Cisco Secure Edge (Umbrella) SIG Integration With Cisco SD-WAN

This demonstration is designed to give you a quick overview of the integration between Cisco Secure Edge (formerly Umbrella) and SD-WAN. Below is a more detailed discussion of the configuration used in this video demonstration. Always consult the product documentation to ensure your configuration settings are correct for your deployment.

1. Generate an API/Secret Key pair from the Umbrella Dashboard.

2. (recommended) For DNS Security, configure the vManage feature template for VPN 0 to use Umbrella DNS servers.

3. (optional) Add your Smart Account credentials to vManage to enable automatic retrieval of Cisco Secure Edge Organization ID, (Registration) API Key, and Secret.

4. Confirm NAT is enabled on your outbound public interface, if it is not configured then add NAT to the Cisco VPN Interface feature template.

5. Configure a Cisco SIG Credentials feature template either manually enter the Umbrella Organization ID, Registration Key, and Secret or use the 'Get Keys' button if you completed Step 3.

6. Configure a Cisco Secure Internet Gateway (SIG) feature template. Define up to two IPsec tunnels, set the IKEv2/IPsec parameters, and identify your active and backup pair.

7. Add a service route to the SIG in the Cisco VPN feature template you would like to redirect Internet traffic to.

8. Attach the feature templates to the device templates you wish to deploy the Cisco Secure Edge SIG on.

9. Confirm in the Cisco Secure Edge Dashboard that your tunnels are active.

10. You are ready to begin configuring your security policy using Umbrella!