Control Plane Connection Protocol

D.

In Cisco SD-WAN, the control plane connection is responsible for the exchange of control and management information between the SD-WAN nodes in the network. The control plane connection uses a secure protocol to ensure confidentiality, integrity, and availability of the data exchanged.

The default protocol for the control plane connection in Cisco SD-WAN is DTLS, which stands for Datagram Transport Layer Security. DTLS is a variation of the Transport Layer Security (TLS) protocol that is specifically designed for use with datagram protocols such as User Datagram Protocol (UDP), which is used in SD-WAN.

DTLS provides the same security features as TLS, including authentication, encryption, and data integrity checks. However, because UDP does not provide reliable delivery of packets, DTLS includes additional features to ensure that the data is delivered reliably and in order. DTLS also includes mechanisms to prevent replay attacks and to protect against denial-of-service (DoS) attacks.

Although HTTPS and TLS are commonly used for secure communication over the internet, they are not typically used for the control plane connection in SD-WAN. IPsec is another secure protocol that is commonly used in SD-WAN, but it is typically used for securing the data plane traffic rather than the control plane traffic.