System Topology Diagram

The primary use case for managing the Next-Generation Firewall (NGFW) capabilities of Catalyst SD-WAN through Security Cloud Control is to streamline and centralize security management across Cisco's security products.

The following topology diagram illustrates the integration of Catalyst SD-WAN with Security Cloud Control and other cloud services. It shows the flow of information and interactions between various components.

Note	The Cisco Catalyst 8000 and Secure 8000 devices are collectively referred to as the 'Secure Router' hereafter.

• Security Cloud Control: A central point for security policy enforcement and event correlation. It reads NGFW policies and security objects from the onboarded Catalyst SD-WAN Manager and allows customers to modify these NGFW configurations. It also sends queries to Cisco Security Analytics and Logging cloud data store for events.

• Cisco Catalyst SD-WAN consists of:

  • Catalyst SD-WAN Manager: Manages the SD-WAN fabric and shows NGFW policies and security objects on the Security Cloud Control when onboarded to it. The Catalyst SD-WAN Manager sends the event data received from the Secure Router to SD-WAN Analytics.

  • SD-WAN Analytics: Provides analytics data to the Security Services Exchange.

  • Secure Router: The SD-WAN edge device.

• Cisco Security Analytics and Logging Cloud Data Store: A cloud-based repository for security analytics and logging data. It receives security events and logs from the Security Services Exchange, which obtains the analytics data from the SD-WAN Analytics engine.

• Security Services Exchange: A cloud-based platform designed to facilitate the integration, communication, and management of various Cisco security services. It sends security events and logs received from the SD-WAN environment and forwards them to the Cisco Security Analytics and Logging Cloud data store.