"The WAN Edge routers form a permanent Datagram Transport Layer Security (DTLS) or Transport Layer Security (TLS) control connection to the vSmart controllers and connect to both of the vSmart controllers over each transport"
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-design-guide.html
Looks like it is B...
The WAN Edge routers securely communicate to other WAN Edge routers using IPsec tunnels over each transport. The Bidirectional Forwarding Detection (BFD) protocol is enabled by default and runs over each of these tunnels, detecting loss, latency, jitter, and path failures.
B is correct
Transport Layer Security (TLS) is used to secure the control plane communications between the SD-WAN components, such as vSmart controllers, vEdge routers, and vBond orchestrators.
This ensures that the control plane messages are encrypted and authenticated, providing a secure communication channel for the distribution of routing and policy information.
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/security/ios-xe-17/security-book-xe/m-security-overview.html#:~:text=Control%20plane%20encryption%20is%20done%20by%20either%20DTLS%2C%20which%20is%20based%20on%20the%20TLS%20protocol%2C%20or%20TLS.%20These%20protocol%20encrypt%20the%20control%20plane%20traffic%20that%20is%20sent%20across%20the%20connections%20between%20Cisco%20Catalyst%20SD%2DWAN%20devices%20to%20validate%20the%20integrity%20of%20the%20data.
In Cisco SD-WAN, the protocol implemented to establish secure control plane adjacencies between nodes is "TLS (Transport Layer Security)".
This protocol is commonly used to secure communication channels and establish secure connections between devices in various networking environments, including SD-WAN deployments.
On one hand, I see this "Key management: Edge routers generate symmetric keys that are used for secure communication with other edge routers, using the standard IPsec protocol."
reference: https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/system-overview.html
But then I see that it only references the Data Plane with IPsec when the question is asking about the control plane. I am unsure.
TLS is definitely between the controllers and edge nodes but is that what the question is asking about?
Also https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/security/vedge/security-book/security-overview.html has a diagram showing which protocols are used where.
After reading more into the link above, I am going with TLS as the answer as this is asking about the Control plane specifically. "The Cisco SD-WAN control plane has been designed with network and device security in mind. The foundation of the control plane is one of two security protocols derived from SSL (Secure Sockets Layer)—the Datagram Transport Layer Security (DTLS) protocol and the Transport Layer Security (TLS) protocol."
should choose C, in Official Cert Guide, page 634, it is written "SD-WAN router automatically establishes a secure Datagram Transport Layer Security (DTLS) connection with the vSmart controller and forms an OMP neighborship over the tunnel to exchange routing information. It also establishes standard IPsec sessions with other SD-WAN routers in the fabric. "
the question is asking about the connection between SD-WAN routers
B is correct per 31 days befpre CCNP book: "The WAN Edge routers form a permanent Datagram Transport Layer Security (DTLS) or Transport Layer Security (TLS) control connection to the vSmart controllers and connect to both of the vSmart controllers over each transport (mpls and biz-internet)."
This section is not available anymore. Please use the main Exam Page.350-401 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Ferrantee
Highly Voted 2 years, 2 months agoPureInertiaCopy
1 year, 3 months ago[Removed]
Most Recent 6 months, 1 week agocwauch
9 months agoteems5uk
11 months agoCCNPWILL
1 year, 1 month agoLungful
1 year, 4 months agoLungful
1 year, 4 months agoLungful
1 year, 4 months agoLungful
1 year, 4 months agoNLFluke
1 year, 4 months agoBingchengchen236
1 year, 4 months agodanman32
1 year, 4 months agomsstanick
1 year, 5 months agocarlovalle
1 year, 8 months agopmmg
1 year, 9 months ago