Securing Cisco Digital Network Architecture (DNA) (DNASEC)

 

Résumé du cours

Many challenges exist managing modern networks on a day to day basis. The problems are intensified when manual configuration changes using fragmented tool offerings result in non-centralized change and configuration management which leads to various naming, configuration, backup and security compliance issues. Manual configuration changes when compared to automated, policy-based approaches are slow and error-prone. Break and fix, new network builds and change requests in dynamic environments where user requirements, devices and applications are evolving at ever increasing rates fueled in many cases by the big data of IoT. The networks of today face deployment, support and security challenges mitigated with modern tools such as Digital Network Architecture Centre (DNAC), Cisco Identity Services Engine (ISE) and Stealthwatch. In this course, you use these tools to build a centrally managed, authenticated, authorized, monitored and security-policy compliant solution.

Moyens Pédagogiques :
  • Quiz pré-formation de vérification des connaissances (si applicable)
  • Réalisation de la formation par un formateur agréé par l’éditeur
  • Formation réalisable en présentiel ou en distanciel
  • Mise à disposition de labs distants/plateforme de lab pour chacun des participants (si applicable à la formation)
  • Distribution de supports de cours officiels en langue anglaise pour chacun des participants
    • Il est nécessaire d'avoir une connaissance de l'anglais technique écrit pour la compréhension des supports de cours
Moyens d'évaluation :
  • Quiz pré-formation de vérification des connaissances (si applicable)
  • Évaluations formatives pendant la formation, à travers les travaux pratiques réalisés sur les labs à l’issue de chaque module, QCM, mises en situation…
  • Complétion par chaque participant d’un questionnaire et/ou questionnaire de positionnement en amont et à l’issue de la formation pour validation de l’acquisition des compétences

A qui s'adresse cette formation

The primary audience for this course is as follows:

  • Anyone interested in knowing about DNA and SD-Access
  • Personnel involved in SD-Access Design and Implementation
  • Network Operations team with SD-Access solution

Pré-requis

The knowledge and skills that a learner must have before attending this course are as follows:

  • Cisco CCNA or Equivalent Experience
  • Basic Knowledge of Software Defined Networks
  • Basic Knowledge of network security including AAA, Access Control and ISE
  • Basic Knowledge and experience with Cisco IOS, IOS XE and CLI
  • Basic Knowledge of virtualization, Hypervisors and Virtual Machines

Objectifs

Upon completing this course, the learner will be able to deploy and setup a network built on DNA and SDA concepts and components and be prepared for daily operation tasks associated to such networks. The learner will meet these overall objectives:

  • Know and understand Cisco’s DNA and SD-Access concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today’s networks.
  • Differentiate and explain each of the building blocks of SD-Access Solution
  • Be familiar with fabric and node types
  • Deploy and configure Fabric Edge Nodes, Control Plane nodes and Border Nodes
  • Configure LISP in Control Plane for SD-Access Solution
  • Configure VXLAN in Data Plane for SD-Access Solution
  • Configure TrustSec for segmentation and Policy Enforcement
  • Understand the role of DNA Center as solution orchestrator and Intelligent GUI
  • Deploy DNA Center and perform initial setup
  • Use workflow approach in DNA Center and its 4 Steps: Design, Policy, Provision and Assurance
  • Deploy ISE and integrate it with DNA Center and SD-Access Solution
  • Deploy StealthWatch and Integrate it with DNA Center and SD-Access Solution
  • Monitor and Troubleshoot SDA operation
  • Know and understand the migration strategies from traditional networks to SD-Access Solution

Contenu

  • Module 1: Introduction to Cisco’s Software Defined Access (SD-Access)
  • Module 2: SD-Access Campus Fabric
  • Module 3: DNA Center and Workflow for SD-Access
  • Module 4: Deployment and initial setup for DNA Center
  • Module 5: Deployment and initial setup for ISE and Integrate with DNA Center
  • Module 6: Deploy Netflow Collector and StealthWatch Management Center (SMC)
  • Module 7: Implementing Policy Plane using Cisco TrustSec for Segmentation
  • Module 8: Cisco StealthWatch Management Console (SMC)
  • Module 9: DNA Center Workflow First Step - Design
  • Module 10: DNA Center Workflow Second Step - Policy
  • Module 11: DNA Center Workflow Third Step - Provision
  • Module 12: DNA Center Workflow Fourth Step – Assurance
  • Module 13: Implementing WLAN in SD-Access Solution
  • Module 14: Implementing Campus Fabric External Connectivity for SD-Access
  • Module 15: SDA Migration Strategies

Prix & Delivery methods

Formation en ligne

Durée
5 jours

Prix
  • sur demande
Formation en salle équipée

Durée
5 jours

Prix
  • sur demande

Actuellement aucune session planifiée