SDAOTS Outline - Cisco Software-Defined Access (SDA): Use Case Implementation, Operations, & Troubleshooting

Gedetailleerde cursusinhoud

Module 1: Introduction to Cisco’s Software Defined Access (SD-Access)

Understanding Cisco Intent-Based Networking
Understanding Cisco SDA Use Cases customer’s benefits including business and technical outcomes and capabilities
Cisco DNA Center Introduction
SD-Access Overview
SD-Access Benefits
SD-Access Key Concepts
SD-Access Main Components
- Fabric Control Plane Node
- Fabric Border Node
- Fabric Edge Node
- Fabric Wireless LAN Controller and Fabric Enabled Access Points
Cisco DNA Center Automation
Cisco ISE (Policy)
Cisco StealthWatch (Traffic Analysis)
DNA Center Assurance

Module 2: Deployment and Initial setup for the Cisco DNA-Center

Cisco DNA-Center Appliances
Cisco DNA-Center Deployment Models
- Single Node Deployment
- Clustered Deployment
Installation Procedure
Initial Setup and Configuration
GUI Navigation

Module 3: SDA - Design

Network design options
Sites
Creating Enterprise and Sites Hierarchy
Configuring General Network Settings
Loading maps into the GUI
IP Address Management
Software Image Management
Network Device Profiles
AAA
SNMP
Syslog
IP address pools
Image management
Creating Enterprise and Guest SSIDs
- Creating the wireless RF Profile
- Cresting the Guest Portal for the Guest SSIDs
Network profiles
Authentication templates

Module 4: SDA - Policy

2-level Hierarchy
- Macro Level: Virtual Network (VN)
- Micro Level: Scalable Group (SG)
Policy
- Policy in SD-Access
- Access Policy: Authentication and Authorization
- Access Control Policy
- Application Policy
- Extending Policy across domains
- Preserving Group Metadata across Campus, WAN and DC
- Enforcing policy in Firewall domains
- Cross Domain Policies

Module 5: SDA - Provision

Devices Onboarding
- Lifecycle stages of network device discovery
- Discovering Devices
- Assigning Devices to a site
- Provisioning device with profiles
- Plug-and-Play
- LAN Automation
Templates
- Templates for day 0
- Templates for day N operations
IP Transits
- How to connect the Fabric Sites to the external network
- Creating the IP Transit
- Considerations for a SD-Access Border Node Design
- BGP Hand-Off Between Border and Fusion
Fabric Domains
- Understanding Fabric Domains and Sites
- Using Default LAN Fabric Domain
- Creating Additional Fabric Domains and Sites
Adding Nodes
- Adding Fabric Edge Nodes
- Adding Control Plane Nodes
- Adding Border Nodes

Module 6: SDA - Assurance

Module 7: Cisco SD-Access Distributed Campus Design

Introduction to Cisco SD-Access Distributed Campus Design – The Advantage?
Fabric Domain vs Fabric Site
SD-Access Transits:
- IP-Based Transit
- Cisco SD-Access Transit
- Cisco SD-WAN Transit
Deploying the Cisco Distributed Campus with SD-Access Transit
- Site considerations
- Internet connectivity considerations
- Segmentation considerations
- Role of a Cisco Transit Control Plane
Cisco SD-Access Fabric in a Box
- The need for FiaB
- Deploying the FiaB

Module 8: Cisco SD-Access Brownfield Migration

Cisco SD-Access Migration Tools and Strategies
Two Basic Approaches:
- Parallel Deployment Approach
- Incremental Deployment Approach
Integration with existing Cisco ISE in the network – Things to watch out for!
Choosing the correct Fusion Device
- Existing Core as Fusion
- Firewall as Fusion
When do you need the SD-Access Layer-2 Border?
- L2 Border – Understanding the requirement
- Designing and Configuring the L2 Border
- L2 Border – Not a permanent solution

Module 9: Cisco DNA Center Automation- Use Cases Examples

Module 10: 3rd Party Integrations

Module 11: Specific Use Cases

Module 12: Cisco SD-Access Multi-Domain Integrations

Cisco SD-Access to ACI Integrations
- Phase-1: Policy Plane Integration
- Phase-2: Data Plane Integration
Cisco SD-Access to Cisco SD-WAN Integrations
- What is possible today? SD-WAN Transit setup.
- Phase-1: The one box solution
- Phase-2: The two box solution

Module 13: Troubleshooting