Skip to main Content

Software Defined Access and ISE Integration for Policy Deployment and Enforcement

  • Kursuskode SDAISE
  • Varighed 3 dage
  • Version 1.0

Leveringsmetoder

Øvrige betalingsmuligheder

  • CLC Ring til 44881800

Åbent kursus Pris

DKR23.550,00

Ekskl. Moms

Anmod om gruppetræning Køb

Go to:

Leveringsmetoder

Kurset er tilgængeligt i følgende formater:

  • Firma kursus

    Et lukket firma kursus

  • Åbent kursus

    Traditionel klasserumsundervisning

  • Åbent kursus (Virtuelt)

    Live klasserumsundervisning du tilgår virtuelt

Anmod om dette kursus Med en anden leveringsløsning

Download fuld kursusbeskrivelse

Beskrivelse

Toppen

SD-Access is Cisco’s Next Generation campus networking solution that simplifies management, automation, and improves security implications.

Who (People), what (Devices), when (Time) and where (Location) are questions we would like answered when working with users and devices! These questions are answered within a single pane of glass known as the Cisco Identity Services Engine (ISE). Once users and devices are identified we often segment these groups for management purposes. Cisco's Digital Networks Architecture Center (DNAC) is a means of configuring and maintaining that segmentation using software defined access. DNA Center is not limited to configuration changes. DNA Center also provides a policy-based approach to services that support the network such as NTP, DNS, DHCP. In this course, you integrate ISE and DNAC which gives you the ability to manage physical devices, logical segmentation, IP, transport rules as well as Authentication, Authorization and Accounting (AAA) of users and devices along with an overview and introduction to SD-Access and DNA Center.

Virtual Learning

This interactive training can be taken from any location, your office or home and is delivered by a trainer. This training does not have any delegates in the class with the instructor, since all delegates are virtually connected. Virtual delegates do not travel to this course, Global Knowledge will send you all the information needed before the start of the course and you can test the logins.

Kursusdato

Toppen
    • Leveringsmetode: Åbent kursus (Virtuelt)
    • Dato: 17-19 juni, 2024
    • Kursussted: Virtual
    • Sprog: engelsk

    DKR23.550,00

    • Leveringsmetode: Åbent kursus (Virtuelt)
    • Dato: 12-14 august, 2024
    • Kursussted: Virtual
    • Sprog: engelsk

    DKR23.550,00

    • Leveringsmetode: Åbent kursus (Virtuelt)
    • Dato: 28-30 oktober, 2024
    • Kursussted: Virtual
    • Sprog: engelsk

    DKR23.550,00

    • Leveringsmetode: Åbent kursus
    • Dato: 02-04 december, 2024
    • Kursussted: Virtual Classroom
    • Sprog: engelsk

    DKR23.550,00

    • Leveringsmetode: Åbent kursus (Virtuelt)
    • Dato: 02-04 december, 2024
    • Kursussted: Virtual
    • Sprog: engelsk

    DKR23.550,00

Se alle kursusdatoer Datoer i andre lande

Målgruppe

Toppen

Anyone involved in the design or implementation of a SD-Access solution.

mere…

Kursets formål

Toppen

After completing this course you should be able to:

  • Explain the role that ISE plays as part of the solution
  • Configure AAA services and TrustSec Policy in ISE
  • Explain ISE Integration with DNA Center for Policy enforcement
  • Know and understand Cisco’s SD-Access concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today’s networks.
  • Differentiate and explain each of the building blocks of SD-Access Solution
  • Explain the concept of "Fabric" and the different node types that conform it (Fabric Edge Nodes, Control Plane Nodes, Border Nodes)
  • Describe the role of LISP in Control Plane and VXLAN in Data Plane for SD-Access Solution
  • Understand TrustSec concepts, deployment details and the way it is used as part of SD-Access Solution for segmentation and Policy Enforcement
  • Understand the role of DNA Center as solution orchestrator and Intelligent GUI
  • Be familiar with workflow approach in DNA Center - Design, Policy, Provision and Assurance
mere…

Kursusindhold

Toppen

Module 1: Cisco ISE Integration for SD Access

  • Introduction to Cisco ISE
  • Using Cisco ISE as a Network Access Policy Engine
  • Introducing Cisco ISE Deployment Models
  • Introducing 802.1x and MAB Access: Wired and Wireless
  • Introducing Identity Management
  • Configuring Certificate Service
  • Introducing Cisco ISE Policy
  • Configuring Cisco ISE Policy Sets
  • Introduction to Cisco TrustSec for segmentation
  • The Concept of Security Group (SG) and Security Group Tag (SGT)
  • Cisco TrustSec Phases - Classification, Propagation, Enforcement
  • Methods for Classification - Static Classification, Dynamic Classification
  • Methods for SGT tag propagation - Inline Tagging, SGT Exchange Protocol (SXP)

Module 2: Introduction to Cisco’s Software Defined Access (SD-Access)

  • SD-Access Overview
  • SD-Access Benefits
  • SD-Access Key Concepts
  • SD-Access Main Components - Campus Fabric, Wired and Wireless
  • Nodes - Edge,Border,Control Plane
  • DNA Controller (APIC-EM Controller)
  • Introducing Cisco ISE 2.x px
  • 2-level Hierarchy - Macro Level: Virtual Network (VN), Micro Level: Scalable Group (SG)

Module 3: DNA Center Workflow

  • DNA Center Refresher
  • Creating Enterprise and Sites Hierarchy
  • Configuring General Network Settings
  • Loading maps into the GUI
  • IP Address Management
  • Software Image Management
  • Network Device Profiles
  • Introduction to Analytics
  • NDP Fundamentals
  • Overview of DNA Assurance

Module 4: SD-Access Campus Fabric

  • The concept of Fabric
  • Node types (Breakdown)
  • LISP as protocol for Control Plane
  • VXLAN as protocol for Data Plane

Module 5: Campus Fabric External Connectivity for SD-Access

  • Enterprise Sample Topology for SD-Access
  • Role of Border Nodes
  • Types of Border Nodes - Border, Default Border 
  • Single Border vs. Multiple Border Designs
  • Collocated Border and Control Plane Nodes
  • Distributed (separated) Border and Control Plane Nodes

Module 6: Implementing WLAN in SD-Access Solution

  • WLAN Integration Strategies in SD-Access Fabric - Fabric CUWN, SD-Access Wireless (Fabric enabled WLC and AP)
  • SD-Access Wireless Architecture - Control Plane: LISP and WLC, Data Plane: VXLAN, Policy Plane and Segmentation: VN and SGT
  • Sample Design for SD-Access Wireless

Labs

  • Lab 1: ISE basic setup and Navigating GUI
  • Lab 2: Configuring TrustSec in ISE
  • Lab 3: Connecting and getting familiar with DNA Center GUI
  • Lab 4: Performing SD-Access Design Step in DNA Center
  • Lab 5: Integrating ISE and DNA Center for Policy Deployment and Enforcement
  • Lab 6: Performing SD-Access Policy Step in DNA Center and ISE
  • Lab 7: Performing SD-Access Provision Step in DNA Center
  • Lab 8: Performing SD-Access Assurance Step in DNA Center
  • Lab 9: Integrating WLAN services through SD-Wireless architecture
  • Lab 10: Integrate ISE with Active Directory
  • Lab 11: Achieving External Connectivity to remote locations through Border Node
mere…

Forudsætninger

Toppen

Attendees should meet the following prerequisites:

  • Knowledge level equivalent to Cisco CCNA Routing & Switching - ICND1, ICND2 or CCNABC
  • Basic knowledge of Software Defined Networks
  • Basic knowledge of network security including AAA, Access Control and ISE - IINS
  • Basic knowledge and experience with Cisco IOS, IOS XE and CLI
mere…

Certificeringstest

Toppen

Recommended as preparation for the following exams:

  • There are currently no exams aligned to this course
mere…

"Vi går op i dit privatliv"

Vi bruger cookies for at give dig den bedste oplevelse på vores hjemmeside. Cookies er filer gemt i din browser og anvendes af de fleste hjemmesider for at personalisere din weboplevelse. Ved at fortsætte med at bruge vores hjemmeside uden at ændre indstillingerne, accepterer du vores brug af cookies.

Brug kun afsnit og links i dette rich text-felt. Et link til side med cookie info

Om din privatliv

Vi behandler dine data til formål såsom at levere indhold eller annoncer og måle leveringen af sådant indhold eller annoncer for at udtrække indsigter om vores hjemmeside. Vi kan dele disse oplysninger med vores partnere. Cookies sat af Global Knowledge er mærket som "førstepart"; du kan udøve dine præferencer i forhold til førstepartscookies ved at skifte knappen for hver førstepartscookiekategori nedenfor. De resterende cookies er tredjepartscookies; du kan udøve dine præferencer i forhold til hvert formål ved at skifte den relevante knap nedenfor eller efter leverandør ved at klikke på "Liste over IAB-leverandører". Disse valg vil blive signaleret globalt til andre hjemmesider, der deltager i Transparency and Consent Framework.
Privatlivspolitik

"Nødvendige cookies"

Disse er cookies, der er nødvendige for Global Knowledge-webstedet at fungere, og de kan ikke slukkes i vores systemer. De inkluderer f.eks. cookies, der gør det muligt for dig at bruge en indkøbskurv eller logge ind på bookingområdet på vores websted.

Analyse Cookies

Analyse-cookies er en valgfri, men vigtig del af vores websites funktionalitet. De hjælper os med at forstå, hvordan du interagerer med vores site ved at indsamle og rapportere information anonymt. De data, der indsamles af analyse-cookies, bruges til at forbedre websitets ydeevne og forbedre brugeroplevelsen. Det er vigtigt at bemærke, at disse cookies ikke indsamler nogen personlige oplysninger, der kan bruges til at identificere dig.

Præferencer Cookies

De foretrukne cookies bruges til at spore besøgende på tværs af hjemmesider med intentionen om at vise annoncer, der er relevante og engagerende for dine interesser.

Præstationscookies

Disse cookies tillader os at genkende og tælle antallet af besøgende på vores hjemmeside, trafikkilder og se, hvordan hjemmesidebesøgende bevæger sig rundt på hjemmesiden, når de bruger den. Dette hjælper os med at forbedre måden, hvorpå hjemmesiden fungerer, og forbedre din hjemmesideoplevelse. Alle oplysninger, disse cookies indsamler, er aggregerede og derfor anonyme.

Cookie Control toggle icon