e e e [Music] hello and thank you for joining this live webinar presented by The Cisco Learning Network this webinar will be recorded and made available on The Cisco Learning Network and information on how to access the recording will be emailed to you following the live session please allow up to five business days for the full recording to be made available thank you very much and enjoy the presentation [Music] [Music] hello and thank you for joining this live webinar presented by The Cisco Learning Network this webinar will be recorded and made available on The Cisco Learning Network and information on how to access the recording will be emailed to you following the live session please allow up to five business days for the full recording to be made available thank you very much and enjoy the presentation [Music] [Music] hello and thank you for joining this live webinar presented by The Cisco Learning Network this webinar will be recorded and made available on The Cisco Learning Network and information on how to access the recording will be emailed to you following the live session please allow up to five business days for the full recording to be made available thank you very much and enjoy the presentation [Music] [Music] hello and thank you for joining this live webinar presented by The Cisco Learning Network this webinar will be recorded and made available on The Cisco Learning Network and information on how to access the recording will be emailed to you following the live session please allow up to five business days for the full recording to be made available thank you very much and enjoy the presentation [Music] [Music] hello and thank you for joining this live webinar presented by The Cisco Learning Network this webinar will be recorded and made available on The Cisco Learning Network and information on how to access the recording will be emailed to you following the live session please allow up to five business days for the full recording to be made available thank you very much and enjoy the presentation St [Music] [Music] this meeting is being recorded hello everyone good morning or good afternoon thank you so much for joining us today my name is R via and I am one of the community managers on The Cisco Learning Network and I'll be your host today in this session we will be covering getting started with the uh Cisco Catalyst sdwan with our two speaker and presenters we got PR and Peter utor but before we get started I wanted to share a couple of quick housekeeping notes first if you have any questions during the session we ask that you please post them in the question and answer panel as that would help our panelists manage and keep track of all of the questions and would also allow them to provide you with a much more timely response also if you experience any audio streaming issues during the live presentation I do recommend using the colum telephone number that I'm going to be posting in the chat window here in just a moment and at the end of this webinar you're going to get a popup survey with a couple of questions about today's presentation and we would really appreciate it if you can just take a moment to fill it out and share with us any thoughts or feedback that you may have about today's session uh and last but not least I want to let our attendees know this s will be recorded and will be available on demand so I'm going to be sharing some more information in the chat window a little bit later on as well and without any further delay I'm now going to turn it over to our first speaker to get us started so previne if you're ready please take away thank you Roger and uh uh thank you everybody for joining today's presentation uh today we'll be talking about getting started Cisco uh Catalyst SD vanan um today like Raju mentioned uh I'll be the presenter and Peter will be uh presenting the demo so uh today we will learn about um the overview of the Catalyst you know the Catalyst SD van and uh we will also become a little familiar with the Catalyst sdban deployment types so there are multiple deployment types we'll look into that and we'll also learn the process to configure the features and validate how how it is operational uh in the fabric and finally we'll get some guidance about uh the resource and where do we have to start with your journey with our you know the SD van fabric so uh today this is the agenda for today uh we will start off with the overview of catalyst sdan architecture then we will uh take a look into the sdan components uh the controller deployment options we have and after that we will take a look into uh some of the SD vanan feature overview and then we will look into the various onboarding methods for the vanage routers and lastly we will have the demo on the manager dashboard and Peter will walk us through some of the uh device onboarding methods as well so we have a lot of ground to cover so let's uh uh let's let let's let's go ahead and uh dive into each of them so before we Deep dive um I would like to inform you some of the recent uh rebranding from the uh Cisco sdan solution starting with ourco sdan software release 20.2 um so here on the screen we can see some of the changes in the uh rebranding so uh you might see that some documents and some user interface still uh might be using some of the old names um so that is only for the time being and that'll that will be changing um soon in the in the newer releases and I'll try to me and I'll try my best to use my uhu and the new names here uh but but but you might be occasionally hearing me say the old names you know whole labits um so in the slide here uh we see our old name vmanage what we used to call so that has become Cisco Catalyst sdan manager and vbond has become the validator V smart is the controller and uh and V Antics is again the V Antics itself so um these are the main changes in the rebranding so just just keep in mind about these things so first uh let's uh talk about sdan architecture and its components so we all know this slide right uh this is uh this is the sdan architecture which is uh mainly broken into four planes so the first one is the orchestration plane which will uh you know Assist it automatically onboarding of the sdan routers and its component into the uh sdan overlay next we have our the management plane so this is mainly responsible for your uh Central configuration and monitoring of the entire Fabric and third we have our control plane so this is like a brain of the solution and it builds and maintains the network topology and uh makes routing decisions when on on where the traffic has to flow right and finally we have have our data plane so this is uh the actual uh routers which are in our branches and these are responsible for forwarding packets based on decision from the control plane so let's discuss all of these uh know components in our upcoming slides so the first one we have here is the orchestration plane so uh the software based component here performs the initial authentication of our vanet devices and the SD van controller components as well so this uh so it actually goes through a three phase uh mechanism for authentication like the first one is your uh device certificate second one is your or name and uh the third one is your actual uh certificate serial number of the device so these are the three uh mechanisms which uh the you know authenticate or the validator uses to authenticate the devices and uh so basically your valid details tells whether your uh manage uh or the controllers to the V manage and and then make a connection to them so this makes a temporary details connection between your manage and the validator so once the connection um is established and it's validated then the vbond or or the validator will share the controller information to the edge device so that the edge device can make a um uh permanent dtls tunnel to the uh vsmart or vs smart and the vmanager so the uh validator also facilitates natat traversal so if you have a natat it will automatically identify the public IP address and the private IP address and uh the corresponding codes as well and then this will actually propagate all this information to the controller component so that they'll be aware of these things so since the uh validator is the first point of authentication for all the uh devices in the fabric so this has to have a so it's actually recommended to have a public IP address configured on this so that all your devices in your public network can uh get access to it or at least we should have a one to one Nat which is configured for your validator so in case if you have a um private Network or only mls in your network so the so the minimum requirement is to have the uh Ed devices reachable to the validator so that's the uh minimum requirement which we have next one is your manager which is your V manage so this is a centralized uh um Network management system it's a software based uh and your uh and it actually provides a GUI uh based interface so that you can easily monitor configure and maintain all your uh sdan devices in your Fabric and um this will this will all so this will provide your uh single pain of glass for your day zero day one uh day two operations so the manager gives you a API interface as well so that uh we can use apis to uh integrate uh any of your third party automation tools from your manager and you can also configure policies and uh uh device templates uh using your V manager also um it also provides a software upgrade process wherein uh we can uh have or we can copy the uh you know images directly onto the vmanage and we can push the v u s images directly from the vmanage to your device next we have our controller so this is also a software based component which is responsible for the centralized uh control plan of the sdan network um the sdan controller establishes DLS based secure connection to each wed device by default but uh if you want to change it to TLS we still have an option to do that and the controller the sdan controller distributes routes and policy information via a no routing protocol called as om which is expanded to Overlay management protocol so the controller is uh also called as the hard of the solution so which which which mean which basically acts acts as a bgp route reflector meaning um if a orchestrator uh so it actually orchestrates the uh secure data plane uh connectivity between your wage routers by reflecting your crypto key information or anything from your one router so this actually allows um for a very scalable IC less architecture so this acts as a uh route reflector and it distributes the um um you know crypto keys to all the other Edge devices next we have our data plane um this is actually the uh Edge re Edge Edge routers which is which which can be your Hardware Appliance or your software appliance that actually sits at your physical location on your DC or campus or even your branch locations so the transport might be uh public or private so it again depends on what kind of Transport is connected to your uh router manage router provides a secure data plane connectivity between the sites uh over one or more van transports U that could be your private or public transport it is also responsible for traffic forwarding uh security and encryption as well so we can also configure some of the uh sdan features like qos routing protocols such as your bgp OSF and many more towards your lands side uh of your network and finally this also supports uh zero touch deployment wherein um we can uh we can connect this vage to your uh uh dscp enabled internet connection and uh if the reachability is right it will uh automatically onboard onto your um so SD van fabric so we'll talk very briefly about your zero touch provisioning in your in the further slides and next we have our sdan V analytics or analytics so this is a sast service which is hosted by Cisco sdan as part of the solution so it provides a graphical presentation of all all your performance of your entire uh overlay network over the time and it also lets you drill down to the character characteristics of single carrier or even your tunnel or applications or on a any given particular time and the sdan routers actually send the data to the sdan manager using secure apis and um this data is transferred to your analytics which is hosted in your AWS Cloud next we will uh we have our cast list sdan controller deployment type so in this method we will see what are the uh multiple deployment types which are available so we have uh multiple flexible uh uh control components deployment options which are available for our customers so the first one we have here is the on-prem um in this type the controller component deployment U is deployed on Prem or this this might be your data center on Virtual machines or container based deployment which can be done at your um esxi or KVM machines so this is where the Enterprise it organization is typically responsible for U provisioning the uh controller components and responsible for backing up and any disaster recovery which is there so some of the customers such as your uh Financial institutes or government government based entities uh may choose to run on PR deployments mainly due to your security uh compliance which is U which is there for them next type of deployment is your Cisco hosted uh Cisco Cloud hosted um this is a recommended uh model and the control component which can be deployed in AWS or Azure Um this can be a single or multiple zones which are available for deployment um most of our customer opt for Cisco cloud-based control deployment due to the ease of deployment and flexibility in scaling which which which is available in this so in this Cisco takes care of all your provisioning of the control components which uh with with the certificates and meeting all the requirements for scaling and redundancy which is which is available and also Cisco is responsible for all your backup snapshot and any disaster recovery which is available so once the uh once once the deployment is done customer is given access to the sdan manager and the customer can go and create their configuration templates and the policies based on the based on their needs so in this we have another option called as managed service provider which is also called as MSP or it might be a partner hosted Cloud as well so this is again a private Cloud uh hosted or it can be a public Cloud hosted as well which can be deployed in AWS or Azure so the only difference here is the MSP or the partner is typically responsible for provisoning the cloud components and responsible for backing up any um backing up the components or doing a disaster recovery on this as well moving forward let's see some of the sdan features so um here are some of the basic termin terminologies which are there for uh Cisco Catalyst SD van the first one we have is overlay management protocol also called as OMP the O routing protocol which has a uh structure very similar to our bgp which is there in our traditional Network um this actually manages the sdan uh overlay Network and uh the protocol which runs between uh this is actually the protocol which runs between your sdan controllers and your uh wage devices where where the control information such as your U route profix next toop routes your crypto keys and policy information is exchanged over a very secure uh dtls or TLS connection so the SD man controller acts very similar to bgp Route reflector as we mentioned in the previous slides so it receives routes from the wage router process it and applies any policies on them and then it basically advertises the routs to all the route uh Edge Edge routers in the overlay network based on your policy which is configured from the U user so the policy here is your centralized policy so uh we will again talk about this in the further slides next one is the tlock t-lock is a transport locator this is a attachment point where a vanage router connects to a van transport Network so this tlock is a uniquely identified and uh uh represented by your three Temple which uh basically consist of your system IP address uh link color and your encapsulation so when I talk about encapsulation this is mainly your U uh gr and your G or IPC next we have color uh color is mainly a um tag to identify the transport which is connected to the um Network so for example if you have a MLS or a internet we can choose what what type of color we can uh what what type of color tag we can provide it to them it might be a bus internet or private one private 2 so we have multiple color options we can the you know the customer can choose whatever color option he desires next one is site ID so a site ID is a particular physical location within the Cisco Catalyst hdan overlay Network such as your branch branch office or your data center or even your campus Network so each site is identified by unique uh integer called as a site ID and each each Cisco Edge device at the site is identified by the same site ID so when so when we are within the data center all the devices within the data center will have the same site and typically it'll be cons same site within that next we have our system IP address so um each Edge router or Catalyst controller is assigned with a system IP address so this is this is uh this is mainly to identify the physical system independent of any uh interface devices or in know so interface addresses so this address is very similar to our router ID or your U you know router ID which is there on your ospf or any other uh you know routing protocol so this system ID also provide a permanent Network overlay addresses for the edge router as well as your controllers and it also allows the physical interface to be renumbered as needed whenever uh so you know without actually affecting the reachability of the device next we have the org name org name is the name which is assigned to the sdan overlay fabric um it is so it is a case sensitive and must match the organization name which is configured all over the uh devices in your network um it is it is used to define the organization uh unit or your qu which is uh which is a field which has to be matched in the certificate Authority process when you are actually generating a certificate next we have our VPN uh which is your virtual private Network so this is basically to provide segmentation this is mainly like your uh um vrf when are traditional world so this is mainly there to provide segment in your you know the San fabric so the VPN numbers are a 4bit integer with the value starting from 0 to 65,535 wherein VPN Z is reserved for transport VPN uh so it it you know it contains the interfaces that connect to the van transport and U it provides a secure TLS and dtls connection to the control components as well likewise VPN fight well is reserved for the management VPN uh this is mainly used to carry out any out of band management traffic and um two two two and four from your uh you know Cisco devices the rest we the rest of the vpns from 1 to 6 65 U 535 are used as your um are are are there as your uh uh segment uh land land segments VPN know which can be used as a service VPN so next let's understand uh the fabric operates walk through here so here the Cisco sdan manager and the controller initially uh contacts and U uh authenticates the validator so like like we saw in the previous slide right the once once once the uh once the edge devices comes inside the fabric uh from the authenticator so sorry the Val Val validator um once once once it is there it will uh form uh permanent DLS tunnels to the V smart which is there the controller so once the controller is formed um the next thing is it will form IPC tunnels between your Edge devices to all the edge devices so by default all the so it's a full full mesh sdan topology is a full mesh it will form IP set tunnels to uh all the all the all the routers which are available in the fabric once the IP set taly form uh next the bft comes into picture so bft is by Direction forward which which runs between U which which runs inside the IPC tunnel so um this is mainly to uh give the liveliness of the circuit it also gives us a loss latency and Jitter information as well so once the bft is established next comes your land land Dev uh land segments or your service VPN like in this case we have VPN and VPN 1 and VPN 2 so VPN 1 might have a a subnet VPN 2 might have a b subnet so once the same VPN um so the same same service VPN is established on the other side of the man vanet the route the O update will be shared across uh from the controllers so by by default the V smart will share the OM updates to all the available s devices again this can be modified using your policies so that's the overview or the fabric walk walk through of how the um how the San uh fabric might look like once once once everything is set up so next we have our policy framework as you all know that the Cisco you know Catalyst sdan solution follows the sdn principles and separates the control plane and the data plane and and based on uh what what we have uh categorized in this policy type so we have first thing is centralized and localized policy so centralized policy allow us to manipulate the whole over it's an overlay of the fabric in a centralized fashion and the localized ones usually are given the ability to manipulate only a particular device or a location so because the um so because the control and data plane are separated centralized policies are also separated into centralized uh control policy which which mainly affects the control plane operation and centralized data policy that that directly affect the forwarding uh forwarding of this packets so the centralized control and data policies we uh we we can configure directly from our manager and uh and we can go ahead and apply this particular SD um so no this this this particular policy for our vsms and uh vs smarts again we go ahead and deplo it on our Ed devices now let's talk about the localized uh control policy so it has again localized control and data policy we can again configure from the we V uh you know the manager and in this case the manager itself directly go and attach uh this particular configuration on your device template so once it attaches to the device template the configuration will be pushed directly to the device so localized control policy uh is also called as route policy which allows for a manipulation of bgp OPF for ejrp routing behavior on a particular site and a localized data policy here is U is is as uh in as a form of access list or Qs control policy that can be configured on the router directly now let's talk about uh how do we uh onboard one so before that I want to uh show you this slide which which mainly talks about the routing portfolios so here we have uh the branch U Branch portfolio which which includes your ISR 1 case and uh uh you know ISR 4ks we have our aggregator which includes ASR and Catalyst 8500 and we also have a virtual uh virtual routers as well so in this case we have 8 case and isrs one case so for the onboarding option we have some prerequisite so the first thing is obviously the controller uh has to have reachability or Edge has to have reachability with the validator because uh the validator is the first point of contact right so that is the basic requirement the second thing is the authorized wet should be Whit listed and uploaded to the controllers so when I say Whit listed the The Edge serial number should be in the um so so uploaded in the PNP portal or else the PNP portal should be uh the PNP or the edge white the certificate serial number should be there in the B manager and all the other controllers third Point here is the manage device Dev must be in a valid state or a St U staging certificate state so here we we have three stages one is your invalid State and staging State and valid state which can be uh controlled on your manager so here it should be you know either in valid or staging stage for the device to come online and the final one is uh so this is an optional one wherein we can gohe and create a template for uh the device so that as soon as the device comes into the fabric the template will be automatically attached and uh it can um you know it can push the complete configuration of the device all right so in this slide we're going to discuss how we can onboard uh your new hardware devices which is uh which which is your green green field deployment and uh we have three simple methods for onboarding uh Hardware uh here so the first one here is Plug and Play All right so in plugin play um the first one here is plugin play so as soon as the customer buys a device the serial number will automatically get uh populated in the PNP portal so if at all the vmanage has connectivity with the PNP portal or else the smart account credentials is uploaded or uh saved in the vmanage the the new serial number will automatically get reflected in the device list of the on the manager so once that is done all the all so all we have to do is out of the box we can just connect that router uh to a DHCP enabled uh uh internet connection and the uh the helper address on the device will be automatically configured and it will reach out to the Cisco PNP uh validator so once it reaches out to the validator the valid edor will redirect this particular uh device and it checks within uh its white list if at all this device is valid or not once it's you know once it's validated it will see which uh which which company validator or what is the IP address of the validator of that particular company and then it will forward this particular Edge device to that uh validator and the validator again validates it with the white list and uh once it's validated it will send the uh controller IP address which which is your uh wart and your manager IP address to the edge device and it will also inform those controllers saying that one of the edge device bearing with this uh certificate ID will be uh coming will be reaching out to come online and this is a valid one so once once that is done and if at all there is any uh certificate uh sorry uh no so any template which is configured the manager us will automatically attach a template and that particular device will come on there so this is a completely automated plug andplay onboarding method the second method we have is U the bootstrap method so in this method again the PNP process Remains the Same uh so as soon as we so as soon as the customer purchases uh the certificate will the serial number will automatically reflect in the PNP portal uh so in this case what we can do is we can go and uh um generate generate a template for this particular device and uh for that device uh there will there will be an option to download the bootstrap configuration so bootstrap configuration is the basic configuration which is needed like your system information your uh you know your or name uh system IP address all these things can be downloaded directly from the bootstrap configuration and this can be copied to USB and uh it can be copied onto the router so the router can boot in and it can uh uh with that with the configuration which is available it can directly reach out to the validator and the third option is manual onboarding so again uh it's the same process but in this case instead of having a direct uh PNP portal connected to the manager we can download the CSV file uh which contains the serial number and the chassis number of the edge devices and we can go and upload that in the man manager uh GUI so that the manager will be uh aware of this and the manager gives us an option to share this information across all the uh other controllers like the validator and the vsmart so once we do that uh we can again go ahead and download the bootstrap configuration and copy it onto the USB uh USB device and upload it onto the uh Edge Edge device to bring that edge device online so that's about the hardware device now the next one is the virtual devices so again we have three methods um all so most most of the things are the same except that in a virtual device there will there won't be any serial number which is uh attached right so in this case we have to do a manual me method here uh wherein we have to add activate we can in so we'll have to copy the chassis number and the token ID from the uh B manage and then we you know we need to copy this particular information onto the uh Edge Edge device so apart from this we also need to copy the uh root root certificate information and we need to install the root certificate on the edge device so only only after this uh The Edge device will will be validated by the validator and then it can come online uh so that's it I add the presentation uh you know on part of the presentation I would like to call upon Peter to demonstrate the sdan manager walk through and talk about device onboarding over to you Peter thank you um for the presentation Now give me a second let me share my screen let me know scin is visible yes we can see it thank thank you okay so um here is the V manage dashboard so when you log to your V manage there is the first screen you see so on the main dashboard or the overview dashboard here you have your controllers here you have one V Bond you have two V smart and one V manage so basically the overview is just to tell you or to give you like a summary of your sd1 Fabrics the stust of each of your system for example you have the numbers of controllers you have in your fabric for example have one vbond two V smart and one V manage then here you can see in the middle here you have the numbers of one edges those are your sd1 routers or your branch routers and to right of that you have a ceric certificate status so if you have anything like an issue with a particular certificate certificate is about to expire or I see problem certificate is not properly installed then you are going to be you're going to be seeing that notification here then the next one here you have the licensing so you can see the numbers that are assigned and the ones that are not assigned tell you that there some licenses that they are yet to be assigned and you can see the numbers of time the V manager has been rebooted for the last 24 hours then if you go below that here you can see the one hedge Health here showing the the health of your one edges so here you can see that you have four of them and then everything is doing to tell you that they help he of your one edges are fine then you can see the the the BFD connectivity here and then the site you can see here you are having BFD connectivity so here it tells you that the tunnels are fine the B connection is up and everything is all good uh Hey here yeah I'm sorry to interrupt you uh there seems to be a little problem with your audio it sounds a little poor I don't if maybe it's might be a connection issue um we just thought I I'd mention that in case uh we have a way maybe uh trying to get that improved if possible okay okay can you hear me now yes I I can hear you it just sounds it just sounds the the it sounds a little off uh your audio okay sorry sorry about that no no worries okay so um so for the transport interface distribution so for the trans interface distribution you have the the megabytes here so this is just telling you that this how the interfaces that you have on all your one edges so this is not like a particular one Edge this like the summary of all of your one edges and it's telling you what is the transport distribution that you have 10 megab 100 megab this is what showing here and you can also click on The View details to to get more information and in addition to that you can see the one Edge inventory the 21 edges be rized these are the one that serial numbers have been uploaded and approved and then these are the deployed ones these are the ones that are currently the control connection is all and then for the staging you don't have anything here so meaning everything is completely deployed then for the transport Heth in the middle here you can see your latency so if you have loss G and latency in your transport that basically your one faing interfaces maybe NS 4G whatever the transport you are using is going to be showing you what is the the percentage of loss that you have there and you can also check here you can see that you can choose based on whatever criteria you want to check so you can be for latency and you can also get for for dter so if you click on this you can it will show you the dter information and that also helps you to to know how the transport is actually performing here then for the top used application you can also see that for application that is mostly being used in your network down below that you have your application wear out and that is if if you have this configured in your environment then you be getting information about the application I wear outing the average digital latency basically everything about the the performance of of your tunnel as relating to the application routing and configuration that you have in your sd1 so at the top right here you have some other icons here that you can make use of for example here this one looks like a cloud is for your Cloud deployment so if you want to do the cloud on for s for multi Cloud so these are all kind of tools that you can use to maybe extend your sd1 fabric to your cloud and this is basically to monitor your Cloud host basically your s applications in the cloud and then that gives you a a better um monitoring feature int features of maybe checking to get elim and all of that to choose the best tunnel or the best transport to use to actually route um data to a particular end point which is a start end point then another one here is for the task so if you have pending T active T you can see tag that have completed here and the one that is not completed this one that is active that is on going you can also see there and then you have the notification here and in the middle here you have help where you can maybe check some information and all of that so that is for the overview then if you look below that under monitor you can see here we have monitor overview you have devices tunnels so this is more of like a quick way of navigating through to just get like a monitoring information of all of these so for the devices if you click on that you can see some maybe elth information regarding that particular those devices you have so you can see the Ved here can see for the V manage you can see the health the system IP the reability and then you can get the B Smart Control connection so this shows that you are not actually having issues here and the BFD is also up here and the same thing for the tunnel and then security also you can see inspected traffic drops traffic and then disability in terms of be signature and then URL free train so these are basically monitoring information for for your security so if if you've configured the security for the um what was it called now for monitoring security here this is what you see so let's come to the menu here so on on the menu side if you click on the B menu here yeah I'm sorry uh your art quality uh still seems a bit uh a bit robotic do do you know if there's a way to maybe explore to see maybe we can enhance it a bit like if maybe we can change a a headset or or something just to kind of help uh help the the quality improve okay so let me let me just turn find next thank you so much and apologies to to our audiences as well as we work through this uh hope I'm sounding clearer now the audio is better now oh yes actually much better okay so coming to the um menu here you see the monitoring the configuration so for the area of configuration you have your template this where you configure template for devices you have your feature template for example and then you have your device template so for the feature template you can features like for example maybe for a particular device you just scroll through device you select the devices that you want to configure so you can see you have several devices listed here so for example let's say you want to configure a c 83,000 here you can just click on that and then you select the the feature that you want to configure so here you have security your bpn interfaces you click on that and then that takes you to that particular feature configuration and then you can see the I address the information that you can actually configure here you can see the ik information and these are basically features that that that you configure so when you are done with that you can go ahead and and save it for that particular device or for that platform then after you done with that then you can now have coming together of those templates and then becoming a device template so here you can see that we have some device template that already been configured for example the branch type 2 template VH here the first one on the line we can see that we have like 20 feature template that is already here there are no devices attached here already so but that tells you that this particular template is already being scheduled so once the device comes online you you attach it and when the device comes online this is going to be pushed to the device then for this one here is already this this one is already attached we can see for the CSR here so we have like 22 feature template so to attach this to a device all you need to do is just to click on this three dot air points here and then you go to attach device so when you click on attach device you going to select the device on the left that you want to attach it to and then click the arrow button in the middle and then you can click on attach so with that that this particular thing is going to to load and then click on next and then you click on configure device which in this case is going to you can see here seeing that the template configuration is in progress and then that is going to be attached to that device so that is for the flow for you to actually associate that so you can see that this is already been scheduled validation is successful here so once this device comes online what happens is this configuration is going to be pushed to that device then aside from that then you have the for example for policies my colleague mentioned something about centralized policies and then you also have the localized policies so here you can see where you can add Central policy you have some preconfigured policy you can add policy here and then you can choose maybe color maybe for custom application so this is where you select your group of Interest maybe site or tlog or SL class you want to configure for Q and then you can so then you you now associate maybe voice and all of that so this is basically the workflow then you have you have the maybe the the membership and all of that so here is where you actually work through to to configure centralized policy then for the localized policy all you need to do is just to to select the U the localized policy and then you can also add the policy that is going to be pushed directly to the devices then also we have for your maybe for example for the device on boarding if you go to the configuration here and then click on devices so we can see here you have the the one Edge list here you can either upload your one Edge list here which is like you are wh listing the device so you have which my colleague mentioned earlier about device white listing so all you need to do is just to upload a csb file and then you upload them here and this the configuration is going to be replicated to be pushed to be to to other controllers then also you can export your bootstrap configuration and then that that can be added to the the your devices and that can be used as an initial configuration to boot and connect to the maybe to the PMP and then from there to direct that to your organizational um validator to be added to your fabric so the this are all options that you can also use to do that then for control rers you also have options on adding controllers also so we can see here you just click on ADD you're adding the vbond or Vs Smart you just select the on that that you want to add and then you can add that to the fabric then another thing is you have here the maintenance tool now for the maintenance to is basically to do maybe you are going to do software upgrade you are using a maybe a older version you want to upgrade this is where that happens so you can do your upgrade here and then upgrade your maybe here you have the software repository which you upload here is where you upload your your um current images for V manage image maybe you are using a older version and you want to down or you have downloaded you want to upload the newest version this where you upload it so you come to the the software images and then you can add there so you can just add that here and then you also have the virtual images where you can upload over like your UTD engine for your security and then for the software images this is where you add to your V manage basically upload maybe your your V vbond and then your vsmart images and then you can now upload it here then aside from that also then you can do the upgrade also here aside from that we also have the V analytics here whereby you can you can connect directly to V analytics and then if you have that already integrated you can then go through that and check your analytics information to to have more indepth monitoring there then we also have tools in the two sections you can actually connect directly you can SSH to your one edges or your V manage here you can see on the left here we have several of them we have the V manager whereby all you need to do just click on that and then it's going to take you to the SSH terminal whereby you can log in with your information so here you don't need to maybe install maybe a tool on your laptop or whatever so this is actually integrated so you don't don't need to worry about installing any SS to so all you need to do just come to that section and then you can actually connect through S so that's if you want to maybe run some CLI and all of that so that is that is also there then in also in addition to that you also have your configuration whereby you can make security configuration your certificate and then you have the Cloud deployment which is your Cloud around for S your a and then your multic Cloud so if you're extending to the cloud you can easily also configure it from here so here these are the workflows that you actually go through to configure that so that is that so with that um I'm going to be handing over to my colleague to continue with us over to you R awesome thank you so much uh Prine and Peter for that excellent presentation and demonstration and I just want to apologize to our audience as well for that uh uh issue with the with the audio we apologize for that um before we uh dive into some FAQs I just wanted to take a quick moment to cover a few resources um for our audience uh just for your convenience we do have a few helpful links that you can refer to at your convenience uh we have a few recommended guides as well as a very active and helpful community that focuses on sdwan and Cloud networking so if you have any related questions we do encourage you to participate in this community um for your reference I'm going to go ahead and post a link into the uh chat window there uh so please feel free to save them or bookmark them uh at a later time uh at your convenience and um and and thank you all so much um now with that said um let me go ahead and take a look at our Q&A uh it looks like we actually don't have any remaining questions from our audience so um I I think we can go ahead and and wrap up for for today I just want to give a again just a very big thanks to our presenters Pina Peter for speaking and presenting this topic to our audience I hope that everyone found uh value and in the information resources that we shared here today uh and for our attendees if you do have any additional questions about today's topic we do encourage you to participate in our online post womer discussion you are actually going to be redirected there upon exit uh but the link uh is has been posted into the chat window um but just in case you missed it I'm going to go ahead and repost it in there uh momentarily for you so we do look forward to your partic participation and a quick reminder that you will receive a short popup survey as soon as you exit and we would be grateful if you can just take a few minutes to complete it and let us know today's present um how you like today's presentation we we always look forward to receiving your valuable feedback and for those who might be interested in revisiting this session we will have the live stream available immediately for on demand viewing and the links have also been posted into the chat window but I'm going to go ahead and repost them there for your reference uh in case you missed them a little bit earlier today thanks again to our presenters to our panelist and to all of our attendees for joining us here live I hope you all enjoy the rest of your day thank you so much