nerdexam
Exams300-415Questions#41
Cisco

300-415 · Question #41

300-415 Question #41: Real Exam Question with Answer & Explanation

The correct answer is C: vEdge at the hub. To insert a firewall service at the hub in a Cisco SD-WAN fabric, the service FW address is configured on the hub vEdge router.

Security and Quality of Service

Question

On which device is a service FW address configured to insert firewall service at the hub?

Options

  • AvSmart at the branch
  • BvEdge at the branch
  • CvEdge at the hub
  • DvSmart at the hub

Explanation

To insert a firewall service at the hub in a Cisco SD-WAN fabric, the service FW address is configured on the hub vEdge router.

Common mistakes.

  • A. vSmart controllers are responsible for policy orchestration, not for forwarding user data plane traffic or hosting service appliances at the branch.
  • B. The question specifies inserting the firewall service 'at the hub,' making a branch vEdge router an incorrect device for this configuration.
  • D. vSmart controllers define and distribute policies but do not participate in the data plane forwarding or host data plane services like firewalls.

Concept tested. Cisco SD-WAN service chaining and hub vEdge

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/vmanage/vmanage-20-4/vmanage-security-config/vmanage-security-config.html#concept_gnl_s3y_qtb__service_chaining

Topics

#SD-WAN Service Insertion#Firewall Integration#vEdge Router#Hub Deployment

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-415 Practice