Wednesday, 17 December 2014

SWITCH Implementing Cisco IP Switched Networks

This course includes extensive hands-on labs to help you learn to plan, configure, and verify the implementation of complex enterprise switching solutions for campus environments using the Cisco Enterprise Campus Architecture. In order to gain a firm understanding of how to manage switches in an enterprise campus environment, you'll cover:
  • VLANs and WLANs
  • Spanning tree
  • Inter-VLAN routing
  • Security features

A Global Knowledge Exclusive: You Get...

  • 10 extra e-Lab credits, good for 30 days, so you can practice and refine your skills
  • Enhanced content that exceeds standard authorized Cisco content
  • World-class Certified Cisco Systems instructors

What You'll Learn

  • Analyze campus network designs
  • Implement VLANs in a network campus
  • Implement spanning tree
  • Implement inter-VLAN routing in a campus network
  • Implement high-availability technologies and techniques using multilayer switches in a campus environment
  • Implement security features in a switched network
  • Integrate WLANs into a campus network
  • Accommodate voice and video in campus networks

Who Needs to Attend

  • Network engineers with at least one year of professional work experience who are ready to advance their skills and work independently on complex network solutions
  • Network engineers, technical support personnel, or help desk technicians who will need to correctly implement and/or support switch-based solutions

Prerequisites

  • CCNA certification
OR
  • Familiarity with internetworking technologies; the ability to perform basic router configuration; experience installing, operating, and maintaining routers and switches in an enterprise environment
  • Knowledge of IP, including the ability to perform IP subnetting on non-octal boundaries, configure IP standard and extended access lists, operate and configure distance vector routing protocol, configure serial interface, and interpret a routing table

Follow-On Courses

  • ROUTE - Implementing Cisco IP Routing v2.0
  • TSHOOT - Troubleshooting and Maintaining Cisco IP Networks v1.0

Certification Programs and Certificate Tracks

This course is part of the following programs or tracks:
  • CCDP - Cisco Certified Design Professional
  • CCNP Routing and Switching

Course Outline

1. Analyzing Campus Network Designs

  • Enterprise Campus Architecture
    • Cisco SONA
    • Benefits of the enterprise campus architecture
    • Function of the core layer
    • Impact of traffic types on the network infrastructure
  • Cisco Lifecycle Services and Network Implementation
    • PPDIOO lifecycle approach
    • PPDIOO implementation planning

2. Implementing VLANs in Campus Networks

  • Best Practices for VLAN Topologies
    • VLAN segmentation models
    • Creating an implementation plan
    • Implementation choices and their consequences
    • Implementation and verification plans for a VLAN network with end-to-end VLANs and trunks and VLAN Trunk Protocol (VTP)
  • Configuring Private VLANs (PVLANs)
    • Configure isolated and community PVLANs
    • Implementation and verification plans for a VLAN network design that contains PVLANs
    • Configure PVLANs across multiple switches
  • Configuring Link Aggregation with EtherChannel
    • Benefits of EtherChannel
    • Compare the PAgP and the LACP
    • Create and execute an implementation and verification plan in a VLAN network with Layer 2 EtherChannel links and load balancing among the ports included in an EtherChannel

3. Implementing Spanning Tree

  • Spanning Tree Protocol (STP) Enhancements
    • STP standards and operations
    • Implement and configure PVRST+ and MSTP
    • RSTP port roles
    • Verify RSTP configurations
  • STP Stability Mechanisms
    • Protect and optimize the operation of STP
    • Configure BPDUGuard, BPDUFilter, RootGuard, and LoopGuard
    • Configure UDLD to detect and shut down unidirectional links

4. Implementing Inter-VLAN Routing

  • Routing Between VLANs
    • Configure and verify inter-VLAN routing in a Layer 2 topology using an external router, a switch SVI, or a switch-routed interface
    • Configure both a switch and router to accommodate inter-VLAN packet transfer using an external router
    • Layer 3 SVI
    • Commands used to configure an SVI
    • A routed port on a multilayer switch
    • Commands used to configure a routed port on a multilayer switch
    • Configure Layer 3 EtherChannel links
    • Configure inter-VLAN routing on a multilayer switch
    • Configure DHCP services on a Layer 3 switch
  • Deploying Multilayer Switching with Cisco Express Forwarding
    • Configure and verify inter-VLAN routing in a Layer 2 topology using multilayer switching with Cisco Express Forwarding
    • Multilayer switching and how it differs when you are performing Layer 2 vs. Layer 3 switching
    • Packet and frame header rewriting performed by a multilayer switch
    • Layer 3 switch processing
    • Switching methods available on a Cisco switch
    • Configure Cisco Express Forwarding on a Cisco switch

5. Implementing a Highly Available Network

  • High Availability
    • Uses, requirements, benefits, and performance expectations
    • Resiliency for high availability
    • Design the network for optimal redundancy
  • Implementing High Availability
    • Use Cisco StackWise technology on access switches
    • Evaluate the impact of too little redundancy
    • Assess the impact of uplink failure
  • Implementing Network Monitoring
    • Configure IP SLA technology

6. Implementing Layer 3 High Availability

  • Configuring Layer 3 Redundancy with HSRP
    • Routing issues
    • Router redundancy process
    • Configure HSRP operations
    • Fine-tune and troubleshoot HSRP
  • Configuring Layer 3 Redundancy with VRRP and GLBP
    • VRRP operations process
    • Configure VRRP
    • GLBP operations process
    • Configure GLBP

7. Minimizing Service Loss and Data Theft in a Campus Network

  • Switch Security Issues
    • Switch and Layer 2 security as a subset of an overall network security plan
    • How a rogue device gains unauthorized access to a network
    • Categorize switch attack types and list mitigation options
    • How a MAC flooding attack overflows a CAM Campus Backbone Layer table
    • How port security is used to block input from devices based on Layer 2 restrictions
    • Configure port security on a switch
    • Authentication methods using AAA
    • Port-based authentication using 802.1X
  • Protecting Against VLAN Attacks
    • VLAN hopping
    • Configure a switch to mitigate VLAN hopping attacks
    • VACLs and their purpose as part of VLAN security
    • Configure VACLs
  • Protecting Against Spoofing Attacks
    • DHCP spoofing attacks
    • Configure DHCP snooping
    • ARP poisoning
    • Protect against ARP spoofing attacks with DAI
  • Securing Network Services
    • Cisco Discovery Protocol and LLDP vulnerabilities
    • Telnet protocol vulnerabilities
    • Configure SSH
    • Configure vty ACLs
    • Configure Cisco IOS secure HTTP server
    • Switch security considerations

8. Accommodating Voice and Video in Campus Networks

  • Planning for Support of Voice in a Campus Network
    • Components of a VoIP network and IP telephony
    • Bandwidth consumption of voice traffic vs. data traffic
    • Video bandwidth consumption vs. voice and data bandwidth consumption
    • Solve for latency, jitter, bandwidth, packet loss, and reliability
    • Security for voice and video traffic integration into a data network
  • Integrating and Verifying VoIP in a Campus Infrastructure
    • Plan for VoIP requirements
    • Voice VLANs
    • Configure and Verify Voice VLANs
    • Plan PoE requirements and configure PoE
    • Provide additional services required by VoIP devices
    • Create a Test Plan for VoIP integration
  • Accommodate Voice and Video on Campus Switches
    • High availability applied to VoIP or video traffic
    • Build an integrated voice/video/data campus network
    • The need for QoS for VoIP and video integration
    • Configure basic QoS for voice and video VLANs

9. Integrating Wireless LANs into a Campus Network

  • Comparing WLANs with Campus Networks
    • Compare wired and wireless LAN
    • Main wireless LAN topologies
    • Settings specific to WLANs, such as SSIDs, and WLAN-to-VLAN mapping
  • Assessing the Impact of WLANs on Campus Networks
    • WLAN implementations
    • Compare WLAN solutions
    • Assess traffic flow and impact on the campus LAN of an autonomous AP configuration and a controller-based configuration
  • Preparing the Campus Infrastructure for WLANs
    • Best placement for APs and controllers
    • Configure switches for WLAN devices
    • Gather WLAN requirements
    • Plan WLAN integration
    • Create a test plan

Labs

Lab 1: New Hire Test

  • Prepare basic configuration templates for your switches
  • Explore the remote lab device connections
  • Deploy configuration templates on your switches
  • Verify your configurations according to the verification plan you created

Lab 2: Design and Implement VLANs, Trunks, and EtherChannel

  • Plan a segmented Layer 2 network implementation
  • Create a Layer 2 implementation and verification plan
  • Implement a full Layer 2 solution including VLANs, trunks, pruning, VTP, and EtherChannel

Lab 3: Troubleshoot Common VLAN Configuration and Security Issues

  • Diagnose and resolve Layer 2 connectivity problems
  • Diagnose and resolve VLAN and EtherChannel-related problems
  • Document troubleshooting progress, configuration changes, and problem resolution

Lab 4: Configure Private VLANs

  • Plan a segmented private VLAN implementation
  • Create a private VLAN implementation and verification plan
  • Implement private VLANs

Lab 5: Implement Multiple Spanning Tree

  • Design a spanning tree
  • Create a spanning tree implementation plan
  • Implement a spanning tree according to an implementation plan
  • Create a spanning tree verification plan
  • Verify the spanning tree according to the verification plan

Lab 6: Implement PVSRT+

  • Design a migration plan to PVRST+
  • Create a PVRST+ implementation plan
  • Implement PVRST+ according to implementation plan
  • Create a PVRST+ verification plan
  • Verify the PVRST+ spanning tree according to the verification plan

Lab 7: Troubleshoot Spanning Tree Issues

  • Develop a work plan to troubleshoot configuration and security issues in the STP
  • Isolate the causes of the problems
  • Correct all of the identified spanning tree issues
  • Document and report the troubleshooting findings and recommendations

Lab 8: Implement Inter-VLAN Routing

  • Design a Layer 3 network
  • Create an implementation requirements list
  • Create a step-by-step implementation and verification plan
  • Implement and verify inter-VLAN routing and routing protocols

Lab 9: Troubleshoot Inter-VLAN Routing

  • Develop a work plan to troubleshoot configuration and inter-VLAN routing issues
  • Isolate the causes of the problems
  • Correct all of the identified routing issues
  • Test the corrections made
  • Document and report the troubleshooting findings and recommendations

Lab 10: Implement High Availability in a Network Design

  • Design a high availability solution consisting of a syslog, SNMP reporting, and an IP SLA solution
  • Create an implementation requirements list
  • Create a step-by-step implementation and verification plan
  • Implement and verify your solution

Lab 11: Implement and Tune HSRP

  • Design an HSRP solution
  • Create an implementation requirements list
  • Create a step-by-step implementation and verification plan
  • Implement and verify your solution

Lab 12: Implement VRRP

  • Design a VRRP solution
  • Create an implementation requirements list
  • Create a step-by-step implementation and verification plan
  • Implement and verify your solution

Lab 13: Secure Network Switches to Mitigate Security Attacks

  • Perform a baseline assessment of network switch security settings
  • Identify possible threats, points of attack, and vulnerability points in the network
  • Write an implementation plan to implement security measures on network switches
  • Write a plan to test and verify security threat mitigation measures for VLANs
  • Configure port security and other switch security features
  • Configure a VACL
  • Verify the correct implementation of security measures
  • Document the switch and VLAN security plan, settings, operations, and maintenance

Lab 14: Plan Implementation and Verification of VoIP in a Campus Network

  • Gather information regarding the implementation of VoIP
  • Prepare an implementation requirements list for VoIP readiness
  • Prepare an implementation and verification plan
  • Implement and verify the VoIP readiness plan

Lab 15: Integrate Wireless in the Campus

  • Determine requirements for implementing wireless structure in a network
  • Prepare an implementation plan for wireless integration
  • Prepare the switched network for integration of wireless equipment
  • Verify that the switched network was properly provisioned
Posted by at

No comments:

Post a Comment

Note: only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)