Detailed Course Outline
Module 1: Introduction to Cisco’s Software Defined Access (SD-Access)
- Understanding Cisco Intent-Based Networking
- Understanding Cisco SDA Use Cases customer’s benefits including business and technical outcomes and capabilities
- Cisco DNA Center Introduction
- SD-Access Overview
- SD-Access Benefits
- SD-Access Key Concepts
- SD-Access Main Components
- Fabric Control Plane Node
- Fabric Border Node
- Fabric Edge Node
- Fabric Wireless LAN Controller and Fabric Enabled Access Points
- Cisco DNA Center Automation
- Cisco ISE (Policy)
- Cisco StealthWatch (Traffic Analysis)
- DNA Center Assurance
Module 2: Deployment and Initial setup for the Cisco DNA-Center
- Cisco DNA-Center Appliances
- Cisco DNA-Center Deployment Models
- Single Node Deployment
- Clustered Deployment
- Installation Procedure
- Initial Setup and Configuration
- GUI Navigation
Module 3: SDA - Design
- Network design options
- Sites
- Creating Enterprise and Sites Hierarchy
- Configuring General Network Settings
- Loading maps into the GUI
- IP Address Management
- Software Image Management
- Network Device Profiles
- AAA
- SNMP
- Syslog
- IP address pools
- Image management
- Creating Enterprise and Guest SSIDs
- Creating the wireless RF Profile
- Cresting the Guest Portal for the Guest SSIDs
- Network profiles
- Authentication templates
Module 4: SDA - Policy
- 2-level Hierarchy
- Macro Level: Virtual Network (VN)
- Micro Level: Scalable Group (SG)
- Policy
- Policy in SD-Access
- Access Policy: Authentication and Authorization
- Access Control Policy
- Application Policy
- Extending Policy across domains
- Preserving Group Metadata across Campus, WAN and DC
- Enforcing policy in Firewall domains
- Cross Domain Policies
Module 5: SDA - Provision
- Devices Onboarding
- Lifecycle stages of network device discovery
- Discovering Devices
- Assigning Devices to a site
- Provisioning device with profiles
- Plug-and-Play
- LAN Automation
- Templates
- Templates for day 0
- Templates for day N operations
- IP Transits
- How to connect the Fabric Sites to the external network
- Creating the IP Transit
- Considerations for a SD-Access Border Node Design
- BGP Hand-Off Between Border and Fusion
- Fabric Domains
- Understanding Fabric Domains and Sites
- Using Default LAN Fabric Domain
- Creating Additional Fabric Domains and Sites
- Adding Nodes
- Adding Fabric Edge Nodes
- Adding Control Plane Nodes
- Adding Border Nodes
Module 6: SDA - Assurance
- Overview of DNA Assurance
- Cisco DNA Center Assurance- Use Cases Examples
- Network Health & Device 360
- Client Health & Client 360
- Application Health & Application 360
- Cisco SD- Application Visibility Control (AVC) on DNA-Center
- Proactive troubleshooting using Sensors
Module 7: Cisco SD-Access Distributed Campus Design
- Introduction to Cisco SD-Access Distributed Campus Design – The Advantage?
- Fabric Domain vs Fabric Site
- SD-Access Transits:
- IP-Based Transit
- Cisco SD-Access Transit
- Cisco SD-WAN Transit
- Deploying the Cisco Distributed Campus with SD-Access Transit
- Site considerations
- Internet connectivity considerations
- Segmentation considerations
- Role of a Cisco Transit Control Plane
- Cisco SD-Access Fabric in a Box
- The need for FiaB
- Deploying the FiaB
Module 8: Cisco SD-Access Brownfield Migration
- Cisco SD-Access Migration Tools and Strategies
- Two Basic Approaches:
- Parallel Deployment Approach
- Incremental Deployment Approach
- Integration with existing Cisco ISE in the network – Things to watch out for!
- Choosing the correct Fusion Device
- Existing Core as Fusion
- Firewall as Fusion
- When do you need the SD-Access Layer-2 Border?
- L2 Border – Understanding the requirement
- Designing and Configuring the L2 Border
- L2 Border – Not a permanent solution
Module 9: Cisco DNA Center Automation- Use Cases Examples
- DAY0: Onboarding new devices using Zero Touch Deployment
- DAY1: Configurations using Templates
- DAYN: Security Advisories based on Machine Reasoning Engine
- DAYN: Simplified Software Management based on Golden Images
- DAYN: Defective Device Replacement - RMA
Module 10: 3rd Party Integrations
- ServiceNow
- Integration
- Management
- InfoBlox IPAM
- Integration
- Management
Module 11: Specific Use Cases
- Use Case: STACK LAN Automation
- Use Case: Silent Hosts
- Use Case: Wake on LAN
- Use Case: The need for L2 flooding
- Use Case: Multicast in the SD-Access Fabric
Module 12: Cisco SD-Access Multi-Domain Integrations
- Cisco SD-Access to ACI Integrations
- Phase-1: Policy Plane Integration
- Phase-2: Data Plane Integration
- Cisco SD-Access to Cisco SD-WAN Integrations
- What is possible today? SD-WAN Transit setup.
- Phase-1: The one box solution
- Phase-2: The two box solution
Module 13: Troubleshooting
- Fabric
- Layer 3 forwarding
- Layer 2 forwarding
- Multicast Forwarding
- Security in the Fabric
- Troubleshooting Multi-Site Deployments