Which SD-WAN component is configured to enforce a policy to redirect branch-to-branch traffic toward a network service such as a firewall or IPS?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The component that is responsible for enforcing a policy to redirect branch-to-branch traffic toward a network service such as a firewall or IPS in Cisco SD-WAN is the WAN Edge.
Cisco SD-WAN is an overlay WAN architecture that allows organizations to use any combination of transport services, including MPLS, broadband, and LTE, to securely connect users to applications. It includes various components that work together to provide a secure and reliable network infrastructure.
The vBond orchestrator is the initial point of contact for a WAN Edge router to establish a secure DTLS tunnel with the vSmart controller. The vSmart controller is responsible for centralizing the control and management of the SD-WAN fabric. It determines the best path for traffic flows based on business policies, network conditions, and application requirements.
The WAN Edge is the component that is responsible for terminating the VPN tunnels, providing secure connectivity between branch locations and the data center, and enforcing business policies. It is a multi-function device that includes routing, security, and application optimization capabilities.
When it comes to redirecting branch-to-branch traffic toward a network service such as a firewall or IPS, the WAN Edge is responsible for enforcing the policy. It does this by using the service chaining feature, which allows traffic to be redirected to a service device before being forwarded to its final destination. The WAN Edge intercepts the traffic, sends it to the specified network service, and then forwards it to its destination.
In summary, the correct answer to the question is C. WAN Edge, as it is responsible for enforcing policies and using service chaining to redirect traffic to network services such as firewalls and IPS devices.