SDAOTS - Cisco Software-Defined Access (SDA): Use Case Implementation, Operations, & Troubleshooting

Student Testimonials

Instructor did a great job, from experience this subject can be a bit dry to teach but he was able to keep it very engaging and made it much easier to focus. Student
Excellent presentation skills, subject matter knowledge, and command of the environment. Student
Instructor was outstanding. Knowledgeable, presented well, and class timing was perfect. Student

Click here to print this page »

Prerequisites


The knowledge and skills that the learner should have before attending this course are as follows:
Implementation of Enterprise LAN networks
Basic understanding of Enterprise switching, and wireless connectivity
Basic understanding of Enterprise routing connectivity
Basic understanding of AAA (authentication, authorization, and accounting) process and workflow
Programming knowledge such as Python, RestAPI is useful

Detailed Class Syllabus


Module 1: Introduction to Cisco’s Software Defined Access (SD-Access)


Understanding Cisco Intent-Based Networking
Understanding Cisco SDA Use Cases customer’s benefits including business and technical outcomes and capabilities
Cisco DNA Center Introduction
SD-Access Overview
SD-Access Benefits
SD-Access Key Concepts
SD-Access Main Components
Fabric Control Plane Node
Fabric Border Node
Fabric Edge Node
Fabric Wireless LAN Controller and Fabric Enabled Access Points
Cisco DNA Center Automation
Cisco ISE (Policy)
Cisco StealthWatch (Traffic Analysis)
DNA Center Assurance

Module 2: Deployment and Initial setup for the Cisco DNA-Center


Cisco DNA-Center Appliances
Cisco DNA-Center Deployment Models
Single Node Deployment
Clustered Deployment
Installation Procedure
Initial Setup and Configuration
GUI Navigation

Module 3: SDA - Design


Network design options
Sites
Creating Enterprise and Sites Hierarchy
Configuring General Network Settings
Loading maps into the GUI
IP Address Management
Software Image Management
Network Device Profiles
AAA
SNMP
Syslog
IP address pools
Image management
Creating Enterprise and Guest SSIDs
Creating the wireless RF Profile
Cresting the Guest Portal for the Guest SSIDs
Network profiles
Authentication templates

Module 4: SDA - Policy


2-level Hierarchy
Macro Level: Virtual Network (VN)
Micro Level: Scalable Group (SG)
Policy
Policy in SD-Access
Access Policy: Authentication and Authorization
Access Control Policy
Application Policy
Extending Policy across domains
Preserving Group Metadata across Campus, WAN and DC
Enforcing policy in Firewall domains
Cross Domain Policies

Module 5: SDA - Provision


Devices Onboarding
Lifecycle stages of network device discovery
Discovering Devices
Assigning Devices to a site
Provisioning device with profiles
Plug-and-Play
LAN Automation
Templates
Templates for day 0
Templates for day N operations
IP Transits
How to connect the Fabric Sites to the external network
Creating the IP Transit
Considerations for a SD-Access Border Node Design
BGP Hand-Off Between Border and Fusion
Fabric Domains
Understanding Fabric Domains and Sites
Using Default LAN Fabric Domain
Creating Additional Fabric Domains and Sites
Adding Nodes
Adding Fabric Edge Nodes
Adding Control Plane Nodes
Adding Border Nodes

Module 6: SDA - Assurance


Overview of DNA Assurance
Cisco DNA Center Assurance- Use Cases Examples
Network Health & Device 360
Client Health & Client 360
Application Health & Application 360
Cisco SD- Application Visibility Control (AVC) on DNA-Center
Proactive troubleshooting using Sensors

Module 7: Cisco SD-Access Distributed Campus Design


Introduction to Cisco SD-Access Distributed Campus Design – The Advantage?
Fabric Domain vs Fabric Site
SD-Access Transits:
IP-Based Transit
Cisco SD-Access Transit
Cisco SD-WAN Transit
Deploying the Cisco Distributed Campus with SD-Access Transit
Site considerations
Internet connectivity considerations
Segmentation considerations
Role of a Cisco Transit Control Plane
Cisco SD-Access Fabric in a Box
The need for FiaB
Deploying the FiaB

Module 8: Cisco SD-Access Brownfield Migration


Cisco SD-Access Migration Tools and Strategies
Two Basic Approaches:
Parallel Deployment Approach
Incremental Deployment Approach
Integration with existing Cisco ISE in the network – Things to watch out for!
Choosing the correct Fusion Device
Existing Core as Fusion
Firewall as Fusion
When do you need the SD-Access Layer-2 Border?
L2 Border – Understanding the requirement
Designing and Configuring the L2 Border
L2 Border – Not a permanent solution

Module 9: Cisco DNA Center Automation- Use Cases Examples


DAY0: Onboarding new devices using Zero Touch Deployment
DAY1: Configurations using Templates
DAYN: Security Advisories based on Machine Reasoning Engine
DAYN: Simplified Software Management based on Golden Images
DAYN: Defective Device Replacement - RMA

Module 10: 3rd Party Integrations


ServiceNow
Integration
Management
InfoBlox IPAM
Integration
Management

Module 11: Specific Use Cases


Use Case: STACK LAN Automation
Use Case: Silent Hosts
Use Case: Wake on LAN
Use Case: The need for L2 flooding
Use Case: Multicast in the SD-Access Fabric

Module 12: Cisco SD-Access Multi-Domain Integrations


Cisco SD-Access to ACI Integrations
Phase-1: Policy Plane Integration
Phase-2: Data Plane Integration
Cisco SD-Access to Cisco SD-WAN Integrations
What is possible today? SD-WAN Transit setup.
Phase-1: The one box solution
Phase-2: The two box solution

Module 13: Troubleshooting


Fabric
Layer 3 forwarding
Layer 2 forwarding
Multicast Forwarding
Security in the Fabric
Troubleshooting Multi-Site Deployments