The Cisco SD-WAN Operation and Deployment (ENSDW)
Les formations Cisco sont disponibles grâce à notre collaboration avec
Description
The Cisco SD-WAN Operation and Deployment (ENSDW) course provides an overview of the Cisco SD-WAN solution and SD-WAN components. Students will learn how to create, manage, and operate a secure extensible network using Cisco SD-WAN products. The course covers how to configure, operate, and monitor overlay routing in a secure extensible network. Students will also learn about policies and quality of service (QoS) in the SD-WAN overlay network.
This is a 2-day course, if you are interested in learning more about our 3-day course, please follow the link to Viptela Training – Cisco SD-WAN.
Clientèle
The primary audience for this course is as follows:
- Enterprise Network System Installers
- System Integrators
- System Administrators
- Network Administrators
- Solutions Designers
Prérequis
It is recommended, but not required, to have the following knowledge and skills before attending this course:
- Strong understanding of enterprise wide area network design
- Strong understanding of routing protocol operation, including both interior and exterior routing protocol operation
- Familiarity with Transport Layer Security (TLS) and IP Security (IPSec)
The following are recommended Cisco learning offerings that may help students meet these prerequisites:
- Implementing Cisco IP Routing (ROUTE)
- Troubleshooting and Maintaining Cisco IP Networks (TSHOOT)
- Implementing Cisco Edge Network Security Solutions (SENSS)
Objectifs
Upon completing this course, the learner will be able to meet these overall objectives:
- Know and understand Cisco’s SD-WAN concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today’s networks.
- Differentiate and explain each of the building blocks of SD-WAN Solution
- Explain the concept of “Fabric” and the different node types that conform it (Fabric Edge Nodes, Control Plane Nodes, Management Nodes and Orchestration Nodes)
- Identify the roles and functions of vEdge, vSmart, vManage and vBond entities
- Know and understand the Zero Touch Provisioning Model
- Know and understand the Zero Trust Provisioning Model
- Identify Overlay Management Protocol (OMP) as a key element of the SD-WAN solution and the role it plays for Control Plane setup
- Understand segmentation of SD-WAN fabric, through the use of VPN’s (VRF’s)
- Understand the role that templates have in SD-WAN solution, differentiate templates and know how to apply them
- Differentiate Control, Data and Application Route Policies and know how they are used in SD-WAN
- Identify and apply QoS mechanisms to SD-WAN fabric
- Discuss Use Cases for SD-WAN
Éléments du contenu
Module 1: SD-WAN Solution Overview
- Traditional WAN – Challenges
- SD-WAN Overview and definitions
- SD-WAN Benefits
- SD-WAN Key Concepts
- SD-WAN Main Components
- vEdge
- vSmart
- vManage
- vBond
- On-Premise vs. Cloud-based Control Plane
Module 2: Secure Control Plane Bring-Up
- Zero Trust Security Principles
- Secure Control Channels
- Establishing vEdge Router Identity
- Establishing Control Elements Identities (vBond, vSmart, vEdge)
- Secure Control Channel between vEdge Router and vBond
- Secure Control Channel between vEdge Router and vSmart/vManage
Module 3: Secure Data Plane Bring-Up
- Limitations of traditional key exchange mechanisms (IKE)
- SD-WAN new centralized Encryption key distribution
- Traffic Encryption for data privacy
- Authentication Header for Data Plane Integrity
- Anti-Replay Protection (man-in-the-middle)
- Role of Bidirectional Forwarding Detection (BFD)
- Considerations about MTU and MSS
- End to End Segmentation (VPN’s)
- Role of Application Visibility and Recognition
- Infrastructure DDoS Mitigation
- Security Policies and Services
- Cloud Security: Secure Direct Internet Access
Module 4: Overlay Management Protocol (OMP)
- Definition of overlay routing
- Role and characteristics of Overlay Management Protocol (OMP)
- OMP Advertised Routes
- Route Redistribution (edge routing protocol to OMP and vice versa)
- Best Path Algorithm
Module 5: Using Templates
- Basic Elements in the configuration for any device
- Need for Templates
- Options to Apply Templates to Devices
- Overview of Feature Templates
- Categories of Feature Templates
- Workflow for Applying Templates to Devices
Module 6: Using Policies
- Policy Architecture
- Application Aware Routing Policies
- Control Policies
- Data Policies
- VPN Membership Policies
- Routing Policies
- Cflowd Templates
Module 7: Quality of Service (QoS)
- QoS Pipeline – vEdge Router
- Data Packet Flow
- Queueing Management
- Control Traffic Prioritization
- Random Early Detection (RED)
- Traffic Policing
- Traffic Shaping
- Marking and Remarking
- Class-Map
- QoS Scheduler
- QoS Map
- Applying QoS policies
Module 8: Basic Troubleshooting
- Troubleshooting Control Plane Bring Up
- GUI validation in vManage
- CLI validation with “Show” commands in vEdge Router
- Troubleshooting Data Plane
- Troubleshooting OMP
Module 9: Use Cases & Design
- Guest Wi-Fi
- Bandwidth Augmentation
- Cloud onRamp for SAAS
- Critical Applications SLA
- Regional Secure Perimeter
Lab Outline
- Lab 1: Accessing the Lab Devices
- Lab 2: Reset vEdge Cloud Router
- Lab 3: Remove vEdge Router from vManage Inventory
- Lab 4: Add vEdge Router to vManage Inventory
- Lab 5: Configure and Deploy Control-Plane Connectivity
- Lab 6: Configure and Deploy an Overlay Network
- Lab 7: Provision and Deploy vManage Templates
- Lab 8: Provision and Deploy vManage Policies
Durée : 2 jours
Tarif régulier :
$2,495.00
Note : Formation en français avec logiciel et manuel en anglais
Date pour cours public ou privé cliquez ici pour en faire la demande
