Cisco Catalyst 8000V SD-WAN & Router - PAYG - DNA Advantage

Cisco Catalyst SD-WAN has been in use for a year and a half, which is when we first started deploying it. We are now finalizing that deployment in our environment and are almost exclusively switching over from our old SD-WAN solution to the Cisco-based one.

I appreciate the control that we have with Cisco Catalyst SD-WAN. With the previous solution that we had, we could not build independent tunnels to each SD-WAN appliance, as they were all aggregated. Now we have considerably more freedom. We no longer have to speculate whether one thing going down means we lose an entire region of the firm; instead, everything is site-by-site based.

Cisco Catalyst SD-WAN helps us specifically through the control of policies. With Catalyst, we are able to build out these policies at a regional level. Rather than relying on a centralized location, we have been able to distribute this across the country. We are able to target bigger regions and optimize traffic flow for those specific regions instead of being locked into whatever the previous vendor was providing us.

For our environment, there are some bugs with how we interpret data in terms of circuit usage, for example. This has been on our to-do list for a while because it has been broken. We have not been able to get it to work quite right specifically for our environment. We have been trying to get support and push for that resolution because for our metrics, it is valuable. Having a blank screen instead of this data can be intimidating, so we are trying to get that fixed.

I have been working in my field professionally for about three years.

Cisco Catalyst SD-WAN has been fine for the most part. We tend to play it safe and use versions that have been tested more thoroughly, rather than necessarily old versions. Issues we might have run into stem from us being out of date, such as wanting to implement and use something that was actually on a newer version that we just had not had time to upgrade to.

I would rate Cisco's operational efficiency in my IT environment very highly. At this point, we are almost an entirely Cisco-based organization, and everything that we operate on for the most part is Cisco-based. We have good support from Cisco, and I think we are happy with how everything is going.

Before, our solution was VMware VeloCloud, which was then purchased by Arista recently, and that is what we are switching away from.

I was not involved with the pricing, setup cost, and licensing too much. We did run into some licensing issues in the beginning, but it was through the vendor and the provider that we were using, not necessarily a Cisco thing. If that had not been involved, the process would have been smoother.

The increased uptime with Cisco Catalyst SD-WAN has been a return on investment.

We have been focusing on fast deployment and then going back to tweak policies and figure out which features we want. I would rate this review a 10.

The main use case is WAN connectivity.

The features that I like the most about Cisco Catalyst SD-WAN are that it is secure, cheaper, and once you know it, it's easy to deploy.

An example of how these features have benefited our organization is that we have reduced latency and we can troubleshoot faster for packet loss and jitter.

I think Cisco Catalyst SD-WAN could be improved because too many vulnerabilities come up, so upgrading it is a challenge, and the hardware keeps changing; we moved from Viptela 1K to 2K, then again to the Cisco Catalyst router, so it's an expense.

We have been using Cisco Catalyst SD-WAN in our new company for eight years.

Cisco Catalyst SD-WAN scales with the growing needs of our organization at a level of eight.

I evaluate the customer service and tech support as good support.

Before adopting Cisco Catalyst SD-WAN, a decision had already been made regarding the solution when I was onboarded.

I describe the experience with deploying Cisco Catalyst SD-WAN as initial deployment taking some time, but once deployed, it's easy to roll out changes.

My experience with pricing, setup cost, and licensing is that it is very tedious.

Cisco does not optimize the experience in a hybrid or distributed enterprise setup for us since we don't have hybrid; it's all on-premises.

We face no specific challenges with hybrid and distributed enterprise networks because we don't have hybrid networks.

My impression of the end-to-end visibility offered by Cisco is that it is a managed solution, and while we reach out to our managed vendor for visibility, I think it is something we should explore more; during troubleshooting, we don't use that tool as much as we would prefer.

I give this review an overall rating of nine.

I have used Cisco Catalyst SD-WAN as a customer. I am a customer of Cisco, and I have been a customer rather than a partner of Cisco.

The features are useful, but it is more about how insightful these features are and how easily you are able to understand the flow and mitigate a threat. Although those features exist in Cisco Catalyst SD-WAN, the lack of visibility makes it very difficult to find out what precisely is being monitored through the advanced threat prevention features of Cisco Catalyst SD-WAN Viptela solution. The features are undoubtedly useful, but at the end of the day, it boils down to how easily you can see the insights provided by the solution. I feel Cisco slightly lacks in that aspect. It could be because the hardware itself is a router with added security functionality, while in Fortinet or Palo Alto, those systems are intrinsically firewalls with security capabilities built-in, and routing added on top. Hence, the visibility part in those solutions is better compared to Cisco Catalyst SD-WAN, since it is not a logging device.

I have found some other solutions more insightful and user-friendly as compared to Cisco Catalyst SD-WAN, but the basic SD-WAN functionality is good enough. I am using it only because it was done as a pilot project, specifically for my 60 to 70 sites. For the majority of the sites, I am using Fortinet's Secure SD-WAN solution and I found that more viable and more in alignment with my requirements.

For example, there is not any Internet Service Database available in Cisco Catalyst SD-WAN intrinsically. If I want to write a policy based on applications, I am not able to write it, at least in Cisco Catalyst SD-WAN Viptela deployment that we have done, and that is fairly easy to do in Fortinet. The second issue is the logging capability. I think the visibility that Fortinet Secure SD-WAN has is not even comparable. Cisco Catalyst SD-WAN does not provide that sort of insight or control as far as traffic steering is concerned.

With respect to the SLAs, I barely know which sort of SLAs are violated in Cisco Catalyst SD-WAN, so I do not have clear visibility on where the traffic is moving from at my spoke or hub locations. I believe Fortinet gives me a very clear picture of where the traffic is going. Overall visibility, whether it is data traffic or logs, is much better in Fortinet compared to Cisco Catalyst SD-WAN.

The complexity of Cisco Catalyst SD-WAN Viptela is noticeable and quite complicated to configure. If something breaks, you have to involve TAC and others to fix it. On the contrary, you can work with underlays. Even if your IPsec overlay tunnel is down, it does not impact your production. Thus, we find Fortinet's solution significantly better than Cisco Catalyst SD-WAN solution.

I have used Application-aware Routing in Cisco Catalyst SD-WAN. However, I found it to be very complicated, especially regarding policy writing. For my breakout of VC traffic, we had to write a bunch of IP addresses for Zoom, Webex, and others. Presently, it can only identify Webex as an application, and I highly doubt whether there is any application identification for Zoom and other platforms, as we were not able to find it during our implementation. It is done through static whitelisting of the IPs, which is not a scalable solution since IPs can change at any time. Overall, the application-aware routing policies are not as flexible and scalable as the Internet Service Database feature of Fortinet provides.

The struggles encompass policy writing, logging capabilities, traffic visibility, and complex configuration. There is also the issue of load balancing. We have faced considerable challenges with traffic load balancing between the links. Although the SLA targets are configurable, understanding how traffic flows is challenging, making troubleshooting exceedingly difficult. Overall, I find it a quite complicated solution with not that much operational usability.

I have been working with Cisco Catalyst SD-WAN for close to two and a half years now.

The basic functionality and the control connections created are complicated, and a simple issue in the control connections between the fabric causes numerous complexities that demand extensive troubleshooting time.

It is done through static whitelisting of the IPs, which is not a scalable solution since IPs can change at any time.

The complexity of Cisco Catalyst SD-WAN Viptela is noticeable and quite complicated to configure. If something breaks, you have to involve TAC and others to fix it.

We are using Cisco Catalyst SD-WAN infrastructure primarily because we have invested in it after using ISR 4K routers and the legacy IWAN solution, which is the predecessor of SD-WAN, Intelligent WAN. Since the devices still have an operational life left, we want to leverage that.

I have already settled with Cisco ISE after visiting the website a few months ago where I researched Cisco ISE and other Cisco products. I have already procured the Cisco ISE solution. There are some other products as well. We are using Cisco ACI as well. Cisco ACI stands for Application Centric Infrastructure. Cisco Catalyst SD-WAN Viptela is also being used and we are using Cisco ACI as well. I am not sure how Cisco Catalyst SD-WAN supports cloud environments because our deployment is on-premises. Therefore, I cannot comment on the vAnalytics and other solutions that could enhance security or visibility since I have not used them myself. My overall review rating for this product is four out of five.

In my view, Cisco Catalyst SD-WAN would be less effective when it comes to SD-WAN functions compared to Versa.

The overall operability of Versa is better than Cisco Catalyst SD-WAN. As a seller, I still find Cisco Catalyst SD-WAN to be a little complicated.

The ease of use, interface, and implementation are better with Versa.

Functionality-wise, both Versa and Cisco Catalyst SD-WAN possibly would be at par. I would not comment on that for sure, but from the deployment perspective, I still feel Versa has got an easy interface to get things managed.

The integrated threat protection and end-to-end encryption features in Cisco Catalyst SD-WAN are good.

More or less, it's the same with Cisco in terms of complexity and pricing, so there's not much of a difference. They might want to consider incorporating features seen in Versa or other competitors to improve their points.

I would rate the technical support by Cisco as nine out of ten.

That's even a little bit better than what Versa has, because Cisco engineers can be found everywhere compared to Versa. This is an advantage that they carry.

Cisco Catalyst SD-WAN is positioned ideally where customers already have Cisco routers and other equipment, making migration to Cisco Catalyst SD-WAN easier. In these use cases, Cisco Catalyst SD-WAN is very competitive.

When discussing application-aware routing features, this is a standard feature all the OEMs are offering.

Cisco Catalyst SD-WAN would be more expensive compared to Versa. I have been a partner and reseller of both Versa and Cisco.

I rate Cisco Catalyst SD-WAN eight out of ten.

The main use cases for Juniper vSRX would be primarily for a data center scenario device, and there's a significant focus on the other core elements.

Cisco Catalyst SD-WAN's main use cases for us will be data center deployment for enterprise level.

The most useful feature for Cisco Catalyst SD-WAN is the single pane of glass management because we also use Meraki onsite. It's a standard Cisco solution, and because Cisco is who they are and what they can provide, we use Cisco for compute and network, and we use NetApp for storage, so that's what we generally do.

I have absolutely seen scenarios where the decentralized management capability improved operations and workflows.

There's nothing I could put my finger on right away for improvements in Cisco Catalyst SD-WAN. There is definitely nothing that Juniper does that Cisco doesn't do. Cisco will do everything Juniper does and then some. The negative, or the downside of Cisco is the knowledge base; you need to be a little bit more tech-savvy and network-savvy to work with Cisco, while Juniper is a lot more user-friendly from what I can see, especially in terms of configuration and any kind of roll back. But in terms of market leaders, Cisco is capable of doing anything you want it to do, as far as I can see.

I have just recently been working with Juniper.

I have contacted Cisco support for one-on-one support for a very unique or bespoke configuration where there are a lot of rules and policies going on in the background, maybe some interconnecting or conflicting with one another, but in terms of the actual product or problems with the product, nothing I'm aware of.

I would consider Cisco support a 10 out of 10.

In my experience, customers are realizing the return on investment with Cisco in 12 months. Within the year, I've done work with customers in the last couple of years that we've upgraded from Avaya six to Cisco Catalyst SD-WAN in a Cisco network environment, and they are now back to do that with the remainder of their company, so they've realized the value in 12 months and are willing to invest in the remainder of their organization.

I am working on the Juniper vSRX solution.

I work with switches, routers, firewalls, and any IT consultant tasks, and I work at the core. I have a CCNA, and I'm actually doing a Juniper certification exam in 3 hours, so I continually work on upskilling, as part of what I do.

If it's enterprise level, you'll deploy your Cisco Catalyst SD-WAN in a couple of hours. You can draw it down there if you've already got a Catalyst or an existing environment. If you are starting up from scratch, it's hard to put a timeframe on it because it depends on criteria, but if you're replacing something with a Cisco Catalyst SD-WAN and you know what you're doing along with using the CLI and your backups, a couple of hours would be plenty of time, a half a day or maybe a little bit more wouldn't hurt.

There are AI features, and I'm not 100% privy to them because I just haven't been involved in that element, but they do exist.

I would rate Cisco Catalyst SD-WAN an eight.

My title is Information Technology Consultant at a company named Island Networks.

Cisco Catalyst SD-WAN is a software-defined network solution. I primarily use it for managing switches in campus networks.

With Cisco Catalyst SD-WAN, I can automate processes, ensure network assurance, and configure network settings. The tool offers centralized management, which enhances visibility for both wired and wireless end users, and security with features like micro-segmentation.

I have used Cisco Catalyst SD-WAN for five years.

I have experienced difficulties with plug-and-play deployments in older versions of Cisco Catalyst SD-WAN, but I believe this issue was resolved in the new release.

Stability-wise, the tool works well with no complaints about stability issues or technical errors.

The technical team is very competent. In my opinion, they are much better compared to Aruba, which is a positive point for Cisco.

The initial setup was challenging, especially for plug-and-play deployments, but improvements have been made in newer versions. Full deployment takes a few weeks.

I have used some competition from Aruba.

I would rate Cisco Catalyst SD-WAN eight out of ten.

I am working on different projects and catering to various types of clients in the private sector, specifically for medium-sized businesses.

With Cisco Catalyst SD-WAN, I appreciate the flexibility of its functions and the pricing. It offers various modules that can be changed and integrated with the core and other solutions. It also provides robust security features, including port security, analysis, mirroring, and multiple other security solutions.

The durability of the switches could be improved. In the past, Cisco devices had a longer lifespan. Now, they change frequently, making it difficult to obtain long-term support.

I have used Cisco Catalyst SD-WAN for three or four years.

The first and second level of technical support, which is local in Peru, is average. However, the principal third-level support is very good.

The initial setup was moderately easy, rating between seven and eight out of ten.

The deployment was carried out by a team of four or five technicians.

The pricing of Cisco Catalyst SD-WAN is rated between eight and nine out of ten, where ten is the most expensive.

I would recommend Cisco Catalyst SD-WAN as it is a good product. It is suitable for medium to enterprise levels. I would give the overall solution a nine.

The primary use case for Cisco SD-WAN is the standard configuration across all sites, facilitated by templates. This solution helps in the ease of management and compliance configuration, which is deployed everywhere.

It also simplifies troubleshooting and provides full mesh topology for branch connectivity to data centers. All branch locations, along with central locations, are on SD-WAN and gathered in the data center. Many customers combine it with local Internet breakout for SaaS applications.

The valuable features of Cisco SD-WAN include its security policies and zone-based firewall that are applied to every site, as well as application-aware routing. Security is standard compliant, eliminating config drift that was prevalent before manual configurations. Application-aware routing offers flexibility in using different lines for traffic, depending on the policy implemented.

The main area for improvement in Cisco SD-WAN is the lack of documentation, which often lags behind the software releases. This is especially notable since Cisco acquired the solution and is still integrating it into its overall environment.

I have been using Cisco SD-WAN for the last three years.

I would rate Cisco SD-WAN an eight out of ten for stability. While some software-related issues and bugs were encountered, they did not cause the whole environment to crash. Sites were able to continue functioning, although there were limitations in making changes at those times.

The ease of configuration and features like zero-touch provisioning enhance the scalability of Cisco SD-WAN, especially in disaster recovery situations. I would rate scalability a nine out of ten. The initial implementation faced some issues, but it has improved with newer software versions.

The customer service and support for Cisco SD-WAN are satisfactory, rated as eight out of ten.

However, Cisco's ongoing reorganizations have affected the quality of technical support, which varies depending on the engineer handling cases.

Before Cisco SD-WAN, I used traditional MPLS or eVPN, IPVPN networks. The switch was made for easier management and standard compliance, which is enforced by the SD-WAN product itself.

The initial setup involves getting the underlay and controllers in place to migrate from the old to the new network. I deployed in parallel, allowing both networks to coexist, and then migrated sites to the new central control plane.

For a complete project, we had two central administrators and designers, along with three or four teams managing the remote locations. The process took approximately one year to migrate about 280 sites.

The pricing for Cisco SD-WAN is rated eight out of ten, with some variability depending on the reseller discounts and the size of the enterprise. It is also relatively cost-effective for smaller businesses when using the Meraki version.

We evaluated other solutions but chose Cisco SD-WAN due to its flexibility, support for our requirements, and the preference of many of our customers who were already using Cisco-based solutions.

I would recommend working out detailed use cases and requirements before implementation. Cisco SD-WAN is quite flexible, however, without a solid foundational design, users might struggle with too many options, leading to a poor rollout design.

Overall, I rate Cisco SD-WAN as nine out of ten.