The SD-WAN Test Drive is a fully operational SD-WAN environment that you can use to familiarize yourself with the EdgeConnect platform and Orchestrator management interface. If this is your first time using Silver Peak SD-WAN, we’ve provided this simple guide to help orient you with some of the major features within the product. Please follow along with the guide below and enjoy.
The dashboard is the first thing you’ll see when accessing Orchestrator. Upon login, administrators are presented with a detailed snapshot of their network. From here they can launch into advanced visibility and reporting to gain a more in-depth view of specific sites, top applications, and any potential issues that need to be addressed across their networks.
Figure 1: Orchestrator Dashboard view
The Health Map provides a simple way to visualize the health of your entire network, without digging through logs, alarms, and reports. Administrators are presented with a 7-day view that allows them to see possible issues such as underperforming sites or circuits, configuration issues, network outages and lingering performance issues.
Figure 2: Health Map view for all selected appliances
Business Intent Overlays (BIOs or Overlays) are the key construct when configuring and deploying a business-driven SD-WAN. Administrators define the organization’s key requirements for different classes of applications, QoS and security policies, ensuring consistency of policy enforcement across the network. Overlays allow you to delegate application routing, security, and optimization policies across your entire SD-WAN fabric.
Figure 3: Business Intent Overlays page showing all virtual network overlays
Figure 4: Overlay configuration showing how policies are configured for traffic to route across your global Wide Area Network (WAN)
Figure 5: Overlay configuration showing how policies are configured for traffic routing to the Internet and cloud-based services
Templates provide an easy way to standardize and automate the process of making changes across the entire network, providing a single, centralized point of orchestration and management. Making changes to QoS, DNS, NTP, or zone-based firewall policies is done through a simple set of templates and then pushed out and maintained across all sites on the network.
Figure 6: Shaper Policy template
First-packet iQ™ enables you to identify, classify, and automatically steer millions of applications on your network, while constantly staying up-to-date with Cloud Intelligence. If there are internal applications that need to be classified, they can also be added here and propagated across the entire SD-WAN fabric for visibility, security, and control.
Figure 7: Application definitions
Silver Peak is focused exclusively on enabling customers to build a better WAN. This focus extends to a broad ecosystem of technology alliance partners. Two key focus areas include security and public cloud IaaS partnerships.
This entire Demo runs on AWS infrastructure, while any combination of Azure, Google Cloud, and Oracle Cloud are also supported. Silver Peak has also integrated the EdgeConnect platform with Microsoft Office 365 and Microsoft virtual WAN.
For security, Silver Peak has fully automated integration with Check Point Software and Zscaler with support for a number of other leading security partners. For this lab, Zscaler has been configured with a subscription and API key. Once provided, Orchestrator will locate the two closest ZEN nodes for each EdgeConnect appliance and automatically build primary and secondary tunnels to them.
Figure 8: Zscaler internet access
Administrators can see every active session or recently closed sessions across the entire SD-WAN fabric. The appliances selected on the left tree return information on all flows/sessions currently active (or ended). Administrators can also filter based on any of the fields above the table for more granular results.
Imagine a situation where a user or site reports an issue with an application. The Flows page helps to quickly filter and identify the affected traffic, the exact rules that are being matched (look at the details section of any flow), and app performance feedback. This detailed information feeds into all pages in the monitoring section
Figure 9: Flows tab showing all active flows from all EdgeConnect appliances
A business-driven SD-WAN should use all available paths in the best combination possible, which goes against using legacy routing protocols that install a single best path. During a customer’s migration to SD-WAN, or for peering with MPLS and other providers, BGP is a great way to maintain reliable connectivity and interoperability.
On the BGP screen below, you will see a single peering relationship on the Ohio appliances.
Figure 10: BGP information for Ohio 1 Region Hub
On the Configuration > Routes page, administrators can quickly identify which EdgeConnect appliance is advertising a given route, whether that route was originated by the appliance or learned from BGP (or OSPF), and additional details about the route (tags, etc.)
Figure 11: Routes page
Ready to talk? Contact us and we’ll be in touch.
Other Silver Peak training and certification programs are available here: HPE Aruba Networking Education Services