500-470 Exam Dumps : Cisco Enterprise Networks SDA, SDWAN and ISE Exam for System Engineers

Some of the statements that are true regarding Cisco SD-WAN license tiers are:

• With Pro license, control and data policies are supported2. This license tier enables network operators to define and enforce policies for traffic shaping, quality of service (QoS), application optimization, and security2.
• With Plus license, split-tunnel is supported3. This license tier enables network operators to use split-tunneling technology to route traffic through different paths based on application or user preferences3.
• With Enterprise license, vAnalytics is included4. This license tier enables network operators to use vAnalytics feature to collect and analyze data from various sources such as endpoints, applications, devices, networks, and cloud services4.

Cisco ISE is a network access control solution that uses policy-based decision making to determine if a device is allowed access to the network and, if allowed, what level of access this device is given1.Cisco ISE can also provide authentication, authorization, and accounting (AAA) through the RADIUS protocol and device administration through TACACS+ service1.

Some of the use cases of Cisco ISE are:

• Access Control: Cisco ISE can grant and control the right level of network access for both wired and wireless devices by employing mainly the 802.1x protocol and EAPoL (EAP over LAN)1.Cisco ISE can also use MAC authentication bypass (MAB) to authenticate devices that are unable to use the EAP protocol1.Additionally, Cisco ISE can integrate with Microsoft Active Directory for confirming user identity1.
• Assurance: Cisco ISE can monitor and troubleshoot the various features on ISE and analyze trends of the network activities from a centralized admin node2.Cisco ISE can also provide reports on user andentity behavior analytics (UEBA), enterprise mobility management/mobile device management (EMM/MDM), security incident and event management (SIEM), and segmentation34.
• Monitoring: Cisco ISE can provide endpoint visibility with context by collecting and analyzing data from various sources such as endpoints, users, applications, devices, networks, and cloud services4.Cisco ISE can also provide real-time alerts and notifications on security events and anomalies4.

SD-WAN is a software-defined approach to managing the WAN that offers several capabilities, such as:

• The separation of management plane, control plane and data plane to enable horizontal scaling. This means that the SD-WAN solution can decouple the network functions from the underlying hardware and distribute them across different layers and locations. This allows for greater flexibility, scalability, and resilience of the network12
• Cloud hosted or on-premise fully redundant management and control plane functions. This means that the SD-WAN solution can provide centralized and cloud-based management and control of the network, as well as the option to deploy them on-premise for more control and security. This enables the SD-WAN solution to offer consistent policies, visibility, and analytics across the network, as well as the ability to automate network operations and orchestration13

The other options are not SD-WAN solution capabilities, but rather features or benefits of specific SD-WAN solutions, such as:

• Trust roll branch turn up for easy provisioning and new installations. This is a feature of Cisco Catalyst SD-WAN, which enables zero-touch provisioning and automated configuration of branch devices, as well as the ability to trust the identity and security posture of the devices3
• Ability to provide and integrate security with complementary products and applications. This is a benefit of Cisco Catalyst SD-WAN, which offers integrated security capabilities, such as full-stack multilayer security, cloud-delivered security, and SASE-enabled architecture. This enables the SD-WAN solution to provide real-time threat protection and compliance across the network3

References :=

• What Is SD-WAN? - Software-Defined WAN (SDWAN) - Cisco
• SD-WAN Solution - Cisco Catalyst SD-WAN Solution Overview
• What is SD-WAN? - Software-Defined WAN | VMware