Co-written with Sunil Kishen, Principal Program Manager at Microsoft Azure Networking. Sunil is product lead for Azure Virtual WAN and Cisco-SDWAN joint solution as well the Azure Networking Managed Services Partner (MSP) Program.
Sunil can be reached at sunil.kishen@microsoft.com.

At the center of the rapidly transforming digital landscape in front of us sits our workloads and ability to access them. For the past 10 years, Microsoft Azure has enabled enterprises across the globe to build, test, deploy, and manage their applications and to ultimately succeed in their respective digital journeys. However, the reason why more than 95% of Fortune 500 companies choose Azure for their hybrid cloud and IaaS needs is not based on past success but rather based on a focused innovation. The partnership between Cisco and Microsoft Azure has continued the history of innovation to unlock an exponential increase in value to customers.

Cisco SD-WAN Cloud OnRamp for Infrastructure-as-a-Service (IaaS) will seamlessly integrate with Microsoft Azure Virtual WAN, with Public Preview starting on Sept 21st , 2020. This integration allows customers to extend their Cisco SD-WAN to their Microsoft Azure Cloud and access Azure enterprise workloads with little or no additional configuration.

Cloud OnRamp and Virtual WAN

Released in 2016, the Cloud OnRamp for IaaS feature of Cisco SD-WAN has enabled customers to create transit virtual networks, bring up SD-WAN edge virtual routers, and interconnect them. However, the solution is an “over-the-top” solution which plans the networking in the underlay and thus does not have access to all capabilities that can further simplify cloud deployments.

The Virtual WAN integration between Cisco and Microsoft has evolved our solution by  extending the Cisco SD-WAN fabric directly into the Azure Virtual WAN. The integration will enable users to automatically connect to other networking gateways and routers within the Virtual WAN hubs (e.g. ExpressRoute, IPSec VPN gateways, Azure Firewall), and push and pull policies or requirements to the Hub in the Virtual WAN as a site within Cisco SD-WAN.

Fig. 1: Hybrid WAN Architecture with Azure Vitual WAN and Cisco SD-WAN

Leveraging Azure Virtual WAN in this manner means that users of Cisco SD-WAN can benefit from enhanced WAN performance without sacrificing security, which is always of utmost concern, especially at the intersection of the cloud and the network.

“We are excited about the Microsoft partnership and the availability of the new Cisco SD-WAN Cloud OnRamp solution with Microsoft Azure vWAN. The enhanced SDWAN and vWAN integration simplifies cloud deployments by automating site-to-site configuration and provides visibility into the end-to-end flow within Azure,” says JL Valente, Vice President of Product Management for Cisco Enterprise Networking.

Tad Brockway Corporate Vice President, Azure Networking at Microsoft said,

“We’re excited about Cisco SDWAN’s native intergration with Azure Virtual WAN which allows customers to securely connect Azure-based applications from all branches. Cisco SD-WAN allows customers to automate the connectivity of virtual networks, making deployments in Azure simpler. Azure vWAN with Cisco SD-WAN Cloud OnRamp, now enables the enterprises to extend the SD-WAN fabric for consumption of Azure cloud workloads by intelligently automating the transit VNET and instantiation of cloud workload networking.”

Joint Solution Benefits

Cisco Cloud OnRamp provides enterprises with a high-performance alternative to MPLS/internet hybrid architecture while maintaining connectivity, continuity and reliability across a multi-cloud environment.

Azure Virtual WAN is a networking service that brings many Azure networking, security, and routing functionalities together and provides a single operational interface to setup global secure access and connectivity into Azure.

Integration of Cisco Cloud OnRamp with Azure Virtual WAN provides the following key benefits:

  1. Preserves Cisco SD-WAN advanced features by enabling a “book-ended” SD-WAN connectivity with Azure Virtual WAN.
  2. Provides enhanced resiliency for the Cisco SD-WAN router that is deployed in the Virtual WAN hub by providing the same resiliency and orchestration features as other native networking services in the Virtual WAN.
  3. Enables no hassle routing via routing integration and BGP peering between Azure Virtual WAN hub router and Cisco SD-WAN router in the same hub.
  4. Enables automatic any-to-any connectivity thus enabling SD-WAN branches to automatically connect to Virtual WAN spoke Vnets and other non SD-WAN branches.

Current SD-WAN customers will be able to unlock the Cloud OnRamp capability from their vManage panel, giving them the ability to use the same policy, security, and other SD-WAN policies for all Cisco SD-WAN devices — whether on-premise or in a cloud. With this partnership, Cisco SD-WAN Cloud OnRamp provides end-to-end automation from branch to cloud connectivity through Microsoft vWAN, resulting in an enhanced user experience.

If you’re looking for the best way to integrate on-premises locations (such as branches and data centers) with the Azure cloud infrastructure, reach out to us today for more information about our best-in-class cloud-delivered enterprise solutions to maximize agility and flexibility.

To participate in the public preview of the new Cisco and Azure integration, contact us today: Contact Public Preview Release Team

Learn More:


Ian McLaughlin

Product Manager

Cloud Networking