Хотите получать информацию по новым курсам и их датам проведения?
(ENUAE) Enterprise Network Unified Access Essentials
Кому следует посетить
- Pre-Sales Engineers at Cisco Partner organizations:
- IMPORTANT—this course will be mandatory for Partners intending to achieve Unified Access Enterprise Networks Specialization.
- Network, Security and Wireless Engineers at Cisco customers implementing the latest Unified Access technology, including Cisco ISE, Prime Infrastructure, Converged Access wireless infrastructure and the full line of Catalyst switches.
Предварительные требования
- Использование сетевого оборудования Cisco. Часть I (v.2.0) (ICND1) andИспользование сетевого оборудования Cisco. Часть II (v.2.0) (ICND2)
- Основы построения унифицированных беспроводных сетей Cisco (IUWNE)
- Familiarity with 802.1x by attendance of either the four-hour E-learning or the Введение в работу протокола 802.1X для специалистов по безопасности (802.1X) three-day course.
Цели курса
- Understand Cisco’s “One Policy, One Management, One Network” Unified Access vision and strategy
- Create a network design from customer specifications
- Implement the core aspects of Cisco’s Unified Access solutions
- Design and configure the Unified Access wired network foundation
- Implement Cisco Prime Infrastructure (PI) 2.0 to support network management of the Unified Access infrastructure
- Implement Cisco Identity Services Engine (ISE) 1.2 to provide a policy foundation for the Unified Access infrastructure
- Integrate Converged Access switches (3850) and Wireless LAN Controllers (5760) to support wireless and wired Unified Access infrastructure objectives.
- Secure the Unified Access infrastructure with ISE, SGA and 802.1X
- Leverage Prime Infrastructure 2.0 for Application Visibility and Control on the Unified Access infrastructure
- Describe High Availability (HA) solutions on Unified Access networks
- Perform key Monitoring and Troubleshooting activities and methods
- Implement a Bring Your Own Device (BYOD) Solution
Содержание курса
In today’s enterprise networking environments, the borders have been broken down, bringing with it an ever-changing wave of new devices and cloud-based architectures. Organizations are strained under the requirements of BYOD to allow users to access data and mission-critical applications from anywhere, on any device.
Cisco’s “One Network, One Policy, One Management” philosophy is behind a comprehensive set of solutions underlying the Unified Access architecture. The Unified Access SE Boot Camp v1.0 course is designed to assure System Engineers will be able to provide technical pre-sales engineering, demonstrate the key Cisco competitive advantages, create a network design against customer specifications, and implement Cisco Unified Access solutions that are comprised of key differentiating components, features, and services.
This course presents concepts, wired and wireless platforms, technologies and services that are required for a comprehensive approach to effectively design, manage, and control the access on a Unified Access network. The reference network that is selected as a case study in this course is the fictitious Health To All (HTA) Hospital.
This complete solution starts with Cisco design guides and professional services that lead the learner from planning and design to day-to-day operations at HTA Hospital. The final design represents a comprehensive, secure and high-performance BYOD solution providing the necessary infrastructure, including Wireless access points, Wireless LAN Controllers, Security Appliances, and Network Management Tools. HTA Hospital users vary from Guests to Corporate users and from Employees to Contractors. Users have personal computers and VoIP phones at their desks as well as mobile computers, tablets, and smart phones. The network is used for accessing critical patient data, voice and video traffic, different servers, and for web browsing. This Cisco solution addresses all the requirements of HTA Hospital for building a secure and scalable BYOD network.
Программа курса
Module 1: One Network – Building the Wired Foundation
- Cisco Unified Access Architecture Overview
- High Availability (HA) Features Implemented in the Unified Access Wired Access Architecture
- Introduction to Cisco Catalyst Smart Operations
- Cisco SmartPorts Macros
- Cisco Smart Install
- Cisco AutoQoS
- Cisco Easy Virtual Network (EVN)
Module 2: One Management Foundation: Implementing Prime Infrastructure 2.0
- Unified management of wired and wireless access, branch, and wide area networks
- Comprehensive network life cycle management, including user access visibility, inventory, configuration management, plug and play, radio frequency planning, and best practices reporting
- End-to-end application and service assurance visibility to quickly isolate and troubleshoot performance issues
- Relational, multidimensional view of users, applications, and network to simplify the diagnostics and remediation of network and service impacting issues
- Easy deployment and management of Cisco advanced technologies
Module 3: Policy Foundation: Basic ISE AAA Setup and Guest Server Setup for Wired and Wireless Networks
- Requirements for installing Cisco ISE
- ISE installation process
- Overview of Cisco ISE new Setup Assistant, GUI, and features
- Using the new ISE Setup Assistant for configuration
- Requirements for configuring Authentication through AD
- Configuring Authorization Rules Using AD and dACLs
- Requirements for PI Integration with ISE
- Configuring integration
- Configuring Monitor Mode for Wired dot1x
- Configuring Authentication rules
- Configuring Downloadable Access Lists (dACLs) based on Policies
- Configuring Authorization Profiles that include dACLs
Module 4: Wireless Reference Architecture using Various Cisco Wireless LAN Platforms and Prime Infrastructure
- Wireless Features Overview
- Radio Resource Management (RRM)
- Cisco CleanAir
- Cisco ClientLink Optimization for Mixed-Client Networks Scenarios
- Cisco AP Stateful Switchover (SSO) HA Solution
- List of Cisco Secure Wireless LAN Features
- Use SSIDs for Network Segmentation
- User Policy Overview Using Prime Infrastructure
- Implementation of Special Services Using QoS
- ACLs Configuration on the WLC
- WLC Dynamic Interfaces and VLAN Configuration
- Manipulate Authentication Process of the Client
Module 5: Advanced Wireless Features
- Introduction to Cisco AVC and its benefits
- Cisco VideoStream Technology
- Wireless LAN Apple Bonjour Overview
- Cisco connected Mobile Experience
Module 6: Converged Access Solution
- Review of Current Deployment Model
- Converged Access Overview
- Wireless Features for Converged Access
- Interoperability concerns in a hybrid network environment
- Switch Features for Converged Access
- “One-Policy” using SA-NET and ISE
- Steps for Migration
- Using PI to configure 5760 for deployment
- Configuring the 5760 as the Mobility Controller
- Implementing the 3850 in a Converged Access network through PI
- Establishing policies in ISE for clients connecting to Converged Access networks
- Configuring Identity Control Policies for Session Aware Networking
Module 7: Securing Any Access
- Implementing Authentication for BYOD through ISE
- BYOD On-boarding through ISE
- Using Auto SmartPort Macros for BYOD
- Profiler Service Overview
- ISE Profiler with IOS Device Sensor
- Overview Security Group Access in ISE
- Group Access requirements for BYOD
- At CLI, Configuring the NADs to support SGA and SXP
- Configuring Security Group Tagging (SGT) in the wired and wireless infrastructure
- Overview of Identity Port Mapping? (IPM)
- AT ISE: Configuring SGT eXchange Protocol (SXP) for wired and wireless environment
- Configuring Security Groups, SGACLs, and Security Group Matrix
Module 8: SmartOperations
- EEM Overview
- EEM Configuration on Catalyst Series Switches
- Automated Diagnostic Features
- Cisco Generic Online Diagnostics (GOLD) Overview
- Understanding IP SLA Benefits
- Cisco IP SLA Best Practices
Module 9: Application Visibility and Control For Wired Networks
- Application Visibility and Control Overview
- Cisco Medianet
- Cisco Mediatrace
- Cisco Flexible NetFlow Overview and Implementation
- Cisco Packet Capture Technologies Wireshark/Mini-protocol analyzer (MPA)
Module 10: Wired and Wireless High Availability Solutions
- Cisco Catalyst Switch Architecture
- Stateful Switchover (SSO)
- Cisco Nonstop Forwarding (NSF) Implementation
- Cisco Non Stop Routing (NSR)
- Cisco VSS Solution
- Cisco Catalyst Switch ISSU Solution
- WLAN High Availability Features Overview
- Cisco AP SSO Implementation
- Power over Ethernet (PoE) Considerations
Module 11: Monitoring and Troubleshooting
- Monitoring Wired and Wireless network devices with PI
- Monitoring using ISE Dashboard
- ISE Alarms
- Implementing Logging
- PI monitoring in Troubleshooting
- Built in Client Troubleshooting tool to Support Step-by-Step Problem Analysis
- Working with NetFlow (configuring, best practice)
- Troubleshooting the network with ISE
- ISE Search Capability
- Troubleshooting Network Access Issues
- Using Live Logs for troubleshooting
- ISE discoverable authentication issues
- Diagnostic Troubleshooting Tools
- Cisco ISE Reports
Module 12: Advanced BYOD Solution Wrap-Up
- Overview of the Any Connect BYOD Experience for Windows 7 PC
- Implementing AnyConnect
- Configuring AnyConnect with MACsec and 802.1x supplicant
- ISE client provisioning
- ISE Device registration
- ISE MDM integration ***include video
- Configuring ISE profiler for BYOD use case
Labs
Module 1 Lab: One Network Foundation: Building the Wired Reference Architecture
Module 2 Lab: Building the One Management Foundation with Prime Infrastructure
Module 3 Lab: Add ISE and Client Access Services to Network Management Architecture
Module 4 Lab: Build Wireless Reference Architecture – One Network Mobility Foundation
Module 5 Lab: Build One Network Advanced Mobility Solution for Wireless network
Module 6 Lab: Implementing a Converged Access Network
Module 7 Lab: Build Management Foundation - Add 802.1x security for BYOD network and Secure Group Access using ISE
Module 8 Lab: Build SmartOperations Foundation
Module 9 Lab: Build Application Mobility and Control foundation
Module 10 Lab: Implement High Availability (HA) and Scaling Features in the Network
Module 11 Lab: Unified Access Monitoring with PI and ISE
Module 12 Lab: Advanced BYOD Solution
Дни | 5 дней |
---|---|
Дата курса | По запросу |
Город | Все города |