KB Bootcamp: SDA

Khawar Butt offers detailed coverage of Cisco's SDA, its components and implementations. You will be able to bring up a Campus Network using the SDA Architecture from Scratch. This will include the Onboarding of the Fabric Devices like the Border Node, Control Plane Node and the Fabric Edge Nodes. The Onboarding will be configured using the Manual and the LAN Automation mechanisms. You will Integrate DNAC with ISE. You will configure Macro & Micro Segmentation. L2 & L3 Extensions will also be covered.

What’s included

  • Classes run from Sep 21-25, 2020 at 8pm Dubai time

  • The detailed online LIVE classes will last 4-5 hours each

  • The Course Workbook includes 37 labs

  • Each Lab will be demonstrated

  • 20 hours in 4 hour blocks of physical rack access

  • The class videos will be made available for later viewing

$1500
$999

Subscribers sign-in for $499

Outcome

Upon course completion, students will be able to:

  • Know and understand Cisco’s SDA concepts, features, benefits, components & technologies
  • Differentiate and explain each of the building blocks of the SDA Solution
  • Identify the roles and functions of DNAC, Border Node, Control Plane Node, Fabric Edge Node and Fusion Router
  • Know and understand the LAN Automation
  • Understand the flow of traffic thru the SDA Fabric including the roles of the Underlay Routing Protocol, LISP & VXLAN
  • Understand segmentation of SDA fabric, through the use of Virtual Networks (VN)
  • Design and Implement DNAC Design Configurations like Pools, Network Credentials & Sites
  • Configure SDA Macro Segmentation
  • Configure SDA Micro Segmentation using SGTs & SG-ACLs
  • Configure L2 & L3 Handoffs
  • Configure the Fabric Nodes using Templates

Prerequisites

Students attending this course should have a solid understanding of Routing.

Class Outline

Topics

SDA Overview

  • Features / Benefits of Cisco SDA
  • Controllers Functionality
  • SDA Devices (Border Node, Control Plane Node, Edge Node)
  • SDA Technologies - (Underlay Routing,LISP & VXLAN)

Control Plane, Data Plane and Management Plane

  • Device Discovery
  • Control Plane Flow – LISP & Underlay IGP
  • Data Plane Flow – VXLAN & End Point communications

DNA Center – Design Configuration

  • Network Configuration
  • Authentication
  • Device Credentials

Fabric Provisioning & DNA Center Policies

  • Device Discovery & Inventory
  • Device Provisioning Templates
  • Security Groups
  • Virtual Networks (VNs)
  • Policy Administration
  • Provisioning Devices into Fabric

Host Onboarding & Communications

  • Configuring and verifying AAA and Cisco TrustSec
  • Onboarding Wired Endpoints
  • Macro Segmentation
  • Micro Segmentation
  • L2 Handoff

Assurance and Monitoring

  • Verifying Network & Host Status
  • Verifying Path discovery
  • Verifying Network Health
  • Verifying Client Health

Labs

Prepping the Devices

  • Lab 1 – DNAC Restore
  • Lab 2 – DNAC & ISE Integration
  • Lab 3 – Configuring Border Switch Initial Configuration
  • Lab 4 – Configuring Fusion Router Initial Configuration

DNA Center – Design Configuration

  • Lab 5 – DNAC Design - Network Hierarchy – Site & Building
  • Lab 6 – DNAC Design – Server Configuration – AAA, NTP, DHCP
  • Lab 7 – DNAC Design - Device Credentials
  • Lab 8 – DNAC Design - IP Address Pools

Manual Device Discovery of Fabric Devices

  • Lab 9 – Configuring Skinny Configuration on the Edge Nodes
  • Lab 10 – Configuring Underlay Network - OSPF
  • Lab 11 – Device Discovery & Provisioning

LAN Automation

  • Lab 12 – DNAC Discovery – Discover the Seed Device (Border)
  • Lab 13 – DNAC Provisioning - Assign the Seed Device
  • Lab 14 – DNAC Provisioning – Enable LAN Automation to Discover the Fabric Devices
  • Lab 15 – DNAC Provisioning – Provision the Fabric Devices

Macro Segmentation

  • Lab 16 – DNAC Design – Reserve the IP Pools for HQ Site
  • Lab 17 – DNAC Policy – Create the Virtual Networks
  • Lab 18 – Create the Transit Network (L3HANDOFF)
  • Lab 19 – Configure Host-Onboarding
  • Lab 20 – Provision the Device Roles – Control/Border
  • Lab 21 – Provision the Device Roles – Edge
  • Lab 22 – Configure the Fusion Router
  • Lab 23 – Configure User & Groups on ISE
  • Lab 24 – Configure Authorization Profiles for the DNAC VNs
  • Lab 25 – Configure Authorization Policies for the DNAC VNs
  • Lab 26 – Configure the DHCP Server with DNAC Pools
  • Lab 27 – Verifying Macro Segmentation – East/West – North/South

Micro Segmentation

  • Lab 28 – Create the SGT
  • Lab 29 – Re-configure ISE Authorization Policies to use SGTs
  • Lab 30 – Using a default contract to block all communications between SGTs
  • Lab 31 – Creating a SG ACL - Contract
  • Lab 32 – Applying and verifying a Custom SG ACL- Contract

Assurance & Monitoring

  • Lab 33 – Network Health
  • Lab 34 – Client Health
  • Lab 35 – Path discovery
  • Lab 36 – Templates
  • Lab 37 – Configuring L2 Handoff