
benefits while conducting the demonstration
• Ensure that what you are demoing supports the customer requirements and
b) Never demo independent of discovery and design
design considerations
4
Are you providing unique and What to do
relevant insights into overall design • Demonstrate how not considering the end-to-end infrastructure could result in Tip
considerations to promote cross unexpected expenses, unplanned down time and unforeseen complications a) Look for opportunities to show how a decision in one area in the
architectural benefits when demoing network impacts another (AO, WLAN and End-to-End Security can
• Highlight opportunities that although not currently within scope would result in
impact the ability to meet desired expectations)
relevant Cisco innovation? lower operational costs and complexity b) Demonstrate opportunities for consolidation (WAN/Voice,
WAN/Compute, Management)
4D SE Defend
Defend your position by engaging with relevancy, leading the agenda and jointly developing artifacts with your customer: Takeaway
-
-
Achieved as a result of executing on a proven engagement model
Results in leading to vs. leading with while documenting customer priorities and co-developing artifacts
Reference
- Must know the competitors and their tactics
1
Are you discussing the overall What to do
Tip
journey in terms of end-to-end • Identify relevant opportunities to discuss how routing, switching, wireless, voice,
a) When discussing cross architectural considerations continue to
network transformation? advanced threat protection and other solutions come together to deliver
highlight capabilities and not specific innovation
differentiated value b) Selecting different vendor solutions to address project based
• Highlight interoperability issues associated with nonintegrated solutions and the initiatives typically leads to unforeseen complications and Band-
2
importance of validated designs Aids
3
Have you provided your customer with What to do
the opportunity for a proof of value or • Leverage dCloud capabilities to share the solution environment with your Tip
proof of concept experience? customer for a test self drive a) Learn how to use dCloud to save and share custom configurations
on-demand
• Leverage programs such as SeedIT to get discounted hardware in the hands of
b) Make sure that you are working closely with a partner to position
your customer for a ‘Bring Your Own Branch’ experience the appropriate professional services offerings where appropriate
4
Have you identified competitive What to do
threats and determined an • Research information contained within the competitive portal: Tip
appropriate strategy to defend https://competitive.cisco.com a) Look for opportunities to show how a decision in one area in the
against them? network impacts another (AO, WLAN and End-to-End Security can
• Focus on WAN Disruptors competitive content:
impact the ability to meet desired expectations)
http://wanweapons.cisco.com/blog/category/disruptors/ b) Demonstrate opportunities for consolidation (WAN/Voice,
• Focus on risks associated with unproven solution offerings WAN/Compute, Management)
Trends, Challenges, Benefits,
Key Capabilities
Module Objectives
Foundational Enablement
• Explain how current business and IT trends are having an impact on the evolution of
WAN design
• Describe the most common IT related WAN challenges
• Highlight the common desired benefits that are driving customers to redesign the WAN
• Set the agenda by sharing unique insights around the key technical capabilities that
must be taken into consideration to avoid unforeseen cost, complication and downtime
• Map general technical capability requirements to the desired business benefits of
Reduced Cost & Complexity and Lower Risk
• Explain the most typical and recommended SD-WAN migration approach
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Network as a Platform for
Reducing Cost and Complexity While Lowering Risk
DNA Network
Transformation
for WAN
Uncompromised &
Secure Experience
Over Any
Connection
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Common Business & IT Trends
Evolving WAN Situation
App Content
Applications are moving to the Cloud (private and public)
Rich, Dynamic, Web-Based
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Common IT Challenges
WAN Challenges
Pressure on the WAN
Cost optimization
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Common Desired Benefits
Designing and Deploying for Impact
Augment or replace premium WAN bandwidth
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Traditional and Legacy Architectures
Cannot Scale to Address Changing Needs
EXPENSIVE
Hardware-centric
Fixed capacity
CONNECTIVITY-CENTRIC INFLEXIBLE
Fragmented, incomplete user experience Tightly controlled,
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
client server model
Not application-centric Historical vs predictive management
SD-WAN Enterprise Grade Capabilities
Reducing Cost and Complexity for Agile IT
Separation of management, Redundant management Zero-touch provisioning in
control, data for scaling —cloud or on premises minutes, not days
Cloud Cloud
Applications Data Center All Links
Latency Failure
Static
Topologies
Internet MPLS
Corporate
CPE Device
Data Center Failure
4G/LTE
Small Office
Home Office
Campus Branch
Cloud
Data Center
Data Data
Center Center
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Advanced Requirements
Differentiated Capabilities
Cloud
Data Center Edge
VPN 1
IPSec VPN
VPN 3 2
Tunnel
VPN 3
Internet MPLS
Corporate
Data Center
4G/LTE
END-TO-END SEGMENTATION
Small Office
Home Office
UBIQUITOUS DATA PLANE
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Service Based Traffic Engineering
Service Insertion and Bandwidth Preservation
Site A Virtual Fabric Data Center
Allow UDP/5001
Deny UDP/5002
UDP/5001
UDP/5001
UDP/5002
UDP/5002 MPLS
• Wasted
Bandwidth
Allow UDP/5001
• Firewall service is inserted into the overlay
topology
Regional DC
Deny UDP/5002
Internet
Remote Site ISP-RT
WAN New
MSP-RT
MPLS
Existing Existing
Data Center
New
Roadmap to Success
• Understand existing application traffic • Leverage overlay through existing • Segment traffic • Select test application as candidate for
equipment at data center for transport intelligent traffic engineering
• Determine existing QoS policy • Deploy application aware topologies
agnostic redesign • Test blackout and brownout failover
• Evaluate impact of proposed changes • Optimize routing, security, QoS, multicast,
• Replace remote site equipment or leverage scenarios
services
© 2016 insertion
Cisco and/or and survivability
its affiliates. All rights reserved. Cisco Confidential 30
overlay
Key Foundation Takeaways
Summary
• The combination of app content, app delivery and app consumption is resulting in an
evolving WAN situation
• Challenges such as poor application experiences, increased WAN services spend and a
lack of visibility and control are making it difficult for IT to provide the business with a
platform to support faster innovation
• Most IT organizations are interested in realizing a common set of benefits such as
consistent high quality user experiences, reduced cost, simplified operations and lower
risk
• The journey to the next generation software defined WAN requires considering various
technical capabilities such as transport independence, ubiquitous data plane,
automatically secure routed endpoints, resiliency, application aware routing, cloud
readiness, simple secure network segmentation, centralized policy enforcement and
layer 4-7 flexible services insertion
• Migrating to a software defined WAN does not need to be difficult as long as one follows
the roadmap to success © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
Customer Discovery, Use
Cases, Buying Triggers and
Insight Sharing
Module Objectives
Foundational Enablement
• Ask relevant discovery questions and review potential responses to understand what
the primary motivations or challenges are that we are trying to satisfy and how these
might potentially lead to a Cisco SD-WAN solution offering at a later point during the
engagement lifecycle
• Identify challenges and opportunities present in current customer designs and
deployments
• Identify ways to set the agenda by sharing specific SD-WAN relevant customer use
cases without highlighting Cisco SD-WAN innovation, while leading to capabilities
offered by Cisco SD-WAN
• Consider customer audience and identify buying and solution relevancy triggers
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
4D Framework Takeaway
Reference
Discovery – Business Focus ak t hro u
gh
Bre 4D
Q. Do you consider security to be a strategic corporate objective?
A. Absolutely, we are very serious about security and compliance
Q. Do you have specific compliance or regulatory mandates related to data protection?
A. Yes.
Q. Are increased cost and complexity associated with implementing solutions focused on lowering risk preventing you from taking
advantage of trends such as IoT/IoE or Cloud that could potentially help you to innovate faster?
A. Perhaps. We absolutely want to provide differentiated customer and workforce experiences and do recognize the benefits
associated with capitalizing on these trends, but haven’t quite figured out how to do that. Security is obviously one of the major
concerns.
Q. Fast IT is a hot topic. Do you believe that your IT organization is agile enough and fast enough in terms of addressing your
business needs?
A. I understand the network is complex and IT may require additional tools and resources to get the job done.
We have considered moving some things to the cloud and outsourcing certain aspects of IT.
Q. Have you experienced any outages as a result of IT human error that impacted your business negatively?
A. Yes. There have been cases where human error caused us to be down and this resulted in a loss of revenue. We have a firm policy
with IT on change windows.
Q. What keeps you up at night and how can IT help?
A. Staying ahead of the competition while providing differentiated and unprecedented value to our stakeholders. We are looking at IT
to leverage analytics to help us gain insights into trends and behaviors. We must provide a differentiated experience at every
touchpoint. Simplifying overall internal and external operations is key and perhaps IT can find ways to leverage automation to make a
greater impact in this area. Customer privacy is critical and we rely on IT to ensure that we stay out of the news.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
4D Framework Takeaway
Reference
Discovery – Technical Focus ak t hro u
gh
Bre 4D
Q. Have you categorized locations by function, user communities or size?
A. No
Q. What is the average size of each site in terms of number of devices or users?
A. 200
Q. What SP WAN offerings do you have in place?
A. AT&T and Sprint
Q. Do you own and manage the edge hardware or was this included as part of the service provider offering?
A. Domestic – Leased/International – Owned
Q. If leveraging MPLS does your service provider offering support QoS and Multicast?
A. Yes, QoS
Q. What is the average bandwidth provisioned at each site?
A. 5Mbps
Q. If leveraging routers and not switches to terminate the WAN, are the majority of your handoffs from the provider Ethernet, T1
or multilinked bundled T1s?
A. Ethernet / Fiber
Q. When do your WAN contracts terminate?
A. 2016 first quarter
Q. Have you looked into enhanced service offering through the same provider or different providers at a similar or lower cost?
A. Yes
Q. Do you have distributed or centralized infrastructure?
A. 70/30 Centralized/Distributed. Most of our work is based in a© 2016
custom application
Cisco and/or hosted
its affiliates. All rights at our
reserved. Cisco data center.
Confidential 36 While file and
print services, RDP and authentication is done at each site
4D Framework Takeaway
Reference
Discovery – Technical Focus Continued ak t hro u
gh
A. Yes
4D Framework Takeaway
Reference
Discovery – Technical Focus Continued ak t hro u
gh
Bre 4D
Q. How much does downtime for critical sites cost your organization?
A. $1,000 to $20,000 per hour depending on size of site
Q. How frequently do you experience downtime and what is the primary cause?
A. Very infrequent 1-2 times per month. MPLS routing issues or network ‘blip/bounce’
Q. What applications must stay up no matter what?
A. Email, custom application (ABC)
Q. What types of applications are being leveraged out at your remote locations?
A. Email, custom application (ABC), RDP, HTTP
Q. Have you experienced any complaints with respect to application performance at your remote sites?
A. Yes
Q. Are you considering cloud based productivity applications?
A. Yes, Office 365
Q. Do you have any initiatives around VDI?
A. No
Q. What types of devices are at the edge of your network terminating the WAN?
A. Cisco routers, various models
Q. Does the provisioned bandwidth meet your current and future needs?
A. No
Q. Are your remote location users complaining about performance?
A. Yes
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
4D Framework Takeaway
Reference
Discovery – Technical Focus Continued ak t hro u
gh
Bre 4D
Q. Have you configured QoS on edge devices?
A. Yes
Q. Are you leveraging any type of WAN Optimization technologies to optimize application performance?
A. No
Q. Have you extended your WAN by deploying routers at employee sites leveraging VPN? What is your teleworker strategy?
A. No. They connect using a VPN client on their workstations
Q. How frequently are you adding new locations?
A. 10 locations a year
Q. How long does it take to provision the WAN and internal network for a remote site?
A. One to two months
Q. What is the process to get a remote site up and running?
A. C-level approval, requesting through provider, then depending on physical location, provider may need to contact local
carrier to negotiate link, cost and install times
Q. Do you currently segment any traffic within the remote site that would also benefit from being segmented across the WAN
to address security and compliance considerations?
A. Yes, Point of Sale equipment
Q. Would you benefit from being able to seamlessly advertise layer 4-7 services such as Internet Connectivity out of any
location to reduce overhead on your Data Center WAN circuit?
A. Perhaps, but security is a major concern.
Q. Do you have disparate transport connectivity terminating to multiple regional PoPs worldwide?
A. No. We have AT&T and Sprint in most locations. There are a© 2016
fewCisco
locations where
and/or its affiliates. All rights services
reserved. Cisco were
Confidentialunavailable
39 so we use
Internet VPN.
4D Framework
Customer Current Design Plan ak t hro u
gh
Bre 4D
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Vertical Use Case Considerations
At-A-Glance
All Verticals
Healthcare
• Migrate to cloud-based healthcare (EMR/EHR) applications
• Ensure 100% network uptime of patient and administrative services
• Transition to Hybrid WAN for Active/Active utilization and application based path selection
• Achieve zero-touch IT capability while migrating the clinic footprint to the cloud
• Rapidly enable services like guest WiFi, and cloud-based VoIP and medicinal dispensing
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
Vertical Use Case Considerations
Manufacturing and Banking
Manufacturing
• Introduce End-to-End Segmentation to address compartmentalized LOBs and dozens of
isolated segments
• Secure controlled business partner access through the extranet
Banking
• Provision more bandwidth at a lower cost resulting from a diverse pool of active-active
capacity
• Define application policies for optimal quality of experience and application aware routing
to enabled in branch services such as Digital Signage, and Virtual Expert HD Video
• Rollout application aware topologies leveraging a zero-compromise secure fabric and
ubiquitous encryption to address differences between ATM machine communications and
branch-to-branch VoIP or Video
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
Customer Requirements
Buying and Solution Relevancy Triggers
I want to Centralized
Policy Enforcement and
Assurance to Accelerate Time to Resolution to
Network Operations Address Problems on the network Dynamically
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
Insight Sharing Tip 1 Takeaway
Reference
Key Differences in Consumption Models
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Insight Sharing Tip 2 Takeaway
Reference
Cloud Solution Key Considerations
Not all Cloud Delivered solutions are equal
Key Considerations:
• Security
• Communication
• Access
• Traffic Flows
• Is my PII data going to the cloud?
• Does this solution break compliance?
• Controller Unavailability
• Recovery
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Insight Sharing Tip 3 Takeaway
Reference
Day 0 – 2 Operational Considerations
Day-0 Day-1 Day-2
• Planning • Secure & Zero-touch • User & Application
• Staging & Zero-Trust Activations Visibility
• Pre-Provisioning • Deployment Scale • Centralized Monitoring
• Automation • Policy Compliance • Software Upgrades
• Self-healing
• Troubleshooting
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
SD-WAN
Business Case
• Substitute lower cost links or devices for higher cost
•
Cost •
Lower cost of management, troubleshooting
Leverage Complete Communications for financial analysis
• Bandwidth
• Security and Compliance
10X More Bandwidth
• Change Control • No capacity restraints
• No Choke points
• Instantly add bandwidth anytime, anywhere based on
application requirements
5X Cloud Performance
• Cloud Aware architectures and SLA-based traffic
steering deliver blazing performance for applications
like O365, AWS, SFDC, and more
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
Complete Communications Discovery
Partner to Develop the Financial Case
Current MPLS Spend vs. Dual Internet ($ per Month)
$62,065
$39,910 Savings/Month
x 12 Months
-64% = $479K Savings per Year
$22,155
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
High Level
Design Considerations
Module Objectives
Foundational Enablement
• Review traditional WAN topologies and their constraints
• Explain the advantages and disadvantages of traditional WAN designs
• Highlight various WAN capabilities that introduce increased complexity
• Describe the 4 design and deploy for impact focus areas for reinventing the WAN and
delivering a next generation business driven WAN infrastructure
• Describe the 4 primary technical pillars and sample capabilities that align to the 4 focus
areas for reinventing the WAN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
Common WAN Topologies
Design and Deployment Considerations
Design Challenges with Growing Needs and New Innovation
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
Common WAN Topologies
Growing Complexity - Scale, Policy, Segmentation
Complexity Grows with Scale and Changing Business Requirements
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
Network Transformation
The Era of Digital Transformation
Hardware Centric Software Driven
Manual Automated
Closed Programmable
Reactive Predictive
CLOUD & ON-PREM AUTOMATION & SCALE SECURITY & COMPLIANCE ASSURANCE & ANALYTICS
Hosted, delivered, managed Speed, flexible, zero-touch, Segmentation, Users, applications, devices
policy driven threat mitigation
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
Business Driven WAN Infrastructure
Design and Deploy for Impact Objectives
Analytics
Application Traffic Per-Segment Secure Cloud Path Cloud Accel Transport
SLA Engineering Topologies Perimeter (IaaS) (SaaS) Hub
APPLICATION POLICIES
Monitoring
Routing Security Segmentation QoS Multicast Svc Insertion Survivability
TRANSPORT© 2016
INDEPENDENT FABRIC
Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58
Reinventing the WAN
The 4 Focus Areas
• Secure Elastic Connectivity
• Cloud First
Secure Application
• Application Quality of Experience Elastic Applications
QoE
Connectivity Services
• Agile Operations
Cloud Agile
Connectivity Operations
First Operations
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59
Reinventing the WAN
The 4 Supporting Technical Pillars
• Security
• Connectivity
• Application services
Security Applications
Application
• Operations Services
Connectivity
Connectivity Operations
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
Reinventing the WAN
Security
Embedded Security Secure Bring-up
Security Applications
Application
Centralized Device
Services Scalable Data-Plane
Encryption
Auth-DB
Connectivity
Connectivity Operations
Authenticated/Encrypted
Control Plane
Automatic Key Rollover
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61
Reinventing the WAN
Connectivity
Provider/Transport
Hybrid WAN Agnostic
LTE
LTE
INTERNET
INTERNET
MPLS
MPLS
Security Applications
Application
Services
Dynamic Per-VPN
Segmentation/VPNs
Connectivity
Connectivity Operations Topologies
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62
Reinventing the WAN
Application Services
Deep Packet Inspection Central Orchestration
MPLS
Connectivity
Connectivity Operations Cloud Services
Application-Aware Integration
Routing
SEN Overlay
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 63
Reinventing the WAN
Operations
Centralized Operations Centralized
Distributed Execution Policy Orchestration
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64
Key Foundation Takeaways
Summary
• Recognize traditional WAN topologies and their constraints
• Explain the advantages and disadvantages of traditional WAN designs
• Highlight various WAN capabilities that introduce increased complexity
• Describe the 4 design and deploy for impact focus areas for reinventing the WAN and
delivering a next generation business driven WAN infrastructure
• Describe the 4 primary technical pillars and sample capabilities that align to the 4 focus
areas for reinventing the WAN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 65
Cisco SD-WAN
Solution and Architecture Overview
Module Objectives
Foundational Enablement
• Explain and whiteboard the fundamental components that make up the Cisco SD-WAN
solution
• Explain and whiteboard the role associated with each Cisco SD-WAN component
including the devices that make up the secure extensible network fabric
• Explain the roles of various types of policies
• Explain and whiteboard basic example of fabric operation
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 68
Cisco SD-WAN
Platform for Digital Transformation
Cloud Delivered Analytics Automation Virtualization
USERS
Cloud IoT
SDWAN
OnRamp
.… Edge Computing
DC
DEVICES
Cisco SD-WAN IaaS
APPLICATIONS
Fabric
SaaS
THINGS
SECURE SCALE OPEN vDC
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 69
Cisco SD-WAN Architecture
The Power of Abstraction
vManage
vBond
Control Plane
Orchestration Plane vSmart Controllers
MPLS 4G
INET
vEdge Routers
Data Plane
Cloud Data Center Campus Branch SOHO
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 70
Cisco SD-WAN Solution Elements
Orchestration Plane
Orchestration Plane
vManage
Cisco vBond
APIs
• Orchestrates connectivity
3rd Party
vAnalytics between management, control
Automation
and data plane
vBond • First point of authentication
• Requires public IP Address
vSmart Controllers
• Facilitates NAT traversal
• All other components need to
MPLS 4G
know the vBond IP or DNS
INET information
vEdge Routers
• Authorizes all control
connections (white-list model)
• Distributes list of vSmarts to
Cloud Data Center Campus Branch SOHO all vEdges
•
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 71
Cisco SD-WAN Solution Elements
Management Plane
Management Plane
vManage
Cisco vManage
APIs
• Single pane of glass for Day0,
3 Party
rd
Day1 and Day2 operations
vAnalytics
Automation
• Real time alerting
vBond • Centralized provisioning
• Configuration standardization
vSmart Controllers • Simplicity of deploying
• Simplicity of change
MPLS 4G • Supports
• REST API
INET
vEdge Routers • CLI
• Syslog
• SNMP
• NETCONF
Cloud Data Center Campus Branch SOHO
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 72
Cisco SD-WAN Solution Elements
Control Plane
Control Plane
vManage
Cisco vSmart
APIs
• Centralized brain of the solution
3rd Party
vAnalytics • Facilitates fabric discovery
Automation
• Establishes OMP peering with all
vBond vEdges
• Implements control plane policies,
vSmart Controllers
such as service chaining, traffic
engineering and per VPN topology
MPLS 4G • Dramatically reduces complexity of
INET the entire network
vEdge Routers • Distributes connectivity information
between vEdge
• Orchestrates secure data plane
Cloud Data Center Campus Branch SOHO
connectivity between vEdges
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 73
Cisco SD-WAN Solution Elements
Data Plane Data Plane
Physical/Virtual
VS
vEdge vEdge
Note: vEdge routers need no control connections amongst them © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 75
Fabric Operation
Fabric Walk-Through
OMP Update:
vSmart Reachability – IP Subnets, TLOCs
OMP
Security – Encryption Keys
DTLS/TLS Tunnel
Policy – Data/App-route Policies
IPSec Tunnel
OMP OMP
BFD Update Update
Policies
OMP OMP
Update Update
vEdge vEdge
Transport1
TLOCs TLOCs
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Subnets Subnets
76
Policy Driven WAN Infrastructure
Policy Augmented Dynamic Routing
1 vManage GUI – Policy Orchestration
3
vEdge
WAN Execute AAR and Data Policy as received
router Dynamic Routing and Policies Combine to
dictate behavior
Access Layer
Branch/DC
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 77
Operations
Simplicity and Visibility
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 78
Key Foundation Takeaways
Summary
• Power of abstraction provides network agility
• Automated provisioning accelerates time to market and reduces costs
• Automatic and adaptive configuration preserves a consistent application
experience
• Insight into application health
• Simplified operations
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 79
Cisco SD-WAN Capabilities
Reinventing WAN Security
Module Objectives
Foundational Enablement
• Explain and whiteboard the zero-trust philosophy of the Cisco SD-WAN fabric
• Explain and whiteboard the principles behind securing application traffic leveraging
strong encryption and segmentation
• Explain and whiteboard how Cisco SD-WAN fabric expands security through integration
with L4-L7 network services
• Explain and whiteboard options for Cloud Security
• Explain and whiteboard the self-defending nature of the embedded Cisco SD-WAN
fabric security
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 82
vEdge Router
Identity and Trust
Embedded Device Identity Dynamic Device Identity
TMP
Chip
Identity
Cert
Identity
Cert
vEdge Controller Trust © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
vEdge Cloud Controller
83
Trust
Controllers
Identity and Trust
Remote Controller Trust Local Controller Identity
vManage
vBond vSmart
vEdge
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 85
DDoS Infrastructure Protection
vEdge Routers
vBond
Authenticated
TLS
Sources / DT
LS
(Control)
vSmart vManage
Authenticated CPU
Sources SD-WAN IPSec
(Data) Control Plane Policing:
vEdge 300pps per flow
5,000pps
/ GRE
IPSec Packet
Explicitly Forwarding
Defined
Sources
Cloud Security
Any Deny except:
1. Return packets matching flow entry (DIA enabled)
Unknown 2. DHCP, DNS, ICMP
Sources
* Can manually enable: SSH, NETCONF, NTP, OSPF, BGP, STUN
Other © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 86
DDoS Infrastructure Protection
Controllers
vBond
Authenticated T LS /
Sources DTLS
(Control)
vSmart vManage
CPU
Packet
Any Forwarding
Unknown
Sources Note: vBond control plane policing is
Other the same as vEdge
Deny except:
DHCP, DNS, ICMP, NETCONF
OMP OMP
Update Update
Local Keys Local Keys
Transport1
TLOCs TLOCs
AES256-GCM
Traffic Encrypted with
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 88
Control Plane
Data Plane Integrity
Man-in-the-Middle and Replay Attack Mitigation
vSmart
vBond discovers vEdge public IP Controllers vEdge pre-computes AH hash based
address, even if traverses NAT on the post NAT public IP
vBond communicates public IP to Packet integrity (+IP headers) is
the vEdge preserved across NAT
OMP OMP
Update Update
Transport1
IF, IF,
Sub-IF Sub-IF
MPLS
Service Transport
(VPNn) (VPN0)
IF, IF,
Sub-IF Sub-IF
INET
Management
(VPN512)
• VPNs are isolated from each other, each
VPN has its own forwarding table
IF • Reachability within VPN is advertised by
the OMP
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 90
Secure Segmentation
End-to-End Segmentation
VPN 1
Interface VPN1 SD-WAN VPN1 Interface
IPSec VPN 2
VLAN VPN2 Tunnel VPN2 VLAN
VPN 3
Ingress Egress
vEdge vEdge
• Segment connectivity across fabric w/o • Labels are used to identify VPN for
reliance on underlay transport destination route lookup
• vEdge routers maintain per-VPN routing • Interfaces and sub-interfaces (802.1Q tags)
table are mapped into VPNs
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 91
Application Traffic Security
Local Secure Perimeter
In-Line Firewall Fabric Firewall
vSmart
vEdge
Data Policy
Firewall
vEdge
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 92
Application Traffic Security
Regional Secure Perimeter
Service Insertion
Policy Protected
Firewalls Data Compute Resources
IDS/IPS/DLP Center
Small Office
Home Office
Secure Data
Center
SD-WAN
Fabric Firewalls
Branch IDS/IPS/DLP Cloud
Data Center
Regional
Service Secure
Advertisement Perimeter
Campus
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 93
Cloud Security
SaaS and Internet Security
ISP1 ISP1
ISP2 ISP2
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 95
Cisco SD-WAN Capabilities
Reinventing WAN Connectivity
Module Objectives
Foundational Enablement
• Explain and whiteboard the logic behind establishing Cisco SD-WAN fabric
• Explain and whiteboard different traffic forwarding patterns across the Cisco SD-WAN
fabric
• Explain and whiteboard the principle behind per-VPN topology
• Explain and whiteboard service insertion capabilities of the Cisco SD-WAN fabric
• Explain and whiteboard resiliency and high-availability features of the Cisco SD-WAN
fabric
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 98
Cisco SD-WAN Architecture
The Power of Abstraction
vManage
vBond
Control Plane
vSmart Controllers
MPLS 4G
INET
vEdge Routers
Data Plane
Cloud Data Center Campus Branch SOHO
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 99
Transport Independent Fabric
Transport Locators Advertisement
vSmarts advertise TLOCs
vSmart to all vEdges*
(Default)
Full Mesh
SD-WAN Fabric TLOCs advertised to vSmarts
(Default)
vEdge
Local TLOCs
(System IP, Color, Encap)
vEdge vEdge
vEdge vEdge
* Can be influenced by the control policies
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 100
Transport Locator (TLOC) OMP IPSec Tunnel
Transport Independent Fabric
Transport Locators Colors
T3 T4 T1 T2 T3 T4
Public T1 T2
Public
T1 T3 T1 DMZ T3
T2 T4 T2 T4
vEdge vEdge vEdge vEdge
Private
Private
T1, T3 – Public Color T2, T4 – Private Color
T1, T3 – Public Color T2, T4 – Private Color
T1 T3 T2 T4 T1 T3 T2 T4
T1 T4 T2 T3 T1 T4 T2 T3
Color restrict will prevent attempt to establish IPSec tunnel to TLOCs Color - Control plane tag used for IPSec tunnel
101 establishment logic
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SLA SLA
Core
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 103
Application Aware Topologies
Arbitrary VPN Topologies
Full-Mesh Hub-and-Spoke Partial Mesh Point-to-Point
FW
VPN1
Regional VPN1
Hub
Data
Center
VPN1 MPLS INET
Receiver Branch
Replicators
© 2016 Cisco and/or its affiliates. All rights reserved. Control
Cisco ConfidentialPlane106 Multicast Stream
High Availability and Redundancy
Connectivity Assurance
Site Redundancy Transport Redundancy
MPLS INET MPLS INET
Control
MPLS
Data
Center
Data MPLS
INET
Site
INET
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 107
Key Foundation Takeaways
Summary
• Explain and whiteboard the logic behind establishing Cisco SD-WAN fabric
• Explain and whiteboard different traffic forwarding patterns across the Cisco SD-WAN
fabric
• Explain and whiteboard the principle behind per-VPN topology
• Explain and whiteboard service insertion capabilities of the Cisco SD-WAN fabric
• Explain and whiteboard resiliency and high-availability features of the Cisco SD-WAN
fabric
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 108
Cisco SD-WAN Capabilities
Reinventing WAN Application Services
Module Objectives
Foundational Enablement
• Explain and whiteboard application recognition functions of the Cisco SD-WAN fabric
• Explain and whiteboard the delivery of application quality of experience and
differentiated services across Cisco SD-WAN fabric
• Explain and whiteboard Cloud onRamp functionality for SaaS applications and IaaS
environments
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 111
Embedded Application Recognition
Deep Packet Inspection
Deep Packet Inspection Engine
Cloud Data
Center
App 1
App 2
App 3,000
vEdge Router
vEdge Router
• Each vEdge router generates BFD • Poll interval determines the average
packet every “hello” interval for path path quality measurement (loss,
quality (and liveliness) detection latency, jitter)
• BFD packets are generated for each • App-route multiplier determines the
transport individually. Timers can be average path quality measurement
adjustment for quicker detection. across the poll intervals
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 113
Critical Applications SLA
Application Aware Routing
vManage
Enforce SLA compliant path App Aware Routing Policy
App A path must have:
for applications of interest latency < 150ms
loss < 2%
Other applications will follow jitter < 10ms
fabric routing across all vSmart Controllers
paths
1 Internet
Path
vEdge1 vEdge2
Path 2 MPLS
App A
4G LTE
Path
3
Path1: 10ms, 0% loss, 5ms latency IPSec Tunnel
Path2: 200ms, 3% loss, 10ms latency © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 114
Path3: 140ms, 1% loss, 10ms latency Control Plane
Optimal Network Utilization for App Traffic
Path MTU Discovery
Automatic and proactive Network Path Automatic MSS adjust for TCP traffic
MTU Discovery leveraging BFD protocol - Can also be manually configured
Support for Host Path MTU Discovery IP ICMP Unreachable (type 3, code 4)
Transport1
Host Path
MTU Discovery
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 115
Differentiated Services
Quality of Service
Traffic Flow
vEdge Router
Copy inner TOS/DSCP bits
into outer header
Q0
Q1
Ingress Interface
Egress Interface
Voice Q2
Q3
Business
Q4
IPSec
Best Effort Q5
Q6
Q7
SD-WAN
Fabric
Users vEdge vEdge Servers
High Latency Path
ISP1 ISP1
SD-WAN SD-WAN
ISP2 Fabric MPLS Fabric
Data Center Data Center
Remote Site Remote Site
Application Quality
© 2016 Cisco Probing
and/or its affiliates. All rights reserved. Cisco Confidential 118
Cloud onRamp for IaaS
IaaS
Compute
VPCs/VNETs
Compute Compute BGP BGP BGP
VPC/VNET VPC/VNET
Gateway
VPC/VNET
Cloud Cloud
Data Center Data Center
SD-WAN SD-WAN
Fabric Fabric
Campus Campus
Remote Site Remote Site
Branch Branch
IPSec Tunnel
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 119
Key Foundation Takeaways
Summary
• Explain and whiteboard application recognition functions of the Cisco SD-WAN fabric
• Explain and whiteboard the delivery of application quality of experience and
differentiated services across Cisco SD-WAN fabric
• Explain and whiteboard Cloud onRamp functionality for SaaS applications and IaaS
environments
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 120
Cisco SD-WAN Capabilities
Reinventing WAN Operations
Module Objectives
Foundational Enablement
• Explain single pane of glass operation of Cisco SD-WAN fabric
• Explain and whiteboard the different tenancy models of Cisco SD-WAN fabric
• Explain application performance and visibility capabilities
• Explain configuration templates and policies operation
• Explain available troubleshooting and verification tools
• Explain and whiteboard the self-healing nature of Cisco SD-WAN fabric
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 123
Single Pane of Glass Operations
vManage GUI
• Intuitive GUI driven operations
- Management, monitoring and
troubleshooting
• Cloud Delivered
- Private, hosted or managed
• Single or Multi-tenant
• Role-based Access Control
• Clustered for scale and high
availability
• REST APIs based
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 124
Centralized Operations
Multi-Tenancy A+B
A B
Dedicated VPN
Tenancy Tenancy
Enterprise
Tenancy
vManage
DHCP
TPM
vEdge
Identity
vSmart vBond (X.509)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 126
Application and Performance Visibility
Deep Packet Inspection
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 127
Template-Based Configurations
Centralized Device Configuration Enforcement
• Templates are attached to provisioned
vEdge routers
• Variables are used for rapid bulk
configuration rollout with unique per-
device settings
• Local configuration changes are not
allowed
- Prevents configuration drift
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 128
Granular Policies
Centralized Control over Fabric Behavior
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 129
Troubleshooting and Verification
Transparent Operations
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 130
Self-Healing
Software Upgrade and Configuration Change
Failed
2 Upgrade 1 vManage
Attach Template
Active Software A Rollback
Available Software B
Activate 3 Connectivity
Available Software C 2 Lost
1 Available Software D
Rollback
3
vEdge Router vEdge Router
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 131
Key Foundation Takeaways
Summary
• Explain single pane of glass operation of Cisco SD-WAN fabric
• Explain and whiteboard the different tenancy models of Cisco SD-WAN fabric
• Explain application performance and visibility capabilities
• Explain configuration templates and policies operation
• Explain available troubleshooting and verification tools
• Explain and whiteboard the self-healing nature of Cisco SD-WAN fabric
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 132
Cisco SD-WAN
Design and Deployment Models
Module Objectives
Foundational Enablement
• Understand the most common Viptela SD-WAN design and deployment models
• Reference existing customer deployment for small, medium and large enterprises
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 135
Cisco SD-WAN Control Plane Deployment
Viptela hosted Controllers / Public Cloud
Region 1 Region 2
optional/
standby
Private IPs Private IPs vManage
1:1 NAT 1:1 NAT
Public IPs Public IPs
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 136
Cisco SD-WAN Control Plane Deployment
Hybrid Cloud Controller Deployment
DC/Region 1 DC/Region 2
No NAT optional/
standby
Public IPs Public IPs vManage
DMZ
FW BGP
BGP DMZ Control Plane on MPLS and Internet
FW
Public IPs are assigned to the
controllers
No NAT is used
MPLS Internet
For security compliance FW/DMZ on
Internet facing side
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 137
Cisco SD-WAN Control Plane Deployment
Hybrid Cloud Controller Deployment
DC/Region 1 DC/Region 2
optional/
standby
Private IPs Private IPs vManage
NAT
+
DMZ/FW NAT
BGP + Control on MPLS and Internet.
DMZ/FW
Private IPs on the controllers.
BGP Public IP Public IP
No NAT NAT Public IPs are not exposed on MPLS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 138
Internet
vEdge Cloud co-exist with the controllers
Legacy/MPLS Sites
SD-WAN Sites
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 140
Cisco SD-WAN Site Deployment
Remote Site Designs
MPLS
1234567 Up to 7 Transport Interfaces
Internet
Primary DC Back-up DC
DC
(Dual MPLS, Dual Broadband)
Large
(Single MPLS, Single Broadband w/vEdge 2K)
Medium
(Single MPLS, Single Broadband w/vEdge1K)
vEdge Router
AT&T Viptela SEN
Switch MPLS
Sprint
Internet SECURE
MPLS DATA PLANE
Split-tunnel – Zsclaer
SECURE Traffic Symmetry Done on Division based AWS, Skype for
Internet Exit No Zscaler for o365 VPN Topology IAAS and SAAS
CONTROL PLANE across regions Viptela Mesh Business, o365
DC Internet as backup
DC
(Dual MPLS, Dual Broadband)
Medium
(Single MPLS, Single Broadband w/vEdge1K)
SECURE
DATA PLANE
Ethernet Exit
(DSL/Cable/LTE/MPLS)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 145
Demonstration of Capability
Module Objectives
Foundational Enablement
• Know where to go and how to access dCloud Viptela demo capabilities
• Stay focused and develop a custom story guide taking into consideration the target
audience, desired outcome and story to tell while demonstrating the Viptela solution
capabilities
• Leverage a top down approach rather than a bottoms up approach to showcase how
Viptela maps to customer discovery output and relevant capability requirements
• Avoid a product or solution focused transfer of information (TOI) while demoing
• Showcase additional capabilities when required to address most common solution
related questions that come up while demoing
• Avoid getting into or staying in the weeds
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 148
Setting the Competitive Agenda
Demo Relevant and Diverse Use Cases
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 149
Key Foundation Takeaways
Summary
• The dCloud Viptela demo is available and readily accessible
• We all have a part to play in contributing to demo innovation and should consider the
target audience, desired outcome and story that we need to tell while leveraging the
demo platform
• There is a big difference demoing using a top down vs. bottom up approach
• It is preferred to show more when asked specific questions and not to show more or get
into the weeds for the sake of showing off what we perceive to be important details
• It is possible to answer questions in depth while demoing and to pull oneself out of the
weeds
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 150
Products
Module Objectives
Foundational Enablement
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 153
Solution Elements
Orchestration, Control, Data and Management Planes
Data Plane
Orchestration Plane Control Plane Management Plane
Physical/Virtual
• Orchestrates control and • Facilitates fabric discovery • WAN edge router • Single pane of glass for
management plane • Dissimilates control plane • Provides secure data plane Day0, Day1 and Day2
information between vEdges with remote vEdge routers operations
• First point of authentication
(white-list model) • Distributes data plane and app- • Establishes secure control • Centralized provisioning
• Distributes list of vSmarts/ aware routing policies to the plane with vSmart controllers • Policies and Templates
vManage to all vEdge routers vEdge routers (OMP) • Troubleshooting and
• Facilitates NAT traversal • Implements control plane • Implements data plane Monitoring
policies, such as service policies • Software upgrades
• Requires public IP Address
chaining, multi-topology and • Exports performance statistics •
[could sit behind 1:1 NAT] GUI with RBAC
multi-hop
• Highly resilient • Leverages traditional routing • Programmatic interfaces
• Dramatically reduces control protocols like OSPF, BGP and (REST, NETCONF)
plane complexity VRRP • NMS interfaces (SNMP,
• Highly resilient • Support Zero Touch Syslog, IPFIX)
Deployment
• Physical or Virtual form factor
(100Mb, 1Gb, 10Gb)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 154
Cisco vEdge Routers
Portfolio Positioning
Branch/SOHO/SMB Branch/Campus Campus/Data Center Campus/Data Center NFV, vCPE IaaS & Cloud
(100Mb) (1Gb) (10Gb) (20Gb+) (N x cores) Interconnect
(N x cores)
vEdge Cloud on
vEdge 100 family vEdge 1000 vEdge 2000 vEdge 5000 Greybox or vEdge Cloud
Whitebox
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 155
vEdge-100 Routers
Small Office, Home Office Edge
vEdge 100m vEdge 100mw
vEdge 100
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 156
vEdge-1000 and vEdge-2000 Routers
Campus and Data Center Edge
vEdge 1000 vEdge 2000
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 157
vEdge 5000
Campus and Data Center Edge
Platform Capabilities:
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 158
vEdge Cloud Virtual Routers
Virtualized Branch or Cloud
On-Premise Hosted
vEdge Cloud vEdge Cloud vEdge Cloud vEdge Cloud vEdge Cloud vEdge Cloud
VM Throughput: VM
Physical Server 2x vCPU 500Mb/s
4x vCPU 1Gb/s
8x vCPU 1.5Gb/s
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 159
Controllers
Cloud or On-Premise Delivered
On-Premise Hosted
vBond* vManage vSmart vSmart vBond vManage vSmart vSmart
VM VM
* Can be deployed as physical vEdge appliance © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 160
Key Foundation Takeaways
Summary
• Describe key characteristics of Cisco SD-WAN orchestration, management, control and
data plane elements
• Describe Cisco SD-WAN portfolio of physical and virtual vEdge routers
• Describe key components of the Cisco SD-WAN vEdge routers
• Describe delivery methods for Cisco SD-WAN controllers
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 161
Licensing and Software
Module Objectives
Foundational Enablement
• Explain Cisco SD-WAN subscription license model
• Explain feature license tiers
• Explain bandwidth licensing
• Explain Cisco vEdge router pricing
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 164
Pricing Model
Subscription and Perpetual Elements
1. Subscription* license (1YR, 3YR and 5YR) for Cisco SD-WAN software charged per CPE. This cost is
dependent on two factors:
• Service bandwidth
• Features
*Note: Subscription cost of Viptela software includes cost of SD-WAN controllers, 24x7x365 Cisco SD-WAN support, next day hardware
replacement for Cisco SD-WAN CPE, software upgrades on all components and the cost of hosting the Cisco SD-WAN controllers in the
Cisco SD-WAN cloud.
**Note: CPE can be Cisco SD-WAN owned or in the case of Virtual CPE customer owned. Cost here implies Cisco SD-WAN
CPE only.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 165
Features
License Tiers
Plus Pro Enterprise
SD WAN SD WAN SD WAN Analytics
controllers controllers controllers
Dynamic Dynamic
Hub Routing Routing
AAR
AAR AAR
Note: Entitlement assumes the peak bandwidth usage 95% of the time.
This accommodates traffic bursts that might happen. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 167
Cisco vEdge Router Pricing
Cost of Hardware
Encrypted
Throughput (AES- 100Mbps 100Mbps 100Mbps 1Gbps 10Gbps
256)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 168
Note: All priced are list price
Key Foundation Takeaways
Summary
• Explain Cisco SD-WAN subscription license model
• Explain feature license tiers
• Explain bandwidth licensing
• Explain Cisco vEdge router pricing
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 169
Caveats
Module Objectives
Foundational Enablement
• Understand SD-WAN Control Plane limits
• Understand high availability limitations for control plane
• Understand vEdge hardware limits
• Understand configuration templates and CLI relationship
• Understand software capability limits
• Understand performance limits
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 172
Scalability Considerations
Orchestration/Control/Management Plane
Orchestration Plane Management Plane Control Plane
(vBond) (Multi-tenant or Dedicated) (Containers or VMs)
(vManage) (vSmart)
2000 vEdges per vBond 2700 vEdges per vManage 2700 vEdges per vSmart
Redundancy Add 1-2 vBonds Redundancy Add 1-2 vSmarts
Horizontal Scale out Model
Horizontal Scale out Model in cluster mode (same DC) Horizontal Scale out Model
4G/LTE Internet
MPLS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 173
Data Center Campus Branch Home Office
Scalability Considerations
Orchestration/Control/Management Plane
Orchestration Plane
Periodic
(vBond)
DB
Backup
DB
Primary DC Back Up DC
Cluster vManage Cluster vManage
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 176
vManage Considerations
Troubleshooting
Troubleshooting issues relies heavily on CLI and bash (Linux)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 177
Feature Functionality Considerations
Software Caveats
Limited Functionality
• QoS (Quality of Service) – 1 Low Latency Queue. 7 WRR Queues. No hierarchical QoS.
• DPI (Deep Packet Inspection) – No support for custom application signatures. Also unlike
AVC/NBAR/Netflow, this data cannot be exported via IPFIX or other protocols. Must be
extracted via vManage.
• WAN Optimization - TCP Optimization road-map item. No WCCP or WAAS capabilities.
• IPv6 – Transport(WAN) support only. No LAN support.
No Functionality
• Unified Communications.
• Support for non-Ethernet interfaces.
• License enforcement. Honor-based licensing.
• Single Sign-On or 2-Factor-Authentication support.
• Reporting – No mechanism to generate reports of any kind. All data is exported as JSON/CSV.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 178
Feature Functionality Considerations
Performance Caveats
The Numbers
• The throughput numbers marketed are full duplex. This means that on the 10G device, the max
achievable throughput in 1 direction is 5G.
• Flow collection is capped at 128K flows. Flows past this point are not collected but will be
serviced in data plane.
• DPI of application flows is capped at 256K flows for forwarding but 128K flows for reporting.
Application flows past this point are not collected.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 179
Key Foundation Takeaways
Summary
• Be aware of the capacity limits of all the SD-WAN components
• Be aware that you may end up in a situation where you have to use the CLI
• Be aware of the features that the SD-WAN platform does not have
• Be aware of the limits of the features that the SD-WAN solution has
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 180
What to Sell?
Module Objectives
Foundational Enablement
• Master simplified solution, bundle and offer positioning
• Understand how to link discovery and design considerations output and targeted use
cases to solution positioning
• Ensure you are able to articulate pieces and parts needed to satisfy solution
requirements
• Identify insertion points during customer conversation to drive upsell
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 183
Cisco Brand Naming for New SD-WAN Offering
Collateral will reflect this Cisco naming Oct. 31
Viptela brand retired. 1 Brand Cisco Cisco Meraki
Standard terminology Cisco Cisco Meraki
familiar to customers. 2 Solution Name Cisco SD-WAN
Intelligent WAN (IWAN) SD-WAN
DNA Center Cisco Meraki
Cisco vManage
IWAN App Dashboard
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 184
Cisco SD-WAN
Positioning
Cisco will deliver next generation SD-WAN solutions to our customers by combining
Viptela’s industry-leading SD-WAN solution with Cisco’s enterprise routing platforms
and Cisco DNA Center.
• Cisco SD-WAN (Viptela) - For customers and partners that require cloud first SD-
WAN solutions with advanced routing, complex topologies, or granular segmentation
capabilities, Cisco’s SD-WAN solution based on Viptela is the recommended solution.
• Meraki SD-WAN - For customers that are looking for branch unified threat
management (UTM) solutions with SD-WAN functionality or are existing Cisco Meraki
customers looking to expand to SD-WAN, Cisco Meraki is the recommended solution.
• Cisco IWAN - For customers of Cisco’s IWAN solution, we will continue to invest in
the roadmap of IWAN and support customers on Cisco’s IWAN solution. As new
unified offers are made available with Viptela’s technology incorporated in the ISR
and ASRs, customers will be able to migrate to the new unified solution as needed or
desired.
The acquisition of Viptela will ensure Cisco’s SD-WAN solution supports Cisco’s
strategic transition towards cloud and software-centric solutions that deliver predictable
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 185
recurring revenue.
Positioning the Appropriate SD-WAN Solution
h
hr oug
a kt
Bre 4D
Advanced SD-WAN Single Dashboard
• Cloud and OnRamp
• Single pane-of-glass
• More than two active transports Generic SD-WAN management for full stack
or active LTE
infrastructure across the branch
• Comprehensive WAN • Hybrid WAN
• Existing Meraki customers
connectivity & services • L3 overlay for hub-spoke
deployments evaluating SD-WAN
• Complex topologies
• Dynamic path selection • Heavy competitive pricing
• Custom policies at scale
• Cloud-managed pressure
• Advanced routing &
• Zero touch deployment with • Integrated branch security and
segmentation
templates and easy to use network connectivity solution
• Native dynamic cloud
dashboard
application acceleration
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 186
Promotional Offers
• Cisco ISR 4321 + SNTC(8x5xNBD)+ Viptela vEdge 100 + Viptela 3-year Enterprise or Pro subscription
• Cisco ISR 4431 + Perf License + SNTC(8x5xNBD) + Viptela vEdge 1000 + Viptela 3-year Enterprise or Pro subscription
Terms:
Products eligible • Must be purchased through Westcon, a distributor for Cisco and Viptela, to access the offer
and Guidelines • Cannot be stacked or combined with other offers from Cisco or Viptela
• Program effective August 21, 2017 – April 28, 2018 ( end of Q3FY18)
• Easy transition to a “best of all worlds” SD-WAN solution. Enjoy the simplicity of cloud management with the service
Customer richness of the Cisco ISR.
Benefits • Upgrade to latest ISR and deploy Cisco SD-WAN solution immediately without waiting for the integrated solution.
• Protect customer investment for newer SD-WAN architectures.
• Offer a Viptela solution now, for customers that are committed to the ISR solution long term and want cost savings and benefits
of the solution now. Sell this Cisco SD-WAN bundle that provides for a 50% discount on the ISR 4000 list price.
Partner benefits • Simple quoting and ordering through Westcon (distributor for Cisco and Viptela), helping avoid stall in SD-WAN deals and
facilitating deals for the customer quickly.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 189
Cisco SD-WAN Bundle Example Benefit
Save Save Free vEdge Free
$13436 $1123 $33237 $7821 SmartNet
Free vEdge Free
SmartNet +$5,000Discount
SNTC SNTC $25416
$12313 + $360 Discount $1042/yr 8x5xNBD
$246/yr 8x5xNBD
SNTC
$123/yr SNTC $521/yr 8x5xNBD
8x5xNBD
ISR4431/K9 ISR4431/K9
$1995 ISR4321 $14600 FL-44-PERF- ISR is 50% discounted vs.
IP Base $995 ISR4321 ISR is 50% discounted $7300 FL-44-PERF-
K9 current list price
IP Base vs. current list price K9
• Customers are getting best-in-class routing with best-in-class SD-WAN with significant savings
Customer
Benefits
• These savings are approximately equal to getting a free vEdge hardware platform and free Cisco SNTC for ~ 5 years
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 190
Cisco SD-WAN Bundle: Deployment Scenarios
ISR Providing T1/E1/DSL Connectivity ISR Providing Services
vManage vManage
Deployment Scenarios
TI / E! / DSL
TI / E1 / DSL Ethernet
ISR vEdge
WaaS
UC
vEdge ISR
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 191
Ordering Checklist
Cisco SD-WAN Bundle Offer
This offer can only be ordered by qualified* partners using Westcon, a distributor
*Qualified partners are partners that sell both Viptela and Cisco products
Software Investment
Protection Offer
Software Investment Protection Offer
For Partners and Customers
• Save on the cost to upgrade to a Cisco SD-WAN solution when buying a 3-year Viptela software subscription
End-user offer
• Applies to Cisco ISR 4000, ASR 1000, CSR, or ENCS purchased with AX / AXV bundles or Cisco ONE WAN Foundation license
• To be eligible for this offer, must have active Software Support Services (SWSS) contracts and/or Smart Net contracts
Terms: • Requires minimum 3-year Viptela software subscription purchase
Products eligible
• Cannot be stacked or combined with other offers from Cisco or Viptela
and Guidelines
• Program effective Once Phase 2 integration* is complete - Until further notice
• Protects pending and recent investments in Cisco ISR 4000 by providing the customer credit toward the purchase of the Viptela
3-year software subscription.
Customer • Save on costs of upgrading to a Cisco SD-WAN solution.
Benefit • Any investment in AX, AXV, or Cisco ONE Software WAN Foundation will be protected. There will be options to upgrade to
Viptela’s SD-WAN capabilities after Cisco completes the integration.
• Simplified transaction, avoiding stall in SD-WAN deal, facilitate deal for the customer quickly
Partner Benefits • Simplified adoption of Cisco SD-WAN with Viptela by providing software credit good toward Viptela software subscription
licenses, to protect the customer recent or pending investment in ISR 4000
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 194
*Integration is Phase 2 when vEdge software is integrated on EN routing platforms
Example Software Investment Protection
Benefit
Product ID Hardware AX License / Cisco ONE Annual SWSS One Year Upgrade discount
(example: AXV License Software (12-month) Smart Net Applied Toward
ISR4331) WAN Foundation (8x5xNBD) Viptela
License 3-yr. Subscription
License*
Example†
1. Customer has procured C1-CISCO4331
2. Cisco ONE Software WAN Foundation License is priced at $2000
3. Viptela Subscription for Professional (PRO) License for 3-years is $10,710‡
4. Customer pays for migration to Viptela 3-year PRO License: $10,710 - $2,000 = $8,710†
*Amount applied toward Viptela subscription is the list credit for the original license.
† Field discount is applied on the final price.
‡ Minimum Viptela 3-Year
© 2016 Cisco PRO
and/or or ENT
its affiliates. subscription
All rights mustConfidential
reserved. Cisco be purchased.195
Subscription lifetime software maintenance and upgrades are included in the subscription.
Positioning
Hardware Positioning
What to Sell
w Bundle
d With Ne able* credit
Lea
iptela Avail SW
tive**
r e V cen
Pu In
+
vEdge ISR 4000 Series
vEdge + ISR 4000 Series
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 197
Cisco SD-WAN: Positioning For Day-1
1. Pure-play Cisco SD-WAN architecture
a. Lead with Cisco SD-WAN products as-is
Subscription cost of
Perpetual cost of Viptela software
Operational cost of
Viptela CPE (Includes SD-WAN
controller + CPE Viptela solution
hardware
software)
*Note: Subscription cost of Viptela software includes cost of SD-WAN controllers, 24x7x365 Viptela support, next day hardware replacement
for Viptela CPE, software upgrades on all components and the cost of hosting the Viptela controllers in the Viptela cloud.
**Note: CPE can be Viptela owned or in the case of Virtual CPE customer owned. Cost here implies Viptela CPE only.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 200
Pricing Model
Multiple Options
Plus Pro + DPI Enterprise
SD WAN SD WAN SD WAN Analytics
controllers controllers controllers
Dynamic Dynamic
Hub Routing Routing
AAR
AAR AAR
Local
MPLS Internet Local MPLS Internet MPLS Internet
breakout
breakout E2E (App based) E2E
Segmentation CloudExpress
Segmentation
Transformed
Customer
Experience
Enabled Cloud-
Based Healthcare
Apps
Couldn’t enable SaaS Apps Cloud-based EMR enabled Adding Bandwidth 120 2 days
Need to add to Office365 and Cloud- Next Phase: Migrate Office 365, Voice 10x Bandwidth
based Voice to Cloud
No wasted engineering hours
Case Study
Global Retailer
40%
Reduction in
WAN Costs
Reduce OpEx and CapEx costs Viptela SEN infrastructure 26x Bandwidth improvement
• 25 stores a night
• Bring-up - 2 stores a night
Time to Capability • Instantaneous planning and
• 9-12 months planning for any change
provisioning
• Inefficient - combination of home grown, carrier • Centralized control, full visibility and
Management
provided and 3rd party tools operationally elegant
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 205
Case Study
Global Industrial Firm
46
Portfolios
consolidated
14 different environment, 8 carriers Enable active active MPLS + internet Months to weeks rapid
M&A onboarding
Massive migration to O365 & AWS
46 Portfolios consolidated
Business unit segmentation
Case Study
Banking Fortune 500
80%
Less time
for deploying
new branch
WAN
High bandwidth apps (HD Video) Viptela SEN infrastructure 20x Bandwidth Improvement
Simplify branch IT operations Augment MPLS with broadband 50 Sites deployed per night
(incl ATMs)
1000 Devices upgraded in 4 hours
• MPLS to All broadband transition (50x bandwidth, 60% • Scale (3500 stores) with geo diverse footprint
savings) • 1/10th the planning time
• Segmentation for line of business and compliance • Clean architecture – fully segmented, true zero touch,
• 25-40 store turn-up a night (vs 2 per week with Cisco) application aware routing, full app visibility
Fortune-500 • Centralized control with full visibility • All existing apps saw multi-fold improvement in
(Retail) • Simple to operate performance
• No head-end complexity
• Dual MPLS to Hybrid (MPLS, broadband, 4G/LTE) • Management simplicity – single pane of glass, integrate
transition with full REST APIs
• Scale (6000 devices, 3000 branch offices) • All required functionality works at scale – 6000 devices
• Centralized management & operational simplicity • Users experienced 400% improvement in performance
• Inter-operate with existing network (DC, WAN Opt,
Top-6 US Bank Firewalls)
(Financial Services) • Security & segmentation
• Optimal Internet exits
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 208
Viptela
Why We Won
Customer Delivered Value Why We Won (vs) Cisco IWAN
• Pure MPLS to Hybrid transition • Works on MPLS, dual-Internet and 4G/LTE in exactly the
• Single WAN technology for hospitals, admin offices, same way – single domain
partner networks, cloud access • Centralization and service insertion capabilities
• Security – centralization of firewall services • Simplified architecture
• Simplified routing environment & zero downtime to • Easy to operate and troubleshoot
existing network during transition
Fortune 100 • Templatized roll-out with audit compliance
• HIPAA compliance
(Healthcare)
• Transition from Dual MPLS with 40 provider VRFs to fully • Head-end and branch site complexity
segmented Hybrid network • Scale to 1000s
• Scale to 1000s of locations – global footprint • Easy to segment, operate and troubleshoot
• Centralized management & operational simplicity
• Single WAN technology for all portfolio companies, cloud
Very large access, partner networks
Manufacturing Co • M&A quick onboarding
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 209
Proven Solutions
Across Multiple Verticals
Customer Industry Challenge Solution
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 212
Team Exercises
Module Objectives
Foundational Enablement
• Highlight key takeaways including challenges, desired benefits, impacting trends, and
requirements that are contained within the sample scenario discovery output
• Develop and execute on the appropriate engagement strategy based on the customer
audience and desired outcomes
• Identify important information that is lacking within the discovery output documentation
and determine how would you gather missing information
• Determine the appropriate tools to leverage while engaging (PPT, Whiteboard, Solution
Demo, ROI Calculator, etc.)
• Execute your engagement strategy as part of a role play while leveraging the appropriate
tools, expanding discovery and while providing unique insights
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 215
Foundation Scenario Takeaway
Reference
Plan of Action and Role Play Exercise
• In room discussion:
• How does this align to existing customer engagement opportunities?
• What additional tools and skills could are necessary to empower you through the engagement process?
Foundation Scenario Addition Takeaway
Reference
Plan of Action and Role Play Exercise
• In room discussion:
• How does this align to existing customer design scenarios?
• What additional tools and skills could are necessary to empower you through the engagement process?
Facilitator Role and Tips Takeaway
Reference
Making the Most of the Exercises
• Teams execute while Facilitator guides = Actor vs. Director
• Facilitator is expected to join both sides of the role play as an actor to nudge in each direction to keep things on track
• Critical for bulk of role play to be controlled by SE audience, but
• Facilitator will have a list of potential Cisco leading questions and Customer leading questions for each scenario document
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 219
Key Foundation Takeaways
Summary
• Practicing is fun and important
• It is critical to perform the proper discovery and to gather and analyze key take-aways
• Account teams will benefit from creating a strategy based on the customer audience and
desired outcomes
• There is a big difference between planning a strategy and executing on that strategy –
Practice is important
• Most of the time there is important information lacking within the discovery output
documentation requiring that we dig deeper with the customer in certain areas
• Different tools provide different value during the engagement process and we must
choose the right tool for the job
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 220
Closing Thoughts