Cisco Software-Defined Access (SDA): Use Case Implementation, Operations, & Troubleshooting (SDAOTS) – Outline

Detailed Course Outline

Module 1: Introduction to Cisco’s Software Defined Access (SD-Access)

  • Understanding Cisco Intent-Based Networking
  • Understanding Cisco SDA Use Cases customer’s benefits including business and technical outcomes and capabilities
  • Cisco DNA Center Introduction
  • SD-Access Overview
  • SD-Access Benefits
  • SD-Access Key Concepts
  • SD-Access Main Components
    • Fabric Control Plane Node
    • Fabric Border Node
    • Fabric Edge Node
    • Fabric Wireless LAN Controller and Fabric Enabled Access Points
  • Cisco DNA Center Automation
  • Cisco ISE (Policy)
  • Cisco StealthWatch (Traffic Analysis)
  • DNA Center Assurance

Module 2: Deployment and Initial setup for the Cisco DNA-Center

  • Cisco DNA-Center Appliances
  • Cisco DNA-Center Deployment Models
    • Single Node Deployment
    • Clustered Deployment
  • Installation Procedure
  • Initial Setup and Configuration
  • GUI Navigation

Module 3: SDA - Design

  • Network design options
  • Sites
  • Creating Enterprise and Sites Hierarchy
  • Configuring General Network Settings
  • Loading maps into the GUI
  • IP Address Management
  • Software Image Management
  • Network Device Profiles
  • AAA
  • SNMP
  • Syslog
  • IP address pools
  • Image management
  • Creating Enterprise and Guest SSIDs
    • Creating the wireless RF Profile
    • Cresting the Guest Portal for the Guest SSIDs
  • Network profiles
  • Authentication templates

Module 4: SDA - Policy

  • 2-level Hierarchy
    • Macro Level: Virtual Network (VN)
    • Micro Level: Scalable Group (SG)
  • Policy
    • Policy in SD-Access
    • Access Policy: Authentication and Authorization
    • Access Control Policy
    • Application Policy
    • Extending Policy across domains
    • Preserving Group Metadata across Campus, WAN and DC
    • Enforcing policy in Firewall domains
    • Cross Domain Policies

Module 5: SDA - Provision

  • Devices Onboarding
    • Lifecycle stages of network device discovery
    • Discovering Devices
    • Assigning Devices to a site
    • Provisioning device with profiles
    • Plug-and-Play
    • LAN Automation
  • Templates
    • Templates for day 0
    • Templates for day N operations
  • IP Transits
    • How to connect the Fabric Sites to the external network
    • Creating the IP Transit
    • Considerations for a SD-Access Border Node Design
    • BGP Hand-Off Between Border and Fusion
  • Fabric Domains
    • Understanding Fabric Domains and Sites
    • Using Default LAN Fabric Domain
    • Creating Additional Fabric Domains and Sites
  • Adding Nodes
    • Adding Fabric Edge Nodes
    • Adding Control Plane Nodes
    • Adding Border Nodes

Module 6: SDA - Assurance

  • Overview of DNA Assurance
  • Cisco DNA Center Assurance- Use Cases Examples
  • Network Health & Device 360
  • Client Health & Client 360
  • Application Health & Application 360
  • Cisco SD- Application Visibility Control (AVC) on DNA-Center
  • Proactive troubleshooting using Sensors

Module 7: Cisco SD-Access Distributed Campus Design

  • Introduction to Cisco SD-Access Distributed Campus Design – The Advantage?
  • Fabric Domain vs Fabric Site
  • SD-Access Transits:
    • IP-Based Transit
    • Cisco SD-Access Transit
    • Cisco SD-WAN Transit
  • Deploying the Cisco Distributed Campus with SD-Access Transit
    • Site considerations
    • Internet connectivity considerations
    • Segmentation considerations
    • Role of a Cisco Transit Control Plane
  • Cisco SD-Access Fabric in a Box
    • The need for FiaB
    • Deploying the FiaB

Module 8: Cisco SD-Access Brownfield Migration

  • Cisco SD-Access Migration Tools and Strategies
  • Two Basic Approaches:
    • Parallel Deployment Approach
    • Incremental Deployment Approach
  • Integration with existing Cisco ISE in the network – Things to watch out for!
  • Choosing the correct Fusion Device
    • Existing Core as Fusion
    • Firewall as Fusion
  • When do you need the SD-Access Layer-2 Border?
    • L2 Border – Understanding the requirement
    • Designing and Configuring the L2 Border
    • L2 Border – Not a permanent solution

Module 9: Cisco DNA Center Automation- Use Cases Examples

  • DAY0: Onboarding new devices using Zero Touch Deployment
  • DAY1: Configurations using Templates
  • DAYN: Security Advisories based on Machine Reasoning Engine
  • DAYN: Simplified Software Management based on Golden Images
  • DAYN: Defective Device Replacement - RMA

Module 10: 3rd Party Integrations

  • ServiceNow
    • Integration
    • Management
  • InfoBlox IPAM
    • Integration
    • Management

Module 11: Specific Use Cases

  • Use Case: STACK LAN Automation
  • Use Case: Silent Hosts
  • Use Case: Wake on LAN
  • Use Case: The need for L2 flooding
  • Use Case: Multicast in the SD-Access Fabric

Module 12: Cisco SD-Access Multi-Domain Integrations

  • Cisco SD-Access to ACI Integrations
    • Phase-1: Policy Plane Integration
    • Phase-2: Data Plane Integration
  • Cisco SD-Access to Cisco SD-WAN Integrations
    • What is possible today? SD-WAN Transit setup.
    • Phase-1: The one box solution
    • Phase-2: The two box solution

Module 13: Troubleshooting

  • Fabric
  • Layer 3 forwarding
  • Layer 2 forwarding
  • Multicast Forwarding
  • Security in the Fabric
  • Troubleshooting Multi-Site Deployments