Overview
The Implementing and Operating Cisco Enterprise Network Core Technologies course gives you the knowledge and skills needed to configure, troubleshoot, and manage enterprise wired and wireless networks. Learn how to implement security principles within an enterprise network and how to overlay network design by using solutions such as SD-Access and SD-WAN. The automation and programmability of Enterprise networks is also incorporated in this course.
Please note that this course is a combination of Instructor-Led and Self-Paced Study - 5 days in the classroom and approx 3 days of self-study. The self-study content will be provided as part of the digital courseware that you receive at the beginning of the course and should be part of your preparation for the exam. Additional lab access will be provided at the end of the class, this will be valid for 60 hours or 90 days whichever is the shorter. It will be possible to complete all but 3 of the labs after the class.
Audience
Network engineers involved in the installation, support and troubleshooting of enterprise networks.
Learning Objectives
By actively participating in this course, you will learn about the following:
- Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers
- Compare and contrast the various hardware and software switching mechanisms and operation, while defining the Ternary Content Addressable Memory (TCAM) and Content Addressable Memory (CAM), along with process switching, fast switching, and Cisco Express Forwarding concepts
- Troubleshoot Layer 2 connectivity using VLANs and trunking
- Implementation of redundant switched networks using Spanning Tree Protocol
- Troubleshooting link aggregation using Etherchannel
- Describe the features, metrics, and path selection concepts of Enhanced Interior Gateway Routing Protocol (EIGRP)
- Implementation and optimization of Open Shortest Path First (OSPF)v2 and OSPFv3, including adjacencies, packet types, and areas, summarization, and route filtering for IPv4 and IPv6
- Implementing External Border Gateway Protocol (EBGP) interdomain routing, path selection, and single and dual-homed networking
- Implementing network redundancy using protocols including Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP)
- Implementing internet connectivity within Enterprise using static and dynamic Network Address Translation (NAT)
- Describe the virtualization technology of servers, switches, and the various network devices and components
- Implementing overlay technologies such as Virtual Routing and Forwarding (VRF), Generic Routing Encapsulation (GRE), VPN, and Location Identifier Separation Protocol (LISP)
- Describe the components and concepts of wireless networking including Radio Frequency (RF) and antenna characteristics, and define the specific wireless standards
- Describe the various wireless deployment models available, include autonomous Access Point (AP) deployments and cloud-based designs within the centralized Cisco Wireless LAN Controller (WLC) architecture
- Describe wireless roaming and location services
- Describe how APs communicate with WLCs to obtain software, configurations, and centralized management
- Configure and verify Extensible Authentication Protocol (EAP), WebAuth, and Pre-shared Key (PSK) wireless client authentication on a WLC
- Troubleshoot wireless client connectivity issues using various available tools
- Troubleshooting Enterprise networks using services such as Network Time Protocol (NTP), Simple Network Management Protocol (SNMP), Cisco Internetwork Operating System (Cisco IOS®) IP Service Level Agreements (SLAs), NetFlow, and Cisco IOS Embedded Event Manager
- Explain the use of available network analysis and troubleshooting tools, which include show and debug commands, as well as best practices in troubleshooting
- Configure secure administrative access for Cisco IOS devices using the Command-Line Interface (CLI) access, Role-Based Access Control (RBAC), Access Control List (ACL), and Secure Shell (SSH), and explore device hardening concepts to secure devices from less secure applications, such as Telnet and HTTP
- Implement scalable administration using Authentication, Authorization, and Accounting (AAA) and the local database, while exploring the features and benefits
- Describe the enterprise network security architecture, including the purpose and function of VPNs, content security, logging, endpoint security, personal firewalls, and other security features
- Explain the purpose, function, features, and workflow of Cisco DNA Center™ Assurance for Intent-Based Networking, for network visibility, proactive monitoring, and application experience
- Describe the components and features of the Cisco SD-Access solution, including the nodes, fabric control plane, and data plane, while illustrating the purpose and function of the Virtual Extensible LAN (VXLAN) gateways
- Define the components and features of Cisco SD-WAN solutions, including the orchestration plane, management plane, control plane, and data plane
- Describe the concepts, purpose, and features of multicast protocols, including Internet Group Management Protocol (IGMP) v2/v3, Protocol-Independent Multicast (PIM) dense mode/sparse mode, and rendezvous points
- Describe the concepts and features of Quality of Service (QoS), and describe the need within the enterprise network
- Explain basic Python components and conditionals with script writing and analysis
- Describe network programmability protocols such as Network Configuration Protocol (NETCONF) and RESTCONF. Describe APIs in Cisco DNA Center and vManage
Pre-Requisites
Attendees should meet the following prerequisites:
- Implementation of Enterprise LAN networks
- Basic understanding of Enterprise routing and wireless connectivity
- Basic understanding of Python scripting
Recommended Pre-Requisites
Course Contents
Examining Cisco Enterprise Network Architecture
- Cisco Enterprise Architecture Model
- Campus LAN Design Fundamentals
- Traditional Multilayer Campus Layer Design
- Campus Distribution Layer Design
Understanding Cisco Switching Paths
- Layer 2 Switch Operation
- Control and Data Plane
- Cisco Switching Mechanisms
Implementing Campus LAN Connectivity
- Revisiting VLANs
- Trunking with 802.1Q
- Inter-VLAN Routing
Building Redundant Switched Topology
- Spanning-Tree Protocol Overview
- Spanning-Tree Protocol Operation
- Spanning-Tree Protocols Types and Features
- Multiple Spanning Tree Protocol
- PortFast and BPDU
Implementing Layer 2 Port Aggregation
- Need for EtherChannel
- EtherChannel Mode Interactions
- Layer 2 EtherChannel Configuration Guidelines
- EtherChannel Load-Balancing Options
- Troubleshoot EtherChannel Issues
Understanding EIGRP
- EIGRP Features
- EIGRP Reliable Transport
- Establishing EIGRP Neighbour Adjacency
- EIGRP Metrics
- EIGRP Path Selection
- Explore EIGRP Path Selection
- Explore EIGRP Load Balancing and Sharing
- EIGRP for IPv6
- Compare EIGRP and OSPF Routing Protocols
Implementing OSPF
- Describe OSPF
- The OSPF Process
- OSPF Neighbor Adjacencies
- Building a Link-State Database
- OSPF LSA Types
- Compare Single-Area and Multiarea OSPF
- OSPF Area Structure
- OSPF Network Types
Optimizing OSPF
- OSPF Cost
- OSPF Route Summarization Benefits
- OSPF Route Filtering Tools
- Compare OSPFv2 and OSPFv3
Exploring EBGP
- Interdomain Routing with BGP
- BGP Operations
- Types of BGP Neighbor Relationships
- BGP Path Selection
- BGP Path Attributes
Implementing Network Redundancy
- Need for Default Gateway Redundancy
- Define FHRP
- HSRP Advanced Features
- Cisco Switch High Availability Features
Implementing NAT
- Define Network Address Translation
- NAT Address Types
- Explore NAT Implementations
- NAT Virtual Interface
Introducing Virtualization Protocols and Techniques
- Server Virtualization
- Need for Network Virtualization
- Path Isolation Overview
- Introducing VRF
- Introducing Generic Routing Encapsulation
Introducing Virtualization Protocols and Techniques
- Server Virtualization
- Need for Network Virtualization
- Path Isolation Overview
- Introducing VRF
- Introducing Generic Routing Encapsulation
Understanding Virtual Private Networks and Interfaces
- Site-to-Site VPN Technologies
- IPSec VPN Overview
- IPSec: IKE
- IPsec Modes
- IPsec VPN Types
- Cisco IOS VTI
Understanding Wireless Principles
- Explain RF Principles
- Describe Watts and Decibels
- Describe Antenna Characteristics
- Describe IEEE Wireless Standards
- Identify Wireless Component Roles
Examining Wireless Deployment Options
- Wireless Deployment Overview
- Describe Autonomous AP Deployment
- Describe Centralized Cisco WLC Deployment
- Describe FlexConnect Deployment
- Cloud Deployment and Its Effect on Enterprise Networks
- Describe the Cloud-Managed Meraki Solution
- Cisco Catalyst 9800 Series Controller Deployment Options
- Describe Cisco Mobility Express
Understanding Wireless Roaming and Location Services
- Wireless Roaming Overview
- Mobility Groups and Domains
- Wireless Roaming Types
- Describe Location Services
Examining Wireless AP Operation
- Universal AP Priming
- Explore the Controller Discovery Process
- Describe AP Failover
- Explain High Availability
- Explore AP Modes
Understanding Wireless Client Authentication
- Authentication Methods
- Pre-Shared Key (PSK) Authentication
- 1X User Authentication Overview
- PKI and 802.1X Certificate Based Authentication
- Introduction to Extensible Authentication Protocol
- EAP-Transport Layer Security (EAP-TLS)
- Protected Extensible Authentication Protocol
- EAP-FAST
- Guest Access with Web Auth
Troubleshooting Wireless Client Connectivity
- Wireless Troubleshooting Tools Overview
- Spectrum Analysis
- Wi-Fi Scanning
- Packet Analysis
- Cisco AIreOS GUI and CLI Tools
- Cisco Wireless Config Analyzer Express
- Common Wireless Client Connectivity Issues Overview
- Client to AP Connectivity
- WLAN Configuration
- Infrastructure Configuration
Introducing Multicast Protocols Self-study
- Multicast Overview
- Internet Group Management Protocol
- Multicast Distribution Trees
- IP Multicasting Routing
- Rendezvous Point
Introducing QoS (Self-study)
- Understand the Impact of User Applications on the Network
- Need for Quality of Service (QoS)
- Describe QoS Mechanisms
- Define and Interpret a QoS Policy
Implementing Network Services
- Understanding Network Time Protocol
- Logging Services
- Simple Network Management Protocol
- Introducing NetFlow
- Flexible NetFlow
- Understanding Cisco IOS Embedded Event Manager
Using Network Analysis Tools
- Troubleshooting Concepts
- Network Troubleshooting Procedures: Overview
- Network Troubleshooting Procedures: Case Study
- Basic Hardware Diagnostics
- Filtered Show Commands
- Cisco IOS IP SLAs
- Switched Port Analyzer (SPAN) Overview
- Remote SPAN (RSPAN)
- Encapsulated Remote Switched Port Analyzer (ERSAPN)
- Cisco Packet Capture Tools Overview
Implementing Infrastructure Security
- ACL Overview
- ACL Wildcard Masking
- Types of ACLs
- Configure Numbered Access Lists
- Use ACLs to Filter Network Traffic
- Apply ACLs to Interfaces
- Configured Named Access Lists
- Control Plane Overview
- Control Plane Policing
Implementing Secure Access Control
- Securing Device Access
- AAA Framework Overview
- Benefits of AAA Usage
- Authentication Options
- RADIUS and TACACS+
- Enabling AAA and Configuring a Local User for Fallback
- Configuring RADIUS for Console and VTY Access
- Configuring TACACS+ for Console and VTY Access
- Configure Authorization and Accounting
Understanding Enterprise Network Security Architecture (Self-study)
- Explore Threatscape
- Intrusion Prevention Systems
- Virtual Private Networks
- Content Security
- Logging
- Endpoint Security
- Personal Firewalls
- Antivirus and Antispyware
- Centralized Endpoint Policy Enforcement
- Cisco AMP for Endpoints
- Firewall Concepts
- TrustSec
- MACsec
- Identity Management
- 1X for Wired and Wireless Endpoint Authentication
- MAC Authentication Bypass
- Web Authentication
Exploring Automation and Assurance Using Cisco DNA Center (Self-study)
- Need for Digital Transformation
- Cisco Digital Network Architecture
- Cisco Intent-Based Networking
- Cisco DNA Center
- Cisco DNA Assurance
- Cisco DNA Center Automation Workflow
- Cisco DNA Assurance Workflow
Examining the Cisco SD-Access Solution (Self-study)
- Need for Cisco SD-Access
- Software-Defined Access Overview
- Cisco SD-Access Fabric Control Plane Based on LISP
- Cisco SD-Access Fabric Control Plance Based on VXLAN
- Cisco SD-Access Fabric Control Plance Based on Cisco TrustSec
- Cisco SD-Access Fabric Components
- Role of Cisco ISE and Cisco DNA Center in SD-Access
- Cisco SD-Access Wireless Integration
- Traditional Campus Interoperating with Cisco SD-Access
Understanding the Working Principles of the Cisco SD-WAN Solution (Self-study)
- Need for Software Definer Networking for WAN
- SD-WAN Components
- SD-WAN Orchestration Plane
- SD-WAN Management Plane
- SD-WAN Control Plane
- SD-WAN Data Plane
- SD-WAN Automation and Analytics
Understanding the Basics of Python Programming (Self-study)
- Describe Python Concepts
- String Data Types
- Numbers Data Types
- Boolean Data Types
- Script Writing and Execution
- Analyze Code
Introducing Network Programmability Protocols (Self-study)
- Configuration Management
- Evolution of Device Management and Programmability
- Data Encoding Formats
- Data Models
- Model Driven Programmability Stack
- Describe YANG
- REST
- NETCONF
- Explain NETCONF and YANG
- Describe the RESTCONF Protocol
- Cisco IOS XE and IOS XR Systems Overview
Introducing APIs in Cisco DNA Center and vManage (Self-study)
- Application Programming Interfaces
- REST API Response Codes and Results
- REST API Security
- API in DNA-Center
- REST API in vManage
Exam Information
This course is recommended as preparation for the following exam:
- 350-401- Implementing Cisco Enterprise Network Core Technologies Exam
This training course provided by Skilltec is accredited through Global Knowledge Training Ltd. Global Knowledge Training Ltd are the authorised learning partner; all trademarks and partner statuses are provided through them.
