Software Defined Networking

Implementing SD-WAN

Introduction to SD-WAN

  • Introduction to SD-WAN
  • SD-WAN Devices & communications
  • Controller Deployment Options
  • WAN Edge Options
  • VPNs-VRFs on the SD-WAN Devices

Non-SD-WAN Component Setup

  • Configuring the WAN Component
  • Installing the Enterprise Certificate Server

Initializing the Controllers

  • Initializing vManage – CLI
  • Initializing vManage - GUI
  • Initializing vBond - CLI
  • Registering vBond in vManage
  • Initializing vSmart - CLI
  • Registering vSmart in vManage

Initializing the WAN Edges

  • WAN Edge Registration Process Overview
  • Initializing vEdges - CLI
  • Registering vEdges in vManage
  • Initializing cEdges - CLI
  • Registering cEdges in vManage

Configuring Templates

  • Templates - Overview
  • Configuring Feature Templates - System
  • Configuring Feature Templates - Banner
  • Configuring Feature Templates - VPN & VPN Interfaces for VPN 0 & VPN 512 – Branch Site(vEdges)
  • Configuring Feature Templates – External Routing - OSPF for VPN 0 – Branch Site(vEdges)
  • Configuring and Deploying Device Templates for vEdge – Branch Site(vEdges)
  • Configuring Internal Routing Protocols on the Internal Routing Devices – HQ & All Branches
  • Configuring Feature Templates – Service VPN – VPN, VPN Interface and Internal Routing – Branch Site(vEdges)
  • Implementing a Service VPN using Templates – Branch Sites
  • OMP-TLOC-Packet Flow-ECMP-Traffic Simulation
  • Configuring Feature Templates for HQ-Site(vEdge1) – VPNs, VPN Interfaces, External & Internal Routing
  • Configuring Device Templates for HQ-Site(vEdge1) to deploy VPN 0, 1 and 512.
  • Configuring Feature Templates for CSR – VPN 0 & 1, VPN Interface for VPN 0 & 1, External Routing – OSPF, & Internal Routing – OSPF
  • Configuring Device Templates for CSR to deploy VPN 0 and Service VPN 1

Configuring Centralized Policies

  • Policies Component in SD-WAN - Overview
  • Configuring and Deploying Feature and Device Templates for vSmart Controllers
  • Configuring Application Aware Policies using Telnet and Web
  • Configuring Application Aware Policies using Deep Packet Inspection (DPI)
  • Manipulating Traffic flow using TLOCs
  • Configuring Route Filtering
  • Configuring A Hub-n-Spoke Topology using a TLOC
  • Configuring Direct Internet Access (DIA)

Configuring Advanced Features like TLOC-Extensions

  • Configuring the Controllers and Routers for Topology 2
  • Site with Multiple vEdges & Multiple Transports
  • Configuring TLOC Extensions
  • Configuring vEdges thru NAT

Implementing QoS on SD-WAN

  • Overview of QoS & Localized Policies
  • Configuring Customized Components for the Localized Policy
  • Configuring the Scheduler
  • Configure & apply the Localized Policies
  • Configure the Interface parameters using Templates

Implementing SDA

Introduction to SDA

  • Introduction of Software Defined Networking
  • Introduction to the concept of Software Defined Access
  • Comparing ACI & SDA
  • Control Plane & Data Plane within the SDA Fabric
  • Communicating to Shared Services & External Networks
  • Overview of Virtual Networks - Macro-Segmentation & Inter-VN Communications
  • SDA Components & Roles
  • DNAC & ISE Integrations Overview

Configuring the Non-SDA Components

  • Configuring DNAC & ISE Integration
  • Configuring Border Switch Initial Configuration
  • Configuring Fusion Router Initial Configuration

Configuring the DNAC Design Components

  • DNAC Design - Network Hierarchy – Site & Building
  • DNAC Design – Server Configuration – AAA, NTP
  • DNAC Design - Device Credentials
  • DNAC Design - IP Address Pools

Using LAN Automation to discover the devices

  • DNAC Discovery – Discover the Seed Device (Border)
  • DNAC Provisioning - Assign Seed Device to HQ
  • Configuring the Underlay fo Manual Fabric Discovery
  • Discovering the Fabric Edge Nodes
  • Assigning the Fabric Edge Nodes to HQ Building
  • Cleanig up the Fabric Edge and Border Node in preparation for LAN Automation
  • DNAC Provisioning – Enable LAN Automation to Discover the Fabric
  • Provision the devices to HQ Site

Create & configuring the Fabric & L3Handoff

  • Reserve the IP Pools for HQ Site for Overlay & Underlay
  • Create VNs for the Fabric
  • Create the Transit Network (L3HANDOFF)
  • Configure Host Onboarding
  • Provision the Control-Border Device
  • Provision the Edge Device
  • Configure the Fusion Router to match the border configuration

Configuring ISE for SDA

  • Configure User & Groups on ISE
  • Configure Authorization Profiles for the DNAC VNs
  • Configure Authorization Policies for the DNAC VNs
  • Configure the DHCP Server to provide IP Configuration to Clients
  • Verifying Macro Segmentation

Configuring Micro Segmentation

  • Create the SGT
  • Re-configure ISE Authorization Policies to use SGTs
  • Using a default contract to block all communications between SGTs
  • Creating a SG ACL - Contract
  • Applying and verifying a Custom SG ACL- Contract