Training Offering

Enterprise Network Unified Access Essentials

Information

Price $4,495 before tax
Length: 5 Days
Course code: CI-ENUAE
Delivery Type Classroom

Session dates

This training is also available as onsite training. Feel free to contact us for more information.

Description

In today’s enterprise networking environments, the borders have been broken down, bringing with it an ever-changing wave of new devices and cloud-based architectures. Organizations are strained under the requirements of BYOD to allow users to access data and mission-critical applications from anywhere, on any device.


Cisco’s “One Network, One Policy, One Management” philosophy is behind a comprehensive set of solutions underlying the Unified Access architecture. The Unified Access SE Boot Camp v1.0 course is designed to assure System Engineers will be able to provide technical pre-sales engineering, demonstrate the key Cisco competitive advantages, create a network design against customer specifications, and implement Cisco Unified Access solutions that are comprised of key differentiating components, features, and services.


This course presents concepts, wired and wireless platforms, technologies and services that are required for a comprehensive approach to effectively design, manage, and control the access on a Unified Access network. The reference network that is selected as a case study in this course is the fictitious Health To All (HTA) Hospital.


This complete solution starts with Cisco design guides and professional services that lead the learner from planning and design to day-to-day operations at HTA Hospital. The final design represents a comprehensive, secure and high-performance BYOD solution providing the necessary infrastructure, including Wireless access points, Wireless LAN Controllers, Security Appliances, and Network Management Tools. HTA Hospital users vary from Guests to Corporate users and from Employees to Contractors. Users have personal computers and VoIP phones at their desks as well as mobile computers, tablets, and smart phones. The network is used for accessing critical patient data, voice and video traffic, different servers, and for web browsing. This Cisco solution addresses all the requirements of HTA Hospital for building a secure and scalable BYOD network

Objectives

After attending this course, Engineers will be able to:
Understand Cisco’s “One Policy, One Management, One Network” Unified Access vision and strategy
Create a network design from customer specifications
Implement the core aspects of Cisco’s Unified Access solutions
Design and configure the Unified Access wired network foundation
Implement Cisco Prime Infrastructure (PI) 2.0 to support network management of the Unified Access infrastructure
Implement Cisco Identity Services Engine (ISE) 1.2 to provide a policy foundation for the Unified Access infrastructure
Integrate Converged Access switches (3850) and Wireless LAN Controllers (5760) to support wireless and wired Unified Access infrastructure objectives.
Secure the Unified Access infrastructure with ISE, SGA and 802.1X
Leverage Prime Infrastructure 2.0 for Application Visibility and Control on the Unified Access infrastructure
Describe High Availability (HA) solutions on Unified Access networks
Perform key Monitoring and Troubleshooting activities and methods
Implement a Bring Your Own Device (BYOD) Solution

Participants

The Unified Access Boot Camp is excellent training for the following audiences:
Pre-Sales Engineers at Cisco Partner organizations:
IMPORTANT—this course will be mandatory for Partners intending to achieve Unified Access Enterprise Networks Specialization.
Network, Security and Wireless Engineers at Cisco customers implementing the latest Unified Access technology, including Cisco ISE, Prime Infrastructure, Converged Access wireless infrastructure and the full line of Catalyst switches.

Prerequisite(s)

This course assumes that you have CCNA Wireless and CCNA Routing and Switching certification, or equivalent work experience, as well as foundation-level understanding of 802.1X implementation. The knowledge and skills that you must have before attending this course are covered in the following:
Interconnecting Cisco Network Devices Part 1, Version 2.0 (ICND1) and Interconnecting Cisco Network Devices Part 2, Version 2.0 (ICND2)
Implementing Cisco Unified Wireless Networking Essentials Version 2.0 (IUWNE)
Familiarity with 802.1x by attendance of either the four-hour E-learning or the Introduction to 802.1X Operations for Cisco Security Professionals (802.1X) three-day course.

Programme

Module 1: One Network – Building the Wired Foundation
Cisco Unified Access Architecture Overview
High Availability (HA) Features Implemented in the Unified Access Wired Access Architecture
Introduction to Cisco Catalyst Smart Operations
Cisco SmartPorts Macros
Cisco Smart Install
Cisco AutoQoS
Cisco Easy Virtual Network (EVN)
Module 2: One Management Foundation: Implementing Prime Infrastructure 2.0
Unified management of wired and wireless access, branch, and wide area networks
Comprehensive network life cycle management, including user access visibility, inventory, configuration management, plug and play, radio frequency planning, and best practices reporting
End-to-end application and service assurance visibility to quickly isolate and troubleshoot performance issues
Relational, multidimensional view of users, applications, and network to simplify the diagnostics and remediation of network and service impacting issues
Easy deployment and management of Cisco advanced technologies
Module 3: Policy Foundation: Basic ISE AAA Setup and Guest Server Setup for Wired and Wireless Networks
Requirements for installing Cisco ISE
ISE installation process
Overview of Cisco ISE new Setup Assistant, GUI, and features
Using the new ISE Setup Assistant for configuration
Requirements for configuring Authentication through AD
Configuring Authorization Rules Using AD and dACLs
Requirements for PI Integration with ISE
Configuring integration
Configuring Monitor Mode for Wired dot1x
Configuring Authentication rules
Configuring Downloadable Access Lists (dACLs) based on Policies
Configuring Authorization Profiles that include dACLs
Module 4: Wireless Reference Architecture using Various Cisco Wireless LAN Platforms and Prime Infrastructure
Wireless Features Overview
Radio Resource Management (RRM)
Cisco CleanAir
Cisco ClientLink Optimization for Mixed-Client Networks Scenarios
Cisco AP Stateful Switchover (SSO) HA Solution
List of Cisco Secure Wireless LAN Features
Use SSIDs for Network Segmentation
User Policy Overview Using Prime Infrastructure
Implementation of Special Services Using QoS
ACLs Configuration on the WLC
WLC Dynamic Interfaces and VLAN Configuration
Manipulate Authentication Process of the Client
Module 5: Advanced Wireless Features
Introduction to Cisco AVC and its benefits
Cisco VideoStream Technology
Wireless LAN Apple Bonjour Overview
Cisco connected Mobile Experience
Module 6: Converged Access Solution
Review of Current Deployment Model
Converged Access Overview
Wireless Features for Converged Access
Interoperability concerns in a hybrid network environment
Switch Features for Converged Access
“One-Policy” using SA-NET and ISE
Steps for Migration
Using PI to configure 5760 for deployment
Configuring the 5760 as the Mobility Controller
Implementing the 3850 in a Converged Access network through PI
Establishing policies in ISE for clients connecting to Converged Access networks
Configuring Identity Control Policies for Session Aware Networking
Module 7: Securing Any Access
Implementing Authentication for BYOD through ISE
BYOD On-boarding through ISE
Using Auto SmartPort Macros for BYOD
Profiler Service Overview
ISE Profiler with IOS Device Sensor
Overview Security Group Access in ISE
Group Access requirements for BYOD
At CLI, Configuring the NADs to support SGA and SXP
Configuring Security Group Tagging (SGT) in the wired and wireless infrastructure
Overview of Identity Port Mapping? (IPM)
AT ISE: Configuring SGT eXchange Protocol (SXP) for wired and wireless environment
Configuring Security Groups, SGACLs, and Security Group Matrix
Module 8: SmartOperations
EEM Overview
EEM Configuration on Catalyst Series Switches
Automated Diagnostic Features
Cisco Generic Online Diagnostics (GOLD) Overview
Understanding IP SLA Benefits
Cisco IP SLA Best Practices
Module 9: Application Visibility and Control For Wired Networks
Application Visibility and Control Overview
Cisco Medianet
Cisco Mediatrace
Cisco Flexible NetFlow Overview and Implementation
Cisco Packet Capture Technologies Wireshark/Mini-protocol analyzer (MPA)
Module 10: Wired and Wireless High Availability Solutions
Cisco Catalyst Switch Architecture
Stateful Switchover (SSO)
Cisco Nonstop Forwarding (NSF) Implementation
Cisco Non Stop Routing (NSR)
Cisco VSS Solution
Cisco Catalyst Switch ISSU Solution
WLAN High Availability Features Overview
Cisco AP SSO Implementation
Power over Ethernet (PoE) Considerations
Module 11: Monitoring and Troubleshooting
Monitoring Wired and Wireless network devices with PI
Monitoring using ISE Dashboard
ISE Alarms
Implementing Logging
PI monitoring in Troubleshooting
Built in Client Troubleshooting tool to Support Step-by-Step Problem Analysis
Working with NetFlow (configuring, best practice)
Troubleshooting the network with ISE
ISE Search Capability
Troubleshooting Network Access Issues
Using Live Logs for troubleshooting
ISE discoverable authentication issues
Diagnostic Troubleshooting Tools
Cisco ISE Reports
Module 12: Advanced BYOD Solution Wrap-Up
Overview of the Any Connect BYOD Experience for Windows 7 PC
Implementing AnyConnect
Configuring AnyConnect with MACsec and 802.1x supplicant
ISE client provisioning
ISE Device registration
ISE MDM integration ***include video
Configuring ISE profiler for BYOD use case
Labs
Module 1 Lab: One Network Foundation: Building the Wired Reference Architecture
Module 2 Lab: Building the One Management Foundation with Prime Infrastructure
Module 3 Lab: Add ISE and Client Access Services to Network Management Architecture
Module 4 Lab: Build Wireless Reference Architecture – One Network Mobility Foundation
Module 5 Lab: Build One Network Advanced Mobility Solution for Wireless network
Module 6 Lab: Implementing a Converged Access Network
Module 7 Lab: Build Management Foundation - Add 802.1x security for BYOD network and Secure Group Access using ISE
Module 8 Lab: Build SmartOperations Foundation
Module 9 Lab: Build Application Mobility and Control foundation
Module 10 Lab: Implement High Availability (HA) and Scaling Features in the Network
Module 11 Lab: Unified Access Monitoring with PI and ISE
Module 12 Lab: Advanced BYOD Solution

© 2018 DiscoverIT Solutions - Arrow ECS. All rights reserved.