Sold by: Cisco Systems, Inc.Â
Deployed on AWS
Free Trial
The DNA Advantage Package for Catalyst 8000V (C8000V) includes all DNA Advantage feature sets and delivers multi-gigabit performance for enterprise-class networking services & VPN in the AWS cloud, as well as twice the IPSec throughput with IMIX packets.
Overview
As part of Cisco's Cloud connect portfolio, the DNA Advantage package for Catalyst 8000V (C8000V) delivers the maximum performance available in AWS cloud for virtual networking services. Deliver high-speed secure VPN services with High Availability, strong Firewall protection, Application Visibility & Control, and more... This AMI runs Cisco IOS XE technology features and uses AWS instances with direct I/O path for higher & more consistent performance. The C8000V with full Cisco IOS-XE support enables customers to deploy the same enterprise-class networking services that they are so used to in their on-prem networks inside AWS. This AMI enables enterprise-class Routing, VPN, High-Availability, Firewall, IP SLA, VPC Interconnection, Application Visibility & Control, Performance Monitoring, Optimization. he familiar IOS XE CLI and RESTful API ensures easy deployment, monitoring, troubleshooting, and service orchestration.
If you are using the Cisco Cloud Services Router 1000V (CSR 1000V) virtual router in autonomous mode, then you may want to use the GUI-driven migration tool to migrate those instances to Cisco Catalyst 8000V (C8000V) instance. This migration uses AWS CloudFormation template based automation to spin-up a new instance of Catalyst 8000V and copy the configuration files from the CSR 1000V instance. You can batch migrate up to ten CSR 1000V instances in one go. The migrated instances will include the enhanced "secure object storage" feature in C8000V that stores all sensitive configuration information in an encrypted file system inside the VM. See the http://cs.co/c8000v-aws-migration-tool chapter in the Catalyst 8000V Configuration Guide for AWS for more details.
Highlights
- Enterprise-class VPN in AWS that's faster, cheaper, and more scalable than other VPN solutions. Manage both sides of your VPN for greater security. Familiar IOS-XE based VPN supports the same commands, tools, and logs as other Cisco Catalyst 8000 platforms.
- More secure, reliable, and cost effective than native VPN. Feature-rich: IPSec, DMVPN, FlexVPN, GETVPN, EZVPN, SSL VPN, Zone-Based Firewall, and more...
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux Cisco IOS XE
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c5.large Recommended | $2.34 |
c5n.xlarge | $4.12 |
c5.xlarge | $2.52 |
c5n.18xlarge | $7.573 |
c5.4xlarge | $4.12 |
c5.2xlarge | $3.29 |
c5n.4xlarge | $5.95 |
t3.medium | $2.34 |
c5n.2xlarge | $4.12 |
c5.9xlarge | $4.12 |
Vendor refund policy
None
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
Complete the following steps to launch a Catalyst 8000V (C8000V) AMI: 1. Locate the C8000V product page by searching the AWS Marketplace for 'C8000V'. 2. On the C8000V product page, click the 'Continue' button. 3. Use either the 'Launch with EC2 Console' tab to complete the deployment of a C8000V AMI. Select the correct version and region, and click the 'Launch with EC2 Console' button. 4. The Launch Instances Wizard will open. Select the desired instance type and click 'Next'. 5. Select your desired VPC environment in the 'Network' pull-down menu. 6. Select your desired IP subnet for the first C8000V network interface in the 'Subnet' pull-down menu. 7. Add any additional network interfaces, and select the appropriate subnet for each to connect to. 8. Click 'Review and Launch', and then review the information for correctness. 9. If the information is correct, click 'Launch', and then either select an existing key pair to use for authentication, or create a new key pair. If you create a key pair, make sure to download and save the private key. 10. Click 'Launch Instances'. 11. From the AWS Console, wait for your instance to indicate a state of 'running'. It may take a few moments after that point, before you can connect to your C8000V instance. Connect to your instance using an SSH client, and the private SSH key selected or created earlier in these steps. Example: ssh -i mykeypair.pem ec2-user@myhostname.compute-1.amazonaws.com . 12. See notes for further instructions.
Support
Vendor support
Cisco TAC support services for Pay As You Go is available for purchase through any Cisco Partner. Cisco Partner Locator: https://locatr.cloudapps.cisco.com/WWChannels/LOCATR/openBasicSearch.do . Support Community: https://supportforums.cisco.com/community/csr-amazon . A 30-day free trial period is included for first-time users. For questions or to obtain C8000V AMI access to the GovCloud region, contact ask-csr-aws-pm@cisco.com .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Cisco Systems, Inc.
By Juniper Networks
By Palo Alto Networks
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Virtualization
Supports enterprise-class virtual networking services with full Cisco IOS-XE technology features
VPN Capabilities
Comprehensive VPN support including IPSec, DMVPN, FlexVPN, GETVPN, EZVPN, and SSL VPN protocols
Security Architecture
Integrated zone-based firewall with secure object storage and encrypted configuration file system
Performance Optimization
Multi-gigabit performance with direct I/O path and enhanced throughput for network services
Management Interface
Supports RESTful API and familiar IOS XE CLI for deployment, monitoring, and service orchestration
Network Security Services
Advanced firewall solution with core firewall, VPN, NAT, and L4-L7 security services
Threat Protection
Intrusion detection and prevention (IPS) with application visibility and control through AppSecure
Cloud Integration
Native integrations with AWS services including Elastic Load Balancer, CloudWatch, Security Hub, and Amazon GuardDuty
Routing Capabilities
Advanced cloud-grade routing with IPsec and full mesh VPN termination services
Protocol-Level Protection
Anti-virus capabilities detecting and blocking malware across POP3, HTTP, SMTP, and FTP protocols
Network Traffic Inspection
Advanced layer-7 application visibility and control with comprehensive traffic inspection capabilities
Threat Prevention Technology
AI/ML-powered security engine with researcher-grade signatures for detecting known and zero-day threats
Cloud Security Integration
Native integration with AWS infrastructure components including Gateway Load Balancer, Auto Scaling, and Transit VPC
Dynamic Policy Management
Automated policy application using AWS tags, Application IDs, User IDs, geographies, and network zones
Deployment Flexibility
Seamless deployment through EC2 instance creation workflow with cloud-native form factor
Standard contract
No
No
No
Customer reviews
4.3
3 ratings
3 AWS reviews
|
17 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Henry Rosenstiehl
Comprehensive support and ease of implementation enhance operational efficiency
Reviewed on Jun 24, 2025
Review from a verified AWS customer
What is our primary use case?
The main use cases for Cisco Catalyst SD-WAN are in the retail sector and enterprise. The product is used for Cisco routing, specifically for configuring traffic engineering with protocol BGP.
What is most valuable?
With Cisco Catalyst SD-WAN, I have centralized orchestration and management. The transport independence of MPLS or connectivity and internet connectivity is another excellent feature. End-to-end segmentation is also provided.
I use the application-aware routing feature. Cisco Catalyst SD-WAN supports dynamic police-based routing decisions based on application type or different performance metrics such as jitter or latency.
The benefit of that feature is that it improves user experience. The principal benefit of application-aware routing is that critical applications are prioritized or routed over the best performing paths to reduce outages and service degradation. There is full visibility of applications.
Cisco Catalyst SD-WAN has integrated security features which include base firewall, URL filtering, IPS, and secure segmentation, and it supports integration with other Cisco products such as Umbrella or Snort. This feature is beneficial for the client because the information is secure.
It is important that Cisco Catalyst SD-WAN supports cloud, on-premises, and hybrid environments for my organization because it allows for scalability and faster deployment in the cloud. It reduces operational needs because I don't need to manage physical controller hardware, and updates and maintenance can be centralized and automated.
The zero-touch provisioning feature is very important for the speed of deploying new branch locations. I can deliver the device to the branch, and it is important because simplified deployment makes the implementation start more easily since devices are auto-configured and authenticate without manual intervention.
What needs improvement?
Cisco can improve Cisco Catalyst SD-WAN by simplifying licensing and platform integration with other Cisco products such as Catalyst Center or solutions with Meraki.
A license needs to be permanent for me. The client feels that it is very expensive.
For how long have I used the solution?
I have used Cisco Catalyst SD-WAN for two years.
I have experience with the Cisco Provider Connectivity Assurance, but I haven't configured it. I am currently working in pre-sales.
How are customer service and support?
I would rate Cisco's support, their customer service, and technical support as excellent. The support of Cisco is very good, and the attention is immediate.
How would you rate customer service and support?
Positive
What other advice do I have?
I have sixteen years of work experience in enterprise architecture with Cisco, including networking, switching, routing, and solution SD-Access.
AWS is the main cloud provider in my use cases.
My company, Sonda, is a Gold partner of Cisco.
I am a solution architect at Sonda.
I rate this solution 10 out of 10.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Wayne Kilbride
Support and management capabilities deliver strong client satisfaction
Reviewed on May 15, 2025
Review provided by PeerSpot
What is our primary use case?
The main use cases for Juniper vSRXÂ would be primarily for a data center scenario device, and there's a significant focus on the other core elements.
Cisco Catalyst SD-WANÂ 's main use cases for us will be data center deployment for enterprise level.
What is most valuable?
The most useful feature for Cisco Catalyst SD-WAN is the single pane of glass management because we also use Meraki onsite. It's a standard Cisco solution, and because Cisco is who they are and what they can provide, we use Cisco for compute and network, and we use NetApp for storage, so that's what we generally do.
I have absolutely seen scenarios where the decentralized management capability improved operations and workflows.
What needs improvement?
There's nothing I could put my finger on right away for improvements in Cisco Catalyst SD-WAN. There is definitely nothing that Juniper does that Cisco doesn't do. Cisco will do everything Juniper does and then some. The negative, or the downside of Cisco is the knowledge base; you need to be a little bit more tech-savvy and network-savvy to work with Cisco, while Juniper is a lot more user-friendly from what I can see, especially in terms of configuration and any kind of roll back. But in terms of market leaders, Cisco is capable of doing anything you want it to do, as far as I can see.
For how long have I used the solution?
I have just recently been working with Juniper.
How are customer service and support?
I have contacted Cisco support for one-on-one support for a very unique or bespoke configuration where there are a lot of rules and policies going on in the background, maybe some interconnecting or conflicting with one another, but in terms of the actual product or problems with the product, nothing I'm aware of.
I would consider Cisco support a 10 out of 10.
How would you rate customer service and support?
Positive
What was our ROI?
In my experience, customers are realizing the return on investment with Cisco in 12 months. Within the year, I've done work with customers in the last couple of years that we've upgraded from Avaya six to Cisco Catalyst SD-WAN in a Cisco network environment, and they are now back to do that with the remainder of their company, so they've realized the value in 12 months and are willing to invest in the remainder of their organization.
What other advice do I have?
I am working on the Juniper vSRXÂ solution.
I work with switches, routers, firewalls, and any IT consultant tasks, and I work at the core. I have a CCNA, and I'm actually doing a Juniper certification exam in 3 hours, so I continually work on upskilling, as part of what I do.
If it's enterprise level, you'll deploy your Cisco Catalyst SD-WAN in a couple of hours. You can draw it down there if you've already got a Catalyst or an existing environment. If you are starting up from scratch, it's hard to put a timeframe on it because it depends on criteria, but if you're replacing something with a Cisco Catalyst SD-WAN and you know what you're doing along with using the CLI and your backups, a couple of hours would be plenty of time, a half a day or maybe a little bit more wouldn't hurt.
There are AI features, and I'm not 100% privy to them because I just haven't been involved in that element, but they do exist.
I would rate Cisco Catalyst SD-WAN an eight.
My title is Information Technology Consultant at a company named Island Networks.
Rachid-Rachidi
Automated processes and centralized management improve visibility and security
Reviewed on Apr 25, 2025
Review provided by PeerSpot
What is our primary use case?
Cisco Catalyst SD-WANÂ is a software-defined network solution. I primarily use it for managing switches in campus networks.
What is most valuable?
With Cisco Catalyst SD-WANÂ , I can automate processes, ensure network assurance, and configure network settings. The tool offers centralized management, which enhances visibility for both wired and wireless end users, and security with features like micro-segmentation.
For how long have I used the solution?
I have used Cisco Catalyst SD-WAN for five years.
What was my experience with deployment of the solution?
I have experienced difficulties with plug-and-play deployments in older versions of Cisco Catalyst SD-WAN, but I believe this issue was resolved in the new release.
What do I think about the stability of the solution?
Stability-wise, the tool works well with no complaints about stability issues or technical errors.
How are customer service and support?
The technical team is very competent. In my opinion, they are much better compared to Aruba, which is a positive point for Cisco.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup was challenging, especially for plug-and-play deployments, but improvements have been made in newer versions. Full deployment takes a few weeks.
Which other solutions did I evaluate?
I have used some competition from Aruba.
What other advice do I have?
I would rate Cisco Catalyst SD-WAN eight out of ten.
Marco Flores
Provides robust security with flexibility and customizable integration
Reviewed on Apr 14, 2025
Review provided by PeerSpot
What is our primary use case?
I am working on different projects and catering to various types of clients in the private sector, specifically for medium-sized businesses.
What is most valuable?
With Cisco Catalyst SD-WANÂ , I appreciate the flexibility of its functions and the pricing. It offers various modules that can be changed and integrated with the core and other solutions. It also provides robust security features, including port security, analysis, mirroring, and multiple other security solutions.
What needs improvement?
The durability of the switches could be improved. In the past, Cisco devices had a longer lifespan. Now, they change frequently, making it difficult to obtain long-term support.
For how long have I used the solution?
I have used Cisco Catalyst SD-WANÂ for three or four years.
How are customer service and support?
The first and second level of technical support, which is local in Peru, is average. However, the principal third-level support is very good.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup was moderately easy, rating between seven and eight out of ten.
What about the implementation team?
The deployment was carried out by a team of four or five technicians.
What's my experience with pricing, setup cost, and licensing?
The pricing of Cisco Catalyst SD-WAN is rated between eight and nine out of ten, where ten is the most expensive.
What other advice do I have?
I would recommend Cisco Catalyst SD-WAN as it is a good product. It is suitable for medium to enterprise levels. I would give the overall solution a nine.
Igor Van Den Ouden
Enables secure and flexible branch connectivity with application-aware routing
Reviewed on Dec 10, 2024
Review provided by PeerSpot
What is our primary use case?
The primary use case for Cisco SD-WANÂ is the standard configuration across all sites, facilitated by templates. This solution helps in the ease of management and compliance configuration, which is deployed everywhere.Â
It also simplifies troubleshooting and provides full mesh topology for branch connectivity to data centers. All branch locations, along with central locations, are on SD-WAN and gathered in the data center. Many customers combine it with local Internet breakout for SaaS applications.
What is most valuable?
The valuable features of Cisco SD-WANÂ include its security policies and zone-based firewall that are applied to every site, as well as application-aware routing. Security is standard compliant, eliminating config drift that was prevalent before manual configurations. Application-aware routing offers flexibility in using different lines for traffic, depending on the policy implemented.
What needs improvement?
The main area for improvement in Cisco SD-WAN is the lack of documentation, which often lags behind the software releases. This is especially notable since Cisco acquired the solution and is still integrating it into its overall environment.
For how long have I used the solution?
I have been using Cisco SD-WAN for the last three years.
What do I think about the stability of the solution?
I would rate Cisco SD-WAN an eight out of ten for stability. While some software-related issues and bugs were encountered, they did not cause the whole environment to crash. Sites were able to continue functioning, although there were limitations in making changes at those times.
What do I think about the scalability of the solution?
The ease of configuration and features like zero-touch provisioning enhance the scalability of Cisco SD-WAN, especially in disaster recovery situations. I would rate scalability a nine out of ten. The initial implementation faced some issues, but it has improved with newer software versions.
How are customer service and support?
The customer service and support for Cisco SD-WAN are satisfactory, rated as eight out of ten.Â
However, Cisco's ongoing reorganizations have affected the quality of technical support, which varies depending on the engineer handling cases.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Before Cisco SD-WAN, I used traditional MPLS or eVPN, IPVPN networks. The switch was made for easier management and standard compliance, which is enforced by the SD-WAN product itself.
How was the initial setup?
The initial setup involves getting the underlay and controllers in place to migrate from the old to the new network. I deployed in parallel, allowing both networks to coexist, and then migrated sites to the new central control plane.
What about the implementation team?
For a complete project, we had two central administrators and designers, along with three or four teams managing the remote locations. The process took approximately one year to migrate about 280 sites.
What's my experience with pricing, setup cost, and licensing?
The pricing for Cisco SD-WAN is rated eight out of ten, with some variability depending on the reseller discounts and the size of the enterprise. It is also relatively cost-effective for smaller businesses when using the Meraki version.
Which other solutions did I evaluate?
We evaluated other solutions but chose Cisco SD-WAN due to its flexibility, support for our requirements, and the preference of many of our customers who were already using Cisco-based solutions.
What other advice do I have?
I would recommend working out detailed use cases and requirements before implementation. Cisco SD-WAN is quite flexible, however, without a solid foundational design, users might struggle with too many options, leading to a poor rollout design.Â
Overall, I rate Cisco SD-WAN as nine out of ten.
Which deployment model are you using for this solution?
On-premises