SD-WAN is designed to support which two network topology types? (Choose two.)
SD-WAN is designed to support which two network topology types? (Choose two.)
SD-WAN is designed to support both hub-and-spoke and full-mesh network topology types. Hub-and-spoke topology is where all traffic passes through a central hub before reaching its destination, which is efficient for hierarchical organizational structures. Full-mesh topology allows each site to communicate directly with every other site, providing high availability and redundancy. These two topologies are the primary types deployed in SD-WAN environments to achieve flexibility, scalability, and optimized network performance.
SD-WAN supports a full mesh topology, in addition to the hub-spoke topology. The mesh can consist of branches with or without hubs. Use full mesh when the branches need to communicate with each other directly. https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-new-features/sd-wan-features/sd-wan-full-mesh-vpn-cluster-with-ddns-service.html BC
BC The CloudGenix SD-WAN supports both hub-and-spoke and limited scale full-mesh designs managed through a cloud-based portal. https://www.paloaltonetworks.nl/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/guides/pan-os-secure-sd-wan-deployment-guide
I think it is A and B Full Mesh SD-WAN VPN topology is not supported in PAN-OS 9.1.0. https://docs.paloaltonetworks.com/sd-wan/1-0/sd-wan-admin/configure-sd-wan/create-a-vpn-cluster.html
Its actually only support Hub-Spoke. The question should be asking for only 1 answer instead of 2. Based on the document you provided, "Only Hub-Spoke VPN cluster type is supported in PAN-OS 9.1.0."
peer to peer is basically hub-spoke with only one peer. If you can't connect to a single peer you can't form hub-spoke. IMHO
BC https://docs.paloaltonetworks.com/sd-wan/3-0/sd-wan-admin/configure-sd-wan/create-a-vpn-cluster
https://docs.paloaltonetworks.com/sd-wan/3-0/sd-wan-admin/configure-sd-wan/create-full-mesh-vpn-cluster-with-ddns
https://docs.paloaltonetworks.com/plugins/vm-series-and-panorama-plugins-release-notes/panorama-plugin-for-sd-wan/sd-wan-plugin-200/features-introduced-in-sd-wan-2-0.html B&C - With 2.0.2 sd-wan plugin it supports full-mesh in addition to hub and spoke type
B & C are the most accurate answers, as per this doco https://www.paloguard.com/datasheets/sd-wan.pdf --> "Palo Alto Networks supports multiple SD-WAN deployment options, including mesh, hub-and-spoke, and cloud-based deployments."
B and C correct
https://docs.paloaltonetworks.com/plugins/vm-series-and-panorama-plugins-release-notes/panorama-plugin-for-sd-wan/sd-wan-plugin-200/features-introduced-in-sd-wan-2-0.html With 2.0.2 plugin it supports full-mesh in addition to hub&spoke. So, the answer should be B&C
I think the real question about this question is this referring to SD-Wan in general or PAN's version of it?
it is very tricky question, seems like PA does not support full-mesh and only support Hub&spoke topology, however I would say that or either question is wrong or we can consider going VPN clustering as full-mesh (logically) if not, just hub and spoke, C this doc said that full mesh is not supported: https://docs.paloaltonetworks.com/sd-wan/1-0/sd-wan-admin/configure-sd-wan/create-a-vpn-cluster.html and this said that p2p is supported https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/features-introduced-in-pan-os-9-1/sd-wan-features so I will go A and C
woops correct myself A-B p2p and Hub&spoke
Correct ans: BC http://www.paloguard.com/datasheets/sd-wan.pdf
I guess you are correct yashishinde it says Mesh is supported, or it will be supported soon. There is some conflict between the current documentation and the datasheet.
Correct: A,C Hub-and-Spoke is the default topology for PaloAlto SD-WAN Auto VPN Topology Creation - VPN clusters simplify the creation of complex VPN topologies using logical groupings of branches and hubs to accelerate the configuration and deployment of secure communications between all locations. (I guess this could be considered full-mesh but only in the logical sense.) https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/features-introduced-in-pan-os-9-1/sd-wan-features Full mesh is not supported in PAN-OS version 9.1.0 https://docs.paloaltonetworks.com/sd-wan/1-0/sd-wan-admin/configure-sd-wan/create-a-vpn-cluster.html