Securing Cisco Digital Network Architecture (DNA)

Overview Schedule & Fees Course Benefits Student Feedback FAQ Course Modules

Securing Cisco Digital Network Architecture (DNA) Certification Training Course Overview

Enroll for 5-day Securing Cisco Digital Network Architecture (DNASEC) course from Koenig Solutions accredited by Cisco. In this course, the participants use the tools to build a centrally managed, authenticated, authorized, and monitored and security-policy compliant solution

Target Audience:

Who are involved in the designing of SD access solutions
Who are involved in implementing and operation SD access solutions

Learning Objectives:

After completing this course, you will be able to:

Know and understand Cisco’s DNA and SD-Access concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today’s networks.
Differentiate and explain each of the building blocks of SD-Access Solution
Be familiar with fabric and node types
Deploy and configure Fabric Edge Nodes, Control Plane nodes and Border Nodes
Configure LISP in Control Plane for SD-Access Solution
Configure VXLAN in Data Plane for SD-Access Solution
Configure TrustSec for segmentation and Policy Enforcement
Understand the role of DNA Centre as solution orchestrator and Intelligent GUI
Deploy DNA Centre and perform initial setup
Use workflow approach in DNA Centre and its 4 Steps: Design, Policy, Provision and Assurance
Deploy ISE and integrate it with DNA Centre and SD-Access Solution
Deploy StealthWatch and Integrate it with DNA Centre and SD-Access Solution
Monitor and Troubleshoot SDA operation
Know and understand the migration strategies from traditional networks to SD-Access Solution

Securing Cisco Digital Network Architecture (DNA) (40 Hours) Download Course Contents

Live Virtual Classroom Fee On Request

Group Training 01 - 05 Nov GTR 09:00 AM - 05:00 PM CST (8 Hours/Day) 06 - 10 Dec 09:00 AM - 05:00 PM CST (8 Hours/Day)	1-on-1 Training (GTR) 4 Hours 8 Hours Week Days Weekend Start Time : At any time 12 AM 12 PM Training Schedule: GTR=Guaranteed to Run

Special Solutions for Corporate Clients! Click here

Hire Our Trainers! Click here

Customers who bought this course also bought

Implementing Cisco Application Centric Infrastructure (DCACI) v1.0 Training Course

CCNA Course - Cisco Certified Network Associate Certification Training Course (200-301)

CCNP Cisco Enterprise ENCOR 350-401 Certification Training

Administering Cisco Unified Communications Manager (ACUCM) v12 Training

Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)/200-201 Certification Training Course

Implementing Cisco Collaboration Core Technologies (CLCOR) Course: 350-801

Implementing Cisco Data Center Core Technologies (DCCOR) v1.1

Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) Training Course

Understanding Cisco Wireless Foundations (WLFNDU) v1.0 Training

Securing Networks with Cisco Firepower Threat Defense NGFW (FTD) Certification Training

10% discount on 2nd course:

Course Modules

Module 1: Introduction to Cisco’s Software Defined Access (SD-Access)

DNA Introduction
SD-Access Overview
SD-Access Benefits
SD-Access Key Concepts
SD-Access Main Components, Campus Frabric, Wired, Wireless
Nodes - Edge, Border, Control Plane
DNA Centre (Controller)
ISE (Policy)
StealthWatch (Policy)
NDP (Analytics and Assurance)

Module 2: SD-Access Campus Fabric

The concept of Fabric
Node types - Fabric Edge, Control Plane, Border
LISP as protocol for Control Plane
Configure LISP for Control Plane
VXLAN as protocol for Data Plane
Configure VXLAN for Data Plane
Virtual Networks (VN)
Fabric-enabled WLAN, WLC and AP's
SDA-ready Cisco Catalyst LAN Switches
Role of Cat9k in Cisco SD-Access solution and deployment models as border, control and edge nodes

Module 3: DNA Centre and Workflow for SD-Access

Introduction to DNA Centre
Workflow for SD-Access in DNA Centre - Design, Policy, Provision, Assurance
Integration with Cisco ISE for Policy Enforcement
Integration with Cisco StealthWatch for Policy Enforcement
Integration with Cisco NDP for Analytics and Assurance

Module 4: Deployment and initial setup for DNA Centre

Requirements
Deployment Procedure
Initial Setup
GUI Navigation

Module 5: Deployment and initial setup for ISE and Integrate with DNA Centre

Introduction to Cisco ISE
Requirements
Cisco ISE Deployment Models
Deployment Procedure
Initial Setup
GUI Navigation
Integration with DNA Centre

Module 6: Deploy Netflow Collector and StealthWatch Management Centre (SMC)

Introduction to Netflow and SMC
Requirements
Deployment Procedure
Initial Setup
GUI Navigation
Integration with DNA Centre / SD Access

Module 7: Implementing Policy Plane using Cisco TrustSec for Segmentation

Cisco TrustSec phases - Classification, Propagation, Enforcement
Configuring Classification
Configuring SGT tag propagation
Configure Enforcement
Introducing Cisco TrustSec in ISE
Cisco ISE as controller for Software-defined segmentation (groups and policies)
Configuring ISE for Dynamic SGT assignment
Configuring ISE for Static SGT assignment
Configuring Policy Enforcement

Module 8: Cisco StealthWatch Management Console (SMC)

Configuring Host Groups in the SMC
Configuring Flexible NetFlow on Cisco Devices
Verify Netflow Data Collection on SMC
Configuring Cisco StealthWatch and ISE Integration

Module 9: DNA Centre Workflow First Step - Design

Creating Enterprise and Sites Hierarchy
Configuring General Network Settings
Loading maps into the GUI
IP Address Management
Software Image Management
Network Device Profiles

Module 10: DNA Centre Workflow Second Step - Policy

2-level Hierarchy
Macro Level: Virtual Network (VN)
Micro Level: Scalable Group (SG)
Policy Types - Access Policy, Access Control Policy, Traffic Copy Policy
Cross Domain Policies

Module 11: DNA Centre Workflow Third Step - Provision

Devices Onboarding
Discovering Devices
Assigning Devices to a site
Provisioning device with profiles
Fabric Domains
Understanding Fabric Domains
Using Default LAN Fabric Domain
Creating Additional Fabric Domains
Adding Nodes
Adding Fabric Edge Nodes
Adding Control Plane Nodes
Adding Border Nodes

Module 12: DNA Centre Workflow Fourth Step – Assurance

Introduction to Analytics
NDP Fundamentals
Overview of DNA Assurance
Components of DNA Assurance
DNA Centre Assurance Dashboard

Module 13: Implementing WLAN in SD-Access Solution

WLAN Integration Strategies in SD-Access Fabric
CUWN Wireless Over The Top (OTT)
SD-Access Wireless (Fabric enabled WLC and AP)
SD-Access Wireless Architecture
Control Plane: LISP and WLC
Data Plane: VXLAN
Policy Plane and Segmentation: VN and SGT

Module 14: Implementing Campus Fabric External Connectivity for SD-Access

Role of Border Nodes
Types of Border Nodes - Border, Default Border
Single Border vs. Multiple Border Designs
Collocated Border and Control Plane Nodes
Distributed (separated) Border and Control Plane Nodes
Configuring Border Nodes

Module 15: SDA Migration Strategies

Migrate to SD-Access using a quality-assured process, state-of-the-art tools and proven methodologies
The need for additional planning
Typical considerations
Primary Approaches for migration
Building SD-Access network in parallel and then integrate
Do incremental migrations of access switches into an SD-Access fabric

Module 16: Lab

Deploy and Setup DNA Centre
Deploy and Setup ISE
Deploy and Setup StealthWatch
Integrate ISE with DNA Centre
Integrate StealthWatch with SD-Access infrastructure
Performing SD-Access Design Step in DNA Centre
Performing SD-Access Policy Step in DNA Centre and ISE
Performing SD-Access Provision Step in DNA Centre
Integrating WLAN services through SD-Wireless architecture
Deploy and Setup Border Node
Monitoring SDA Operations
Troubleshooting SDA Operations

Download Course Contents

Request More Information

Request a call back?

Course Prerequisites

Cisco CCNA or Equivalent Experience
Basic Knowledge of Software Defined Networks
Basic Knowledge of network security including AAA, Access Control and ISE - IINS
Basic Knowledge and experience with Cisco IOS, IOS XE and CLI
Basic Knowledge of virtualization, Hypervisors and Virtual Machines

Top Trending Technologies

IT Security and Cybersecurity Certification Courses

Cyber Security Courses and Certification Training

End-User Training and Certification Courses

System Administration Training and Certification Courses

Dynamics 365 Certification Training Course

Security Testing Training & Certification Courses

DevOps Certification and Training Courses

Programming Courses Training and Certifications

Cisco Enterprise Training and Certification Courses

Virtualization Training & Certification Courses